首页 > 系统相关> > 如何从C#运行PowerShell脚本

如何从C#运行PowerShell脚本

2019-06-25 15:54:03 作者：互联网

我正在尝试使用C#运行PowerShell脚本,但我没有任何成功.这是我的功能：

private void ExecutePowerShellCommand(string scriptfile)
{
    RunspaceConfiguration runspaceConfiguration = RunspaceConfiguration.Create();

    Runspace runspace = RunspaceFactory.CreateRunspace(runspaceConfiguration);
    runspace.Open();

    RunspaceInvoke scriptInvoker = new RunspaceInvoke();
    scriptInvoker.Invoke("Set-ExecutionPolicy Unrestricted");

    Pipeline pipeline = runspace.CreatePipeline();

    //Here's how you add a new script with arguments
    Command myCommand = new Command(scriptfile);
    //CommandParameter testParam = new CommandParameter("key", "value");
    //myCommand.Parameters.Add(testParam);

    pipeline.Commands.Add(myCommand);

    // Execute PowerShell script
    pipeline.Invoke();
}

这是我得到的错误：

Access to the registry key ‘HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell’ is denied.

我该如何解决这个问题？我已经看到了冒充的想法,但我似乎没有找到任何好的例子来冒充.我想以管理员身份运行此脚本.

我做了以下声明：

[DllImport("advapi32.dll")]
private static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
[DllImport("kernel32.dll")]
private static extern bool CloseHandle(IntPtr handle);

public delegate void IncognitoDelegate(params object[] args);

我为模拟创建了以下函数：

public static void Impersonate(IncognitoDelegate incognitoDelegate, params object[] args)
{
    System.IntPtr token = new IntPtr();
    WindowsIdentity wi;
    if (LogonUser("myusername", "", "mypassword", 8, 0, ref token))
    {
        wi = new WindowsIdentity(token);
        WindowsImpersonationContext wic = wi.Impersonate();

        incognitoDelegate(args);

        wic.Undo();
    }
    CloseHandle(token);
}

我创建了一个用作委托的函数：

private static void GIncognito(params object[] args)
{
    RunspaceInvoke scriptInvoker = new RunspaceInvoke();
    scriptInvoker.Invoke("Set-ExecutionPolicy Unrestricted");
}

我修改了我的方法：

private void ExecutePowerShellCommand(string scriptfile)
{
    RunspaceConfiguration runspaceConfiguration = RunspaceConfiguration.Create();

    Runspace runspace = RunspaceFactory.CreateRunspace(runspaceConfiguration);
    runspace.Open();

    Impersonate(new Util.IncognitoDelegate(GIncognito));
    //RunspaceInvoke scriptInvoker = new RunspaceInvoke();
    //scriptInvoker.Invoke("Set-ExecutionPolicy Unrestricted");

    Pipeline pipeline = runspace.CreatePipeline();

    //Here's how you add a new script with arguments
    Command myCommand = new Command(scriptfile);
    //CommandParameter testParam = new CommandParameter("key", "value");
    //myCommand.Parameters.Add(testParam);

    pipeline.Commands.Add(myCommand);

    // Execute PowerShell script
    pipeline.Invoke();
}

结果是……

…非常山姆的错误,告诉我我无法访问注册表项.

解决方法:

默认的Set-ExecutionPolicy命令尝试设置机器范围的值.您只想更改C#应用程序范围内的设置,因此您应该在命令中添加-Scope Process选项.

使用Get-Help Set-ExecutionPolicy -detailed显示以下信息：

NOTE: To change the execution policy for the default (LocalMachine) scope, start Windows PowerShell with the “Run as administrator” option.

…它还描述了-Scope选项.

这样做的好处是只影响从C#应用程序运行的脚本的执行策略,并且不会不必要地更改默认PowerShell行为的执行策略. (因此它更安全,特别是如果您可以保证应用程序运行的脚本的有效性.)

标签：c,powershell,registry,impersonation
来源： https://codeday.me/bug/20190625/1287333.html