Run Snap-In as domain user
-
Hi all,
I’m working on getting fog set up in my environment, one snag I’m running in to is that I would like so have a batch file snap-in that runs post deployment to trigger PDQ Deploy. The problem is that by default the Fog Service runs as local system, when it executes my script PDQ doesn’t run because it doesn’t recognize the user. The simple answer seems to be running the Fog Service as a domain user, okay fine but when you change the Fog Service user it requires you to reset the encryption data from the console. I’m trying to find a way to get this all automated and surely I’m not the only one that has had this problem. So, my thoughts on possible solutions are:A) Be able to change fog service user (via script possibly) to domain account without resetting encryption data
B) Run the snap-in as a domain user so that PDQ kicks offI’m of course open to any solutions those are just the two that I’ve thought of so far.
Thanks in advance!
-
@andrewhancock91 Asking the internet for “runas password” brings up a huge amount of questions and answers on this. Maybe just use
psexec… Or even using a text file as password input.But that’s just my point of view trying to tackle this as low cost as possible.
-
@andrewhancock91 Or mayb
C) Userunasor similar tools… -
@Sebastian-Roth
Thanks for the reply, I’ve tried using runas but since you can’t pass the password in the script it doesn’t achieve what I’m wanting to do which is completely hands off deployment. -
@andrewhancock91 Asking the internet for “runas password” brings up a huge amount of questions and answers on this. Maybe just use
psexec… Or even using a text file as password input.But that’s just my point of view trying to tackle this as low cost as possible.
-
Sorry I forgot to respond to this thread, thanks for your responses @Sebastian-Roth. I ended up solving this particular issue by simply integrating credentials that PDQ recognizes into the powershell script, it works smoothly every time and shouldn’t present much of a security concern because the creds are only allowed to kick of a PDQ deployment and nothing else.