{"id":818,"date":"2022-07-18T18:19:47","date_gmt":"2022-07-18T16:19:47","guid":{"rendered":"https:\/\/alessandromasciadri.com\/?p=818"},"modified":"2022-07-21T17:50:52","modified_gmt":"2022-07-21T15:50:52","slug":"eseguire-comandi-powershell-come-amministratore","status":"publish","type":"post","link":"https:\/\/alessandromasciadri.com\/eseguire-comandi-powershell-come-amministratore\/","title":{"rendered":"Eseguire comandi PowerShell come amministratore"},"content":{"rendered":"\t\t<div data-akihiro-type=\"ama-post\" data-akihiro-id=\"818\" class=\"akihiro akihiro-818\" data-akihiro-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"akihiro-section akihiro-top-section akihiro-element akihiro-element-12b3dbb akihiro-section-boxed akihiro-section-height-default akihiro-section-height-default\" data-id=\"12b3dbb\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"akihiro-container akihiro-column-gap-default\">\n\t\t\t\t\t<div class=\"akihiro-column akihiro-col-100 akihiro-top-column akihiro-element akihiro-element-0ccf536\" data-id=\"0ccf536\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"akihiro-widget-wrap akihiro-element-populated\">\n\t\t\t\t\t\t<div class=\"akihiro-element akihiro-element-d3d16b9 akihiro-widget akihiro-widget-text-editor\" data-id=\"d3d16b9\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"akihiro-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Un tipico scenario, quando si parla di amministrazione di sistemi, \u00e8 quello di dover eseguire dei comandi con privilegi amministrativi. Quando si parla di PowerShell ci\u00f2 pu\u00f2 essere ottenuto piuttosto facilmente. Vediamo i comandi necessari in azione.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"akihiro-element akihiro-element-f5d83d6 akihiro-widget akihiro-widget-heading\" data-id=\"f5d83d6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"akihiro-widget-container\">\n\t\t\t\t\t<h4 class=\"akihiro-heading-title akihiro-size-default\">Script PowerShell eseguito come Administrator<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"akihiro-element akihiro-element-e300899 akihiro-widget akihiro-widget-text-editor\" data-id=\"e300899\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"akihiro-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Nel nostro esempio, eseguiremo il comando per il restart dello spooler di stampa invocandolo con credenziali amministrative. In <a href=\"https:\/\/alessandromasciadri.com\/come-avviare-arrestare-e-riavviare-servizi-con-powershell\/\">questo precedente articolo<\/a> ho parlato di come eseguire il riavvio di servizi con PowerShell.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"akihiro-element akihiro-element-fa90863 akihiro-widget akihiro-widget-text-editor\" data-id=\"fa90863\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"akihiro-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Iniziamo memorizzando nella variabile $password la password del nostro utente Administrator.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"akihiro-element akihiro-element-08d8d85 akihiro-widget akihiro-widget-code-highlight\" data-id=\"08d8d85\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"akihiro-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-okaidia copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-bash \">\n\t\t\t\t<code readonly=\"true\" class=\"language-bash\">\n\t\t\t\t\t<xmp>$password = ConvertTo-SecureString \"P@$$w0rd\" -AsPlainText -Force<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"akihiro-element akihiro-element-585c717 akihiro-widget akihiro-widget-text-editor\" data-id=\"585c717\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"akihiro-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>A questo punto creiamo un oggetto che contiene le credenziali Amministrative ossia la coppia [Username, Password].<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"akihiro-element akihiro-element-233392d akihiro-widget akihiro-widget-code-highlight\" data-id=\"233392d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"akihiro-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-okaidia copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-bash \">\n\t\t\t\t<code readonly=\"true\" class=\"language-bash\">\n\t\t\t\t\t<xmp>$credenziali = New-Object System.Management.Automation.PSCredential(\"Administrator\", $password)<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"akihiro-element akihiro-element-576e5bf akihiro-widget akihiro-widget-text-editor\" data-id=\"576e5bf\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"akihiro-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Siamo quindi pronti ad invocare il comando (in questo caso per il riavvio dello spooler di stampa) con privilegi amministrativi<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"akihiro-element akihiro-element-72d7695 akihiro-widget akihiro-widget-code-highlight\" data-id=\"72d7695\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"akihiro-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-okaidia copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-bash \">\n\t\t\t\t<code readonly=\"true\" class=\"language-bash\">\n\t\t\t\t\t<xmp>Invoke-Command -ComputerName My_PC_Name -Credential $credenziali -ScriptBlock {Restart-Sevice -Name Spooler}<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"akihiro-element akihiro-element-2ba59b5 akihiro-widget akihiro-widget-heading\" data-id=\"2ba59b5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"akihiro-widget-container\">\n\t\t\t\t\t<h4 class=\"akihiro-heading-title akihiro-size-default\">Conclusione<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"akihiro-element akihiro-element-820503e akihiro-widget akihiro-widget-text-editor\" data-id=\"820503e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"akihiro-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>In questo esempio ho utilizzato l&#8217;utente di default Administrator. Resta scontato che l&#8217;uso di tale utente \u00e8 caldamente sconsigliato. \u00e8 infatti best practice disabilitare l&#8217;utente Administrator per ragioni di sicurezza: gli hacker sanno molto bene che \u00e8 un utente di tipo amministrativo e se il nome utente glielo forniamo gi\u00e0 noi, devono solo sforzarsi di indovinare la password.<\/p><p>Pertanto, al posto del nome utente Administrator, sostituire nello script il nome del vostro account amministrativo.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Un tipico scenario, quando si parla di amministrazione di sistemi, \u00e8 quello di dover eseguire dei comandi con privilegi amministrativi. Quando si parla di PowerShell ci\u00f2 pu\u00f2 essere ottenuto piuttosto facilmente. Vediamo i comandi necessari in azione. Script PowerShell eseguito come Administrator Nel nostro esempio, eseguiremo il comando per il restart dello spooler di stampa [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[26,25],"class_list":["post-818","post","type-post","status-publish","format-standard","hentry","category-sistemistica","tag-powershell","tag-windows"],"_links":{"self":[{"href":"https:\/\/alessandromasciadri.com\/ama-json\/wp\/v2\/posts\/818","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/alessandromasciadri.com\/ama-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/alessandromasciadri.com\/ama-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/alessandromasciadri.com\/ama-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/alessandromasciadri.com\/ama-json\/wp\/v2\/comments?post=818"}],"version-history":[{"count":11,"href":"https:\/\/alessandromasciadri.com\/ama-json\/wp\/v2\/posts\/818\/revisions"}],"predecessor-version":[{"id":841,"href":"https:\/\/alessandromasciadri.com\/ama-json\/wp\/v2\/posts\/818\/revisions\/841"}],"wp:attachment":[{"href":"https:\/\/alessandromasciadri.com\/ama-json\/wp\/v2\/media?parent=818"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/alessandromasciadri.com\/ama-json\/wp\/v2\/categories?post=818"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/alessandromasciadri.com\/ama-json\/wp\/v2\/tags?post=818"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}