How to run Azure Runbook on a Hybrid worker with elevated privileges ?

AxelC 56 Reputation points
2023-02-02T15:14:35.41+00:00

Hello,

I am having a hard time to execute commands that need elevated privileges in an Azure runbook on a local Hybrid worker server.

My hybrid worker group is configured to use a custom hybrid worker credential, which is an account member of the local Administrator group of the server.

When I run a simple runbook using the following code :

([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")

It returns False.

When running the same code using the default hybrid worker credential, or the credentials from the built-in adminsitrator account, it will return True but this is not what I would like.

Is there any way to force a runbook to be launch as elevated on a hybrid worker ?

Thank you in advance for your help.

Axel

Azure Automation
Azure Automation
An Azure service that is used to automate, configure, and install updates across hybrid environments.
1,300 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Luke Murray 11,246 Reputation points MVP
    2023-02-05T07:45:16.1566667+00:00

    Hi, Axel

    You would need to 'runas' that user.

    ie:

    Start-Process -FilePath "powershell.exe" -Verb RunAs

    Or https://superuser.com/questions/859242/running-runas-cmd-in-powershell

    https://lazyadmin.nl/it/runas-command/


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.