Powershell Script Assistance (SFC,DISM,CHKDSK)

Radel Velez 1 Reputation point
2020-09-08T16:12:39.383+00:00

Hey All, I'm working on a script that will run sfc,dism, and chkdsk for me and produce a text log I can check up on after its done. I've got the majority of everything working and ironed out many minor issues but now it seems the only thing holding me up is the part that actually calls the utilities.

When I run the script in ISE, it tells me that admin privileges are needed to run SFC,DISM, and CHKDK. But I am passing the credential parameter to the Start-Job command. Shouldn't this run the utilities with the correct privileges? (For reference: while testing, I was running this under an admin account, using admin session of ISE and my $Cred variable is an admin account, so Im confused as to where the privilege issue lies).

My end goal is to be able to just double click the script and walk away, regardless if the account is a standard or admin account who runs the script (which is what I thought the -credential parameter would help do).

$User= "user"
$Pass= ConvertTo-SecureString -String "password" -AsPlainText -force
$Cred= New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User,$Pass
$Path= 'C:\JobLogs'
$Date= get-date -format "dd MM yyyy mm ss"
$LogFile= "C:\JobLogs\ResultsFrom$date.txt"
start-job -name DiskCheck -ScriptBlock { CHKDSK C: } -Credential $cred
start-job -name SFC -ScriptBlock { sfc /scannow } -Credential $cred
start-job -name DISM -ScriptBlock { DISM /Online /Cleanup-Image /RestoreHealth } -Credential $cred
if (test-path $path) { write-host "`$Path was found, exporting logs to $Path" } else { new-item C:\JobLogs -itemtype directory; Write-Host "$Path not found, creating $Path and exporting logs" }
wait-job -name DiskCheck,SFC,DISM | receive-job | out-file -FilePath $LogFile  
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,526 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Rich Matheisen 46,796 Reputation points
    2020-09-08T21:37:57.977+00:00

    I think you're going to have to provide code in that scriptblock to run a self-elevating script. Even then your users will receive a prompt from UAC.

    Rather than use Start-Job (which is convenient) you may have to use Start-Process with the "-Verb RunAs" and "-Passthru", store the result in a variable, and then check the state of the process periodically to see if it's still running. The problem with that is that you cannot use the "-RedirectStandardOutput". That probably (I haven't tried it) can be overcome by redirecting the command's output to a file in the typical DOS fashion.

    Another problem that you'll probably encounter is that you won't be able to run chkdsk on the c: drive because it's locked another process. The user may be prompted to agree to scan the disk on the next system restart, but that defeats your intent to not inconvenience the user by waiting for it to complete.

    0 comments No comments

  2. Ian Xue 37,101 Reputation points Microsoft Vendor
    2020-09-09T03:44:51.117+00:00

    Hi,
    This link is helpful
    https://ss64.com/ps/syntax-elevate.html

    Best Regards,
    Ian

    0 comments No comments

  3. John Bryntze 1 Reputation point
    2022-03-14T11:39:43.687+00:00

    Nice script! please move the order so you run DISM command BEFORE you run SFC.
    SFC replace faulty files with those updates by DISM RestoreHealth, so it is important in which order you run them, and do DISM before SFC, thanks!

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.