0

I am trying to create unattended.xml file for windows server 2016 unattended installation where in after installing windows it should execute one powershell script located on remote samba share.

I am using following command to run powershell script stored in samba share:

cmd.exe /c "ECHO R | powershell.exe -ExecutionPolicy Unrestricted -File \\192.168.137.131\install\ConfigureRemotingForAnsible.ps1"

The Unattended installation process works well but ConfigureRemotingForAnsible.ps1 script execution fails with error:

The argument '\\192.168.137.131\install\ConfigureRemotingForAnsible.ps1' to the -File parameter does not exist. Provide the path to an existing '.ps1' file as an argument to the -File parameter.

The same command executes successfully when I run it manually.

Relevant portion of unattended.xml file:

<settings pass="specialize">
        <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <RunSynchronous>
                <RunSynchronousCommand wcm:action="add">
                    <Order>1</Order>
                    <Path>cmd.exe /c "ECHO R | powershell.exe -ExecutionPolicy Unrestricted -File \\192.168.137.131\install\ConfigureRemotingForAnsible.ps1"</Path>
                </RunSynchronousCommand>
            </RunSynchronous>
        </component>
    </settings>

Can somebody tell me what should I add in my unattended.xml to make it working?

Thanks in advance.

Improve this question

1 Answer 1

Reset to default
0

I suspect, but don't know for a fact, that your unattended execution is running under a different security context than what you think it is. If it is running S4U authentication in unattended execution you won't have access to any network resources. That would explain why it works when you are logged in with your security context but not when unattended.

The following is about scheduled tasks but it likely applies here also. Task Security Context

Improve this answer
3
  • How can I change the security context of unattended execution?
    – Yugendra
    Commented Jun 28, 2017 at 10:14
  • As far as I know, you can't. Unattended scheduled task execution is going to use S4U authentication so you won't have network access. The only way I got my project to work was to leave a user with the proper credentials logged in on the machine running the task. The idea is to prevent hackers from installing a scheduled task that would run unattended and, at the same time, have network access when the task is run.
    – thx1138v2
    Commented Jun 29, 2017 at 11:36
  • Now I am able to execute that script in Audit mode, but problem with this approach is: It ignores rest of the settings(Administrator password, EULA) in OOBE pass while entering in Audit mode. I have created seprate thread for that here.
    – Yugendra
    Commented Jul 5, 2017 at 18:51

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .