From c94c53e8a47b4d84026de35cbd7832572b6b434a Mon Sep 17 00:00:00 2001 From: Dag Wieers Date: Fri, 27 Jan 2017 23:23:18 +0100 Subject: [PATCH] Ensure that the script is run with elevated privileges (#20669) * Ensure that the script is run with elevated privileges This fixes #20654 * Implement our own check for elevated privileges --- .../scripts/ConfigureRemotingForAnsible.ps1 | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/examples/scripts/ConfigureRemotingForAnsible.ps1 b/examples/scripts/ConfigureRemotingForAnsible.ps1 index 4c609a771c..e9e15bbfe6 100644 --- a/examples/scripts/ConfigureRemotingForAnsible.ps1 +++ b/examples/scripts/ConfigureRemotingForAnsible.ps1 @@ -1,3 +1,5 @@ +#Requires -Version 3.0 + # Configure a Windows host for remote management with Ansible # ----------------------------------------------------------- # @@ -113,6 +115,22 @@ Trap Exit 1 } $ErrorActionPreference = "Stop" + +# Get the ID and security principal of the current user account +$myWindowsID=[System.Security.Principal.WindowsIdentity]::GetCurrent() +$myWindowsPrincipal=new-object System.Security.Principal.WindowsPrincipal($myWindowsID) + +# Get the security principal for the Administrator role +$adminRole=[System.Security.Principal.WindowsBuiltInRole]::Administrator + +# Check to see if we are currently running "as Administrator" +if (-Not $myWindowsPrincipal.IsInRole($adminRole)) +{ + Write-Host "ERROR: You need elevated Administrator privileges in order to run this script." + Write-Host " Start Windows PowerShell by using the Run as Administrator option." + Exit 2 +} + $EventSource = $MyInvocation.MyCommand.Name If (-Not $EventSource) {