CODEWITHSUNDEEP
powershellcredentialsazure-powershellrunas
JustinM
JustinM

Reputation: 125

Create PSCredential from AzureAD User

I don't know why I can't figure this out, this can't be as hard as I'm making it. I'm trying to create a powershell script that will elevate itself using explicit credentials from AzureAD. I create a PSCredential object with:

$ss = ConvertTo-SecureString "p@ssw0rd" -AsPlainText -Force
$cred = New-Object PSCredential -ArgumentList '[email protected]', $ss
Start-Process PowerShell -Credential $cred "-NoProfile -ExecutionPolicy Bypass -Command `"cd '$pwd'; & '$PSCommandPath';`""
exit;

When I execute this I get Start-Process : This command cannot be run due to the error: The user name or password is incorrect.

I know the username and password are correct but I am guessing that it has to do with the fact that this is an AzureAD user? Do I have to format the AzureAD username differently? I've tried reformatting it every way I can think of. I've tried using Connect-AzureAD and using Get-AzureADUser to try to see if I could use some property of that to sign in but I'm coming up empty.

Is this even possible?

Upvotes: 3

Views: 1064

Answers (2)

Igor
Igor

Reputation: 1445

With Start-Process you must specify username in format "DOMAIN\user". I am not sure where from this limitation is coming.

enter image description here

Upvotes: 1

William Higgs
William Higgs

Reputation: 191

Is the domain that the azure ad user account you are trying to run the command as accessible to the domain that your machine is connected to? Without more information, I can only speculate that powershell is throwing the error because it does not recognize the user or the domain the user is a member of.

Upvotes: 0

Related Questions