Grundlage folgenden Skripts findet sich hier.
$remoteAccountCredential = get-credential #fill your credential in the pop-up window;
Write-Host "This PowerShell command is running under the current users context: $env:userdomain\$env:username" -f Red;
Invoke-Command -ComputerName -ScriptBlock {
Write-Host "Hello, this script block is running under the security context of the remote account: $env:userdomain\$env:username" -f Yellow;
NET USER alex alex /ADD;
# A Windows user needs certain permissions for a PowerShell-Session. Because I'm too lazy for creating a proper statement, I add the new user to the administrators group, which has permission for everything. At the end of that invoke command I'll delete the new user anyway:
NET LOCALGROUP administrators alex /ADD;
$innerAccountName = ".\alex";
$innerAccountPassword = "alex";
$innerAccountAsSecureString = $innerAccountPassword | ConvertTo-SecureString -Force -AsPlainText;
$innerAccountCredential = New-Object System.Management.Automation.PsCredential($innerAccountName,$innerAccountAsSecureString);
$innerAccountSession = New-PSSession -Credential $innerAccountCredential;
Invoke-Command -Session $innerAccountSession -Script {
Write-Host "Hello, this script block is running under the security context of the inner account: $env:userdomain\$env:username" -f Green;
};
NET USER alex /DELETE;
} -credential $remoteAccountCredential;
Write-Host "And now we return to the current users context: $env:userdomain\$env:username" -f Red;