tags:

views:

75

answers:

2
Q: 

TFS InvokeProcess to run under other credentials

Hi!

We have customized the build process with a InvokeProcess action that runs a powershell script that deploys our sln.

Problem is that this script must be run under a given user (not the tfsbuild user).

How can we achive this?

  • Alternative 1: Make the InvokeProcess run as a different user -
  • Alternative 2: Make the powershell script itself run as different user

Problem is that I have no idea of how to do any of this.

Any suggestions would be very helpful

Thanks

Larsi

-

+1  A: 

I have created a blog post on this how you can achieve this: http://www.ewaldhofman.nl/post/2010/05/28/Customize-Team-Build-2010-e28093-Part-9-Impersonate-activities-(run-under-other-credentials).aspx

Ewald Hofman  2010-09-20 09:11:39
Thanks! I'm new to the wwf and the custom build process. Could you briefly outline the steps to start using your code? Should I build a dll? Place it where? Call it from the where? I'm using the InvokeProcess activity block, guess I should call this block from within the using block, but how? Thanks a lot for your time.
Larsi  2010-09-20 09:34:38
You can find those answers in the rest of the series: http://www.ewaldhofman.nl/?tag=/build+2010+customization
Ewald Hofman  2010-09-20 10:00:28
ok, thanks. I think I got most of the answers, but I can't figure out why we need to create a Template project (part 4). Should it not be enough to create a new codeactivity, then add it to the toolbox (choose item) and start using it? (and of course on the build controller add a path). Can't understand whats happening with the template project. Thanks for any clarification.
Larsi  2010-09-20 11:27:03
To be able to add codeactivity to the template, creating the template project is the easiest. If you find another way of adding the code actvity, you can use that also. I always do in this way and it works perfectly. Everything is included in one solution which makes the development easy. (although the debugging experience is not optimal)
Ewald Hofman  2010-09-20 12:24:23
+1  A: 

A pure PowerShell option, assuming you have PowerShell 2.0 on your TeamBuild machine, is to use a background job. Start-Job allows you to specify the credentials of another account to perform the work. After spinning up the background job in your script you will probably want to wait for the job to finish and grab the results to output from the main script e.g.:

$cred = Get-Credential
$job = Start-Job -ScriptBlock { ls c:\windows\system32 -r *.sys } -Cred $cred
Wait-Job $job
Receive-Job $job

With respect to capturing, storing and retrieving the credentials, see this blog post for a good treatise on the subject.

Keith Hill  2010-09-20 15:31:03

related questions

How do I access the non-IPM_SUBTREE Public Folder Tree with WMI?
How do I create a custom type in PowerShell for my scripts to use?
iTunes warning message on quit due to scripting
Creating batch jobs in PowerShell
Troubleshooting a NullReference exception in a service
Windows Powershell book - any good experiences?
Windows 2003 Scheduled Task Cmdlet (v 1.0)
How to get started with PowerShell?
get file version in powershell
Set up PowerShell Script for Automatic Execution
Accessing .NET components from Powershell
PowerShell - How do I pass string parameters correctly?
execute shortcuts like programs in powershell
How do I compare two arrays of DataRow objects in PowerShell?
PowerShell App.Config
PowerShell - how do I do a string replacement in a function?
PowerShell FINDSTR eqivalent?
How do I make Powershell run a batch file and then stay open?
quoting System.DirectoryServices.ResultPropertyCollection
Powershell's Invoke-Expression missing param
How do you impersonate an Active Directory user in Powershell?
Why don't my powershell scripts run?
Can I copy files to a Network Place from a script or the command line?
How do you use PowerShell?
What are your favorite Powershell Cmdlets?