Merge pull request #17 from WinRb/fixes

Release 1.1.0

README.md

@@ -32,7 +32,20 @@ conn.shell(:elevated) do |shell|
     STDERR.print stderr
   end
 end
-```
+``` 
+
+### Using an interactive task
+By setting `interactive_logon` to `true`, the scheduled task will be configured to use an interactive logon allowing all command activity to be viewable from a RDP session if logged on as the same user as the winrm credentials:
+```ruby
+require 'winrm'
+require 'winrm-elevated'
+
+conn = WinRM::Connection.new(...
+conn.shell(:elevated) do |shell|
+  shell.interactive_logon = true
+  shell.run('notepad.exe')
+end
+``` 
 
 ## How does it work?
 

VERSION

@@ -1 +1 @@
-1.0.1
+1.1.0

appveyor.yml

@@ -6,7 +6,7 @@ platform:
 
 environment:
   winrm_user: test_user
-  winrm_password: Pass@word1
+  winrm_password: Pa$$word1
 
   matrix:
     - ruby_version: "21"

changelog.md

@@ -1,5 +1,10 @@
 # WinRM-Elevated Gem Changelog
 
+# 1.1.0
+- Allow tasks to be configured for interactive logon
+- Fix broken credentials when they contain dollar signs
+- Do not fail when temporary files cannot be deleted
+
 # 1.0.1
 - Fix to avoid profile conflicts
 - Fix inadequate Execution Policy errors

lib/winrm-elevated/scripts/elevated_shell.ps1

@@ -1,7 +1,8 @@
-$username = "<%= username %>"
-$password = "<%= password %>"
-$script_file = "<%= script_path %>"
+$username = '<%= username %>'
+$password = '<%= password %>'
+$script_file = '<%= script_path %>'
 
+$interactive = '<%= interactive_logon %>'
 $pass_to_use = $password
 $logon_type = 1
 $logon_type_xml = "<LogonType>Password</LogonType>"
@@ -10,6 +11,10 @@ if($pass_to_use.length -eq 0) {
   $logon_type = 5
   $logon_type_xml = ""
 }
+if($interactive -eq 'true') {
+  $logon_type = 3
+  $logon_type_xml = "<LogonType>InteractiveTokenOrPassword</LogonType>"
+}
 
 $task_name = "WinRM_Elevated_Shell"
 $out_file = [System.IO.Path]::GetTempFileName()
@@ -98,9 +103,12 @@ do {
   $err_cur_line = SlurpOutput $err_file $err_cur_line 'err'
 } while (!($registered_task.state -eq 3))
 
-del $out_file
-del $err_file
-del $script_file
+# We'll make a best effort to clean these files
+# But a reboot could possibly end the task while the process
+# still runs and locks the file. If we can't delete we don't want to fail
+try { Remove-Item $out_file -ErrorAction Stop } catch {}
+try { Remove-Item $err_file -ErrorAction Stop } catch {}
+try { Remove-Item $script_file -ErrorAction Stop } catch {}
 
 $exit_code = $registered_task.LastTaskResult
 [System.Runtime.Interopservices.Marshal]::ReleaseComObject($schedule) | Out-Null

lib/winrm/shells/elevated.rb

@@ -31,6 +31,7 @@ def initialize(connection_opts, transport, logger)
         @logger = logger
         @username = connection_opts[:user]
         @password = connection_opts[:password]
+        @interactive_logon = false
         @shell = Powershell.new(connection_opts, transport, logger)
         @winrm_file_transporter = WinRM::FS::Core::FileTransporter.new(@shell)
       end
@@ -41,6 +42,9 @@ def initialize(connection_opts, transport, logger)
       # @return [String] The admin user password
       attr_accessor :password
 
+      # @return [Bool] Using an interactive logon
+      attr_accessor :interactive_logon
+
       # Run a command or PowerShell script elevated without any of the
       # restrictions that WinRM puts in place.
       #
@@ -91,7 +95,8 @@ def wrap_in_scheduled_task(script_path, username, password)
         Erubis::Eruby.new(elevated_shell_script_content).result(
           username: username,
           password: password,
-          script_path: script_path
+          script_path: script_path,
+          interactive_logon: interactive_logon
         )
       end
     end