We are planning to reduce number of tickets to IT dept. for service & server restart requests - but, users don't have addtional access for production server
Plan is to share a common account which got additonal access
Step 1 :Will change account password to secure (User will not be aware)
$secureString = Read-Host -AsSecureString "Enter a password"
$secureString | ConvertFrom-SecureString | Out-File .\SecuredPassword.txt
Step 2 : Share below steps with encrypted password
$encrypted="01000000d08c9ddf49129ca7709d5b9ff8"
$user = "domain\Administrator"
$password = ConvertTo-SecureString -string $encrypted
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $user,$password
$serverNameOrIp = "memberserver"
Restart-Computer -ComputerName $serverNameOrIp -Force -Authentication default -Credential $cred
(problem is - I cannot know who rebooted the server as user cannot pass any comments to Restart-Computer)
or
shutdown /r /m \\$serverNameOrIp /t 60 /d p:4:1 /c "LanID-"
(problem is - User can pass the comment - but, getting accessing denied as shutdown command don't understand -Credential $cred switch)
similarly, Get-Service also don't understand -Credential $cred switch
Get-Service -Name wuauserv -ComputerName $serverNameOrIp | Set-Service -Status Running
Is there anyway we can pass credentials one time and then run 'n' number of commands from there on ?