Well I got it working the way I wanted. I'll share the results.
This script generates the hashed password and the AES key
When it prompts for credentials you can use a local account or a network account
The hash and AES key will export to the same path where this script is run from
CreatePWHash.ps1
#Clear Screen
CLS
# Prompt you to enter the username and password
$credObject = Get-Credential
# The credObject now holds the password in a ‘securestring’ format
$passwordSecureString = $credObject.password
#Path where the script is running from
$path = Split-Path $script:MyInvocation.MyCommand.Path
# Define a location to store the AESKey
$AESKeyFilePath = $path + "\aeskey.txt"
# Define a location to store the file that hosts the encrypted password
$credentialFilePath = $path + "\credpassword.txt"
# Generate a random AES Encryption Key.
$AESKey = New-Object Byte[] 32
[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($AESKey)
# Store the AESKey into a file. This file should be protected! (e.g. ACL on the file to allow only select people to read)
Set-Content $AESKeyFilePath $AESKey # Any existing AES Key file will be overwritten
$password = $passwordSecureString | ConvertFrom-SecureString -Key $AESKey
Add-Content $credentialFilePath $password
Now in a new powershell script this is where you will type the account info and import the keys you exported above to run the session
escalate.ps1
CLS
#-----------------------------------------
#Authenticate Admin Account using encrypted password
#-----------------------------------------
function Run-SoftwareEscalated
{Try
{
$path = Split-Path $script:MyInvocation.MyCommand.Path
$AESKeyFilePath = $path + "\aeskey.txt"
$SecurePwdFilePath = $path + "\credpassword.txt"
$userUPN = "some\account"
#use key and password to create local secure password
$AESKey = Get-Content -Path $AESKeyFilePath
$pwdTxt = Get-Content -Path $SecurePwdFilePath
$securePass = $pwdTxt | ConvertTo-SecureString -Key $AESKey
#create a new psCredential object with required username and password
$adminCreds = New-Object System.Management.Automation.PSCredential($userUPN, $securePass)
#Run our installer
$script = $path + "\install.bat"
Start-Process -FilePath $script -Credential $adminCreds -ArgumentList "-noprofile -command &{Start-Process $script -verb runas}" -WorkingDirectory $path
}
Catch
{
Write-Warning -Message "$($_.Exception.Message)"
}
}
Run-SoftwareEscalated
As you can see (for my use) I have it run a batch script with the escalated permissions. You can essentially call any kind of file you want from the batch script (needs to be install.bat or whatever you name it above), and it will run it in the admin context.
Now to create a simple launcher for users, I creates a small batch called "Setup.bat" that has this line of code
PowerShell -NoProfile -ExecutionPolicy Unrestricted -file "%~dp0escalate.ps1"
And finally, my install.bat file has my traditional "stuff", but the header of my install file has this:
::==================================
::-- This will run as admin --
::==================================
@echo off
::Check for permissions
OPENFILES > nul
::If error flag set, we do not have admin.
IF ERRORLEVEL 1 ( goto UACPrompt ) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~dp0install.bat", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
del "%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
pushd "%CD%"
pushd "%~dp0"
::==================================
::-- End of main ADMIN script --
::==================================
::Write your code to do stuff here
Hope you find this helpful. It took me a while to get this working the way I want, but it will save me A LOT of time.
I took 1 additional step and used a tool to convert bat to exe. The tool I used is here: http://www.f2ko.de/en/b2e.php or here: https://www.portablefreeware.com/index.php?id=1660
Basically you point to the batch script and you can embed all the files listed in here into this and then it exports a executable. The user would double click on it and everything will run like it's supposed to.