My client controls access to their database with ActiveDirectory. I would like to do the following:
$cred = Get-Credential
Start-Job -Credential $cred {
#do some stuff with the db
}
This works fine for any local user but when on the vpn and entering my ActiveDirectory credentials this fails to authenticate.
I know that I can use runas to start processes as the ActiveDirectory user only if I provide the /netonly flag (it does not work otherwise). I thought the following might help
$cred = (Get-Credential).GetNetworkCredential()
but the resulting object is not convertible to PsCredential, which is what the -Credential parameter takes.
Related to this question on SO but it seems I might have been asking the wrong thing.
If you're trying to do Integrated Security SQL queries, you might be able to do it with the impersonation module. I haven't tried SQL, but there's a post on how to use the PowerShell Impersonation Module for network share access on my blog, and I believe that it's the same network credentials you need for SQL server (e.g. the same as using runas with /netonly).
If you're just using the job because you thought it would let you change credentials for network access, then just get rid of that and use Push-ImpersonationContext instead. If you need the job for some other reason, then you have to call Push-ImpersonationContext inside the job, which means you have to get your credentials into the job (probably by serializing the password and passing it through as an encrypted secure string).
I can't test it right now (I don't have a domain or even a db server handy), so, uhm ... let me know if it doesn't work ;)