Hello ​@maulik shah, 
I just gave it a try in my lab and to me it looks like you are missing  one “ at the end of the RunApp line. 

Here is the ini content I used:

eGeneral]
EnableLogging=4
LogMethod=2

RunApp="powershell -Command "Start-Process PowerShell_ISE -Verb RunAs""

AppWindowTitle="ISE"

/TaskSequence1]
SequenceDelay=40000
Sendkeys=^i

I tested it with the following command in cmd:

ps_automate.exe ini=ise.ini username=User password=pass

and the ISE started as Admin.

Hi Pierre, Thanks for trying . I had powershell_ISE working launched in admin mode but i cannot pass any command laer on 

i.e 

SequenceDelay=40000

Sendkeys=”Hello World”

Hello Maulik,

Got it now. I must have missed that part as the actual question. Unfortunately, I don't think it will work the way you're hoping. Windows generally prevents non-elevated processes from sending data to elevated processes. So, once ps_automate launches ISE with elevated privileges, it can no longer control the window.

You can make the test work if you run ps_automate from an elevated CMD, but that would require ps_automate itself to be launched with elevation from the start. That doesn't seem like a good general recommendation.

Additionally, using SendKeys wouldn't be advisable. There’s a risk of sending keystrokes to the wrong part of ISE, for example if the Command Add-ons panel is open (View → Show Command Add-on). I’m not sure about your specific use case, but you might want to explore an alternative approach, such as loading an existing script instead of relying on SendKeys.

Hi Pierre ,

My use case is to provide secure managed credential in memory for staff to use in future script block which could be connecting online services. 

I can see you are from beyond trust TAM team, does Password safe has such a out of box future where user can inject credential securely in to managed session or managed application session when needed. 

Regards,

Maulik

Hey Maulik,

Password Safe does not offer an out-of-the-box feature to inject credentials during an active session.

One option to consider is using the Password Safe API. Since your goal is to utilize managed credentials within a script, you could implement a predefined code block that retrieves the credentials from Password Safe using the user’s own credentials while specifying the Managed Account/Managed System. Keep in mind that a high volume of API requests might grow your audit logs, so you may want to consider using a password cache to offload API calls.

Since users will likely be able to see the credentials in plain text when they are injected, another option could be to allow them to retrieve the password directly from the Password Safe UI instead.

I’ve seen a customer build a custom launcher application (that is run by ps_automate) that continues running after launching the target application, allowing the user to copy the credentials even after the target application has started. This could be a viable option if you have the resources to develop a similar solution, that fits your needs.

That said, all these approaches come with the downside of potentially exposing credentials to the user. Therefore, implementing a robust rotation scheme is critical.