I am trying to run a Windows Jenkins job using the 'Execute Windows batch command". The job is to run a Python script that uses subprocess to repeatedly invoke a windows console executable. The exe is required to not run as admin. It looks like the default config for the Jenkins slave agent is to run the Windows batch command as admin. The issue is not running the python script, it runs as expected.
I have come across the workaround of using 'runas /trustlevel:0x20000 "cmd /c myscript.py"' in the Jenkins job but that doesn't work as desired because:
Have also tried the 'Authorize Project' plugin and configured the job to run 'as user who triggered job', but job still appears to run as admin.
Is there a Jenkins slave configuration or acct setup to get jobs to run as non-admin? The fallback is to update the Python script to lower privileges when creating the subprocess to run the Windows executable. I am assuming the best way to do this is to use the Win32 api package and use something like CreateRestrictedToken and CreateProcessAsUser approach which I have seen snippets of.
Thanks in advance and apologies if I violate any protocols as this is my first post/question.