#Add to Local Security Policy
function Add-ServiceLogonRight([string] $Username) {
    Write-Host "Enable ServiceLogonRight for $Username"

    $tmp = New-TemporaryFile
    secedit /export /cfg "$tmp.inf" | Out-Null
    (Get-Content -Encoding ascii "$tmp.inf") -replace '^SeServiceLogonRight .+', "`$0,$Username" | sc -Encoding ascii "$tmp.inf"
    secedit /import /cfg "$tmp.inf" /db "$tmp.sdb" | Out-Null
    secedit /configure /db "$tmp.sdb" /cfg "$tmp.inf" | Out-Null
    Remove-Item $tmp* -ea 0
}

Add-ServiceLogonRight -Username svccohesityadm


sc.exe config "CohesityAgent" obj="NDGOV\svccohesityadm" password="xxxxxxxxx"






#Prompt for secure password & convert to plaintext for DataStage use
$dsSecurePass = Read-Host -AsSecureString "Enter $($dsUser) password"
$dsBinaryPass = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($dsSecurePass)
$dsPass = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($dsBinaryPass)
[System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($dsBinaryPass)