deploy a powershell script as a package

Dear All,

I'm trying to deploy a powershell script as a package. The package content contains the UNC where the powershell script is located.

This is the command line for the package:

Powershell -ExecutionPolicy Bypass  -file .\Monitortools.ps1

In the monitoring section of SCCM I see this error "Requirement not Met - Program rejected invalid policy"

I'm able to run successfully the script locally with the same command line just replacing -file :\ with the UNC path.

Program rejected - does it mean there is a problem with ExecutionPolicy?

Thanks,

Edy

September 17th, 2013 11:32am

"invalid policy" might be caused by something like "download & execute" AND "requires drive letter" (or something similar).
You don't have to add the UNC path to the program if the package contains source files (otherwise the scipt will be downloaded to the cache, but executed from the network). So how are the package and program configured exactly?
Free Windows Admin Tool Kit Click here and download it now
September 17th, 2013 11:47am

Hi,

The package contains source file is checked. The source folder is a UNC path. On the data access tab nothing is checked. The program is configured with no UNC path.

The command line is exactly as stated above in my initial post. Environment tab, for drive mode "requires drive letter" is checked. Is that the problem?

September 18th, 2013 5:21am

I'd remove "requires drive letter" and try it again. Just make sure to determine the current directory in the script. Here's an example: http://blogs.msdn.com/b/powershell/archive/2006/07/06/how-can-a-script-tell-what-directory-it-was-run-from.aspx
Free Windows Admin Tool Kit Click here and download it now
September 18th, 2013 5:37am

it worked now and the script ran. But a part of the script is to copy files from a UNC path to the SCCM client. I guess it is a right issue with the file share.

How do I now with which account SCCM run such operation or what account needs to have access to the file share? I already added the computer account of the SCCM server for the file share.

Thanks,

Edy

September 18th, 2013 9:55am

It's the ConfigMgr client that accesses a share it's running as 'local system', so it's the computer account of the client being used.
Free Windows Admin Tool Kit Click here and download it now
September 18th, 2013 10:06am

Oops that would be mean I would need to give "everyone" read permission to the share.
September 18th, 2013 10:31am

That would work for sure, but "domain computers" would be a better alternative.
Free Windows Admin Tool Kit Click here and download it now
September 18th, 2013 11:00am

Now the powershell script worked after adding "domain computers" account with read right to the file share.

Thank you!

Edy

September 18th, 2013 12:06pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics