PowerShell Template Task - superseded
Log In or Register to download the BES file, and more.

7 Votes

Collections (part of 1 collection)

PowerShell

Versioning - This is an older version.

1PowerShell Template Task10/24/2012 1:43:56 PM
2Run: PowerShell Script - Windows - TEMPLATE9/22/2014 12:51:23 PM

Description

This task is a simple powershell 2.0.

Use this as a template for running a powershell script on a remote system.

Overall relevance checks to see if Powershell 2.0 is installed and validates the powershell exe exists.


Property Details

ID633
TitlePowerShell Template Task
DomainBESC
CategoryCommon Tasks
Download Size0
Sourcedanielheth@bigfix.me
Source ID<Unspecified>
Source Severity<Unspecified>
Source Release Date4/21/2011 12:00:00 AM
KeywordsPowerShell
Is TaskTrue
Added by on 10/24/2012 1:43:56 PM
Last Modified by on 11/3/2012 12:17:20 PM
Counters 19325 Views / 124 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 2 ratings. ** Log In or Register to add your rating.

Relevance

Used in 9 fixlets and 4 analyses   * Results in a true/false
Show indented relevance
name of operating system as string contains "Win"
Used in 11 fixlets and 5 analyses   * Results in a true/false
Show indented relevance
exists key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1" whose (value "Install" of it as integer = 1) of registry
Used in 3 fixlets   * Results in a true/false
Show indented relevance
exists key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\PowerShellEngine" whose (value "PowerShellVersion" of it as string as version >= "2.0") of registry

Actions

Action 1 (default)

Action Link Click  here  to deploy this action.
Script Type BigFix Action Script
//============================================================================
//PowerShell Script...
//
//1. Save old ExecutionPolicy value
parameter "PolicyExisted"="{exists value "ExecutionPolicy" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of (if exists x64 registry then x64 registry else registry)}"
parameter "oldExecutionPolicy"="{if (parameter "PolicyExisted" as boolean) then (value "ExecutionPolicy" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of (if exists x64 registry then x64 registry else registry) as string) else ""}"
//2. set to ExecutionPolicy=Unrestricted and Pull PowerShell exe from registry... if 64bit then pull PowerShell x64
if {x64 of operating system}
    regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]" "ExecutionPolicy"="Unrestricted"
    parameter "PowerShellexe"="{value "Path" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of x64 registry}"
else
//we need to determine what the current execution policy is so we can put it back when we're done.
    regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]" "ExecutionPolicy"="Unrestricted"
    parameter "PowerShellexe"="{value "Path" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of registry}"
endif
//3. Create PowerShell script and save to a ps1 file
delete __appendfile
delete script.ps1
appendfile get-help | Out-File $env:temp\script.log
move __appendfile script.ps1
//4. Execute PowerShell with ps1 script file
action uses wow64 redirection false
waithidden "{parameter "PowerShellexe"}" -file "{pathname of client folder of current site}\script.ps1"
action uses wow64 redirection {x64 of operating system}
//5. Restore ExecutionPolicy back
if {x64 of operating system}
    if {parameter "PolicyExisted" as boolean}
        regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]" "ExecutionPolicy"="{parameter "oldExecutionPolicy"}"
    else
        regdelete64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]" "ExecutionPolicy"
    endif
else
    if {parameter "PolicyExisted" as boolean}
        regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]" "ExecutionPolicy"="{parameter "oldExecutionPolicy"}"
    else
        regdelete "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]" "ExecutionPolicy"
    endif
endif
//============================================================================
Success Criteria

This action will be considered successful when the applicability relevance evaluates to false.


Sharing

Social Media:
Share this page on Yammer

Comments

Log In or Register to leave comments!
RAMESHWARPARSAD -
I am trying to add below set of command using template however it is failing . Command failed (substitution failed while writing file) $Adapters = Get-WmiObject Win32_NetworkAdapterConfiguration | Where-Object {$_.DHCPEnabled -ne 'True' -and $_.DNSServerSearchOrder -ne $null} $Adapters | ForEach-Object {$_.DNSServerSearchOrder} $NewDnsServerSearchOrder = "192.168.1.13","192.168.1.14" $Adapters | ForEach-Object {$_.SetDNSServerSearchOrder($NewDnsServerSearchOrder)} | Out-Null
brolly33 -
Just tested this to help out with a forum posting. Currently working on Windows Server 2016 x64 - BigFix 9.5.14.73
jgstew -
please create a post on forum.bigfix.com and CC @jgstew and provide a link to this to get help.
shiva.kalal -
This script is not working, I have tried copy pasting this and applied to a test server. it is not working getting status as failed.
shiva.kalal -
This script in not working, I have tried copy pasting this and applied to a test server. it is not working getting status as failed.
cmenard -
I would suggest moving "//2. set to ExecutionPolicy=Unrestricted...." after "//3. Create PowerShell script and save to a ps1 file". If you have a failure with appendfile or createfile, you will have set the executionpolicy and the action will not set it back.
DanPaquette -
Just wondering... We are instead creating this script via createfile. $objUser = New-Object System.Security.Principal.NTAccount("ikon1", "svc-zenosswmi") $strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier]) $strSID.Value Think we have a syntax error in this line: waithidden "{parameter "PowerShellexe"}" -file "{pathname of client folder of current site}\script.ps1 | Export-Csv c:\test.txt"
Avi -
Hi Daniel, Thanks! also how does one keep tracks of the versions that are available for "runascurrentuser.exe" ? Tried with the newer version and it was successful after fixing relevance etc. the part with looks like this when it works (i didn't need the wait since i tested it): run "__Download\RunAsCurrentUser-2.0.3.1.exe" --q "{parameter "PowerShellexe"}" -file "script.ps1" good job!
danielheth -
I've never tried doing that... but you might consider looking at this task (http://bigfix.me/cdb/fixlet/678). It is an example of using the "current user" utility (RunAsCurrentUser-2.0.3.1.exe) provided by corp.
Avi -
i could not make it work with runascurrentuser.exe from bes support, do you know of a way to make it work?
neonbluefire -
For within the actual powershell script to return actual exit codes we had to do the following with the [Environment]::Exit("#");: { ## - Custom Exit Code: [Environment]::Exit("99"); } If you did not do this the exit code would be 1 every time. Found this here: http://www.maxtblog.com/2011/09/creating-your-own-exitcode-in-powershell-and-use-it-in-ssis-package/
danielheth -
It is a variable name... I have rather descriptive variables and like to keep them simple, so I left out the period. The variable actually points to the full path to the powershell.exe and makes it easy so I can pull its location from the registry only once.
dmoore -
Is the line {parameter "PowerShellexe"} supposed to read that way, or is it supposed to read PowerShell.exe?