I have a small PowerShell script that deletes a custom registry key and then scans the c:\ drive for a specific file, updating the custom registry key with the path(s) of the file if found.  It works just fine if executed manually on the local machine, however I can't get it to run at all when pushed from kbox.

When I push the script to a PC and watch the PC in question, I do see the command window appear.  However, the ps1 never executes and I never see powershell.exe in the process list.

I've tried setting the execution policy on the local machine to unrestricted, but that makes no difference.

The ps1 file is attached to the script as a dependency with the "on success" task being set to run a batch file.  I've tried each of the following two lines in the body of the batch file:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -executionpolicy bypass -file blah.ps1
powershell.exe -executionpolicy bypass -file blah.ps1

This is the body of the PowerShell script:

if (Test-Path HKLM:\SOFTWARE\CUSTOM\BLAH) {
	Remove-Item HKLM:\SOFTWARE\CUSTOM\BLAH -Force -Recurse
}

[string]$blah = (Get-ChildItem c:\* -File -Filter "blah.exe" -Recurse -Force -ErrorAction SilentlyContinue).fullname

if ($blah) {
	New-Item HKLM:\SOFTWARE\CUSTOM\BLAH -Force
Set-ItemProperty HKLM:\SOFTWARE\CUSTOM\BLAH -Name blahpath -Value $blah
}

Here are the script settings I've tried:
  • Run as local system
  • Run as user (using local admin account)
  • Allow run while logged off
Any ideas as to why kbox is failing to execute this PowerShell script?
4 Comments   [ + ] Show Comments

Comments

  • What is the location of the registry key and file?
    • can you post your ps file?
    • The file is expected to be in random locations, hence the need for the script. On my test box, it's located in c:\temp.
  • I have PS scripts with the same syntax as your second option- they work fine. What do the scripting logs say? Does the same PS script run normally when executed outside of KACE on this machine?
    • Yes. In fact, I can execute the kaceXXXX.bat file from the kbot directory and it works. I can also manually execute the ps1.
      • If you can run the .bat manually with success, i'd suspect a permissions issue. Have you tried running as "logged in user" while the admin user is logged in? Might help eliminate things.
    • I haven't, because if that's the solution I'm screwed. The box I'm testing on is one where I'm logged in as the local admin, but the vast majority of PCs this script will target will have non-admin user accounts logged into them.
  • Make sure you run it as

    "$(KACE_DEPENDENCY_DIR)\blah.bat"
  • Are you sure that the script logic is right and that you really reach the "on success" section?
    Try to add some LOG actions before to execute the batch that invokes the script....
    • I added a Start-Transcript to the beginning of the script. It does create a transcript file, but there's nothing in it other than the start/end markers. Now I'm even more confused but at least now it seems like kbox isn't the entire problem even though the same script works fine when executed manually.
      • hell,
        my idea at this stage wasn't to act on the script but add a K1000 Script action "Log message..." so you can see in the K1000 Script execution log if you really enter in the On Success branch.
        Kind regards,
        Marco - StockTrader
    • I added the log action and I can see my log entry in the scripting logs on the target machine.
      • Ok..may you export (Settings -> resources -> export)the K1000 Script and share it with dropbox or other?
        Kind regards,
        Marco - StockTrader
Please log in to comment

Answers

2
The way I normally execute a powershell through a script is to add the .ps1 as a dependency and use the below batch file. The Execution Policy change is important, couldn't get it working without that.

It's not my script, I stole it from someone else on here a while back.


Answered 01/07/2016 by: LukeMurnane
White Belt

Please log in to comment
2
try it one of these ways



Answered 11/12/2015 by: SMal.tmcc
Red Belt

Please log in to comment
1
I've had the best luck putting the command in a batch file and calling the batch in a kscript.
Answered 11/13/2015 by: jknox
Red Belt

Please log in to comment
Answer this question or Comment on this question for clarity