I’m new to BigFix and in need of a little help.
- The PS script below performs as expected when I run it directly in the PS console on a client machine
- I am getting an error when I try to run the following BES task.
- The error occurs on the first “IF” statement - I have escaped the “{” characters with “{{”
- I don’t see any errors listed on the client log file
==Begin task content==
action uses wow64 redirection false
delete __createfile
delete UPDATE_BES_CUSTOM_PROPERTY_REG_KEY.ps1
createfile until @end_create_PS1_file
Import-Module activedirectory
#Requires -Modules ActiveDirectory
$registryPath = "Registry::HKEY_LOCAL_MACHINE\SYSTEM\Custom_Properties"
$REG_VALUE_NAME = "Computer_Description"
$COMPUTER = Get-CIMInstance CIM_ComputerSystem
$DC = Get-ADDomainController -DomainName $COMPUTER.domain -Discover -NextClosestSite
$AD_DESCRIPTION = Get-ADComputer $COMPUTER.name -Properties description | select Description
If (Get-Item -Path $registryPath | Select-Object -ExpandProperty property | Where-Object {$_ -like "Computer_Description"})
{{
$REG_DESCRIPTION = Get-ItemProperty -Path $registryPath | Select-Object -ExpandProperty Computer_Description
if ($AD_DESCRIPTION.description -ne $REG_DESCRIPTION){{
New-ItemProperty -Path $registryPath -Name $REG_VALUE_NAME -Value $AD_DESCRIPTION.description -PropertyType string -Force | Out-Null
Exit 0}
Else{{Exit 0}
}
Else{{Exit 1}
@end_create_PS1_file
move __createfile UPDATE_BES_CUSTOM_PROPERTY_REG_KEY.ps1
waithidden PowerShell.exe -ExecutionPolicy bypass -NonInteractive -NoLogo -file "ADD_BES_CUSTOM_PROPERTY_REG_KEY.ps1"
==End task content==
Here is the output from the task on the BES console - “Action Script Execution Detail”
Completed action uses wow64 redirection false
Completed delete __createfile
Completed delete UPDATE_BES_CUSTOM_PROPERTY_REG_KEY.ps1
Completed createfile until @end_create_PS1_file
Completed Import-Module activedirectory
Completed #Requires -Modules ActiveDirectory
Completed $registryPath = "Registry::HKEY_LOCAL_MACHINE\SYSTEM\Custom_Properties"
Completed $REG_VALUE_NAME = "Computer_Description"
Completed $COMPUTER = Get-CIMInstance CIM_ComputerSystem
Completed $DC = Get-ADDomainController -DomainName $COMPUTER.domain -Discover -NextClosestSite
Completed $AD_DESCRIPTION = Get-ADComputer $COMPUTER.name -Properties description | select Description
Failed If (Get-Item -Path $registryPath | Select-Object -ExpandProperty property | Where-Object {$_ -like “Computer_Description”}){{
$REG_DESCRIPTION = Get-ItemProperty -Path $registryPath | Select-Object -ExpandProperty Computer_Description
if ($AD_DESCRIPTION.description -ne $REG_DESCRIPTION){{
New-ItemProperty -Path $registryPath -Name $REG_VALUE_NAME -Value $AD_DESCRIPTION.description -PropertyType string -Force | Out-Null
Exit 0}
Else{{Exit 0}
}
Else{{Exit 1}
@end_create_PS1_file
move __createfile UPDATE_BES_CUSTOM_PROPERTY_REG_KEY.ps1
waithidden PowerShell.exe -ExecutionPolicy bypass -NonInteractive -NoLogo -file “ADD_BES_CUSTOM_PROPERTY_REG_KEY.ps1”
End “Action Script Execution Detail”
What am I missing?
Thanks,
Emil