wait { pathname of file ((it as string) of value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of native registry) } -ExecutionPolicy Bypass -File powershell.ps1
from Bigfix Action
action uses wow64 redirection{not x64 of operating system}
wait { pathname of file ((it as string) of value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of native registry) } -ExecutionPolicy Bypass -File powershell.ps1
action uses wow64 redirection{not x64 of operating system}
delete __createfile
//CREATE FILE
createfile until END_OF_FILE
RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255
END_OF_FILE
delete powershell.ps1
move __createfile powershell.ps1
override wait
hidden=true
runas=currentuser
wait powershell.exe -executionpolicy remotesigned -File "{client folder of current site as string}\__Download\powershell.ps1"
Best practice would be to move the file out of the __Download folder to somewhere like c:/tmp (create if it doesn’t exist) then clean it up at the end but you’re best not to run anything from the download folder as it could lock up and then break everything else if it doesn’t close commands correctly.
It’s also worth checking if there is a current user when executing
Echoing this for clarity. By default a standard user account does not have access to the __BESData folder or anything under it, so you would have to move the PowerShell script to a place the user can read before you try to execute it
Just to add to this, you don’t necessarily have to do this with powershell either unless you just really wanted to.
It should work fine directly from a wait override or by using the old RunAsCurrentUser.exe.
i tried with this code as well but it does not remove the history details , however i think runas=currentuser keyword does the same thing as download utility
