Hello everyone,
I’m trying to disabled IE Enhanced Security and install windowsfeature like ASPNET and SNMP-Service with Bigfix using a Powershell script.
I need to “run as administrator” the script to work.
My Bigfix fixlet to run the Powershell script is :
waithidden powershell.exe -ExecutionPolicy unrestricted -File “NameOfScript.ps1”
The script itself :
#Self-elevate the script if required_
if (-Not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] ‘Administrator’)) {
if ([int](Get-CimInstance -Class Win32_OperatingSystem | Select-Object -ExpandProperty BuildNumber) -ge 6000) {
$CommandLine = "-File “” + $MyInvocation.MyCommand.Path + “” " + $MyInvocation.UnboundArguments
Start-Process -FilePath PowerShell.exe -Verb Runas -ArgumentList $CommandLine
Exit
}
}
$ErrorActionPreference="SilentlyContinue"
Stop-Transcript | out-null
$ErrorActionPreference = "Continue"
Start-Transcript -path C:\TEMP\S1-WindowsFeature-$(get-date -f dd-MM-yyyy).txt -append
function isadmin
{
#Returns true/false_
([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] “Administrator”)
}
New-ItemProperty -Path “HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}” -name IsInstalled -value “00000000” -Force
New-ItemProperty -Path “HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}” -name IsInstalled -value “00000000” -Force
Install-WindowsFeature -name NET-Framework-45-ASPNET
Install-WindowsFeature -name SNMP-Service -includeAllSubFeature -includeManagementTools
Echo "Is this script running as admin?"
isadmin
Stop-Transcript
The modification didnt work though bigfix fixlet but when I localy launch my ps1 script it’s all OK…
My logfile tell me the following :
New-ItemProperty : Cannot find path ‘HKLM:\SOFTWARE\Microsoft\Active Setup\Installed
Components{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}’ because it does not exist.
At D:\Softwares\FO_Scripts\S1-Reg.ps1:31 char:1
New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Active Setup\Install …
+ CategoryInfo : ObjectNotFound: (HKLM:\SOFTWARE\...C-4F3A74704073}:String) [New-ItemProperty],
ItemNotFoundException
-
FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.NewItemPropertyCommand
New-ItemProperty : Cannot find path ‘HKLM:\SOFTWARE\Microsoft\Active
Setup\Installed Components{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}’ because it
does not exist.
At D:\Softwares\FO_Scripts\S1-Reg.ps1:31 char:1New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Active Setup\Install …
+ CategoryInfo : ObjectNotFound: (HKLM:\SOFTWARE\...C-4F3A7470407
3}:String) [New-ItemProperty], ItemNotFoundException
+ FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.NewIt
emPropertyCommand
AND
nstall-WindowsFeature : The term ‘Install-WindowsFeature’ is not recognized as the name of a cmdlet, function, script
file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct
and try again.
At D:\Softwares\FO_Scripts\S1-WindowsFeature.ps1:22 char:1
Install-WindowsFeature -name NET-Framework-45-ASPNET
+ CategoryInfo : ObjectNotFound: (Install-WindowsFeature:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
Install-WindowsFeature : The term ‘Install-WindowsFeature’ is not recognized
as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is
correct and try again.
At D:\Softwares\FO_Scripts\S1-WindowsFeature.ps1:22 char:1
Install-WindowsFeature -name NET-Framework-45-ASPNET
+ CategoryInfo : ObjectNotFound: (Install-WindowsFeature:String)
[], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
Is this script running as admin?
True
I think there is a Problem with the user that use bigfix to deploy the fixlet, but how can i fix this ?
Did someone have an idea ?
Thx,
Robin