Passing BF Action Script Parameter into PS Script

I created the action script below which works when I put in an IP of ‘8.8.8.8’.
When I use {Parameter NAT} instead I get an error of constrained. How do I get this to use a parameter so I can apply to a bunch of servers without editing the fixlet?

action parameter query “NAT” with description “Please specify the server’s NAT IP address”

//1. Save old ExecutionPolicy value
parameter “PolicyExisted”="{exists value “ExecutionPolicy” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of (if exists x64 registry then x64 registry else registry)}“
parameter “oldExecutionPolicy”=”{if (parameter “PolicyExisted” as boolean) then (value “ExecutionPolicy” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of (if exists x64 registry then x64 registry else registry) as string) else “”}"
//2. set to ExecutionPolicy=Unrestricted and Pull PowerShell exe from registry… if 64bit then pull PowerShell x64
if {x64 of operating system}
regset64 “[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]” “ExecutionPolicy”=“Unrestricted"
parameter “PowerShellexe”=”{value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of x64 registry}"
else
//we need to determine what the current execution policy is so we can put it back when we’re done.
regset “[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]” “ExecutionPolicy”=“Unrestricted"
parameter “PowerShellexe”=”{value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of registry}"
endif

//3. Create PowerShell Script and save to ps1 file
delete __createfile
delete smb.ps1

createfile until END_OF_FILE

$newValue = New-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters” -Name ‘SrvAllowedServerNames’ -PropertyType MultiString -Value (‘8.8.8.8’)
$newValue.multistring[0]

END_OF_FILE

move __createfile smb.ps1

action uses wow64 redirection false
waithidden “{​​parameter “PowerShellexe”}​​” -file “{​​pathname of client folder of current site}​​\smb.ps1”

//4. Restore ExecutionPolicy back
if {​​x64 of operating system}​​
if {​​parameter “PolicyExisted” as boolean}​​
regset64 “[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]” “ExecutionPolicy”="{​​parameter “oldExecutionPolicy”}​​"
else
regdelete64 “[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]” “ExecutionPolicy"
endif
else
if {​​parameter “PolicyExisted” as boolean}​​
regset “[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]” “ExecutionPolicy”=”{​​parameter “oldExecutionPolicy”}​​"
else
regdelete “[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]” "ExecutionPolicy"
endif
endif

createfile until END_OF_FILE

$newValue = New-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters” -Name ‘SrvAllowedServerNames’ -PropertyType MultiString -Value ('{parameter "NAT"}')
$newValue.multistring[0]

END_OF_FILE

This will pass the parameter inside the file that you create. Typically you would escape relevance inside a create file or command by having a double parenthesis ({{blah}) at the start however as you want to use it as typical relevance then just a single parenthesis will make it work as such.

2 Likes

The “Constrained” action status should only be returned when you have a “Run only when…” condition on the Action - like an action constrained to only run during a Maintenance Window property value.

The syntax for using your parameter should look like this (the only problem I saw was quoting on the parameter name

$newValue = New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" -Name 'SrvAllowedServerNames' -PropertyType MultiString -Value ('{parameter "NAT"}')
1 Like

Thank you. I’ve been trying different ways of doing the parameter. I almost got it with the double quote, it created the key but not the multistring value. Then I moved onto single and double quotes but had them in the wrong place. I’ll try this one and let you know if it works.

Thanks Jason and FatScottishGuy. That did the trick. Much appreciated.

2 Likes