When I run the command Get-LocalGroupMember administrators | where {$_.Name -notlike "*string*"} | Remove-LocalGroupMember administrators natively in PS it works fine.
When I runwaithidden powershell.exe -ExecutionPolicy Bypass -command "Get-LocalGroupMember administrators | where {{$_.Name -notlike "*admins*"} | Remove-LocalGroupMember administrators", it runs but doesn’t actually perform the intended task.
Any idea what the problem is?
Could be a few things…the simplest is that sometimes PowerShell behaves differently when run in 32-bit mode (the default), so try adding
action uses wow64 redirection false
anywhere in the actionscript before running the ‘waithidden’ command.
There can also be some differences in how quoting works. If you’re up for it, I’d try using the native PowerShell script type (if you’re on BigFix 10.0.3 or higher), or download and try our preview “Script Task Builder” dashboard described at New BigFix Labs Dashboards
The Dashboard generates a PowerShell script and executes it on-the-fly, and can save the output to a text file so at least if there’s an error message you can get some indication of what’s happening.
No luck so far, very frustrating.
This may be a forum artefact, but the -notlike needs wildcard(s) and also the quotes look iffy to me - the interpreter will match them in the order it finds them, not from the outside in
try replacing the double quotes around adminis and include the wildcards
waithidden powershell.exe -ExecutionPolicy Bypass -command “Get-LocalGroupMember administrators | ?{{$_.Name -notlike '*admins*'} | Remove-LocalGroupMember administrators”
To avoid much of the forum artefacts, use the button that looks like </> to format script contents (although it still likes to convert double quotes to (supposed) smart-quotes
The first question I would ask is does running this from a command prompt work locally?
powershell.exe -ExecutionPolicy Bypass -command "Get-LocalGroupMember administrators | where {$_.Name -notlike "*admins*"} | Remove-LocalGroupMember administrators"
Yes it works fine running manually in powershell.
no luck with single quotes vs double quotes
But does it run from the cmd.exe command line?
For me, double quotes does not
Single quotes, with the wildcards, does
Here’s what eventually worked for me:
action uses wow64 redirection {not x64 of operating system}
waithidden powershell -ExecutionPolicy Bypass -command “Get-LocalGroupMember administrators | where {{$_.Name -notlike ‘* admins*’} | Remove-LocalGroupMember administrators”
Combo of redirection and single quotes around ‘* admins*’
