Powershell script not working

gabrielcovello · June 6, 2022, 7:01pm

Hi!

We are trying to run the following Powershell Script from BigFix:

Add-Type -AssemblyName System.Windows.Forms$msgBoxInput =[System.Windows.Forms.MessageBox]::Show(“IMPORTANTE:nnnEl Equipo PC SCADA requiere de un próximo Reinicio para terminar de aplicar e instalar las Actualizaciones de Windows (BigFIX).nnPor favor proceder en Horario Normal de 09:00 a 16:00Hs, durante Días Hábiles de Lunes a Jueves (Previamente coordinar con DCD y Plantas-Dependencias que puedan verse afectadas).nnSe reitera la importancia de evitar el Reinicio fuera de horarios Normales, para poder brindar una mejor respuesta y asistencia en caso de falla.nnSi luego del reinicio se presentara alguna falla o problema en el arranque del Equipo PCs SCADA, comunicarse con el sector @AUTOMATIZACIÓN Y CONTROL.nn¿Desea reiniciar ahora?nnLea previamente todo el mensaje antes de presionar ‘Si’”,‘IMPORTANTE: El Equipo PC SCADA requiere de un próximo Reinicio’,‘YesNo’,‘Warning’)switch ($msgBoxInput) {‘Yes’ {Restart-Computer}‘No’ { }}

The script works fine in Powershell. The script it’s meant to display a message box with some text, and YesNo buttons (the “Yes” restarts the computer).

When we try to deploy the action from BigFix, we create an Action with the Action Type “BigFix Action Script” (we’ve tried to use Powershell’s Action Type but it didn’t work):

prefetch XXX/Uploads/XXX

waithidden { pathname of file ((it as string) of value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of native registry) } -ExecutionPolicy Bypass -File __Download\reinicio-ductos.ps1

This basically downloads the file from the BES Root Server, extract it and executes it. We see no errors in the logs, and in the BigFix Console it shows that everything goes well, but in reality the script it’s not executing at all.

We’ve also tried to run the BigFix Script from the Fixlet Debugger tool, and it works perfect (it opens the message box).

I attach some of the log we’ve found when the action runs on the client:

Command succeeded (Exit Code=0) waithidden C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -File __Download\reinicio-ductos.ps1 (action:502207)At 11:20:28 -0300 -ActionLogMessage: (action:502207) ending actionAt 11:20:28 -0300

As you can see, there are no errors shown.

We don’t know what else we can do.

Any ideas?

JasonWalker · June 6, 2022, 7:37pm

Since the script is executing as LocalSystem, it cannot interact with a logged-on user’s desktop to display the message.

You’ll need to use the ‘override’ settings to execute the PowerShell in the context of a logged-on user to display the message to them; which also means you’ll have to copy the PowerShell script to a path the user can read (__BESData is only readable to Administrators).

See the tip at Tip - Action Override User settings and please advise whether that helps.

gabrielcovello · June 8, 2022, 3:25pm

Thank you SO much. It worked just as expected.

Now the script goes:

prefetch XXX/Uploads/XXX

override wait
hidden=true
runas=currentuser
wait { pathname of file ((it as string) of value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of native registry) } -ExecutionPolicy Bypass -File __Download\reinicio-ductos.ps1

THANK YOU i love u <3