In our environment, security dept. has blocked PowerShell with Cylance. So even as part of IT, I can’t use PowerShell or the ISE. I don’t understand why they would block it company wide but now I’m trying to find another way to do what I need.
We use BigFix to manage our machines and for patch installs on workstations, etc.
It seems that creating a fixlet and using that to use PowerShell works.
So I was trying to create a fixlet to run the Reset-ComputerMachinePassword but a bit stuck on the credentials.
I don’t want to include my own domain credentials into the fixlet.
Is there a way to enter credentials each time you push out the fixlet? Like it would prompt me from the bigfix Client to enter credentials. Of course prompting on the workstation machine I’m sending the fixlet to would not be beneficial.
This happened with us too, our sec team blocked us using BeyondTrust & trust me its actually beyond to trust LOL !
However, there’s always a way out; in our instance, they granted us access to the Dev profile, which is equivalent to Admin access, after I presented them with the required business case.
I’m hoping there must be something in your case as well; all you have to do is convince them.
Thank you.
So this looks like it would work but I ran into something I didn’t think about… That PowerShell cmd prompts for a password and I don’t see a way to pass the password along with the command without requiring user input…
The wy to do this is with ActionScript
Either download your PowerShell script, or create it dynamically
Then drop the level of logging, call the script (passing in your secret parameters) and you should be good to go