I have a PowerShell script that I am running through a BigFix fixlet. However, the endpoint has a policy that sets the execution policy to Unrestricted. Due to this policy, I am unable to execute that fixlet on the endpoint. Additionally, this policy cannot be removed or overturned through registry changes as it is a machine policy.
Is there any other way to fix this issue or run the PowerShell script through BigFix? Please help with a solution.
What’s the command line you’re using to run the PowerShell?
Are you using the -ExecutionPolicy Bypass parameter? That usually bypasses the policy, but I understand there are some policy enforcements (either Intune or GPO, not sure) which this does not bypass.
If the ExecutionPolicy Bypass parameter does not work, you’ll need to talk with your internal team about modifying the restriction.
yes I am using the same parameter as you mentioned “-ExecutionPolicy Bypass” and there is a GPO in place which restricts to execute powershell through bigfix. But is there any way to bypass this restriction without modifying the GPO (if there) as Execution policy is at “Unrestricted”.
//waithidden { pathname of file ((it as string) of value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of native registry) } -ExecutionPolicy Bypass -File {parameter “ErrorFolder”}\powershell2.ps1
//waithidden cmd.exe /c type {parameter “ErrorFolder”}\powershell1.ps1 | powershell.exe -NoProfile - //waithidden cmd.exe /c powershell.exe -NoProfile -Command “Get-Content {parameter “ErrorFolder”}\powershell2.ps1 | Invoke-Expression”
waithidden cmd.exe /c powershell.exe -NoProfile -Command “& {{ $content = Get-Content {parameter “ErrorFolder”}\powershell2.ps1; $content | Set-Content C:\new_script.ps1; powershell.exe -NoProfile -File C:\new_script.ps1 }”
these are some of the waithidden cmds i tried to use them but none of them worked. will anyone of them is close to a correct way to do it or some other way to bypass it?
Your first one is the form I usually use, but if the ‘ErrorFolder’ path has spaces you may need to quote the -File parameter.
You could also try the native ‘PowerShell’ script type in the Action, instead of using ActionScript.
Other than that, I’m not sure there are other ways to bypass the PowerShell block. That’s by design, I’m afraid, and if your organization is enforcing that policy I don’t know that we even should by trying to go around your defined security policy.