Hello Everyone!
I have a task to create a windows local group and add its permission on all the available drives except C.
I was provided with the script and it runs fine when I execute it locally on system. Although, when I try to execute the same through BigFix, the permissions are applied on all the drives except for Drive D.
I tried using createfile method as well as tried deploying script directly and executed it but the results were same. Also, I have the BigFix client deployed in D Drive in my Infra. Could someone help that what is the error here? Tried generating logs as well but there is no error received anywhere to troubleshoot further
Below is the script:
#Start Logging
Start-Transcript -Path C:\LogFiles\AdminFileAccessUAC.log -Append -NoClobber
#Create new local group named 'AdminFileAccessUAC’
New-LocalGroup -Name ‘AdminFileAccessUAC’ -Description ‘Contains same members as local Administrators’
#Get list of ‘administrators’ group members and add them to 'AdminFileAccessUAC" group
Get-LocalGroupMember ‘Administrators’ | Add-LocalGroupMember -group ‘AdminFileAccessUAC’
#Loop through disk drives D: to Z:
and run icacls /grant AdminFileAccessUAC:(CI)(OI)F
to grant full control to group ‘AdminFileAccessUAC’ on disk root and folder hierarchy
$grant="/grant"
$permission=":(CI)(OI)F"
$useraccount=“AdminFileAccessUAC”
68…90 | foreach {{ #67=ascii code for C; 90=ascii code for Z
$path= [char]$_ + ":"
invoke-expression -command (‘icacls $path $grant “${{useraccount}${{permission}”’)
}
#Stop Logging
Stop-Transcript
I am using the below command to execute the script
action uses wow64 redirection {not x64 of operating system}
waithidden powershell -ExecutionPolicy Bypass -file “D:\Deploy PS\ps_uac.ps1”