Hello Everyone!
I have a task to create a windows local group and add its permission on all the available drives except C.
I was provided with the script and it runs fine when I execute it locally on system. Although, when I try to execute the same through BigFix, the permissions are applied on all the drives except for Drive D.
I tried using createfile method as well as tried deploying script directly and executed it but the results were same. Also, I have the BigFix client deployed in D Drive in my Infra. Could someone help that what is the error here? Tried generating logs as well but there is no error received anywhere to troubleshoot further
Below is the script: #Start Logging
Start-Transcript -Path C:\LogFiles\AdminFileAccessUAC.log -Append -NoClobber
#Create new local group named 'AdminFileAccessUACâ
New-LocalGroup -Name âAdminFileAccessUACâ -Description âContains same members as local Administratorsâ
#Get list of âadministratorsâ group members and add them to 'AdminFileAccessUAC" group
Get-LocalGroupMember âAdministratorsâ | Add-LocalGroupMember -group âAdminFileAccessUACâ
#Loop through disk drives D: to Z:
and run icacls /grant AdminFileAccessUAC:(CI)(OI)F
to grant full control to group âAdminFileAccessUACâ on disk root and folder hierarchy
68âŚ90 | foreach {{ #67=ascii code for C; 90=ascii code for Z
$path= [char]$_ + ":"
invoke-expression -command (âicacls $path $grant â${{useraccount}${{permission}ââ)
}
#Stop Logging
Stop-Transcript
I am using the below command to execute the script
action uses wow64 redirection {not x64 of operating system}
waithidden powershell -ExecutionPolicy Bypass -file âD:\Deploy PS\ps_uac.ps1â
The agent log could provide more useful info about the error. Take a look at the agent log on the failing computer. The log is located here:
C:\Program Files (x86)\BigFix Enterprise\BES Client__BESData__Global\Logs
It should contains a trace for the failing âwaithiddenâ command, with error details.
Sorry for replying late too⌠The agent log doesnât show an error when running your script (exit code 0). It could be a user context problem as the script seems to work when run it manually on the system.
One option can be to run it in a context of a specific user with Administrative privilege, rather than local system context, you can try to use the override command as shown in the following example: