Snapin PowerShell Script Can't Run (Execution Policy)



  • Hi all,
    I’m trying to run a PowerShell script that renames the local administrator account after a PC has been imaged through the FOG snapin. However, I run into the issue of it not running because the execution policy isn’t set to remote signed. How would I go about ensuring it can run when the FOG service starts?
    Any help with this would be appreciated.


  • Moderator

    I use a slightly alternative method personally, where I run the powershell command from a batch script, which requires a slightly different approach.

    Example:

    powershell -Command "& {Set-ExecutionPolicy RemoteSigned; Import-Module PSWindowsUpdate; Get-WUInstall}" 
    

  • Senior Developer

    @george1421, @Wayne-Workman 's response is the correct answer. We already take into account execution policies with our snapin templates.


  • Moderator

    While this doesn’t directly answer your question, the answer may be close to what you need.

    In MDT for Win10 we use this run command line TS to launch a PS to remove the unwanted windows Apps. This script does need the execution bypass set. This will work if the user that is executing the script is running as a local admin.

    powershell.exe -ExecutionPolicy Bypass -Command "Copy-Item '%SCRIPTROOT%\gRemove-Win10-CrapApps.ps1' -destination %temp%; %temp%\gRemove-Win10-CrapApps.ps1; Remove-Item %temp%\*.ps1 -Force"
    

    Now we also rename the local admin account but we do it this way:

    wmic useraccount where name='administrator' rename <notRealAdmin_name>
    net localgroup administrators <notRealAdmin_name> /add
    

    And then for good measure we create a new user account with the name of ‘administrator’ , set a complex password and then disable the account. It’s not clear if it adds any level of security to our design, but we do audit against the use/attempted login of ‘administrator’ on the local workstations.


  • Moderator

    If you use the powershell template when you create a new snapin, it already has execution policy bypass in the arguments for you.


Log in to reply
 

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.