Modifying Script ID 4
Hey everyone,
Our environment updated Kace recently from 8.1.52 to 10. Upon doing so we noticed that our MACHINE_BITLOCKER_VOLUME table was no longer being updated. Doing a little digging we found that the Scripts we had Signed by one of our Domain Admins were no longer working. Digging a little further I found out that because of the upgrade to 10, the 4 scripts within "5.2+ Windows CI/Inventory" were reverted back to the ones signed by Kace. This should be an easy fix, just upload the previously signed scripts, right? Wrong! Now it is stating that Script 4 is a system script and cannot be modified. Doing a little research I found that the System scripts were locked down at least 4 years ago. I don't know how I modified these scripts int he past, but I can guarantee they were. I know I can go about this 3 ways.
1) Find a way to update the script, and worry that it wont work the next time we update Kace.
2) Duplicate the script and have it run separately, but I am unsure exactly how this script is called at given intervals.
3) Have my domain admin trust the Kace signature and this problem goes away with minimal work. This seems logical to me, but they're wary of trusting things that they didn't vet. Is there a simple way people know of to trust the scripts?
Any other suggestions will be appreciated. Thanks in advance.
Answers (1)
Hi There,
Last year when we release 10.0, was when we implemented measures to prevent the deletion or modification of system scripts.
Since they are critical for the proper functionality of the product.
I understand your issue and we will look into how we may address this in a future release.
For now, please open a support ticket so we may help you with this issue.
Let me know the SR number so I can follow up with support.
Comments:
-
SR#4639428 - sbenson 4 years ago
-
Thanks for the SR number. Please add to the SR the serial number from the About page so that we may apply a tether key. - KevinG 4 years ago
-
I'm not seeing an About page, I did find a License Number but I don't see how that would be pertinent to this. I am also not sure if that carries information that could be used by someone else. - sbenson 4 years ago
-
Once you login there will be an orange tab "Need Help? on the right side of the page. After you open this slide out tab, the last icon on the bottom of this page is the informational icon. Click the " i " icon to display the About page and copy the Serial number as text. Please do not send a screenshot, copy and send as text so that we can copy the serial number. - KevinG 4 years ago
-
I was out yesterday, this issue has been resolved. something was updated and now the scripts are working. - sbenson 4 years ago
PS C:\ProgramData\Quest\KACE\kbots_cache\packages\kbots\4> Get-AuthenticodeSignature .\*
Directory: C:\ProgramData\Quest\KACE\kbots_cache\packages\kbots\4
SignerCertificate Status Path
----------------- ------ ----
NotSigned bitlocker_inventory.ps1
NotSigned dcm_windows_inventory.ps1
NotSigned ddpe_windows_inventory.ps1
NotSigned tpm_inventory.ps1
PS Microsoft.PowerShell.Core\FileSystem::\\SharedDrive\departments\IT\Software\Kace\PS1signed-V10> Get-AuthenticodeSignature .\*
Directory: \\SharedDrive\departments\IT\Software\Kace\PS1signed-V10
SignerCertificate Status Path
----------------- ------ ----
DFE33EF38102114255117AB5CAD3D24862D23E55 Valid bitlocker_inventory.ps1
DFE33EF38102114255117AB5CAD3D24862D23E55 Valid dcm_windows_inventory.ps1
DFE33EF38102114255117AB5CAD3D24862D23E55 Valid ddpe_windows_inventory.ps1
DFE33EF38102114255117AB5CAD3D24862D23E55 Valid tpm_inventory.ps1 - sbenson 4 years ago