/build/static/layout/Breadcrumb_cap_w.png

Question about deploying powershell script via KACE K 1000

Is there a way to push a line of powershell script via KACE K1000 without having to call a .ps1 file? I know there is some sort of native support for PS now but I haven't found any info on how it works.

I keep running into an issue when calling a ps1 file (via Scripting) where it shows in KACE as successful but it never actually runs on the machine. I have tried the command to run the 64bit powershell from %SystemRoot%\system32\WindowsPowerShell\v1.0 using parameters: -executionpolicy bypass -windowstyle hidden -file "$(KACE_DEPENDENCY_DIR)\script.ps1 but it still doesn't ever run the file successfully. I feel like some parameter involved in how I'm trying to call Powershell is the point of failure. I've got Windows Run As in KACE set to run using Admin credentials which I'm assuming is calling powershell in Admin mode (this Run As fixed a similar issue I had when installing Chrome via Script which needed elevated rights in cmd)?

Asked 1 year ago 0 views
0 Comments   [ + ] Show comments

Answers (2)

Posted by: JordanNolan 1 year ago
10th Degree Black Belt
0

When I want to run a PowerShell command or script I will have the following settings:

  • Make sure Enabled is selected
  • Type = Online Shell Script
  • Operating systems = All Windows
  • Run as = (Select how you want to run it)
  • Script Text = Your PS command or script text
  • Script File Name = Yourname.ps1

Be careful that you know the perspective of how the script is being run under "Run As" selection.  If you are running it as Logged In User, the user needs to have the access to run the command.  If you chose to run as System, keep in mind that Network Drives are not mapped to the System and user folders like %USERPROFILE%\Desktop are not the logged in user's folders.  

Posted by: kentwest 1 year ago
Second Degree Brown Belt
0

(This web page is unCoding the Code blocks I put in; so I'm putting the code in a different color.)


Because the K1 client is 32-bit, it calls the 32-bit version of Powershell. Even when you specify the 64-bit path, the K1 and/or Windows switch the path to the 32-bit version. Instead of using "system32", use "sysnative" instead; that will force the 64-bit version.


Unfortunately (because KACE won't provide the necessary feature code), if you write the Powershell directly in the "Online Shell" script's text editor window, and name the script "something.ps1", it will always default to using the 32-bit Powershell. There are two ways around this:


1) Write the Powershell script "something.ps1" and include it as a dependency, and then call it from the text editor window like so:

%SystemRoot%\Sysnative\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass .\something.ps1

or

2) Use a redirection trick in batch to create the .ps1 on the fly, and then run it as above. (It makes for ugly code, but it's all right there in the window, editable for debugging, etc, without re-dependency-ing the script as a dependency every time), like the following script, which will echo Powershell commands to an external Powershell script file ("Create-LocalUser.ps1"), and then run that script file. (Note, you really don't want to use a password like this, out in plain, open, unencrypted text, but this is just a demo.) To get a better idea of how this works, make sure to not "delete files" when you create your K1 script, and after running it against a test box, look in that text box's "scripts" directory at the files there, and you can see what the created file looks like. You can also look at the script-run's log file. As mentioned, this method is ugly, but it produces some decent documentation as it goes, and as mentioned, is directly editable. This script would create a local user, using 64-bit Powershell commands. (These commands are not available in 32-bit Powershell; come on, KACE, give us a click box on the script window to tell it to run 64-bit instead of 32-bit Powershell, which would simplify this a lot.)

@echo off

echo Use some batch magic to create a PowerShell script
(
echo $username = "mygenericuser"
echo $password = ConvertTo-SecureString "NeverPutPasswordsInPlainTextLikeI'mDoingHere" -AsPlainText -Force
echo $fullname = "Gene Ric, My Generic User"
echo $description = "Generic User"
echo " "

echo Write-Output "List of Users, Before" ^| Tee-Object -FilePath .\UserList.txt
echo Get-LocalUser ^| Tee-Object -Append -FilePath .\UserList.txt

echo Write-Output "`Attempting to add user ""$fullname"" now." ^| Tee-Object -Append -FilePath .\UserList.txt
echo New-LocalUser -Name $username -Password $password -FullName $fullname -Description $description ^| Tee-Object -Append -FilePath .\UserList.txt

echo Write-Output "List of Users, After" ^| Tee-Object -Append -FilePath .\UserList.txt
echo Get-LocalUser ^| Tee-Object -Append -FilePath .\UserList.txt

) > Create-LocalUser.ps1

echo Then run the PowerShell script, in 64-bit PowerShell
%SystemRoot%\Sysnative\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass .\Create-LocalUser.ps1

Posted by:

winterelegy Orange Senior Belt
Ninja since: 11 years ago

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

View more:

Scripting Questions
question

Related Questions

Link

Related Links

Post

Related Posts

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ