Issues using PowerShell scripts on Windows Server 2012

This topic contains 14 replies, has 4 voices, and was last updated by Profile photo of Kawika Moss Kawika Moss 1 year, 9 months ago.

  • Author
    Posts
  • #26576
    Profile photo of Kawika Moss
    Kawika Moss
    Participant

    We are performing some tests with server 2012, in regards to our PowerShell scripts and we've run into some issue that we figured out, as far as the ExecutionPolicy, but now I'm getting another issue. I'm trying to call a custom function that compiles an application switch to test the validity of its license. The issue I'm seeing is when I try to call the function, I'm getting a popup and I want to eliminate that so that it runs without any user interaction.

    the popup says:

    "Run only scripts that you trust. While scripts from the internet can be useful, this script can potentially harm your computer. If you trust this script, use the Unblock-File cmdlet to allow the script to run without this warning message."

    I tried to do the Unblock-File, is hasn't worked...

  • #26577
    Profile photo of Don Jones
    Don Jones
    Keymaster

    These are called "problems," not "issues." 🙂

    You don't mention what execution policy you're at, but this is a result of that. Unblock-File won't work in this particular instance.

    What execution policy are you using?

  • #26592
    Profile photo of Kawika Moss
    Kawika Moss
    Participant

    UnRestricted

  • #26593
    Profile photo of Kawika Moss
    Kawika Moss
    Participant

    Scope ExecutionPolicy
    —– —————
    MachinePolicy Undefined
    UserPolicy Undefined
    Process Undefined
    CurrentUser Undefined
    LocalMachine Unrestricted

  • #26594
    Profile photo of Don Jones
    Don Jones
    Keymaster

    Try setting it to Bypass and see if you're still getting the pop-up.

  • #26596
    Profile photo of Kawika Moss
    Kawika Moss
    Participant

    If I run this:

    Set-ExecutionPolicy Bypass

    Will that change the configuration for the server to "always" bypass any popups?

  • #26600
    Profile photo of Don Jones
    Don Jones
    Keymaster

    Well, let's just TRY it once, and see what happens. If it works to suppress that one popup, I'll explain what I think's happening, and you can make a decision about what you want to do moving forward.

  • #26613
    Profile photo of Kawika Moss
    Kawika Moss
    Participant

    I'm waiting for the admin to come in to work and apply that for me, I'll let you know what comes of it...

  • #26615
    Profile photo of Peter Jurgens
    Peter Jurgens
    Participant

    Are you running the script from a network share? I've encountered that specific issue before. IE sites and zones specifies that a UNC path like \\(server).(tld)\ is in the "internet" zone and hence does not trust files/scripts/etc from that path by default. You could add the UNC path to the trusted sites in IE and that may work, or try using \\server\share (just the server name, not the fqdn) as the UNC path and that is considered the "intranet" zone which is trusted. At least if I recall correctly that should help...

  • #26623
    Profile photo of Kawika Moss
    Kawika Moss
    Participant

    yes, the function that are being called are in a network location and they are being called as \\servername\share... We're not using the fqdn, I might try the trusted sites thing though..

  • #26624
    Profile photo of Don Jones
    Don Jones
    Keymaster

    That's ultimately what I was testing with Bypass. If Bypass eliminates the pop-up, then the pop-up is because the script shows as a "remote script." Another "fix" is to digitally sign the script – it won't ever generate pop-ups, then.

  • #26628
    Profile photo of Kawika Moss
    Kawika Moss
    Participant

    well, I've gotten a little further, now it errors like this:

    "Start-Process : This command cannot be run due to the error: The system cannot find the file specified."

    this start process call is in a function that is in a network share...

  • #26630
    Profile photo of Don Jones
    Don Jones
    Keymaster

    That's completely unrelated to the execution policy pop-up. I suggest you start a new thread to ask about that question, and include the relevant portion of code that you're trying to run as well as the error. It's impossible to diagnose that based solely on an error message, unfortunately, although the error is also useful.

    When you post, be clear about what code is running, where that code is located, and what you're trying to accomplish.

  • #26631
    Profile photo of Tim Pringle
    Tim Pringle
    Participant

    Maybe it's an idea to take a step and do some debugging on this.

    You say that you're waiting for an admin to come in to change the setting. Does this mean you're not running PowerShell in an administrative context?

    Also, are you sure there are no GPOs in place regards running of scripts?

    When you got the powershell files, were they in a compressed EXE or ZIP file by any chance? If so, I'd recommend unblocking THAT file, then expanding the contents. You can get some funny results sometimes if you dont.

    Check to see if the session see the file by using Test-Path against the UNC.

    Check to see you can successfully map a PS Drive to the UNC path

    Check to see if you can copy one or more of the files from the network location to a local folder in the session.

    If you're able to do all this, are you dot sourcing the code and then running it, running it from powershell.exe, or directly calling it?

    Lastly, can we some of the code? That's been known to help.... 😉

  • #26632
    Profile photo of Kawika Moss
    Kawika Moss
    Participant

    Yea, I was waiting on the admin, he set the executionpolicy to bypass and i no longer got the popups, now I got that error...I will try some of that debugging and open a new thread if it continues to be an issue...:)

    Thanks!!

You must be logged in to reply to this topic.