Allow upload of powershell scripts (not just the script block) as detection methods or Configuration Item scripts
If we have AllSigned selected as a powershell execution policy either as a global gpo or via the client, any script blocks that are written for detection methods on applications or discovery/remediation for config items will fail since they "aren't signed". Organizations where execution policies are scoped as such aren't able to use these features when the configmgr client downloads the scripts to the staging area and scrambles the script name.
Colin W
shared this idea
2 comments
-
Colin W
commented
Adam,
Apologies for the greatly delayed response. Your script worked for adding the signed deployment script. Exciting to see the blog update about this being fixed in the next release for CB!
Much appreciated,
Colin W -
AdminAdam Meltzer (ConfigMgr Product Team)
(Software Engineer, System Center Configuration Manager)
commented
I'm not entirely sure what you're asking for here. We do support signed PowerShell scripts and AllSigned as an execution mode for discovery/remediation in applications as well as settings.
There are a couple of caveats with this that may not be immediately discoverable and I have some tasks in my backlog to improve these things for future releases.
I've talked about these in depth in my blog posting here: https://blogs.msdn.microsoft.com/ameltzer/2014/09/24/using-signed-powershell-scripts-with-configuration-items-and-applications/
Does this cover your specific concerns, and if not can you elaborate further on the specific scenario you're trying to accomplish?