Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

How can we improve Configuration Manager?

← Ideas

CMPivot: Add an option to provide a code signing certificate for the generated scripts from CMPivot

In our organization only signed scripts may be executed on the clients. However, the scripts from CMPivot queries are not signed and are therefore not executed. This restriction is set by GPO and cannot be overridden by "PowerShell execution policy" in the SCCM client computer agent.

63 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

8 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Anonymous commented  ·   ·  Flag as inappropriate

    Is there any Update planned for this? It can't be too hard to sign a Script with your own Certificate right? This is open since 11.11.19

  • Paul K (TCC) commented  ·   ·  Flag as inappropriate

    We have the same issue. CMPivot doesn't work due to policy set to require signed scripts. ( same as the issue with W10 diags all being unsigned scripts so they never report any problems)
    Some sort of workaround to enable CMPivot would be nice.

  • Sara Barkley commented  ·   ·  Flag as inappropriate

    Same issue here. Domain policy set to All Signed. CMPivot completely nonfunctional, returns status "Unsupported PowerShell Version" except for the handful if devices that have exception to the policy.

  • Paul K (TCC) commented  ·   ·  Flag as inappropriate

    We have the same issue. CMPivot is non-functional as we have powershell execution policy at all signed site wide.

  • Anonymous commented  ·   ·  Flag as inappropriate

    We are running into this problem also. Our execution policy is predominately AllSigned for our servers and thus CMPivot queries will not execute, returning an error message of "Unsupported PowerShell Version". This is happening on servers with PowerShell 5.1 installed (Server 2008 R2, Server 2012 R2, Server 2016 and Server 2019). When I change the execution policy to RemoteSigned (we have some exceptions we allow) on a test server, then CMPivot queries succeed.

Ideas: Client Settings

Categories

Feedback and Knowledge Base

(thinking…)