CMPivot: Add an option to provide a code signing certificate for the generated scripts from CMPivot

In our organization only signed scripts may be executed on the clients. However, the scripts from CMPivot queries are not signed and are therefore not executed. This restriction is set by GPO and cannot be overridden by "PowerShell execution policy" in the SCCM client computer agent.

71 votes

Anonymous shared this idea · November 11, 2019 · Flag idea as inappropriate… · Admin →

Noted ·

AdminAdam Meltzer (ConfigMgr Product Team) (Software Engineer, Microsoft Endpoint Configuration Manager) responded · November 12, 2020

Our internal tracking item associated with this is still open.

I’ve reactivated this feedback. Thank you for bringing it to our attention.

Show previous admin responses (1)

9 comments

An error occurred while saving the comment

Ken Berry commented · March 11, 2021 03:33 · Flag as inappropriate

We have the same isssue GPO restricts scripts to "AllSigned"

Submitting...
Anonymous commented · January 13, 2021 01:46 · Flag as inappropriate

Is there any Update planned for this? It can't be too hard to sign a Script with your own Certificate right? This is open since 11.11.19

Submitting...
David commented · November 12, 2020 11:13 · Flag as inappropriate

Why is this 'completed' when it's still a problem?

Submitting...
Anonymous commented · September 15, 2020 15:33 · Flag as inappropriate

any further information on when this will be included?

Submitting...
Paul K (TCC) commented · May 06, 2020 14:46 · Flag as inappropriate

what version is this part of?

Submitting...
Paul K (TCC) commented · March 31, 2020 19:11 · Flag as inappropriate

We have the same issue. CMPivot doesn't work due to policy set to require signed scripts. ( same as the issue with W10 diags all being unsigned scripts so they never report any problems)
Some sort of workaround to enable CMPivot would be nice.

Submitting...
Sara Barkley commented · January 08, 2020 16:07 · Flag as inappropriate

Same issue here. Domain policy set to All Signed. CMPivot completely nonfunctional, returns status "Unsupported PowerShell Version" except for the handful if devices that have exception to the policy.

Submitting...
Paul K (TCC) commented · November 28, 2019 22:52 · Flag as inappropriate

We have the same issue. CMPivot is non-functional as we have powershell execution policy at all signed site wide.

Submitting...
Anonymous commented · November 27, 2019 13:04 · Flag as inappropriate

We are running into this problem also. Our execution policy is predominately AllSigned for our servers and thus CMPivot queries will not execute, returning an error message of "Unsupported PowerShell Version". This is happening on servers with PowerShell 5.1 installed (Server 2008 R2, Server 2012 R2, Server 2016 and Server 2019). When I change the execution policy to RemoteSigned (we have some exceptions we allow) on a test server, then CMPivot queries succeed.

Submitting...