Powershell command to run for everyone - powershell

I am running into a problem with a PowerShell script. I want to add a Microsoft store app with a PowerShell command:
Add-Appxpackage -path C:\Temp\whiteboard.appx
The command is working fine, but only for 1 user not for everyone. It must be installed for everyone. How can that be done?

As #WafflesAndCustard already mentioned, the issue for executing the script is the ExecutionPolicy.
https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_execution_policies?view=powershell-7
The PowerShell-Script Execution takes another road as you probably might think of ... PS-User-Policy takes precedence over PS-Computer-Policy, but Local- (gpedit) and Domain-Policies (gpmc) overrides anything and takes the final precedence (Domain policies have highest priority)
By default -> no PowerShell Script execution is allowed.
When you want to use your script for all users, without predefining the PS-executionpolicy, you should use the native command like
powershell.exe -ExecutionPolicy ByPass -Script ....
BUT, and that's really IMPORTANT when it comes to security:
Please don't use the temp folder as this is usual something everybody can write to!
E.g. a user/program can place a malicious executable file into that folder with same name and your task (or whatever) will execute it with high privileges.

Related

Why is NoProfile pwsh parameter considered safer?

I read that when using a Powershell script in a scheduled task, external command or shortcuts, to always use the -NoProfile parameter. This is because otherwise Powershell will load some other profile which will be dangerous since you wouldn't know the content and can produce unexpected behaviours.
What I don't understand is, to my knowledge, by default, Powershell will run the "Current User, Current Host" profile (if I don't state -NoProfile). Since it is one of the basic profile files, why would it, or any of the other files be considered dangerous? Is it not trusted?
Links I referred to:
Link 1
Link 2

Is there any way to have powershell automatically run a command anytime a command is run

I'm wanting to be able to have PowerShell automatically run a specified command anytime anything is run in PowerShell(hitting enter, any command at all). I've searched all over google with no luck finding anything except the way to have a command run on startup of powershell
If you need it a bit hidden you could do it with a ScheduledTask and Auditing Events.
Enable Auditing to get all changes logged as events
https://learn.microsoft.com/en-us/powershell/scripting/windows-powershell/wmf/whats-new/script-logging?view=powershell-7.2&viewFallbackFrom=powershell-6
Create a Scheduled Task that starts with a trigger from Events by ID. Take the IDs from the Microsoft article above. Add the command you would like to run as action. This means command is "PowerShell" and parameters are like -NonInteractive -Windowstyle minimized -c "command was executed | out-file c:\temp\activity.log"
Set it to be run as the user "system" if you want it at full permission without user interaction.
Don't forget this task to be allowed to run multiple times if you want it to.
Be aware that this might generate a lot of log entries and a lot of powershell processes depending on how log your task will run.
But in most cases the solution mentioned by Mathias R. Jessen above might be the easiest one, but is also easy to be changed by any user for the session even if you changed prompt in the settings mentioned here: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_profiles?view=powershell-7.2

How to run Powershell file (having extension .ps1) using jmeter?

I want to execute .ps1 file in jmeter. I have pass the parameter as in image,but in output facing errors.The filename, directory name, or volume label syntax is incorrect.
Though the filename, directory name are correct.
Here is your problem:
Remove that quotation mark and everything should start working as expected
In general, you are making things overcomplicated.
Why do you need these cmd /c? Why just don't call powershell directly?
Normally powershell is in Windows PATH, there is no need to provide full path to it
So configure your OS Process Sampler as:
Command: powershell
Parameter: D:\Software\apache=jmeter-3.0\apache-jmeter-3.0\bin\TIP.ps1
See How to Run External Commands and Programs Locally and Remotely from JMeter article for more information on invoking 3rd-party processes from your JMeter test.
I know this is an old thread but since the response was not correct for me I found the solution to be this:
Using the OS Process Sampler you need to add as command powershell.exe and as variables exactly the following:
-executionpolicy
bypass
-file
fullpathToYourScript.ps1
This worked perfectly fine for me.

PowerShell script called from within the Jenkins PowerShell build step hangs indefinitely

I have a Jenkins (1.493) project that uses the Jenkins PowerShell build step to execute a PowerShell script. Inside that script I want to invoke another script that is stored inside a file. I have now reduced it to the following:
Script inside Jenkins PowerShell build step:
& "\\stemmer.local\sidevelopment\cvdev\devbase\jenkins\PowerShell\Test.ps1"
Content of Test.ps1:
write-host 'Hello world!'
Whenever this Jenkins project executes, the PowerShell build step hangs indefinitely.
Things I have tried/verified so far:
Adding some output before the invocation of Test.ps1 shows me that the Jenkins PowerShell script is being execute normally up to the point where Test.ps1 is called.
The file Test.ps1 exists and is reachable from the build slave that executes the script. If I alter the file's name, I get the expected error message from PowerShell...
Exchanging the " for ' in the 1st script does not change anything. Also, using dot-sourcing rather than & does not help.
The file Test.ps1 can be executed properly from the powershell itself using the same command line that is being used in the Jenkins PowerShell script.
The execution policy for PowerShell has been set to unrestricted on my development host as well as on the Jenkins build slave.
I've tried replacing the PowerShell build step with a Windows batch command build step that looks like this:powershell.exe -InputFormat None -File "\\stemmer.local\sidevelopment\cvdev\devbase\jenkins\PowerShell\Test.ps1"and played around a little with the parameters of powershell.exe, but the results were - in those cases that were syntactically and otherwise correct as far as I can tell - always the same.
I only found few references to problems that sounded similar, but none of the approaches mentioned elsewhere did help me fix this. I am absolutely puzzled, and wondering whether someone encountered this issue before (and maybe even got a scenario like the one I have in mind running).
Thanks a lot for any input!
Volker
have you tried to set execution policy to bypass ?
Copy the script file locally, then invoke it from within the Jenkins PowerShell plugin - that way it works as expected.

Powershell Script doesn't work when starting it by double-clicking

I got some strange behaviour when executing a powershell script.
When I run my script using the ISE it works just fine.
When I open Powershell.exe and run my script it works just fine.
When I open cmd, and start my script using powershell.exe -noexit
./myscript.ps1, myscript works just fine.
When I double-click myscript however, powershell opens for some milliseconds, I see that it shows some error (red font) and the powershell window closes. I'm unable to track down the error causing this problem since the powershell windows closes to fast.
I even tried one single big try-catch block around my hole script, catching any [Exception] and writing it down to a log file. However: the log file is not generated (catch is not called).
How can I track that issue? What could possibly be causing the trouble?
Please note that my execution-policy is set to unrestricted.
Before trying the suggestion invoke this to see your current settings (if you want restore them later):
cmd /c FType Microsoft.PowerShellScript.1
Then invoke this (note that you will change how your scripts are invoked "from explorer" by this):
cmd /c #"
FType Microsoft.PowerShellScript.1=$PSHOME\powershell.exe -NoExit . "'%1'" %*
"#
Then double-click the script, it should not exit, -NoExit does the trick. See your error messages and solve the problems.
But now all your scripts invoked "from explorer" keep their console opened. You may then
remove -NoExit from the above command and run it again or restore your
original settings.
Some details and one good way to invoke scripts in PS v2 is here.
Unfortunately it is broken in PS v3 - submitted issue.
by default, for security reason when you double clic on a .ps1 file the action is : Edit file, not Run file .
to execute your script : right-click on it and choose run with powershell
I also wasn’t able to run a script by double clicking it although running it manually worked without a problem. I have found out that the problem was in the path. When I ran a script from a path that contained spaces, such as:
C:\Users\john doe\Documents\Sample.ps1
The scipt failed to run. Moving the script to:
C:\Scripts\Sample.ps1
Which has no spaces, solved the problem.
This is most likely an issue with your local Execution Policy.
By default, Powershell is configured to NOT run scripts that are unsigned (even local ones). If you've not signed your scripts, then changing your default double-click 'action' in Windows will have no effect - Powershell will open, read the execution policy, check the script's signature, and finding none, will abort with an error.
In Powershell:
Help about_execution_policies
gives you all the gory details, as well as ways to allow unsigned scripts to run (within reason - you'd probably not want to run remote ones, only ones you've saved onto the system).
EDIT: I see at the tail end of your question that you've set Execution Policy to 'unrestricted' which SHOULD allow the script to run. However, this might be useful info for others running into execution policy issues.
If you would catch the error you will most likely see this
The file cannot be loaded. The file is not
digitally signed. The script will not execute on the system. Please
see "Get-Help about_signing" for more details.
Because you are able to run it from the shell you started yourself, and not with the right mouse button click "Run With PowerShell", I bet you have x64 system. Manually you are starting the one version of PowerShell where execution policy is configured, while with the right click the other version of the PowerShell is started.
Try to start both version x64 and x86 version and check for security policies in each
Get-ExecutionPolicy
I was in exactly the same situation as described in the question : my script worked everywhere except when double-clicking.* When I double-clicked a powershell windows would open but then it will close after a second or so. My execution-policy is also set to unrestricted.
I tried the selected answer concerning FType Microsoft.PowerShellScript.1 but it didn't change anything.
The only solution I found was a work around: create a bat file which start the powershell.
Create a file, copy this and modify the path : powershell.exe -File "C:\Users\user\script\myscript.ps1"
Save it as a .bat
Double-click the bat
I also used .ahk to start my powershell with a shorcut and it didn't work when pointing directly to the powershell. I had to point to the .bat