Jump to content


ZeZe

Compliance Item - powershell script timed out?

By ZeZe, in Configuration Manager 2012

Recommended Posts

ZeZe Newbie

ZeZe

Posted
Posted

Hi all,

I searched on the internet for a script that check's if there are any unwanted users as "administrators" on the local computer groups.


I found this script, that you can change to allow your own users or groups:

 

----- START ----

$computer=$env:computername
$AdminGroupArr = @()
$AllowedGroups=@("Administrator","Domain Admins","ACCOUNT1","GROUP1","ACCOUNT3")
Try {
$AdminsGroup=GWMI -Class Win32_Group -computername $Computer -Filter "SID='S-1-5-32-544' AND LocalAccount='True'" -errorAction "Stop"
$AdminGroup=$AdminsGroup.GetRelated() | Where {$_.__CLASS -match "Win32_UserAccount|Win32_Group"}
$AdminGroupArr+=@($AdminGroup) | Select Name
$admGroupOutput = $AdminGroupArr | where {$AllowedGroups -notcontains $_.Name} | ForEach-Object {$_.Name} | Out-String -Stream
if ($admgroupoutput -eq $null)
{
write-host "Compliant!"
}
else {$admGroupOutput}
}
Catch
{
Write-Warning "Failed to get administrator groups from $computer"
Write-Error $_
}

 

----- END ----

I have configured a baseline configuration with an item that will check the result (as a string) for "Compliant!". Any other output will result of non-compliant.

However, when I run the script it can take some time (between 30 seconds to 180 seconds). No manner how long it works!

 

But the SCCM agent considered that it takes a lot of time (more than 60 seconds some times), which will cause the script to fail and result "critical" event on those workstations.

Is there any way to change the amount of time that a script can run? Or is there any other way to accomplish this using other script? This one works perfectly however, it's the "catch" that takes a while to finishes.

Thank you in advanced for any feedback.

José

 

Additional information on the report: Setting Discovery Error 0x87d00321 The script execution has timed out.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.