jkjk12 Posted September 2, 2016 Report post Posted September 2, 2016 Hi, I have a PowerShell script that used to work before we upgraded to CM2012 1602. Now it no longer works and I've tried many many different things to make it work. I have tried (that I got from this site) to create a Package that has no Program. That does not work. I have called a CMD and use -bypass etc..... that does not work. I have tried to run a PowerShell script and choose Bypass and that does not work. I have tried to place my .PS1 file in the %scriptroot% on our MDT share and that does not work. How on earth can I run the following .PS1 script from within a CM2012 Task Sequence so it works? (this script updates the AD description, moves the PC and moves the users ID if needed. YES, all of the registry entries are there and contain data). import-module -Name C:\windows\system32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.Management -verbose ########################################################################################### # Update the description field $computer = (get-ItemProperty hklm:\SOFTWARE\Microsoft\MPSD\OSD).OSDComputerName $Description = (get-ItemProperty hklm:\SOFTWARE\MGH).Description $dom = [system.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() $root = $dom.GetDirectoryEntry() $search = [system.DirectoryServices.DirectorySearcher]$root $search.Filter = "(cn=$computer)" $result = $search.FindOne() $computerToUpdate = [ADSI]$result.path $computerToUpdate.Description = $description $computerToUpdate.SetInfo() ########################################################################################### # Move the computer to the correct OU $computer = (get-ItemProperty hklm:\SOFTWARE\Microsoft\MPSD\OSD).OSDComputerName $GetOU = (get-ItemProperty hklm:\SOFTWARE\Microsoft\MPSD\OSD).OSDDomainOUName $dom = [system.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() $root = $dom.GetDirectoryEntry() $search = [system.DirectoryServices.DirectorySearcher]$root $search.Filter = "(cn=$computer)" $result = $search.FindOne() $computerToMove = [ADSI]$result.path $computerToMove.psbase.Moveto([ADSI]"LDAP://$GetOU") ########################################################################################### # Move the users account $GetUserID = (get-ItemProperty hklm:\SOFTWARE\MGH).User $GetOU = "OU=MGH_Users,DC=acme,DC=org" $dom = [system.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() $root = $dom.GetDirectoryEntry() $search = [system.DirectoryServices.DirectorySearcher]$root $search.Filter = "(samaccountname=$GetUserID)" $result = $search.FindOne() $UserToMove = [ADSI]$result.path $UserToMove.psbase.Moveto([ADSI]"LDAP://$GetOU") Quote Share this post Link to post Share on other sites More sharing options...
jkjk12 Posted September 2, 2016 Report post Posted September 2, 2016 Wait..... I just discovered something that is causing this. The following REG keys are NOT present. hklm:\SOFTWARE\Microsoft\MPSD\OSD Now we are using UDI to throw up custom dialogs during the OSD process. One of these is called NEW COMPUTER DETAILS and on this page I added custom OU's to add machines too. Again, I know 100% for sure this reg key used work and it entered data into the registry. For 2 years we would build machines and they would show up in the right OU and have the AD Machine Description set to whatever was entered into the UDI dialogs. Then we upgraded to CM2012 1602 and the issues began. 1) I looked in the UDI wizard and I don't see any variable name for the OU. What is it called? 2) where in the Task Sequence does this registry key get installed? I've looked at every line and I don't see it. And yes it used to work Thank you. Quote Share this post Link to post Share on other sites More sharing options...
jkjk12 Posted September 6, 2016 Report post Posted September 6, 2016 OK, I have now confirmed the reg keys in question are present. But no matter what I do I can't run this PowerShell script from with a Task Sequence. I have tried to do this manually with psexec. I have opened up a CMD window "as Administrator" and I've run two different commands. Command 1: Fails with Access Denied. psexec -s -accepteula cmd.exe /c powershell.exe "C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -noprofile -executionpolicy bypass -file c:\temp\run.ps1" Command 2: Works!! psexec -u acme.org\MyAdminID -p MyPassword -accepteula cmd.exe /c powershell.exe "C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -noprofile -executionpolicy bypass -file c:\temp\run.ps1" how do I mimic Command 2 inside of a CM2012 task sequence? Trust me, I've tried many things. Create a package with no program. Run a PowerShell script. Run a Command Line (that runs powershell.exe) How is this done? Thank you. Quote Share this post Link to post Share on other sites More sharing options...
thrqureshi Posted October 30, 2016 Report post Posted October 30, 2016 Are you trying to run this script before joining the domainIf you are running in windows PE, you need ADSI support in you boot.wim file Quote Share this post Link to post Share on other sites More sharing options...
