One of the most exciting new features of ConfigMgr 1706 is the ability to execute PowerShell scripts on devices from the console. I’m going to walk through setting this up in this post with a simple script that will create a new file. I’ll leave it up your imagination as to what you can do with this feature.
Ground Rules
First, these scripts must be imported and approved before they can be executed. Also, scripts are only available on devices, not users. You can execute these scripts on a single device, or on a collection.
Required Rights
Of course users assigned the “Full Administrator” security role can import and approve these scripts. The only other role that can import and approve scripts is Operations Administrator. There’s a new section of security roles called “SMS Scripts” where you can grant additional security roles the rights to import, modify, or approve scripts.
To give console users the ability to execute them, change Collection > ResID:Run Script to Yes. Again, by default, this right is only available to users assigned the Operations Administrator role.
Import and Approve Scripts
Importing and approving is fairly straightforward. There’s a new section called “Scripts” in your Software Library tab. From there, click “Create Script” in the ribbon. Give your script a name, then paste it in the Script box. As of 1706, there’s only one option for language: PowerShell.
Once import, you must approve the script. To approve, right-click on the entry and select “Approve/Deny”.
You’ll have the option to approve or deny the script. This is handy because we can come back and deny a script after it’s been approved. You’ll also be able to add a comment.
Execute Script
To run the script, right-click on the device object and select “Run Script.”
You’ll be able to select your script from the list, then click next. After you finalize it, the script should execute on the client within a few seconds.
Disclaimer
All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistance.
