Menu
laptop-3877800_1280

Deploying PowerShell Scripts via SCCM: A Step-by-Step Guide

, 0

Table of content

Managing devices at scale can be challenging, but SCCM simplifies this by allowing you to deploy PowerShell scripts directly to client machines. Whether you’re installing applications, modifying configurations, or collecting data, this feature is invaluable. Let’s walk through the process.

Prerequisites

Before you begin, ensure the following: 

  • SCCM Version: Your SCCM environment should be running version 1706 or later.

  • Client Requirements: Targeted client devices must have PowerShell version 3.0 or higher installed.

  • Permissions: You need appropriate permissions to create, approve, and run scripts within SCCM.

Step 1: Create the PowerShell Script

  1. Open the SCCM Console: Launch the SCCM console and navigate to the Software Library workspace.

  2. Access Scripts: In the left-hand pane, expand Software Library > Scripts.

  3. Create New Script:

    • On the Home tab, click Create Script.

    • In the Create Script wizard:

      • Script Name: Enter a descriptive name for your script.

      • Script Language: Select PowerShell.

      • Script Content: Paste your PowerShell code into the provided field.

    # Username and Password
$username = "TechEUC"
$password = ConvertTo-SecureString "TechEUC.com!" -AsPlainText -Force
# Creating the user
New-LocalUser -Name "$username" -Password $password -FullName "$username" -Description "TechEUC Test user"

  • Click Next, review the summary, and then click Close to finish

  

Step 2: Approve the Script

  1. Select the Script: In the Scripts list, click on the script you just created.

  2. Approve Script:

    • On the Home tab, click Approve/Deny.

    • If you notice the Approve/Deny option is greyed out, then we need to allow the Author to approve own scripts.

    • Go to your Administration / Site / Hierarchy Setting. Then Disable “Script Authors require additional script approver”

    • Now the Approve/Deny option should be enabled

    • In the Approve or deny script dialog box:

      • Select Approve.

      • Optionally, enter a comment regarding the approval.

    • Click Next, review the summary, and then click Close.

Note: By default, script authors cannot approve their own scripts. This setting can be modified in the Hierarchy Settings if necessary

Step 3: Run the Script on Target Devices

  1. Navigate to Device Collections: In the SCCM console, go to Assets and Compliance > Device Collections.

  2. Select Target Collection: Right-click on the device collection you wish to target and choose Run Script.

  3. Choose Script:

    • In the Run Script wizard:

      • Select the approved script from the list.

      • Click Next.

    • Review the summary and click Next to initiate the script deployment.

    • Click Close to exit the wizard.

Note: Scripts are executed immediately on online clients. Offline clients will execute the script once they come online, within a one-hour window.

Step 4: Monitor Script Execution

  1. Access Script Status: In the SCCM console, navigate to Monitoring > Script Status.

  2. Review Results:

    • Locate the script you ran in the list.

    • Click on it to view detailed execution results, including success rates and any error messages.

Note: A script exit code of 0 typically indicates successful execution

Signup to our weekly newsletter

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *