How to run a powershell script from intune bypassing the permissions

NM 41 Reputation points
2020-12-28T04:54:04.34+00:00

Hi,

I am trying to run a PowerShell script from Intune just to collect the patches installed on the machine but the script is always failing....It seems to be like PowerShell is not bypassing the execution and not able to run the script.

This is the command i have used in my script t the top -

Set-ExecutionPolicy Bypass -Force

if executed manually the script runs fine but the user have to only allow the uac...How can i make the script to run whithout any user interaction...

Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,284 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,092 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Lu Dai-MSFT 28,241 Reputation points
    2020-12-28T07:01:57.953+00:00

    @NM Thanks for posting in our Q&A.

    For this permission issue, based on my research, I find that if we want to run the powershell script, we should make sure that the properties of the PowerShell script are set to Run this script using the logged on credentials and the signed in user has the appropriate permissions to run the script. We can read the following article about using PowerShell scripts on Windows 10 devices in Intune as a reference.
    https://learn.microsoft.com/en-us/mem/intune/apps/intune-management-extension

    So, we need to set the user permission manually, rather than via Intune.

    Thanks for understanding and have a nice day.


    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  2. Eswar Koneti 2,191 Reputation points
    2020-12-28T07:52:00.667+00:00

    It is always recommended to sign the powershell script (buy certificate) so this will always be secure and not leave anything.
    Or you can try to create win32 app and use the command line something like you have used above.

    powershell.exe -ExecutionPolicy Bypass -File .\Scriptname.ps1

    Regards,
    Eswar
    www.eskonr.com
    If the response is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

  3. Jason Sandys 31,121 Reputation points Microsoft Employee
    2020-12-28T17:25:24.14+00:00

    +1 to @Eswar Koneti 's response. If you are not signing your scripts, you are doing it wrong.

    To directly comment on what you are trying, placing the Set-ExecutionPolicy statement at the top of the script: The execution policy is checked before the script is run so changing it within the script has no value or meaning.

    Also, to be clear, this is not permissions related, it is policy related.

    0 comments No comments