How To: Run a PowerShell Script with a Custom Action

Version 3

    Purpose

     

    The purpose of this document is to outline how to configure a Deployment Template to use a Custom Action to execute a PowerShell script.

     

    Steps

     

    In our example, we will create a Deployment Template to be used just for this Custom Action.  However, you can add a Custom Action to any Deployment Template you want.

    • Click New > Deployment Template
    • Configure the General and Reboot tabs however you need to
    • On the Custom Actions tab, configure the following steps:
      • Push your PowerShell Script
        • Click New
        • For Step 1, choose which deployments you want to perform this step (we'll choose "All deployments" since this template is purely for our PowerShell script, which means we'll skip "Step 2" on this tab)
        • For Step 3, choose "Push File"
        • For Step 4, enter or browse to the filepath for your PowerShell Script (e.g., C:\ExampleScript.ps1)
        • Click Save
      • Execute your PowerShell script
        • Click New again to open a second action
        • For Step 1, again choose which deployments you want to perform this step (this generally matches the same choice in the first action, but doesn't have to)
        • For Step 3, choose when in your deployment to execute the script (we chose "After all patches", but it doesn't matter on a template like this that is only for the Custom Action)
        • For Step 4, enter your command to call your script.  In this example, our script is named ExampleScript.ps1.  You simply call PowerShell using your script as an argument, like this:
    PowerShell %PATHTOFIXES%ExampleScript.ps1
          • NOTE: If your script name contains spaces, your command will require extra formatting to run properly.  It's significantly less complicated if you name your script with no spaces, but it can be called like this:

            PowerShell "& ""%PATHTOFIXES%Example Script.ps1"""
          • You'll need all of the quotation marks for it to be recognized as a proper argument - one before the & and then two at the beginning of the filepath, then three to close them all at the end.

        • Click Save

     

    Your Custom Actions tab should now look like this:

     

    Make sure you run your scan with Patch Scan Template configured for Custom Actions (How To: Perform a Custom Action Complete Tutorial with Custom Actions), then deploy with this template, and your PowerShell script should execute.

     

    Additional Information

     

    You might find that you are blocked from running your own PowerShell scripts by a restricted execution policy.  For a single machine, you can simply launch PowerShell and enter the following command:

    Set-ExecutionPolicy RemoteSigned

    For multiple machines, you can set the execution policy via GPO, as outlined in this TechNet post.

    Affected Product(s)

     

    Shavlik Protect 9.x

    Ivanti Patch for Windows Servers 9.3+