Deploying New Local User Administrator - Powershell Digitally Signed Error
Hi all,
I'm trying to use PDQ to deploy a powershell script to create a new user and add to administrator group. When trying the script through PDQ deploy, it shows successful, but provides this output:
File C:\windows\AdminArsenal\PDQDeployRunner\service-1\exec\Error Handling Wrap
per.ps1 cannot be loaded. The file C:\windows\AdminArsenal\PDQDeployRunner\serv
ice-1\exec\Error Handling Wrapper.ps1 is not digitally signed. The script will
not execute on the system. Please see "get-help about_signing" for more details
I thought that having: "PowerShell.exe -NoLogo -NonInteractive -ExecutionPolicy Bypass" would have passed the powershell lines no problem?
Any advice?
Thanks,
Comments
Can you show your package step? Obfuscate sensitive data obvioiusly. That's strange behavior. The wrapper does pass the code with ExecutionPolicy set to Bypass by default, so that's a curious error. You might have to get with support on this one. What version are you on?
Sure thing, super simplistic for now. Just trying to get this guy to run on a local test machine.
Currently Running 13.2.0.0
It doesn't seem like it's passing the Bypass syntax. I assumed that PDQ runs powershell with it defined?
Hmm. I have the same version, and it works fine for me:
I'd email support@pdq.com and they will get you taken care of! Sounds like something is amiss with your installation.
Thanks for validating, that makes me feel more at easy. I was going crazy with the workarounds haha!
We've seen issues in the past where Group Policy has restrictions setup to block unsigned scripts and -ExecutionPolicy Bypass gets thwarted by Group Policy.
Keep it simple if your PDQ Deploy is not accessible by others.
Use CMD or a BAT!
Replace username and Password and remove the < >
net user <username> <password> /add
net localgroup administratoren /add <username>
wmic UserAccount where Name='<username>' set PasswordExpires=False
First line creates the user with the password
Second line adds the user to the localgroup admin
Third turns off the Password expiration
Example:
Creating the user "NoPowerShell" with the Password "justcmd"
net user NoPowerShell justcmd /add
net localgroup administratoren /add NoPowerShell
wmic UserAccount where Name='NoPowerShell' set PasswordExpires=False
Thats all
My batch for this is here:
https://support.pdq.com/hc/en-us/community/posts/211691407/comments/115000241592
have phun :)