Deploying New Local User Administrator - Powershell Digitally Signed Error

Hi all,

I'm trying to use PDQ to deploy a powershell script to create a new user and add to administrator group. When trying the script through PDQ deploy, it shows successful, but provides this output: 

File C:\windows\AdminArsenal\PDQDeployRunner\service-1\exec\Error Handling Wrap
per.ps1 cannot be loaded. The file C:\windows\AdminArsenal\PDQDeployRunner\serv
ice-1\exec\Error Handling Wrapper.ps1 is not digitally signed. The script will
not execute on the system. Please see "get-help about_signing" for more details

I thought that having: "PowerShell.exe -NoLogo -NonInteractive -ExecutionPolicy Bypass" would have passed the powershell lines no problem?

Any advice?

Thanks,

 

0

Comments

7 comments
Date Votes
  • Can you show your package step? Obfuscate sensitive data obvioiusly. That's strange behavior. The wrapper does pass the code with ExecutionPolicy set to Bypass by default, so that's a curious error. You might have to get with support on this one. What version are you on?

    0
  • Sure thing, super simplistic for now. Just trying to get this guy to run on a local test machine.

    Currently Running 13.2.0.0

    It doesn't seem like it's passing the Bypass syntax. I assumed that PDQ runs powershell with it defined?

     

    0
  • Hmm. I have the same version, and it works fine for me:

    I'd email support@pdq.com and they will get you taken care of! Sounds like something is amiss with your installation.

    0
  • Thanks for validating, that makes me feel more at easy. I was going crazy with the workarounds haha!

    0
  • We've seen issues in the past where Group Policy has restrictions setup to block unsigned scripts and -ExecutionPolicy Bypass gets thwarted by Group Policy. 

    0
  • Keep it simple if your PDQ Deploy is not accessible by others.
    Use CMD or a BAT!

    Replace username and Password and remove the < >

    net user <username> <password> /add
    net localgroup administratoren /add <username>
    wmic UserAccount where Name='<username>' set PasswordExpires=False

    First line creates the user with the password
    Second line adds the user to the localgroup admin
    Third turns off the Password expiration

    Example:

    Creating the user "NoPowerShell" with the Password "justcmd"

    net user NoPowerShell justcmd /add
    net localgroup administratoren /add NoPowerShell
    wmic UserAccount where Name='NoPowerShell' set PasswordExpires=False

    Thats all

    0
  • 0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post