Important Notice: On February 29th, this community was put into read-only mode. All existing posts will remain but customers are unable to add new posts or comment on existing. Please feel to join our Community Discord for any questions and discussions.

Dont use Powershell in Library packages

Sean Chapman

August 07, 2018 12:34

Hi, We require all signed policy for Powershell so the skype package fails to upgrade. Is it possible to remove that and not use powershell in the library packages in the future?

Comments

3 comments

Colby Bouma
August 07, 2018 14:26

I will bring this up and see what we can do. This would be a large change, so I can't promise anything.

In the meantime, you should be able to convert the package to a Standard Package "Properties --> Options --> Convert to Standard Package", then change Step 1 to an Install Step.

The script Step 1 points to is signed, but the PowerShell Step calling that script is not. The way the PowerShell Step works is by writing the contents of the textbox to a script file on the target, then executing that script. By switching to an Install Step you avoid that extra layer. I believe we have been using the PowerShell Step to highlight which steps are using a PowerShell script.

0
Sean Chapman
August 07, 2018 14:57

Thanks Colby. Converting it to a Standard Package and then deleting the PS step to uninstall did work well. It should be ok for me to just convert the ones that dont work (and hopefully they dont all do this in the future?)

0
David Jones
January 09, 2019 15:09

If the PowerShell step did not cut off the last CLCR of the text box when creating user.ps1 you could have signed code in those steps. for curated packages you could use the same publisher you signed the error handling wrapper with. Then document the process of publishing the cert to Trusted Publishers via GPO, so those of us with AllSigned policy will have no issues with PowerShell steps

0