Configuration Manager has an integrated ability to run PowerShell scripts. This can be used to build custom tools to perform quick actions on client machines. With this integration in Configuration Manager, you can use the Run Scripts functionality to run script in SCCM without creating a package.
You can perform following tasks using Run script option.
- Create and edit scripts for use with Configuration Manager.
- Manage script usage through roles and security scopes.
- Run scripts on collections or individual on-premises managed Windows PCs.
- Get rapid aggregated script results from client devices.
- Monitor script execution and view reporting results from script output.
Run Script Authors and Approvers
Run Scripts uses the concept of script authors and script approvers as separate roles for implementation and execution of a script. This is the default option and add an additional layer of security as all scripts must go through review and approval process.
If you want to allow script authors to approve their own script then you need to uncheck Script authors required additional script approver option available in site hierarchy settings. It’s better to leave this option enabled if you have multiple SCCM Administrator’s in your environment.
Create a Script
Follow the below steps to create / add a script in SCCM console.
In the Configuration Manager console, navigate to Software Library / Scripts workspace, right click on the Scripts and select Create Script.
In the Script Details page, Enter the script name and copy & paste PowerShell scripts in code editor. As of now only PowerShell script language is supported. You can also import the script by clicking on Import button.
If your script includes parameters then next screen will allow you to modify script parameters.
In the Script Parameters page, click on Edit to add the values for a parameter.
You can provide following details in Script Parameters Properties:
- Required: True / False (Mandatory or Optional)
- Hidden : True / False
- Data Type: String, Integer, List, Boolean. You can use wildcard to limit the argument which can be passed to the script when using String Data type. It’s not recommended to leave it open to accept any values as argument. Whenever possible use the List Data type to ensure only listed values can be selected.
Click on Ok to go back to previous screen. Click on Next to go to Summary page. Review the details and click on Next to complete script creation process.
Approve a Script
Once script is created, you can find the same under Scripts node. By default the script will be in Waiting for approval state. The script must be approved to available for execution.
If Script authors required additional script approver option is enabled then Approve/Deny button will be grayed out for script author. Other SCCM admins need to approve the script.
Click on Approve/Deny button to start script approval process.
In the Script Details page, review the script and click on Next to go to Script Parameters page.
Verify the script parameters / values and click on Next.
In the Script Approval page, select Approve and click on Next to go through Summary, Progress and Completion pages.
Run Script in SCCM
To run script in SCCM , Right click on a device or collection and select Run Script.
In the Run Script page, select the script which you want to run and click on Next.
If your script required parameters then you need to provide the same in next screen. Select / enter the parameters value as necessary and click on Next.
As you can see, we have used List data type for SCCM client action and String data type for Temp file cleanup. Hence, we are getting an option to select the value from list for first parameters while second parameter value in open ended where anything can be entered as value.
In the Summary page, review the details and click on Next to run the script.
Script Status Monitoring page will show Script execution status.
Monitoring the Script Execution
You can monitor the script status from Monitoring > Script Status pane.
On the client machine, the script execution details are recorded in Scripts.log file. You can refer this log file in case any troubleshooting is required.
Related Posts
- Configure Management Point for HTTPS | ConfigMgr | SCCM
- Configure Software Update Point for SSL | ConfigMgr | SCCM
- Deploy client authentication certificate for SCCM clients
- SCCM CMG Part 1 | Cloud Management Gateway (CMG) Setup Guide
- SCCM CMG Part 2 | Issue, Enroll & Export Server Authentication Certificate
- SCCM CMG Part 3 | Configure SCCM Site for SSL
- SCCM CMG Part 4 | Integrate Azure Active Directory with ConfigMgr
- SCCM CMG Part 5 | Setup Cloud Management Gateway
- SCCM CMG Part 6 | Validate CMG Health & Client Communication
- Location of smsts.log file during Operating System Deployment (OSD)
- Schedule SCCM Client Reboot through ConfigMgr
- Check Software Center Business Hours of Remote Computer
- SCCM Software deployment strategy
- How to deal with wrong deployment in ConfigMgr
- How to Initiate SCCM client agent actions using PowerShell
Subscribe to Techuisitive Newsletter
Be the first to know about our new blog posts. Get our newsletters directly in your inbox and stay up to date about Modern Desktop Management technologies & news.