The PowerShell Execution Policy determines whether PowerShell scripts are allowed to run. By default, the Execution Policy is set to Restricted. If you try to run scripts under the Restricted policy, AppManager generates error messages.
NOTE:If you are using PowerShell version 2.0 or later, you can ignore the steps in this topic, as well as topics 2.7, 2.8, and 2.9. You can move on to Section 2.10, Changing PowerShell Configuration Settings. However, you may need to refer to these four topics if the certificate-related steps fail during the installation process.
If you are using PowerShell version 1.0, follow the steps in this topic as well as topics 2.7, 2.8, and 2.9.
The Execution Policy directly affects the PowerShell Knowledge Scripts. Although these Knowledge Scripts are written in VBScript and installed as <scriptname.qml>, the logic for the scripts is contained in complementary PowerShell scripts that are installed on the agent computer along with the module. The PowerShell scripts use the same name as the PowerShell Knowledge Scripts, but with a .ps1 extension.
The digital signature encoded in a PowerShell Knowledge Script is tied to the contents of the script. If you change the script, the signature is no longer valid and you cannot execute the script. If you change a PowerShell Knowledge Script, you must do one of the following:
Re-sign the scripts using your own digital certificate.
Change the Execution Policy to either RemoteSigned or Unrestricted. A group policy that governs script execution overrides any policy changes you might make with the Set-ExecutionPolicy cmdlet. For example, if the group policy forbids script execution, you cannot change the policy by running Set-ExecutionPolicy. You must first change the group policy to allow script execution, and then run Set-ExecutionPolicy to select a specific Execution Policy.
Before AppManager can execute the PowerShell Knowledge Scripts, change the Execution Policy from Restricted to one of the following policy options:
Allows execution of scripts that have been digitally signed by a trusted publisher. If you select the AllSigned policy, perform the steps outlined in Section 2.7, Trusting PowerShell Knowledge Scripts.
Allows local scripts to run regardless of signature, and requires trusted digital signatures only for remote scripts. Section 7.0, PowerShell Knowledge Scripts are local scripts.
Allows both local and remote scripts to run, regardless of signature.
To change the PowerShell Execution Policy:
Open the Command Shell on an agent computer.
NOTE:On 64-bit Windows computers, use the Windows PowerShell Command Shell to change the Execution Policy. Do not use the Windows PowerShell (x86) Command Shell.
Run the following cmdlet:
Set-ExecutionPolicy <policy>
where <policy> is the name of the Execution Policy you want to change.
Repeat steps 1 and 2 on all agent computers.