none
Ejecutar ps1 vía .bat como admin RRS feed

  • Pregunta

  • Buenas,

    Estamos distribuyendo una nueva politica via GPO a nuestras maquinas de windows 10 porque queremos quitar todo el bloatware. La ejecución se hace vía dos ficheros:

    bloatware.bat

    PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& {Start-Process PowerShell -ArgumentList '-NoProfile -ExecutionPolicy Bypass -File ""\\rutaquenovoyaponerporseguridad\bloatware.ps1""' -Verb RunAs}"

    Bloatware.ps1


    Get-AppxPackage *3dbuilder* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *bingfinance* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *bingnews* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *bingsports* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *bingweather* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *getstarted* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *Messaging* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *officehub* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *solitairecollection* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *Office.sway* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *skypeapp* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *windowsalarms* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *windowscommunicationsapps* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *windowsmaps* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *windowsphone* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *XboxApp* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *zunemusic* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *zunevideo* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *contactsupport* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *king.com.CandyCrushSodaSaga* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *Twitter* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *Bing* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *Microsoft.WindowsScan* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *Microsoft.Reader* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *BingNews* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *XboxGameOverlay* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *XboxIdentityProvider* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *XboxSpeechToTextOverlay* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *XboxGamingOverlay* -AllUsers | Remove-AppxPackage
    Get-AppxPackage Microsoft.YourPhone -AllUsers | Remove-AppxPackage
    Get-AppxPackage *TCUI* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *MixedReality* -AllUsers | Remove-AppxPackage
    Get-AppxPackage *wallet* -AllUsers | Remove-AppxPackage
    get-appxpackage *feedback* -AllUsers | remove-appxpackage
    get-appxpackage *Print3D* -AllUsers | remove-appxpackage
    get-appxpackage *Microsoft.OneConnect* -AllUsers | remove-appxpackage


    $Applist = Get-AppXProvisionedPackage -online

    $Applist | WHere-Object {$_.packagename -like “*3DBuilder*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*BingFinance*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*BingNews*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*BingSports*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*BingWeather*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*Getstarted*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*Messaging*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*MicrosoftOfficeHub*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*MicrosoftSolitaireCollection*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*Sway*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*SkypeApp*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*WindowsAlarms*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*windowscommunicationsapps*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*WindowsMaps*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*WindowsPhone*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*XboxApp*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*ZuneMusic*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*ZuneVideo*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*contactsupport*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*king.com.CandyCrushSodaSaga*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*Twitter*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*Bing*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*Microsoft.WindowsScan*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*Microsoft.Reader*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*BingNews*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*XboxGameOverlay*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*XboxIdentityProvider*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*XboxSpeechToTextOverlay*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*XboxGamingOverlay*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “Microsoft.YourPhone”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*TCUI*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*MixedReality*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*wallet*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*feedback*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*Print3D*”} | Remove-AppxProvisionedPackage -online
    $Applist | WHere-Object {$_.packagename -like “*Microsoft.OneConnect*”} | Remove-AppxProvisionedPackage -online

    El problema es que se ejecuta pero al no tener privilegios, el script no es capaz de ejecutarse.

    Ya hemos probado de ejecutar el script ps1 sin el .bat como admin y pasa lo mismo, necesita privilegios de admin.

    Algún consejo para realizar tal ejecución? Es la ultima salida, hemos probado dese el SCCM y tampoco funciona...

    Saludos y gracias.,


    Gerardo,


    miércoles, 28 de agosto de 2019 14:13

Todas las respuestas

  • Hola Gerardo, 

    Has revisado como está la política de ejecución de scripts de PowerShell?

    Prueba esto en algún equipo:

    Get-ExecutionPolicy

    Probablemente tengas que modificar esto con Set-ExecutionPolicy -ExecutionPolicy Unrestricted para probar si es esto lo que está impidiendo la ejecución del script.


    Gabriel Talavera | MCSE - MCT https://blog.hybridcloud-ops.com

    viernes, 30 de agosto de 2019 21:19
  • Buenas,

    Cambiar la política de ejecución de los scripts de los equipos de usuarios no encuentro que sea lo mas seguro o recomendable e entorno empresarial. Dicho esto:

    He probado de lanzarlo con ExecutionPolicy bypass y tampoco, probado tanto dentro del código como en los parámetros de ejecución del script, y nada.

    Ahora estoy probando de ejecutarlo vía .bat con el siguiente comando:

    PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& {Start-Process PowerShell -ArgumentList '-NoProfile -ExecutionPolicy Bypass -File ""\\rutadelfichero\Machine\Scripts\Startup\bloatware.ps1""' -Verb RunAs}"

    Ahora no aparece como que el script no se ha ejecutado en la consulta gpresult, imagino porque el .bat si que se ejecutó, pero el powershell no sale ejecutado en el visor de eventos...

    Saludos,


    Gerardo,

    lunes, 2 de septiembre de 2019 7:02