수정 방법 구성 관리자 Script is Not Signed 오류 0x87D00327. When using the 파워셸 feature in Compliance Settings to run a script, the client may return errors with a description of “Script is not signed“. Below is an example of a baseline deployment status where clients are returning errors.
해결책
This is due to the current execution policy for 파워셸 on client machines. In the Client Settings, under Computer Agent, there is an option to configure the 파워셸 execution policy. The only pitfall here is that it means something different than someone might think. These are the options:
- Bypass: The 구성 관리자 client bypasses the 파워셸 configuration on the local system so that unsigned scripts can run.
- Restricted (default in 구성 관리자 2012): The 구성 관리자 client uses the current 파워셸 configuration on the local system, which determines whether, or not, unsigned scripts can run.
- All Signed (default in 구성 관리자 2012 SP1): The 구성 관리자 client runs scripts only if they are signed by a trusted publisher and applied independently from the current 파워셸 configuration on the local system.
1. 열려 있는 SCCM 콘솔, “를 클릭하세요Administration” and go to “Client Settings“;
2. Select settings and click “Properties” in the upper menu or Right Mouse Button click and select “Properties“;
3. Go to “Computer Agent“;
4. Scroll down and find the option “파워셸 execution policy” – set “Bypass"를 클릭하고 "를 클릭합니다.좋아요“;
The best places to look at the results are the 통나무 files. In this case, there is no log file that shows the current setting of the 파워셸 execution policy. So the best place to look at that is the Policy Spy. In this case, it will show PowerShellExecutionPolicy = 1 as a setting under, Machine \ CCM_ClientAgentConfig. The meaning of the different possible values are:
- 0 = All signed
- 1 = ByPass
- 2 = Restricted
This worked great. Thank you!