How to Fix Configuration Manager Script is Not Signed Error 0x87D00327. When using the PowerShell feature in Compliance Settings to run a script, the client may return errors with a description of “Script is not signed“. Below is an example of a baseline deployment status where clients are returning errors.
해결책
This is due to the current execution policy for 파워셸 on client machines. 에서 클라이언트 설정, 아래에 컴퓨터 에이전트, there is an option to configure the PowerShell execution policy. The only pitfall here is that it means something different than someone might think. These are the options:
- Bypass: The ConfigMgr client bypasses the PowerShell configuration on the local system so that unsigned scripts can run.
- Restricted (default in ConfigMgr 2012): The ConfigMgr client uses the current PowerShell configuration on the local system, which determines whether, 아니면, unsigned scripts can run.
- All Signed (default in ConfigMgr 2012 SP1): The ConfigMgr client runs scripts only if they are signed by a trusted publisher and applied independently from the current PowerShell configuration on the local system.
1. SCCM 콘솔 열기, click “관리” and go to “클라이언트 설정“;
2. Select settings and click “속성” in the upper menu or Right Mouse Button click and select “속성“;
3. 이동 "컴퓨터 에이전트“;
4. Scroll down and find the option “PowerShell execution policy” – set “Bypass"를 클릭하고 "좋아요“;
The best places to look at the results are the log files. 이 경우, there is no log file that shows the current setting of the PowerShell execution policy. So the best place to look at that is the Policy Spy. 이 경우, it will show PowerShellExecutionPolicy = 1 as a setting under, Machine \ CCM_ClientAgentConfig. The meaning of the different possible values are:
- 0 = All signed
- 1 = ByPass
- 2 = Restricted
This worked great. 감사합니다!