System Center Orchestrator Run .Net Activity and PowerShell Execution Policy

Every time I hear the word Automation when it comes to Microsoft I think Orchestrator 2012, formerly Opalis. Orchestrator is an automation platform and part of the Microsoft System Center Suite of Products. Orchestrator 2012 now at the R2 level is a standalone or domain joined platform and has broad range of connectivity into all the other System Center Products and third party products with Integration packs.

As I just finished delivering System Center training, a lot of students commented on one of the great things about Orchestrator which is its activities that come from the Integration Packs. We formulated a Runbook from these activities which become the Automation Routine Workflow. One of the best activities I think available is the Run .Net Script which allows scripts to run from the Item Selection shown below.Directions-Training-System-Center-Orchestrator-Run-Net-Script-Bypass-Local-PowerShell-Execution-Policy-Remotely-1

Orchestrator, being a 32 bit product, will run PowerShell in a 32 bit shell but if we use the PowerShell Invoke command we can have a Remote Computer run commands or scripts remotely. By putting our PowerShell script in the Script Pane we can run a script and Bypass that local computer execution Policy. But if we run an Invoke-Command to run a script on a remote computer we may have issues with local execution policy. Hence we can use the PowerShell Invoke-command within in the Run .Net Script script pane and have the command Bypass local execution policy remotely.

Directions-Training-System-Center-Orchestrator-Run-Net-Script-Bypass-Local-PowerShell-Execution-Policy-Remotely-2

Above we see Lon-VM1 cannot run PowerShell scripts locally without changing the local execution policy to Unrestricted. But we can with the right permissions use a runbook to execute remotely on this computer the same script.

Here we will use the Run.Net Script Activity to Invoke the Script remotely and Bypass local execution Policy.

Step 1: We create a New Runbook and start with the Initialize Data Activity and add a parameter and change it to Computer Name. Then add the Run.Net Script Activity and create a Link between them.

Directions-Training-System-Center-Orchestrator-Run-Net-Script-Bypass-Local-PowerShell-Execution-Policy-Remotely-3

Step 2: Next we will go to the Properties of the Run.Net Script and use the PowerShell option and enter our command script into the Script Pane. (Below is the script, this should all be on one line but is broken to see it in a screen capture.)

Directions-Training-System-Center-Orchestrator-Run-Net-Script-Bypass-Local-PowerShell-Execution-Policy-Remotely-4

Here is the Text we entered in the script pane:

Invoke-Command { powershell.exe –noprofile –executionpolicy Bypass “path to local script” }–computername  {subscribe to Computer Name from Initialize Data}

Step 3: Once we have this setup we can check in the Runbook and Step through the Runbook tester. Here we see adding the Computer Name that has local execution policy set to restricted. We will test the script out to see if it runs now with the Bypass option. Remember this will require Winrm to be enabled  with quickconfig or the enable-psremoting turned on, on remote computer.

Directions-Training-System-Center-Orchestrator-Run-Net-Script-Bypass-Local-PowerShell-Execution-Policy-Remotely-5

Directions-Training-System-Center-Orchestrator-Run-Net-Script-Bypass-Local-PowerShell-Execution-Policy-Remotely-6

Step 4: Below, as we step through the Runbook Tester and Show Details of the Run.Net Script activity we can see that the script runs on the remote computer without having to set local execution policy to unrestricted or any other setting.

Directions-Training-System-Center-Orchestrator-Run-Net-Script-Bypass-Local-PowerShell-Execution-Policy-Remotely-7


 

Microsoft System Center 2012 is a system that enables businesses to have modern management across on-premises, service provider, and Azure environments. System Center helps customers gain a unified datacenter management experience with out-of-the-box monitoring, provisioning, configuration, automation, protection and self-service capabilities. The latest version of System Center also makes it possible for you to deliver a cloud-inspired, platform-agnostic solution to help you manage both traditional infrastructure and modern applications with ease. To learn how to fully operate System Center 2012, enroll in one of Directions’ System Center training courses. 

Comments

  1. nice information well done your information is helping alot thanks for valuable windows azure training in hyderabad

Leave a Reply