/build/static/layout/Breadcrumb_cap_w.png

Scripting Question


Modifying Script ID 4

01/17/2020 279 views

Hey everyone,

   Our environment updated Kace recently from 8.1.52 to 10.  Upon doing so we noticed that our MACHINE_BITLOCKER_VOLUME table was no longer being updated.  Doing a little digging we found that the Scripts we had Signed by one of our Domain Admins were no longer working.  Digging a little further I found out that because of the upgrade to 10, the 4 scripts within "5.2+ Windows CI/Inventory" were reverted back to the ones signed by Kace.  This should be an easy fix, just upload the previously signed scripts, right?  Wrong! Now it is stating that Script 4 is a system script and cannot be modified.  Doing a little research I found that the System scripts were locked down  at least 4 years ago.  I don't know how I modified these scripts int he past, but I can guarantee they were.  I know I can go about this 3 ways.


1) Find a way to update the script, and worry that it wont work the next time we update Kace.

2) Duplicate the script and have it run separately, but I am unsure exactly how this script is called at given intervals.

3) Have my domain admin trust the Kace signature and this problem goes away with minimal work.  This seems logical to me, but they're wary of trusting things that they didn't vet.  Is there a simple way people know of to trust the scripts?


Any other suggestions will be appreciated.  Thanks in advance.

1 Comment   [ + ] Show comment

Comments

  • Asking the domain admin if we can just trust the signature in the scripts. He let me know that the scripts actually are not signed correctly.

    PS C:\ProgramData\Quest\KACE\kbots_cache\packages\kbots\4> Get-AuthenticodeSignature .\*
    Directory: C:\ProgramData\Quest\KACE\kbots_cache\packages\kbots\4

    SignerCertificate Status Path
    ----------------- ------ ----
    NotSigned bitlocker_inventory.ps1
    NotSigned dcm_windows_inventory.ps1
    NotSigned ddpe_windows_inventory.ps1
    NotSigned tpm_inventory.ps1


    PS Microsoft.PowerShell.Core\FileSystem::\\SharedDrive\departments\IT\Software\Kace\PS1signed-V10> Get-AuthenticodeSignature .\*
    Directory: \\SharedDrive\departments\IT\Software\Kace\PS1signed-V10

    SignerCertificate Status Path
    ----------------- ------ ----
    DFE33EF38102114255117AB5CAD3D24862D23E55 Valid bitlocker_inventory.ps1
    DFE33EF38102114255117AB5CAD3D24862D23E55 Valid dcm_windows_inventory.ps1
    DFE33EF38102114255117AB5CAD3D24862D23E55 Valid ddpe_windows_inventory.ps1
    DFE33EF38102114255117AB5CAD3D24862D23E55 Valid tpm_inventory.ps1

All Answers

0

Hi There,


Last year when we release 10.0,  was when we implemented measures to prevent the deletion or modification of system scripts.

Since they are critical for the proper functionality of the product.

I understand your issue and we will look into how we may address this in a future release.

For now, please open a support ticket so we may help you with this issue.

Let me know the SR number so I can follow up with support.


Answered 01/17/2020 by: KevinG
2nd Degree Black Belt

  • SR#4639428
    • Thanks for the SR number. Please add to the SR the serial number from the About page so that we may apply a tether key.
      • I'm not seeing an About page, I did find a License Number but I don't see how that would be pertinent to this. I am also not sure if that carries information that could be used by someone else.
  • Once you login there will be an orange tab "Need Help? on the right side of the page. After you open this slide out tab, the last icon on the bottom of this page is the informational icon. Click the " i " icon to display the About page and copy the Serial number as text. Please do not send a screenshot, copy and send as text so that we can copy the serial number.
    • I was out yesterday, this issue has been resolved. something was updated and now the scripts are working.
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ