This knowledge base deals with the prerequisites and explains the process of running a script on a remote machine
Steps to use the Batch Remediation feature in FTK Enterprise
- Step 1: Make sure the Execution Policy is set correctly
- Step 2: Make sure the PS1 file is accessible by the endpoint
- Step 3: Execute the PS1 file from FTK Enterprise
Step 1: Make sure the Execution Policy is set correctly
Note: There are two ways of doing that. It can be either be done in advance or when executing the script (Go straight to Step 3)
To set the policy in advance please follow the steps:
- Open PowerShell with admin rights
- Check the existing Execution Policy:
- To do that, type in following command in PowerShell: get-exectutionpolicy -list
- Make sure the execution policy for "LocalMachine" is set to "Bypass"
- To do that in PS, type in : set-exectutionpolicy -executionpolicy bypass -scope localmachine
Step 2: Make sure the PS1 file is available and accessible by the endpoint.
- Option 1: The file is manually placed on a local drive in the target machine in advance
- Option 2: The file is placed on a network share and therefore accessible by the endpoint machine.
- Option 3: The file gets sent via Remediation job
- For that go to 'Tools' > 'Batch Remediation' > 'Remediation Batch information' > 'Add New..' > 'Put File'
- Select the destination and source locations:
Step 3: Execute the PS1 file from FTK Enterprise
Similar to sending the file
1. Go to 'Tools'
2. 'Batch Remediation'
3. 'Remediation Batch information'
4. Click on 'Add New..'
5. This time select the 'Execute Command' option:
6. In the 'Command' field you can include the execution policy, so you do not need to do that in advance. The command will look like: PowerShell.exe -ExecutionPolicy Bypass -File \Filepath\<script name>.ps1
Note: Make sure you select the location on the remote machine where the PS1 file is located and not the local one