Notifications

422 views

Description

There is no mechanism for Signing powershell MID Server Script Files (ecc_agent_script_file), and these are used by several out-of-box activities included in Orchestration Activity Packs, and powershell based activities in other out-of-box Orchestration workflows.

These scripts need to be allow to run "Unrestricted" execution policy to work currently.

Some customers have policies that have this as a requirement, e.g. Defense Information Security Agency (DISA) Security Technical Implementation Guidelines (STIG) suggest that all Powershell scripts should be Signed.

If an "AllSigned" or "remotesigned" policy is enforced on servers automatically, then these activities will fail to run, with an error like:
Error encountered when invoking PowerShell, the result from running '"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"...

A Microsoft SCCM Server will have "remotesigned" execution policy by default, and need that policy made less secure to run Client Software Distribution workflows.

This affects at least:
Client Software Distribution
Orchestration add-on for Password Reset
Active Directory activity pack
Azure AD activity pack
Exchange activity pack
PowerShell activity pack
SCCM activity pack - our docs state "The Windows PowerShell x86 execution policy must be set to unrestricted mode."

Steps to Reproduce

  1. Set powershell execution policy to AllSigned or RemoteSigned on the MID Server host
  2. Attempt to run any powershell activity on it

Workaround

This problem is currently under review. You can contact ServiceNow Technical Support or subscribe to this Known Error article by clicking the Subscribe button at the top right of this form to be notified when more information will become available.

The only workaround is to set the powershell execution policy to "Unrestricted". 


Related Problem: PRB1349797

Seen In

SR - IRM - Audit Management - New York 2019 Q3
SR - IRM - GRC Profiles - Madrid 2019 Q2
SR - IRM - GRC Workbench - New York 2019 Q3
SR - IRM - Policy and Compliance - Madrid 2019 Q2
SR - IRM - Risk Management - New York 2019 Q3
SR - IRM - Vendor Risk Management - Madrid 2019 Q1
SR - Security - Integration Framework - Madrid 2019 Q2
SR - Security - Support Common - Madrid 2019 Q2
SR - Security - Support Orchestration - Madrid 2019 Q2
SR - SIR - Security Incident Response - Madrid 2019 Q2
SR - SIR - Security Incident Response PA Content - New York 2019 Q3
SR - SIR - Store SecOps Setup Assistant - Madrid 2019 Q2
SR - SIR - Store Threat Core - Madrid 2019 Q2
SR - SIR - Store Trusted Security Circles Client - New York 2019 Q3
SR - SIR - Threat intelligence - New York 2019 Q3
SR - VR - Vulnerability Response - New York 2019 Q3
SR - VR - Vulnerability Response PA Content - Madrid 2019 Q2

Intended Fix Version

Orlando

Safe Harbor Statement

This "Intended Fix Version" information is meant to outline ServiceNow's general product direction and should not be relied upon in making a purchasing decision. The information provided here is for information purposes only and may not be incorporated into any contract. It is not a commitment, promise, or legal obligation to deliver any material, code, or functionality. The development, release, and timing of any features or functionality described for our products remains at ServiceNow's sole discretion.

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2019-12-03 22:51:49
Published:2019-06-24