Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Server 2012 too restrictive

Posted on 2015-01-29
14
122 Views
Last Modified: 2015-02-02
Hi all i have crated a series of scripts that automates a number of settings after creating a new VM. i have one .cmd file that calls a series of other vb scripts, .cmd and powershell. The scripts work fine on server 2008 r2 but having real trouble on 2012. UAC has been disabled. Any help appreciated. I have copied some of the errors below.

when calling the .cmd file
Set startup delay to 5 seconds
The boot configuration data store could not be opened.

when calling the ps1 file
set-executionpolicy : Access to the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\M
icrosoft\PowerShell\1\ShellIds\Microsoft.PowerShell' is denied. To change the
execution policy for the default (LocalMachine) scope, start Windows
PowerShell with the "Run as administrator" option. To change the execution
policy for the current user, run "Set-ExecutionPolicy -Scope CurrentUser".
At line:1 char:3
+ &{set-executionpolicy unrestricted}
+   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : PermissionDenied: (:) [Set-ExecutionPolicy], Una
   uthorizedAccessException
    + FullyQualifiedErrorId : System.UnauthorizedAccessException,Microsoft.Pow
   erShell.Commands.SetExecutionPolicyCommand
0
Comment
Question by:cwstad2
14 Comments
 
LVL 9

Accepted Solution

by:
schmiegu earned 250 total points
ID: 40577104
Did you already reboot after disabling UAC? And even after disabling UAC I prefer to set "Behavior of the elevation prompt for administrators in Admin Approval Mode" to "Enable without prompting".
0
 
LVL 15

Author Comment

by:cwstad2
ID: 40577108
Hi yes i have done both
0
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 250 total points
ID: 40577157
Try running this command in PowerShell (as an Administrator): Set-ExecutionPolicy Unrestricted -Scope CurrentUser

Be aware of the security implications when setting the execution policy to Unrestricted though: https://technet.microsoft.com/en-us/library/hh849812.aspx
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 15

Author Comment

by:cwstad2
ID: 40577162
Hi ive tried that also still the same issue ;'). If i run the individual scripts as admin they seem to be ok. But when its called from a single file that runs all the problem occurs. Even if i try and run the central script as admin nothing seems to run
0
 
LVL 36

Expert Comment

by:Mahesh
ID: 40577172
Try below from elevated PowerShell

set-executionpolicy unrestricted

When prompted type Y to accept and check if it works
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40577174
Try changing the permissions of Users to Full Control to the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell

Open in new window

0
 
LVL 15

Author Comment

by:cwstad2
ID: 40577177
Hi all, this only seems to be applicable to 2012 as it work on 2008. Is there any additional security i could disable?

thanks
0
 
LVL 15

Author Comment

by:cwstad2
ID: 40577305
it works with the local admin account but not when joined ot the domain
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40577309
Did you try changing the permissions to the registry key as mentioned in my previous comment?
0
 
LVL 15

Author Comment

by:cwstad2
ID: 40577420
Thanks for your reply, i am logged in as domain admin with full permissions. Its not just the poweshell scripts that seem to have the issue its all
0
 
LVL 15

Author Comment

by:cwstad2
ID: 40577463
i have found the issue, bit will have to work out a solution. If i open a cmd prompt as admin and open the .cmd file then it works. Right clicking on the .cmd file and running as admin doesn't work for some reason
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40577491
Hmm perhaps try disabling Admin Approval mode on the server if only administrative tasks will be performed on this server. I do not recommend changing this setting if your admins browse the Internet or do anything outside the realm of administering the server:

- Right click the Start button then click Run
- Type in secpol.msc then click OK
- Expand Local Policies then click on Security Options
- Change User Account Control: Turn on Admin Approval Mode to Disabled
- Reboot the server
- Try running your script again

If the above doesn't work then change the User Account Control: Turn on Admin Approval Mode setting back to Enabled and reboot the server.
0
 
LVL 15

Author Comment

by:cwstad2
ID: 40577502
Thanks, that was already disabled. just need to get that .cmd file with all the scripts in to run as admin and not exit
0
 
LVL 15

Author Closing Comment

by:cwstad2
ID: 40584037
Hi Guys, thanks for your help. I resolved the issue by changing the way the scripts ran. Essentially i set a number of the to run as part of the guest cutomisation script in vcentre.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help you understand what HashTables are and how to use them in PowerShell.
A procedure for exporting installed hotfix details of remote computers using powershell
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.

837 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question