Client Automation - Powershell script not executed in SD Package


Article ID: 4278


Updated On:


CA Client Automation - IT Client Manager CA Client Automation CA Client Automation - Software Delivery


The Powershell script in a procedure of a Software Delivery Package is not executed on the Target machine.


The powershell script is executed from a mapped directory (z: mapped to \\SSName\SDLIBRARY$) and following message appears due to policy configuration :


File Z:\activate\51E1B828-A10E-482B-B3A3-15E119811075.itm\1.vol\test.ps1 cannot be loaded. The file Z:\activate\51E1B828-A10E-482B-B3A3-5E119811075.itm\1.vol\test.ps1 is not digitally signed. The script will not execute on the system. Please see "get-help about_signing" for more details..

    + CategoryInfo          : NotSpecified: (:) [], ParentContainsErrorRecordException

    + FullyQualifiedErrorId : RuntimeException



CA Client Automation - All Versions


There are possible solutions :


 The solution is to execute the powershell script with option -ExecutionPolicy ByPass

1- Create a new configuration policy or update an existing configuration policy which is applied on the computers :

Go to Control Panel/Configurtion/Configuration Policy.

Create or expand the policy and go under DSM/Software Delivery/Agent

Right click on "File Association: PowerShell Scripts interpreter" and select "Setting – Centrally Managed" in popup menu :


2- Doble click on this parameter and put this value : 

powershell.exe -ExecutionPolicy ByPass -File


3- Seal the Configuration Policy



 The solution is to add the Scalability Server name in the "Local intranet" zone in Internet explorer settings for Local System Account.


This could be done in command line with :

 reg add "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\scala_name" /v file /t REG_DWORD /d 1 /f

 Remark : replace scala_name by the name of the scalability Server


This could also be done using a SD Package which executes following batch commands :


@echo OFF


for /F "delims=\ tokens=2" %%i IN ('net use ^| find /I "SDLIBRARY$"') DO SET SSNAME=%%i

IF NOT [%SSNAME%] == [ ]


reg add "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\%SSNAME%" /v file /t REG_DWORD /d 1 /f



  This batch finds the Scalability Server name from the mapped SDLIBRARY$ and add it in the registry. Once registry key added on the machine, powershell script should be executed without warning message.

 Remark :

If the machine is moved to a new Scalability Server, the batch should be executed again in order to add the new Scalability Name in the local intranet site list.

A solution to avoid this is to adapt the batch in order to add all Scalability Servers name in the registry :


reg add "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\scala_name1" /v file /t REG_DWORD /d 1 /f

reg add "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\scala_name2" /v file /t REG_DWORD /d 1 /f

reg add "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\scala_name3" /v file /t REG_DWORD /d 1 /f