Running Powershell script on MDT2013

Question

I am using MDT Task sequence for PowerShell that uses a script like this

%SCRIPTROOT%\ConfigureWinRMwithCertificate_https.ps1

The script configures winrm with https perfectly but every time, this task creates exception message in the LOG and not the output that I had written inside the script.

The error message always says that the script cannot be executed from a network drive (masked IP address details in the below error):

!><time="19:02:08.000+000" date="xx-xx-xxxx" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[NotSpecified: ('\\1.2.3.4\D$\Scripts':String) [], RemoteException]LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG**[CMD.EXE was started with the above path as the current directory.]**LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[At line:1 char:1
+ winrm create winrm/config/Listener?Address=+Transport=HTTPS '@{Hostn ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[NotSpecified: (CMD.EXE was sta...rent directory.:String) [], RemoteException]LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[**UNC paths are not supported. Defaulting to Windows directory.]**LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[At line:1 char:1
+ winrm create winrm/config/Listener?Address=+Transport=HTTPS '@{Hostn ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[NotSpecified: (UNC paths are n...dows directory.:String) [], RemoteException]LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[TSHOST: Script completed with return code 0]LOG]!><time="19:02:12.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="1" thread="" file="TaskSequencePSHost">

Is there any other way to overcome this error?

actual powershell script code is:

Function CheckWinRMHTTPSConfiguration{
[CmdletBinding()]
param(
[Parameter(Mandatory=$False)][System.Boolean]$isWinrmHttpsConfigured = $false
)
$state_of_WinrmHttps = Get-childItem -Path WSMan:\localhost\Listener | Select-Object -ExpandProperty Keys | where {$_ -match 'https'}
if($state_of_WinrmHttps){ $isWinrmHttpsConfigured = $true}
else { $isWinrmHttpsConfigured = $false}
return $isWinrmHttpsConfigured
}
Function ConfigureWinRMwithPROJECTAACertificate_https{
$Cert_output = Get-ChildItem Cert:\LocalMachine\My | Select @{N="Template";Expression={($.Extensions |where-object {$.oid.Friendlyname -match "Certificate Template Information"}).Format(0) -replace "(.+)?=(.+)((.+)?", '$2'}},@{N="Subject";Expression={$_.SubjectName.name}},Thumbprint
$Thumbprint_of_PROJECTAA_Certificate = $($Cert_output.Thumbprint)
$FQDN_of_LocalMachine = ([System.Net.Dns]::GetHostByName($env:computerName).Hostname)
if(-not $Cert_output){
Write-Host "No certificate avaialable in $FQDN_of_LocalMachine"
}
elseif($Cert_output -is [System.Array]){
Write-Host "Multiple certificates are available in $FQDN_of_LocalMachine.Skipping…”
}
elseif ($Cert_output -isnot [System.Array] -and $($Cert_output.Template) -eq "ORGANIZATIONTEMPLATENAMEHERE"){
$command_construct = 'winrm create winrm/config/Listener?Address=*+Transport=HTTPS '+''''+ '@{Hostname=' +'"'+$FQDN_of_LocalMachine+'"'+';'+' CertificateThumbprint='+'"'+$Thumbprint_of_PROJECTAA_Certificate+'"'+'}'+''''
Invoke-expression -Command $command_construct
}
else{
Write-Host "nothing done"
}
}
Function ConfigureWINRM {
$state_of_WinRM_https = CheckWinRMHTTPSConfiguration
if($state_of_WinRM_https -eq $true){
Write-Host "Deleteing existing winrm https"
Invoke-Expression -Command 'winrm delete winrm/config/listener?Address=*+Transport=HTTPS';
ConfigureWinRMwithPROJECTAACertificate_https
}
else
{
Write-Host "configuring https listener for winrm"
ConfigureWinRMwithPROJECTAACertificate_https
}
}
Function Update_grouppolicy{
invoke-expression -Command 'gpupdate /force /wait:-1 /target:computer' -OutVariable gpupdate_output
Start-Sleep -Seconds 300
}
$output_Update_grouppolicy = Update_grouppolicy
if ($output_Update_grouppolicy -match "Computer Policy update has completed successfully"){
Write-Host "Computer Policy update has completed successfully"
Write-Host "Configuring winrm with https..."
ConfigureWINRM}
else { Write-Host "Group policy did not updated successfully. Thus winrm configuration with https is skipped."} 

Answer 1

Edit based on added script:

running winrm in powershell (aka %windir%\system32\winrm.cmd) will start a cmd process using powershell's current working directory. If powershell's current directory is a UNC path, you will see that error. You can recreate this in your local powershell:

PS C:\> cd \\server\share\
PS Microsoft.PowerShell.Core\FileSystem::\\server\share> winrm help
winrm : '\\server\share'
At line:1 char:1
+ winrm help
+ ~~~~~~~~
    + CategoryInfo          : NotSpecified: ('\\mifp-fspr01\SharedFiles':String) [], RemoteException
    + FullyQualifiedErrorId : NativeCommandError
CMD.EXE was started with the above path as the current directory.
UNC paths are not supported.  Defaulting to Windows directory.
[...]

You can stop generating the error by setting your powershell script to change to a local path before running winrm commands. cd X:\ or cd C:\, depending on what step the command runs in

---

Check the Start in: section of your task sequence. CMD (which MDT starts powershell from) does not support UNC paths like \\1.2.3.4\ as current directories. Here's a screenshot example from dell:

The error just warns you that CMD is defaulting to start in the windows folder instead. This doesn't matter, because the command uses a full path instead of a relative one like ./myScript.ps1

If you want to stop seeing the error, just set the Start in: location to a local path like X:\ or C:\