Hi, I am trying to make a worklet out of a powershell script I have to remove any unapproved Outlook plugins. I have this working fine from the command line, and I ran it through PSScriptAnalyzer too and everything seems to be working fine.
$scriptBlock = {
$permittedAddIns = "Redemption.Addin","WorkSiteEmailManagement.Connect","imFileSite.Connect"
# Registry paths to search
$registryPaths = "Registry::HKEY_USERS\S-1-5-21-*\Software\Microsoft\Office\Outlook\Addins",
"Registry::HKEY_USERS\S-1-5-21-*\Software\Wow6432Node\Microsoft\Office\Outlook\Addins",
"HKLM:\SOFTWARE\Microsoft\Office\Outlook\Addins"
# Build up a list of add-ins by searching the specified paths
$addIns += ($registryPaths | ForEach-Object {Get-Item $_ | Get-ChildItem | Where-Object –Filter {($_.GetValue("LoadBehavior") -and $_.GetValue("LoadBehavior") -ne 0)}})
write-Output $addins
# Narrow down our list of add-ins to only those that don't match our permitted list
$deniedAddIns = $addIns | Where-Object {$_.PSChildName -notin $permittedAddIns}
# Loop through all of the denied add-ins, and set the LoadBehavior
foreach ($addin in $deniedAddIns) {
# If the current add-in's LB is already set to 0. Skip this one.
if ($addin.GetValue("LoadBehavior") -eq 0) { continue }
# Set the LoadBehavior to zero
write-Output Set-ItemProperty –Path "Registry::$($addin.Name)" –Name "LoadBehavior" –Value 0 –WhatIf
}
}
$results = & "$env:SystemRoot\sysnative\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass -WindowStyle Hidden -NoProfile -NonInteractive -Command $scriptblock
Write-Output $results
if ($results) {
write-Output Exit 0
} else { write-Output Exit 1 }
When I paste the code into a worklet, i get this error when it runs:
At C:\ProgramData\amagent\execDir743745447\execcmd739207386.ps1:28 char:78 + ... wershell.exe" -ExecutionPolicy Bypass -WindowStyle Hidden -NoProfile ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The string is missing the terminator: ". At C:\ProgramData\amagent\execDir743745447\execcmd739207386.ps1:11 char:48 + $addIns += ($registryPaths | ForEach-Object {Get-Item $_ | Get-Chi ... + ~ Missing closing '}' in statement block or type definition. At C:\ProgramData\amagent\execDir743745447\execcmd739207386.ps1:34 char:29 + } else { write-host Exit 1 } + ~ Missing closing ')' in expression. At C:\ProgramData\amagent\execDir743745447\execcmd739207386.ps1:1 char:16 + $scriptBlock = { + ~ Missing closing '}' in statement block or type definition. + CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException + FullyQualifiedErrorId : TerminatorExpectedAtEndOfString COMMAND TIMED OUT.
Any ideas what the issue could be?
I do have crowdstrike installed on the systems that would be running this, but that stopped alerting after I made an exemption for the script so I dont think this is the cause, but wouldn’t be surprised if its coming into play, but where it runs fine when run from the command line, it seems less likely.
Also, i have write-output over the commands that actually change anything until I get it to at least run
Thanks Mike