Skip to main content

Hello, I am new to Automox and trying to figure out how custom worklets work.  We are working on deploying a new print solution and wanting to remove printers that were installed via our print servers via powershell.    Below is my worklet:

 

Evaluation Script:

 

<#
.SYNOPSIS
    This Evaluation code throws and exit as 1 so the script will run no matter what.  This is needed as Automox remediation code will run on any exit code greather than 0.  If the exit code is 0, then the evaulation code will be skipped

#>

Exit 1

 

Remediation Script:

start-transcript C:\windows\temp\worklet-transcript.txt


$scriptBlock = { 
Get-Printer | Where-Object {$_.ComputerName -eq "ServerName01"} | Remove-Printer
Get-Printer | Where-Object {$_.ComputerName -eq "ServerName02"} | Remove-Printer
Get-Printer | Where-Object {$_.ComputerName -eq "ServerName03"} | Remove-Printer
 }

$exitCode = & "$env:SystemRoot\sysnative\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass -WindowStyle Hidden -NoProfile -NonInteractive -Command $scriptBlock

stop-transcript

 

 

I feel that I am missing something as I know the worklet seems to run as it generates the transcript ona the client.  However it does not remove the printers.  I know when ran manually on user machines, it must be ran in the user context(non admin powershell) since they are installed on the users profile.  I guess what I am more concerned with is that the worklet is not setup correctly or something like that.

 

Thanks.

The Evaluation Code block is responsible for delivering the “pre-remediation” of the policy you wish to run. In other words, it is used to verify if the policy you wish to run is required or not.

 

Paste your code in the Remediation Code block, as this is the part that executes the script activity, you will see the off-boarding of your printers then.

 

In case what I have said is not clear, here is an excerpt from Automox resources that could make more sense :

 

Worklets consist of two code blocks that have an if-then relationship. The first block is called “evaluation,” and the second is designated “remediation.” If the evaluation code block fails (returns non-zero), then the remediation block is run. Evaluation code executes every time an endpoint in an applicable group runs a scan. The remediation code runs according to the Worklet policy schedule after the evaluation code has flagged the device as needing remediation. No code or variables are preserved between the evaluation code block and the remediation code block.

~ https://www.automox.com/resources/ebooks-and-guides/worklets-101-guide

 

Happy Coding! 😀

Hi @Steven.Eash !

In addition to what was already mentioned, there are some important things to consider about worklets.

  1. Worklets execute as SYSTEM (NT Authority). 
  2. The Automox Agent is a 32-bit process, and Worklets therefore use Powershell (x86).
  3. Windows Worklets use Powershell version 5.1.
     

When testing Worklet code locally, I recommend using Powershell ISE (x86) along with PsExec to run your session as SYSTEM. This will emulate the behavior of Worklets and help with troubleshooting.

Example:  

psexec -s -i -d C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe


All that said, I believe the issue you are seeing with your Worklet is that since Worklets are executed as SYSTEM, Get-Printer isn’t finding the printers installed under the USER space.

One workaround for this is to create a Worklet that executes your printer uninstall script ( your script block) as a scheduled task.  The scheduled task would then be triggered to run on a User’s login action, and fire under their syntax. 

The Create User Based Scheduled Task Worklet in our Worklet Catalog can be adopted for this.

 

Another workaround would be to leverage the Worklet Development Kit.  The WDK is a fully fledged Powershell module authored by Automox that can help simply writing Worklet code. Within the WDK, there is a function named Start-ProcessAsActiveUser that can impersonate the active user and allow you to run commands under their USER space. 
 

Hopefully those two suggestions can assist with your printer uninstall Worklet!

I’d also recommend checking out our Courses in the Automox University!  Our level 3 course is dedicated entirely to Worklets and might give you the opportunity to self-serve and level up on the topic:
https://university.automox.com/automox-level-iii-pro-exam

Reply


Terms & ConditionsCookie settings