Powershell script not executed in SD Package

Document ID : KB000004278
Last Modified Date : 14/02/2018
Show Technical Document Details

The Powershell script in a procedure of a Software Delivery Package is not executed on the Target machine.

CA Client Automation - All Versions
The powershell script is executed from a mapped directory (z: mapped to \\SSName\SDLIBRARY$) and following message appears due to policy configuration :

File Z:\activate\51E1B828-A10E-482B-B3A3-15E119811075.itm\1.vol\test.ps1 cannot be loaded. The file Z:\activate\51E1B828-A10E-482B-B3A3-5E119811075.itm\1.vol\test.ps1 is not digitally signed. The script will not execute on the system. Please see "get-help about_signing" for more details..

    + CategoryInfo          : NotSpecified: (:) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : RuntimeException


There are possible solutions :
Solution 1
The solution is to execute the powershell script with option -ExecutionPolicy ByPass

1- Create a new configuration policy or update an existing configuration policy which is applied on the computers :

Go to Control Panel/Configurtion/Configuration Policy.

Create or expand the policy and go under DSM/Software Delivery/Agent

Right click on "File Association: PowerShell Scripts interpreter" and select "Setting – Centrally Managed" in popup menu :




2- Doble click on this parameter and put this value : 

powershell.exe -ExecutionPolicy ByPass -File




3- Seal the Configuration Policy


Solution 2
The solution is to add the Scalability Server name in the "Local intranet" zone in Internet explorer settings for Local System Account.
This could be done in command line with :

reg add "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\scala_name" /v file /t REG_DWORD /d 1 /f

Remark : replace scala_name by the name of the scalability Server
This could also be done using a SD Package which executes following batch commands :
@echo OFF
for /F "delims=\ tokens=2" %%i IN ('net use ^| find /I "SDLIBRARY$"') DO SET SSNAME=%%i
IF NOT [%SSNAME%] == [] (
reg add "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\%SSNAME%" /v file /t REG_DWORD /d 1 /f
This batch finds the Scalability Server name from the mapped SDLIBRARY$ and add it in the registry.
Once registry key added on the machine, powershell script should be executed without warning message.
Remark :
If the machine is moved to a new Scalability Server, the batch should be executed again in order to add the new Scalability Name in the local intranet site list.
A solution to avoid this is to adapt the batch in order to add all Scalability Servers name in the registry :
reg add "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\scala_name1" /v file /t REG_DWORD /d 1 /f
reg add "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\scala_name2" /v file /t REG_DWORD /d 1 /f
reg add "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\scala_name3" /v file /t REG_DWORD /d 1 /f