Dan,
Thanks for your input on this. Did you use an existential Compliance Rule, or is it value-based? The "Script returns at least one value" setting appears to only be valid for existential rules, and apparently you can't execute a remediation script when you use an existential rule. The checkbox to execute the remediation script simply is not present, unless you use a value-based rule. :( Cheers, Trevor Sullivan Microsoft PowerShell MVP From: [email protected] [mailto:[email protected]] On Behalf Of Daniel Ratliff Sent: Thursday, July 10, 2014 10:12 AM To: [email protected] Subject: RE: [mssms] Compliance Settings: Remediation Script is not executed We just setup a compliance rule earlier this week and added remediation to it last night. It remediated over 7000 clients by this morning. All our settings are identical to yours. Are you certain the remediation script isn't running, instead of running and not working properly? Can you post your scripts? Daniel Ratliff From: [email protected] [mailto:[email protected]] On Behalf Of Trevor Sullivan Sent: Thursday, July 10, 2014 10:56 AM To: [email protected] Subject: [mssms] Compliance Settings: Remediation Script is not executed Folks, In ConfigMgr 2012 R2, I created a Configuration Item per the following: * Baseline o Configuration Item * Script Setting * Discovery Script --> Checks if a process is running (PowerShell) * Remediation Script --> Kicks off a process (PowerShell) * Compliance Rule --> Script returns at least one value I assigned the Baseline to a Collection, containing two test systems. Both test systems are validating the Configuration Item, and its Script Setting correctly, but the remediation script is not being executed. I have validated the following: * PowerShell Execution Policy is set to Bypass (via a custom Device Client Settings Package) * Discovery Script is being successfully executed * Compliance Rule is working correctly * Configuration Manager Control Panel applet shows Baseline as non-compliant, when process is not running * Baseline Deployment --> Checked the boxes for: o Remediate noncompliant rules when supported o Allow remediation outside the maintenance window Has anyone else seen this behavior? How do you ensure that remediation scripts are executed in Compliance Settings? Cheers, Trevor Sullivan Microsoft PowerShell MVP The information transmitted is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL material. If you receive this material/information in error, please contact the sender and delete or destroy the material/information.
