SQL Server job 无法运行 PowerShell,因为”脚本执行被禁用”。

huangapple go评论73阅读模式
英文:

SQL Server job can't run PowerShell because "scripts execution disabled"

问题

我升级了一个Windows Server 2012到2019,但保留了SQL Server (110)。

我的SQL代理作业停止工作,使用PowerShell命令的作业。

我收到以下错误消息:

作业步骤在PowerShell脚本的第1行收到一个错误。
相应的行是'import-module SQLPS  -DisableNameChecking'请更正脚本并重新安排作业。
PowerShell返回的错误信息是:
'文件C:\Program Files (x86)\Microsoft SQL Server10\Tools\PowerShell\Modules\SQLPS\Sqlps.ps1
无法加载,因为在此系统上已禁用脚本执行。
请参阅"get-help about_signing"以获取更多详细信息。

Sqlps.ps1是用有效签名签名的,我甚至暂时尝试了Set-ExecutionPolicy Unrestricted,但也没有帮助。 (所有建议都来自chatgpt ;-))

我的脚本应该从URL下载一个文件并将其放在c:\tmp中。

编辑:
问题已解决,我将脚本执行策略设置为“允许本地脚本和远程已签名脚本”在计算机的组策略中;之前是“未配置”。

英文:

I upgraded a Windows Server 2012 to 2019, but kept the SQL Server (110)

My sql agent jobs stopped working, the ones using PowerShell commands.

I get the error message

A job step received an error at line 1 in a PowerShell script. 
The corresponding line is 'import-module SQLPS  -DisableNameChecking'. 
Correct the script and reschedule the job. 
The error information returned by PowerShell is: 
'File C:\Program Files (x86)\Microsoft SQL Server0\Tools\PowerShell\Modules\SQLPS\Sqlps.ps1 
cannot be loaded because the execution of scripts is disabled on this system. 
Please see "get-help about_signing" for more details.

The Sqlps.ps1 IS signed with a valid signature, and I even temporarily tried to Set-ExecutionPolicy Unrestricted , but that didn't help either. (All suggested by chatgpt SQL Server job 无法运行 PowerShell,因为”脚本执行被禁用”。 )

My script should download a file from an url and place it in c:\tmp

EDIT:
Solved, I set the script execution policy to "Allow local scripts and remote signed scripts" in group policy for computer; it was pereviously "Not Configured"

答案1

得分: 1

  • 如果有效的执行策略是“Restricted”,即使是已签名的脚本也无法帮助您。

  • 重要的是用户身份的有效执行策略,您可以通过以下方式进行控制,这关系到您的服务/计划任务运行的身份:

    • 临时,在给定的PowerShell CLI调用中(powershell.exe [-Command] ... / powershell.exe -File ...),在(可能暗示的)-Command / -File参数前加上-ExecutionPolicy参数,例如,如果您完全信任脚本(最终)被调用,可以使用-ExecutionPolicy Bypass

    • 持久,通过 全局 执行策略(需要 提升 权限(管理员权限)):

      • 通过Set-ExecutionPolicy -Scope AllUsers
      • 通过 GPO 策略(它们会 覆盖 持久的 Set-ExecutionPolicy 配置)。

有关更多信息,请参阅此答案

英文:
  • If the effective execution policy is Restricted, even signed scripts won't help you.

  • What matters is what the effective execution policy is for the user identity that your services / scheduled tasks run as, which you can control as follows:

    • Ad hoc, in a given PowerShell CLI call (powershell.exe [-Command] ... / powershell.exe -File ...), precede the (possibly implied) -Command / -File parameter with an -ExecutionPolicy argument, e.g. - if you fully trust the script (eventually) getting invoked - -ExecutionPolicy Bypass

    • Persistently, via a machine-wide execution policy (requires elevation (administrative privileges)):

      • Via Set-ExecutionPolicy -Scope AllUsers
      • Via GPO policies (which override persistent Set-ExecutionPolicy configurations).

See this answer for additional information.

huangapple
  • 本文由 发表于 2023年2月16日 07:40:07
  • 转载请务必保留本文链接:https://go.coder-hub.com/75466442.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定