RSS
 

Automate Endpoint Configurations with Scripts for Windows Desktop Devices

Use Scripts to run PowerShell code for endpoint configurations on Windows Desktop devices using Workspace ONE UEM.

Freestyle Feature

Scripts is a Freestyle feature that is available for SaaS environments. For details on Freestyle, access Freestyle Orchestrator.

Scripts Description

With Scripts, located in the main navigation under Resources, you can push code to Windows devices to do various processes. For example, push a PowerShell script that notifies users to restart their devices.
Shows the Scripts under Resources in the UEM console.

Use Variables in your scripts to protect sensitive static data like passwords and API keys, or use lookup values for dynamic data such as device ID and user name. You can also make this code available to your Windows users so they can run it on their devices when needed. Make code available by integrating the Workspace ONE Intelligent Hub with Scripts so that users can access the code in the Apps area of the catalog.

Important: Scripts are not permitted to be assigned to Employee-Owned devices for privacy reasons.

How Do You Know Your Scripts Are Successful?

You can find out if Scripts ran successfully using the Scripts tab in a device’s Device Details page. In the Workspace ONE UEM console, go to the applicable organization group, select Devices > List View, and choose an applicable device. On the Scripts tab, look in the Status column for a Executed or Failed status. Statuses depend on the exit code (also known as error code or return code).

Shows device details about the Scripts in the UEM console.

  • Executed - Workspace ONE UEM displays this status after the exit code returns a 0.
  • Failed - Workspace ONE UEM displays this status after the exit code returns any value that is not a 0.

Create a Script for Windows Desktop Devices

Scripts for Windows Desktop managed by Workspace ONE UEM supports using PowerShell to execute codes on end user devices. Integrate Scripts with the Workspace ONE Intelligent Hub for Windows and enable self-service to Scripts for your users.

Note: If you are publishing scripts to less than 2000 (default value) devices, the devices are notified immediately to fetch the resource. However, if the smart groups assigned have more than 2000 devices, then the devices will receive the resource the next time the devices checks-in with Workspace ONE UEM console.

Procedure

  1. Navigate to Resources > Scripts > Add.
  2. Select Windows.

  3. Configure the script settings for the General tab.

    Setting Description
    Name Enter a name for the script.
    Description Enter a description for the script.
    App Catalog Customization Enable offering self-service access to Scripts in the Workspace ONE Intelligent Hub catalog.

    Display Name - Enter the name that users see in the catalog.
    Display Description - Enter a brief description of what the script does.
    Icon - Upload an icon for the script.
    Category - Select a category for the script. Categories help users filter apps in the catalog.

    Although you have completed the settings for the script in the catalog, there is another configuration to set to display your script in the Workspace ONE Intelligent Hub. When you assign the script to devices, enable the Show in Hub menu item or these customizations do not display in the catalog.

  4. Configure the script settings for the Details tab.

    Setting Description
    Language Workspace ONE UEM supports PowerShell.
    Execution Context This setting controls whether the script runs in the user or system context.
    Execution Architecture This settings controls whether the script runs on a device based on the architecture. You can limit the script to run on 32-bit devices or 64-bit devices only or to run the script based on the device architecture. You can also force the script to run as 32-bit regardless of the architecture of the device.
    Timeout In case the script gets looped or is unresponsive for some reason, enter a length of time in seconds for the system to run the script and then stop.
    Code Upload a script or write your own in the text box provided.

  5. Select Next to configure the Variables tab.

    Add static values, such as API keys, service account names or password by providing the key and the value of the variable. Or, add dynamic values such as enrollmentuser by providing a key and then selecting the lookup value icon. To use variables in a script, reference the variable by using $env:key. For instance, if the variable definition has a key named SystemAccount and a value of admin01, the script can assign the variable to a script-variable, named account by referencing $account = $env:SystemAccount.

  6. To assign Scripts to devices, select the script, choose Assign, and select New Assignment.

  7. On the Definition tab, enter the Assignment Name and use the Select Smart Group menu item to select the group of devices you want to push Scripts to.
  8. On the Deployment tab, for Triggers, select the trigger that starts the script. You can select multiple triggers.
  9. Enable Show In Hub to show your App Catalog Customization settings for the script in the Workspace ONE Intelligent Hub. You can disable this option to hide a script from users in the catalog.

What to do next

Go to the Scripts tab in a device’s Device Details to view the status of your Scripts.

check-circle-line exclamation-circle-line close-line
Scroll to top icon