LAPS - Module Powershell import en erreur

En environnement sécurisé, l’import de module Powershell de LAPS (AdmPwd.PS) échoue.

Sommaire

Symptôme
Cause
Solution /Contournement
Réponse du support Microsoft
Test à réaliser

Symptômes

Selon la politique d’exécution de script Powershell, l’import du module Powershell de LAPS (AdmPwd.PS) échoue. avec l’erreur ci-dessous :

PS C:\Users\Administrator> Import-Module admpwd.ps
Import-Module : Errors occurred while loading the format data file:
C:\windows\system32\WindowsPowerShell\v1.0\Modules\admpwd.ps\AdmPwd.PS.format.ps1xml, ,
C:\windows\system32\WindowsPowerShell\v1.0\Modules\admpwd.ps\AdmPwd.PS.format.ps1xml: The file was skipped because of
the following validation exception: File
C:\windows\system32\WindowsPowerShell\v1.0\Modules\admpwd.ps\AdmPwd.PS.format.ps1xml cannot be loaded. The file
C:\windows\system32\WindowsPowerShell\v1.0\Modules\admpwd.ps\AdmPwd.PS.format.ps1xml is not digitally signed. You
cannot run this script on the current system. For more information about running scripts and setting execution policy,
see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170..
At line:1 char:1
+ Import-Module admpwd.ps
+ ~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Import-Module], RuntimeException
+ FullyQualifiedErrorId : FormatXmlUpdateException,Microsoft.PowerShell.Commands.ImportModuleCommand

Causes

Cette erreur est causée par la politique de sécurité sur l’exécution des script Powershell.

Get-ExecutionPolicy -List

Solution /Contournement

Afin de permettre l’import et l’exécution du module Powershell, il est nécessaire de changer la politique de sécurité de ‘AllSigned‘ à ‘RemoteSigned‘.

Il est possible de modifier la politique de sécurité de plusieurs manières :

Via Powershell

Set-ExecutionPolicy RemoteSigned

Via GPO

La configuration des politiques de sécurités peut-être réalisé via GPO :

Computer Configuration\Policies\Administrative Templates\Windows Components\Windows PowerShell\Turn on Script Execution

Vérifier la politique de sécurité

Lorsque la configuration a été réalisée, il est possible de vérifier la configuration avec :

Get-ExecutionPolicy -List

L’import du module Powershell AdmPwd.PS fonctionne bien.

Réponse du support Microsoft

Ce dysfonctionnement a été remonté, ci-dessous la réponce du support :

Test à réaliser

Essayer de signer avec une CA le module.

Post Views: 3 103

Cookie	Durée	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement		The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Durée	Description
tk_lr	1 year	This cookie is set by JetPack plugin on sites using WooCommerce. This is a referral cookie used for analyzing referrer behavior for Jetpack
tk_or	5 years	This cookie is set by JetPack plugin on sites using WooCommerce. This is a referral cookie used for analyzing referrer behavior for Jetpack
tk_r3d	3 days	The cookie is installed by JetPack. Used for the internal metrics fo user activities to improve user experience