Deploying Powershell and Shell Scripts in Systems Manager
The scripting feature with Systems Manager is currently in Early Access and can be enabled by navigating to Organization > Early Access page and toggle Opt-in for Deploy scripts for Windows and macOS. This has been a popular feature request for Systems Manager for a long time, so we are finally excited to share this feature. Scripting will allow powerful configuration and management control over Windows and macOS devices.
Example scripts and use cases:
Add any file to any location on a device (example)
Configure the profile.xml profile for Cisco Secure client (example) (video)
Remember: scripts can be very powerful, so we always recommend to test scripts locally first before attempting to deploy in bulk via Systems Manager. The above examples are simply guidelines and should always be tested/validated on your own first.
Once the Early Access has been enabled, there will be a new page available in the Dashboard in Systems Manager > Manage > Scripts to upload the script files and scope to devices.
SM Scripts Early Access information:
Scripts must exit with 0 to be reported as a success in Dashboard. Other status code exits will be reported as an error.
Currently, the scripts must be enqueued from Dashboard at the same time while the device is online. This will change during the Early Access phase. In the future scripts will be able to deploy as devices asynchronously come online as well as scheduled scripting to make repetitive script deployments easier.
Scripts must be able to finish within 60 seconds, or else they could be marked as a timeout/error. Also, the agent version 3.7.0 or higher is required. Full set of requirements available here.