Splunk® App for Windows Infrastructure

Deploy and Use the Splunk App for Windows Infrastructure

Download manual as PDF

This documentation does not apply to the most recent version of MSApp. Click here for the latest version.
Download topic as PDF

Configure PowerShell Execution policy in Active Directory

Enable local PowerShell script execution

The add-ons included in the Splunk App for Windows Infrastructure installation package contain PowerShell scripts that must run on the AD (domain controllers and DNS) hosts in your AD environment. You must configure your domain controllers to allow local execution of PowerShell scripts so that they can run.

To enable local execution of PowerShell scripts on your domain controllers:

1. If required, download Windows Management Framework (http://support.microsoft.com/kb/968929) from Microsoft's Support site and install it.

Note: All versions of Windows Server 2008 SP2 (except Core) and Windows Server 2008 R2 have PowerShell installed by default. All versions of Windows Server 2012 have PowerShell 3.0 installed by default. You might need to install Windows Management Framework on Windows Server 2003 family computers.

2. If required, download the Administrative Templates for Microsoft PowerShell (http://www.microsoft.com/en-us/download/details.aspx?id=25119) from Microsoft and install them.

Note: All versions of Windows Server 2008 (except Core) and later have the required templates for PowerShell installed.

3. Create a new Active Directory GPO:

4. Open the GPO for editing.

5. In the GPO editor, select Computer Configuration > Policies > Administrative Templates > Windows Components > Windows PowerShell.

6. Right-click "Turn on script execution", then select "Edit".

7. In the window that appears, click the "Enabled" radio button.

8. In the "Execution Policy" drop-down, select Allow local scripts and remote signed scripts.

9. Click "OK" to accept the changes.

10. Close the Group Policy Object editor to save your changes.

11. Deploy the GPO.

GPO updates

Once you have deployed the GPOs, it can take up to 120 minutes before Active Directory applies the GPOs to the domain. If you want to deploy the GPOs faster, you must run the GPUPDATE /force command on every computer upon which you want to update Group Policy.

PREVIOUS
Configure Active Directory audit policy
  NEXT
Download and configure the Splunk Add-ons for Active Directory

This documentation applies to the following versions of Splunk® App for Windows Infrastructure: 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.2.0, 1.2.1, 1.3.0, 1.4.0


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters