Custom Constrained Endpoint via GPO

I have compiled a small script with the the following:

  1. PSSessionconfiguration name
  2. PSSessionconfiguration startupscript

which then sets the endpoint with a specific security descriptor sddl.

I want to leverage Group Policy, to run as a startup script, to distribute a this custom remoting endpoint configuration to all servers on our network. However, the policy doesnt seem to apply and cannot see the endpoint listed in get-pssessionconfiguration.

Any help would be greatly appreciated.

Couple of questions:

how are you getting the GPO to run the script & in what security context
does the script work if run manually

can you share the code in the script

Its all good now, im using invoke-command to run the script on the remote machines.


OK - happy to hear you’ve got it working. Thanks for letting us know