Remote Script Execution

Overview

Remote Script Execution allows IT administrators to deploy and run scripts on any managed endpoint, without physical access or individual logins. Whether you’re applying a security configuration to 500 Windows machines or running a cleanup routine on macOS devices, Zecurit lets you do it in minutes from a single console.

This section of the Help Center covers everything you need to start automating with scripts in Zecurit:

Sub-Topic	What It Covers
Script Repository	Add, organize, and manage your scripts
Deployment Policy for Scripts	Configure how and when scripts run
Associate Policy to Devices/Groups	Target the right endpoints
Best Practices for Scripts	Templates, editor tips, Script Hub, and third-party scripts

How It Works

Zecurit’s remote script execution follows a straightforward two-stage model:

Stage 1 : Script Repository: You add scripts to a central repository by writing them in the built-in editor or uploading existing files. Each script is configured with runtime arguments, success exit codes, target platform, and optional tags.

Stage 2 : Deployment Policy: You create a Deployment Policy that references one or more repository scripts, defines execution context (System, Logged-in User, or Run as User), sets scheduling rules, and configures retry behavior. The policy is then associated with specific devices or groups.

When a target device checks in, Zecurit transmits the script payload over an encrypted channel, the agent executes it in the defined context, and results (output, exit code, status) are returned to the console for review.

Supported Platforms and Script Types

Zecurit supports script execution across all three major operating systems:

.ps1, .bat, .cmd, .vbs, .vbe, .js, .jse, .wsf, .wsc, .wsh, .reg, .exe, .msi, .vb

.sh, .bash, .scpt, .applescript, .py

.sh, .bash, .zsh, .ksh, .csh, .tcsh

The platform you select during script creation determines which interpreter Zecurit routes execution through on the target endpoint, and prevents cross-platform deployment errors.

Common Use Cases

System Maintenance : Schedule disk cleanup, temp file removal, and log rotation to run automatically across device groups, preventing storage issues before they impact users.

Security & Compliance : Deploy firewall rules, enforce registry-based security policies, or audit endpoints for compliance violations and auto-remediate non-compliant machines.

Software Management : Install, update, or uninstall applications across your fleet without scheduling individual maintenance windows.

User Account Management : Provision new user accounts or offboard departing employees by disabling access, archiving data, and revoking permissions in one automated workflow.

Inventory Collection : Run scheduled scripts to gather hardware specifications, installed software, and license data for asset tracking.

Performance Diagnostics : Remotely collect logs and run diagnostic commands on endpoints experiencing issues, without requiring desktop access.

Execution Contexts

When creating a Deployment Policy, you select how the script runs on the endpoint:

System : Runs with full system privileges. Best for maintenance tasks that need admin rights but no user session access.
Logged-in User : Runs in the context of the currently logged-in user. Best for user-specific configurations or when mapped drives and user registry hives are needed.
Run as User : Runs as a specified user account. Useful for service account scenarios.

Security Considerations

Scripts are transmitted over TLS 1.2+ encrypted channels.
Use role-based access control (RBAC) to limit which administrators can deploy scripts and to which device groups.
Never embed credentials as plaintext in script code — use script arguments with secured values.
Capture Script Output is configurable per policy so sensitive output isn’t retained unnecessarily.
All script executions are logged with timestamp, executor identity, target device, and status for full audit trail compliance.

Getting Started Checklist

Add your first script : Navigate to Manage → Scripts Repository and click Add Script. Write or upload a script, select the platform, and save.
Create a Deployment Policy : Go to Manage → Deployment Policy, click Add, select category Script, and choose your script from the repository.
Associate the policy : Go to Groups and Devices, select target devices or a group, click Actions → Distribute → Deployment Policy, and associate your policy.
Monitor results : Open any device record and click the Deployments tab to see execution status, version, and output remarks.

Related Resources

Zecurit Script Hub — Browse 100+ free, pre-tested script templates for common IT tasks.
Script Repository Help →
Deployment Policy Help →
Associate Policy to Devices →
Script Best Practices →