PowerShell script runs locally but fails silently in Intune (PSADT + nested PowerShell command not executing)

George · February 10, 2026, 4:31pm

Long story short:
I need Intune to execute the following exact command inside PowerShell:

powershell.exe .\VLTUninstall.ps1

This must run exactly as written, because the uninstall script uses a decryption key and only works when executed in this specific form. (powershell.exe + script)

I’m deploying through Intune as a Win32 app using:

Invoke-AppDeployToolkit.exe -DeploymentType Install -DeployMode Silent
have also tried
Invoke-AppDeployToolkit.exe -DeploymentType Install

Inside PSADT I call:

Start-ADTProcess -FilePath "$PSHOME\powershell.exe" -ArgumentList '-NoProfile -ExecutionPolicy Bypass -Command "powershell.exe .\VLTUninstall.ps1"' -WorkingDirectory $adtSession.DirFiles

Diagnostics show that Intune is correctly running in 64‑bit, as SYSTEM, with FullLanguage:

PSHome: C:\Windows\System32\WindowsPowerShell\v1.0
PSVersion: 5.1.26100.7462
Is64BitProcess: True
LanguageMode: FullLanguage

Locally the script runs fine and uninstalls Zscaler without issues.
Through Intune, the script “runs”, returns exit code 0, but the app is not removed, services and folders remain, no errors surface unless I manually force logging.
The uninstall script logs this error message:
powershell.exe : Exception calling "ReadVault" with "0" argument(s): "Unable to load DLL 'DataVault.dll': The specified module could not be found. (Exception from HRESULT: 0x8007007E)"

but the module is there
Info: I reproduce the same error message locally by running the VLTUninstall.ps1 without powershell.exe in front of it.

Windows PowerShell
#correct command
powershell.exe .\VLTUninstall.ps1
#Bad execution command; will trigger Exception from HRESULT: 0x8007007E)
.\VLTUninstall.ps1 or & .\VLTUninstall.ps1

I've tried also to move the files in C:\Program Files and execute the script from that directory. That didn't work either. I'm really running out of options, and I don't know if I'm doing something wrong. I've spent hours with GPT, Copilot and tried multiple execution commands inside PSADT for this uninstall script, but nothing worked.

I’m aware of the usual SYSTEM vs local user context differences but what I still don't understand what is going on and I’m looking for insight into why nested PowerShell commands behave differently under Intune and how to correctly force Intune/PSADT to run a script exactly in this form.

If anyone can identify what I’m doing incorrectly or has any suggestions to resolve this issue, I would greatly appreciate your input.

That-Annoying-Guy · February 10, 2026, 6:16pm

Instead of this:

Start-ADTProcess -FilePath "$PSHOME\powershell.exe" -ArgumentList '-NoProfile -ExecutionPolicy Bypass -Command "powershell.exe .\VLTUninstall.ps1"' -WorkingDirectory $adtSession.DirFiles

Based on another post, Try this:

Try {
   $PathToPs1File = "$($adtSession.DirFiles)\VLTUninstall.ps1"
   &$PathToPs1File
} Catch {
   Invoke-ADTFunctionErrorHandler -Cmdlet 'MyStandAloneScript' -SessionState $ExecutionContext.SessionState -ErrorRecord $_ -LogMessage "The StandAloneScript failed to run"
}
``

George · February 10, 2026, 9:02pm

Thank you for replying.
I've tried your command but without success though....

I've also tried to run this part:

Try {
   #$PathToPs1File = "$($adtSession.DirFiles)\VLTUninstall.ps1"
    Set-Location -Path $adtSession.DirFiles
    Write-ADTLogEntry -Message "Starting Zscaler uninstallation process..." -Severity 1
    powershell.exe .\VLTUninstall.ps1 *> C:\Log\VLTUninstall.log
} Catch {
    #Invoke-ADTFunctionErrorHandler -Cmdlet $PSCmdlet -SessionState $ExecutionContext.SessionState -ErrorRecord $_ -LogMessage "The StandAloneScript failed to run"
    Write-ADTLogEntry -Message "The StandAloneScript failed to run. Error: $_" -Severity 3
}

Error: [Pre-Install] :: The StandAloneScript failed to run. Error: Exception calling "ReadVault" with "0" argument(s): "Unable to load DLL 'DataVault.dll': The specified module could not be found.	Install-ADTDeployment	2/10/2026 10:51:41 PM	33468 (0x82BC)

If I open PowerShell on my client, change directory to PSADT package and run any of the following commands:
.\Invoke-AppDeployToolkit.ps1 -deploymenttype install
or
.\Invoke-AppDeployToolkit.exe -deploymenttype install
the script will get executed.

George · February 19, 2026, 11:42am

I have added a screenshot to better understand how the script needs to be executed in order to work properly.

and here are the PSADT commands that work locally but not from Intune:

    Start-ADTProcess -FilePath "$PSHOME\powershell.exe" -ArgumentList '-Command', 'powershell.exe .\VLTUninstall.ps1' -WorkingDirectory $adtSession.DirFiles

    Start-ADTProcess -FilePath "$PSHOME\powershell.exe" -ArgumentList '-NoProfile -ExecutionPolicy Bypass -Command "powershell.exe .\VLTUninstall.ps1"' -WorkingDirectory $adtSession.DirFiles


   $scriptPath = Join-Path $adtSession.DirFiles "VLTUninstall.ps1"
#Set-Location "$($adtSession.DirFiles)\" - I've also tried to set the path manually before starting the process.
    Start-ADTProcess -FilePath "$PSHOME\powershell.exe" -ArgumentList "-NoProfile -ExecutionPolicy Bypass -File `"$scriptPath`"" -WorkingDirectory $adtSession.DirFiles

Any suggestion to resolve this is much appreciated.

That-Annoying-Guy · February 19, 2026, 2:51pm

The problem is inside your VLTUninstall.ps1 script.

VLTUninstall.ps1 cannot locate that DLL.

IOW: the account used to launch the installation (SYSTEM) does not have access to where that DLL is located.

George · February 19, 2026, 3:36pm

You're right. I had to specify where the DLL file is located(I copied it to system32 folder and pointed out that location in my VLTUninstall script). Now I no longer receive that error, but I need to figure out how to decrypt the input because it does not work how I want it to do..

So, since this is more like an intern problem, please feel free to close this topic.

Thank you very much for your efforts!

George · February 19, 2026, 4:46pm

The issue has now been resolved, so I’m sharing my findings here in case someone else runs into a similar problem in the future.

The DLL path was missing in the import function, and encryption wasn’t configured for the System context. After adjusting these settings in my VLTUninstall script, everything is now working perfectly.

Thanks again, @That-Annoying-Guy, for taking the time to look into this!

system · February 26, 2026, 4:46pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Uninstall-ADTApplication works when PSADT 4.1.3 elevated and run as admin but when it is executed via Intune it does not uninstall? General Discussion	8	246	August 28, 2025
PSADT and Intune General Discussion	4	7009	March 26, 2024
PSADT as a Intune Win32app says it already installed and skips it General Discussion	16	2276	September 24, 2022
Help with Intune running the Invoke-AppDeployToolkit.ps1 script in 64-bit PowerShell General Discussion	4	143	September 22, 2025
Powershell script InTune win32app deployment command General Discussion	2	8199	March 19, 2025

PowerShell script runs locally but fails silently in Intune (PSADT + nested PowerShell command not executing)

Related topics