In Trio’s endpoint management platform, Scripts empower administrators to remotely execute system-level actions across macOS, Windows, and other supported operating systems. These scripts serve as flexible tools for automating tasks, enforcing configurations, and conducting diagnostics, especially when policy-based control isn’t sufficient.
Scripts differ from persistent policies by offering one-time or conditionally recurring executions. Whether you’re modifying system settings, querying device state, or applying fixes, scripts provide direct and targeted control at the device level without requiring full policy deployment.
How Scripts Work
Scripts in Trio are managed through the Scriptor module. Administrators can create scripts from scratch, choose from pre-built templates (e.g., Convert to 64-Bit, Shell Script, 64-Bit MultiLine), or define post-installation behavior for newly onboarded devices. Each script includes the command logic, targeted operating system, privilege level (e.g., system or root), and execution mode.
Once created, scripts are not bound to a schedule by default. Instead, they’re launched manually or through defined triggers, such as webhooks, scheduled intervals, or agent events. The script is then delivered via the Trio Agent to the target device. Execution is handled locally, and output or status is reported back to the admin interface.
Scripts can be run in different contexts:
System or Root level for privileged execution
Manually, Scheduled, Repeating, or Webhook-triggered launch methods
Targeted to one or multiple devices or groups
Script Scope and Availability
Each script in Trio is platform-specific, meaning a script written for macOS (using Bash or zsh) will not be valid for a Windows (CMD or PowerShell) environment. When creating or assigning a script, Trio ensures compatibility by filtering options based on the device OS and agent configuration.
Execution capabilities also depend on the device’s current state. Scripts cannot run on offline devices, and some advanced use cases (such as deep system diagnostics or update manipulation) require elevated privileges. The Run As field during script creation ensures the correct authority level is used.
Administrators can choose to assign scripts directly to device groups or launch them interactively. The platform provides a grid or card view to visualize existing scripts and their associated metadata: OS, script content, launch method, assigned devices/groups, and execution context.
Execution and Visibility
Once a script is launched, the Trio Agent on the target device checks in and executes the script within the defined context. If the device is offline, the script remains queued until the agent reconnects.
Trio provides detailed visibility into script lifecycle events:
Script status (pending, completed, failed)
Target devices and assigned groups
Launch history and results (available under the Results tab)
Runtime environment, user privileges, and scheduling conditions
Script deletion is safeguarded with a confirmation prompt, especially when linked to multiple groups. Deletion removes the script from future assignments but does not reverse previously applied changes.
Technical Use Cases
Scripts provide vital utility in environments where policy-based automation needs to be supplemented with real-time control. Common scenarios include:
System setup: Running initial configuration or environment checks immediately after agent installation.
Diagnostics: Gathering system data via commands like
systeminfo,top, orGet-Process.Temporary remediation: Applying hotfixes or changes without waiting for the next policy update cycle.
Custom automation: Tailoring device behavior using shell or PowerShell logic, e.g., disabling activation lock, rotating keys, or toggling Finder settings.
Scripts in Trio extend the power of the platform beyond standard device policy. With flexibility in scheduling, rich OS support, and clear administrative feedback, they are ideal for repeatable operations, custom control, and deep technical remediation across managed fleets.