Advertisements

PowerShell ExecutionPolicy Explained

-

|

What is PowerShell ExecutionPolicy?

ExecutionPolicy in PowerShell is a security feature that controls how PowerShell loads configuration files and runs scripts. ExecutionPolicy features helps prevent PowerShell running malicious scripts.

You can set Execution Policy for a computer, a user or a session. The Set-ExecutionPolicy cmdlet can be used to set ExecutionPolicy. PowerShell.exe command also has an ExecutionPolicy parameter that you can use to set Powershell ExecutionPolicy.

In this guide you will learn about the different types of PowerShell Execution Policies. You will also learn how to use Set-ExecutionPolicy and PowerShell.exe -ExecutionPolicy commands.

Advertisements


Available Execution Policies

This section explains the different ExecutionPolicy you can set in PowerShell and what each will allow you to do.

Restricted

  • This is the default execution policy in Windows 8, Server 2012 and above.
  • Prevents PowerShell configuration files (.ps1xml), module script files (.psm1), and Windows PowerShell profiles (.ps1) from executing
  • Allows individual PowerShell commands but denies scripts

AllSigned

When you set AllSigned ExecutionPolicy, PowerShell:

  • Runs all scripts
  • Requires that before a script is permitted to run it must be signed by a trusted publisher. This includes scripts written on the local computer
  • Prompts to confirm before running a script from a publisher you have not confirmed is trusted
  • May run signed but malicious codes

RemoteSigned

RemoteSigned ExecutionPolicy:

  • Allows scripts to run
  • Requires that all scripts downloaded from the Internet must be digitally signed by a publisher you specified as trusted. This includes scripts received via email and instant messaging platforms.
  • Will not require digital signing of scripts written on a local computer
  • May allow running of malicious scripts from other sources

Unrestricted

  • Allows unassigned scripts to execute
  • Will warn you before executing a script from the internet
  • Risks running malicious codes or scripts

Bypass

With Bypass ExecutionPolicy:

  • No script is blocked. Does not offer warnings as well.

Undefined

  • Means no ExecutionPolicy is defined
  • The effective ExecutionPolicy is Restricted (default)

ExecutionPolicy Scope and Precedence

You can apply PowerShell Execution Policy to:

LocalMcachine: Affects only the current users. This has the least precedence

CurrentUser: The Execution Policy affects only the current user. Takes precedence over LocalMcachine but has a lower precedence over Process.

Process: Applies only to the current session. Takes the highest precedence.

How to Get Current PowerShell ExecutionPolicy

To see the current PowerShell ExecutionPolicy run the command below:

Get-ExecutionPolicy 
How to Get Current PowerShell ExecutionPolicy - Get-ExecutionPolicy

To see the ExecutionPolicy set for all Scopes use this command:

Get-ExecutionPolicy -List
How to Get Current PowerShell ExecutionPolicy: Get-ExecutionPolicy -List

You can also get Execution Policy based on scope. Here are some sample commands:

Get-ExecutionPolicy -Scope CurrentUser
Get-ExecutionPolicy -Scope LocalMachine
Get-ExecutionPolicy -Scope Process

How to Set PowerShell ExecutionPolicy

As I mentioned in the introduction, you can set ExecutionPolicy with the Set-ExecutionPolicy cmdlet. You can also use the PowerShell.exe -ExecutionPolicy command.

How to Set Execution Policy with Set-ExecutionPolicy

The syntax of the Set-ExecutionPolicy cmdlet is:

Set-ExecutionPolicy -ExecutionPolicy <ExecutionPolicy>

As an example, to set the Execution Policy to RemoteSigned use the command below:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned

Here is the result of the command.

How to Set Execution Policy with Set-ExecutionPolicy
The command failed because I did not open PowerShell as Administrator.

Here is the command executed as administrator:

How to Set Execution Policy with Set-ExecutionPolicy

As you can see from the image, the new Execution Policy is now RemoteSigned.

From the last 2 commands, I was asked to confirm the command. To bypass this prompt, include the -Force parameter.

The command now executes without prompting for confirmation.


The -Force parameter is particularly useful in scripting. Without this parameter your script may halt.

By default this command sets execution policy for LocalMachine scope. To confirm this, run the command below:

Get-ExecutionPolicy -List
How to Set Execution Policy with Set-ExecutionPolicy

To set Execution Policy to apply to another scope, use the –Scope parameter.

The command below sets execution policy for CurrentUser:

Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope CurrentUser -Force

As you can see from the result, CurrentUser policy is no longer Undefined. It is now Bypass, the policy set with the last command.

How to Set ExecutionPolicy with PowerShell.exe -ExecutionPolicy

If you want to bypass Execution Policy for the logged in session, you can set Execution Policy for the current command line. This is achieved using the PowerShell.exe command.

Before I give examples, here is the current execution policy:

The current execution policy is Restricted. This is because the Process scope takes precedence. To confirm, see the result below:

If you recollect, Restricted policy will NOT allow scripts to run.

This means that if I try to run a script, I will be denied access. The image below shows a series of commands and their results. See my explanation beneath the image.

How to Set Execution Policy with PowerShell.exe -ExecutionPolicy

The first command shown in the image is:

powershell.exe -file “C:\PS\schedule powershell example\Create-folders-from-text-file.ps1”

I tried to run a PowerShell script. Then I received the error message below:

“File C:\PS\schedule powershell example\Create-folders-from-text-file.ps1 cannot be loaded because running scripts is disabled on this system.”

The reason is because the current execution policy is Restricted. It does not allow any scripts to run.

Back to the reference image. In the next line, I ran the following command:

powershell.exe -file “C:\PS\schedule powershell example\Create-folders-from-text-file.ps1” -ExecutionPolicy Unrestricted

Effectively, I can set a temp execution policy for the command line using the -ExecutionPolicy parameter of the powershell.exe command. But I received the same error message. The reason is that I need to set the execution policy before I call the script.

Then in the next line, I executed this command:

powershell.exe -ExecutionPolicy Unrestricted

This sets the execution policy for the current logged in session to Unrestricted. So when I now run my PowerShell script, it executed successfully! See the reference image above.

The take from the last analysis is this: You can set Powershell ExecutionPolicy for the current session using Powershell.exe -ExecutionPolicy. But, you have to run the command first before calling your script.

To confirm that Powershell.exe only sets policy for the current session, I will run the command below from the current session:

Get-ExecutionPolicy -List

The result is Unrestricted for the CurrentUser scope. If I log off my current session and log back on. It will revert back to the policy set by Set-ExecutionPolicy command.

Conclusion

I hope I have been able to simplify how to get and set PowerShell Execution Policies. If you have any question or comments use the “Leave a Reply” form at the end of the page.

Advertisements


Other Helpful Guides

Additional Resources and References


LEAVE A REPLY

Please enter your comment!
Please enter your name here

LATEST DEALS

Exclusive Student Offer_Save 10% on selected Surface devices

FEATURED POSTS

How to Change Administrator Name in Windows 10 (4 Methods)

How to Change Administrator Name in Windows 10

Introduction This guide demos how to change administrator name in Windows 10. There could be...
How to Setup WhatsApp Auto Reply in an Android Phone

How to Setup WhatsApp Auto Reply in an Android Phone

Introduction This guide demos how to setup Whatsapp auto reply in an Android phone. Steps...
How to Set Out of Office Auto Reply in Outlook, Outlook.com and Gmail

How to Set Out of Office Auto Reply in Outlook, Outlook.com and Gmail

Introduction This guide demos how to set out of office auto reply in Outlook, Outlook.com and Gmail.
How to Take Ownership of Folder in Windows 10

How to Take Ownership of Folder in Windows 10 (2 Methods)

Introduction This guide demos 2 methods to take ownership of folder in Windows 10. Options to...
How to Install Windows Server 2019 from USB

How to Install Windows Server 2019 from USB

Introduction This guide demos how to install Windows Server 2019 from USB. Steps to Install...

ADVERTISEMENTS

TRENDING POSTS

Remote Desktop Connection

Remote Desktop Connection an Internal Error Has Occurred [Fixed]

Introduction I recently received the error message "Remote Desktop Connection an Internal Error Has Occurred". It was strange because...

Find My Samsung: Register and Use Samsung Find my Mobile

Introduction Ever wondered how you could find your Samsung phone if you lost it? Find my Samsung or Samsung...
What is the Difference Between PowerShell and CMD?

Windows Powershell vs CMD: Differences and Similarities

Introduction This short guide compares Windows PowerShell vs CMD (Windows command prompt). I will cover the history and nature...
Spotify No Longer Supports this Version of Microsoft Edge

Spotify No Longer Supports this Version of Microsoft Edge [Fixed]

Introduction When you open Spotify web player on Microsoft Edge, you may receive the error message "Spotify No Longer...
Windows 10 Won't Boot

Windows 10 Won’t Boot With Black Screen? 3 Ways to Fix It

Why Won't Windows 10 Boot Up? If your Windows 10 stops with a black screen, the first question in...

BEST OF ITECHGUIDES

Spotify Web Player: Your Definitive Guide

What is Spotify Web Player? Spotify Web Player is a browser-based player that allows you to stream Spotify via...
powershell get ad group members

PowerShell Script to Get Active Directory Group Members

Introduction This guide is a hands-on step by step showing how to write a Powershell script to Get AD...
Group Policy, GPResult, Group Policy Object and RSoP

Group Policy, Group Policy Object and RSoP Explained

Introduction This guide gives an overview of Group Policy, RSoP (Resultant Set of Policy) and Group Policy Objects.
How to Take Ownership of Folder in Windows 10

How to Take Ownership of Folder in Windows 10 (2 Methods)

Introduction This guide demos 2 methods to take ownership of folder in Windows 10. Options to...

How to Check FSMO Roles Holders in Active Directory

Introduction This guide illustrates how to check FSMO roles in Server 2016. The are 5...

RECENT POSTS

C:\G-Drive\Work Tools\Products Portal\1. New Business\2. Content Sites\1. iTechGuides.com\Posts\1. HOW TO\Microsoft\MS Office\Microsoft Word\how to add more rows to a table in word

How to Add More Rows to a Table in Word and Google Docs

Introduction This guide demos how to add more rows to a table in Word. It also has a...
How to Create a Bar Chart in Excel and Google Sheets

How to Create a Bar Chart in Excel and Google Sheets

Introduction This guide demos how to create a bar chart in Excel and Google Sheets. A bar chart is...
How to Change Administrator Name in Windows 10 (4 Methods)

How to Change Administrator Name in Windows 10

Introduction This guide demos how to change administrator name in Windows 10. There could be...
How to Create a Pie Chart in Excel and Google Sheets

How to Create a Pie Chart in Excel and Google Sheets

Introduction This guide demos how to create a pie chart in Excel and Google Sheets. A pie chart is...

iTechGuides’ Top 10 Online Games

The gaming world is getting bigger day by day. Many people are getting engaged to play online games worldwide.

How to Open Local Security Policy in Windows 10 (5 Methods)

Introduction This guide demos how to open local security policy in Windows 10. Options to...

How to Change Network from Public to Private in Windows 10

Introduction This guide demos 2 methods to change network from public to private in Windows 10.
How to Disable Touchpad in Windows 10 for Dell or HP Laptop

How to Disable Touchpad in Windows 10 for Dell or HP Laptop

Introduction This guide demos how to Disable Touchpad in Windows 10 for a Dell or HP laptop.

How to Change Account Picture in Windows 10 (2 Methods)

Introduction This guide demos 2 methods to change account picture in Windows 10. Windows 10...
How to Create Xbox Live Account

How to Create Xbox Live Account (2 Methods)

Introduction This guide demos 2 methods to create Xbox Live account. Options to Create Xbox...

ADVERTISEMENTS

MUST READ

WSCRIPT and CSCRIPT Commands: Syntax, Parameters, Examples

WSCRIPT and CSCRIPT Commands: Syntax, Parameters, Examples

Introduction WSCRIPT is the Windows-based version of Windows Script Host while CSCRIPT is the command-prompt-based version. This guide...
How to Stop Dropbox Notifications in Windows 10 and Dropbox.com

How to Stop Dropbox Notifications in Windows 10 and Dropbox.com

Introduction This guide demos how to stop Dropbox notifications in Windows 10 and on Dropbox.com. Options...
Websites Like Craigslist - featured

Top 5 Websites Like Craigslist to Buy and Sell Stuff Online

Looking for websites like Craigslist? In this guide I offer my top 5 Craigslist alternative websites where you can buy and sell...
powershell executionpolicy

PowerShell ExecutionPolicy Explained

What is PowerShell ExecutionPolicy? ExecutionPolicy in PowerShell is a security feature that controls how PowerShell loads configuration files and...
How to Calculate Variance in Excel

How to Calculate Variance in Excel

Introduction Variance measures the spread between numbers in a data set. You can calculate variance in Excel using the...

LATEST DEALS

Exclusive Student Offer_Save 10% on selected Surface devices

By using this website you agree to accept our Privacy Policy and Terms & Conditions