How to set Execution Policy via Windows PowerShell

Posted on IT Expert By IT Expert No Comments on How to set Execution Policy via Windows PowerShell

By default, PowerShell prevents the execution of scripts on Windows systems. The PowerShell execution policy actively controls the conditions under which it loads configuration files and runs scripts as a security feature. In this guide, you will learn how to set Execution Policy via Windows PowerShell. Please see How to install and update PowerShell version 7 on Windows and Linux, and how to determine the execution policy configured on Windows PC.

Note: This feature helps prevent the execution of malicious scripts. In order to run and execute scripts, one of the following values must be taken into consideration.

See this guide on how this is done “how to set the PowerShell Execution Policy via the Windows Registry settings“.

PowerShell Policies

Below are the various values of policies that exist. 

  • AllSigned: This runs the only script that is signed by a trusted publisher only. 
  • ByPass: Configured to permit a certain script to run
  • Default: By default, the Execution Policy is set to restricted for Windows devices and for server, it is RemoteSigned. 
  • RemoteSgned: You must sign the script with a trusted publisher before allowing it to run. Scripts run from the local computer don’t need to be signed. There are no prompts when you attempt to run a script. 
  • Restricted: In this mode, no PowerShell script is allowed to run on the device.  
  • Unrestricted: In this mode, the device runs these scripts regardless of where they are created or downloaded from.
  • Undefined (No execution policy): This value does not have the execution policy set. The effective execution policy is Restricted, which is the default execution policy.   

PowerShell Scope

This sets the scope on which the execution policy applies. You can run and set the execution policy at various scopes, as shown below.

The effective execution policy is determined by the order of precedence as follows. See the screenshot below for more information.
  • MachinePolicy 
  • LocalMachine 
  • Process
  • UserPolicy
  • CurrentUser 

Open PowerShell. This is usually advisable to be run in Admin mode. Type the following command and press the Enter key

Get-ExecutionPolicy -List 

To view the current policy, use

Get-ExecutionPolicy

Here is how to Clone a Virtual Machine via Export and Import and Copying the Virtual Hard Disk on Hyper-V, how to Enable Internet Explorer Mode in Edge in Windows 11, and how to protect your Windows PC from potentially unwanted applications.

Set PowerShell Execution Policy 

The Set-ExecutionPolicy cmdlet changes PowerShell execution policies for Windows computers. Here is how to see the PowerShell Execution Policy.

Type the following command and press the Enter key

Set-ExecutionPolicy Unrestricted

Please see How to Scan Your Code by Integrating SonarCloud into your GitHub Repository, how to Move Azure Resources between Subscriptions, and How to Install SASS on VsCode.

Note: When you hit enter after the prompt, you can select any of the options as follow; by selecting yes, or Yes to All or No. When you hit enter without choosing a value, the No (Nien switch) is selected automatically and the script will not run. Pay close attention to the script below as the position was taken by default and this was set to unrestricted.

Note: Set-ExecutionPolicy doesn’t change the MachinePolicy and UserPolicy scopes because they are set by Group Policies.

The Set-ExecutionPolicy doesn’t override a Group Policy, even if the user preference is more restrictive than the policy.

Here is an example of how to set an execution policy is set to unrestricted. This will permit all scripts to be run on the device.

An example here which is also a best practice measure is to allow the script testwsus.ps1 to run only in order not to set the global execution policy to unrestricted as shown below.  

Set-ExecutionPolicy Bypass -File .\testwsus.ps1

If you don´t want to set this parameter for the entire system you are able to start a PowerShell session in unrestricted mode. 

set-executionpolicy unrestricted -command .\testwsus.ps1

Please see how to Configuring DHCP Scope: Post-deployment of Dynamic Host Configuration Protocol, and how to work with Microsoft Blackboard via private or commercial account.

Set PowerShell Execution Policy via a script

Below is a PowerShell script that is capable of changing the execution policy. Kindly save it in the following format and run it as an administrator.

With the script below, we can define the execution policy of our choice. The script will then check if it matches the current execution policy. If not, the execution policy will be changed.

$Policy = "RemoteSigned" 
If ((Get-ExecutionPolicy) -ne $Policy) {    
 Set-ExecutionPolicy $Policy -Force   
Exit
}

I hope you found this blog post helpful on how to set Execution Policy via Windows PowerShell. If you have any questions, please let me know in the comment session.

5/5 - (1 vote)
Windows Server Tags:, , ,

Related Posts

More Related Articles

BitLocker Hide Default BitLocker Drive Encryption item in Windows Windows Server
How to Check what files are taking up space WinDirStat: Check what files are taking up space on Windows Windows
View installed Updates on Windows Get lists of installed Microsoft Windows Updates Windows
ddf 2 Add boot and install images to WDS and configure Multicast transmission via the GUI and WDSUTIL Windows Server
Certificates The application /Certsrv does not exist: How to configure Certificate Enrollment Web Services and Certificate Authority Web Enrolment Windows Server
sid5 How to Find Security Identifier on Windows [Part 2] Windows

Leave a Reply