Bypass Execution Policy When Running PowerShell Scripts

PowerShell scripts are slowly creeping in as the new standard to replace older batch and VB scripts.  PowerShell is extremely powerful and is therefore advantageous in both SCCM applications and packages that I am required to create.

Using PowerShell scripts does present a slight problem: Windows computers are, by default, not set to allow PowerShell scripts to run.  There is an execution policy that exists on each machine which may be set to any one of the following:

  • Restricted (default) – No scripts can be run. Windows PowerShell can be used only in interactive mode.
  • AllSigned – Only scripts signed by a trusted publisher can be run.
  • RemoteSigned – Downloaded scripts must be signed by a trusted publisher before they can be run.
  • Unrestricted – No restrictions; all Windows PowerShell scripts can be run.

A computer’s current policy can be viewed by running the Get-ExecutionPolicy command in PowerShell:

psexecutionpolicy

Many guides will say to force the policy to unrestricted (Set-ExecutionPolicy Unrestricted -force), execute the necessary PS scripts, and then change the policy back to restricted (Set-ExecutionPolicy Restricted -force).  This method is sufficient, but there is a more streamlined approach.

The following CMD can be used from a command prompt to call a PowerShell script and bypass the client’s execution policy:

PowerShell.exe -ExecutionPolicy Bypass -File <PSScriptName>.ps1

This simple trick has saved me a lot of headaches while trying to transition my techniques from batch and VB scripts into PowerShell.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: