Sunday, December 26, 2010

Powershell change default execution policy

Sunday, December 26, 2010 Posted by Andre Broers
For security, and by default, Microsoft prevent PowerShell from executing cmdlet scripts; consequently we need to change a specific registry setting to allow our cmdlets to execute.  If you don't make my amendment you may get the following error message when you call for a cmdlet script. 'The execution of scripts is disabled on this system'.

Our task is to open the registry and amend the value of the REG_SZ ExecutionPolicy, specifically change Restricted to RemoteSigned.  There are two additional values called Unrestricted and AllSigned.  However, RemoteSigned is the best because it allows you to run scripts locally, while preventing people from hacking you from other machines e.g. the internet.  To check the setting launch regedit and navigate to:

HKLMSOFTWAREMicrosoftPowerShell1ShellIdsMicrosoft.PowerShell

(In some versions of PowerShell / Monad the path maybe slightly different.
HKLMSOFTWAREMicrosoftPowerShell1ShellIdsMicrosoft.Management.Automation.ps1)

Change this registry key:
REG_SZ ExecutionPolicy  RemoteSigned.