Tuesday, July 28, 2015

Set-ExecutionPolicy: Can not set execution policy

Hello their maledetos nerds !!! ehehehehe
When trying to run a certain PS script remotely on an Exchange server, I came across the following error message:
. \ UpdateIndexAllMailboxDatabases.ps1: File C: \ Temp \ SCRIPTS \ EXCHANGE \UpdateIndexAllMailboxDatabases.ps1 can not be loaded. The file C: \ Temp \ SCRIPTS \ EXCHANGE \UpdateIndexAllMailboxDatabases.ps1 is not digitally signed. The script will not execute on the system. Please see "get-help about_signing" for more details ..
At line: 1 char: 37
... After a Get-ExecutionPolicy had the RemoteSigned return .There think twice !!! Set-ExecutionPolicy Unrestricted and was returned the following message:
Execution Policy Change
The execution policy helps protect you from scripts That You do not trust. Changing the execution policy might expose you to the security risks described in the help topic at about_Execution_Policies
http://go.microsoft.com/fwlink/?LinkID=135170 . Do you want to change the execution policy?
[Y] Yes [N] No [S] Suspend Help (default is "Y") [?] Y
Set-ExecutionPolicy: Windows PowerShell execution policy successfully updated your, but the setting is overridden by
the policy defined at a more specific scope. Due to the override, your shell will retain its current effective
execution of policy RemoteSigned. Type "Get-ExecutionPolicy -List" to view your execution policy settings.For more
information please see "Get-Help Set-ExecutionPolicy".
At line: 1 char: 1
+ Set-ExecutionPolicy Unrestricted
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo: PermissionDenied: (:) [Set-ExecutionPolicy] SecurityException
+ FullyQualifiedErrorId: ExecutionPolicyOverride, Microsoft.PowerShell.Commands.SetExecutionPolicyCommand
As recommended in the message, I ran the cmdlet to list the policy of execution policy by scope
Get-ExecutionPolicy -List
Scope ExecutionPolicy
- -----
MachinePolicy RemoteSigned
UserPolicy Undefined
Process Undefined
CurrentUser Undefined
LocalMachine RemoteSigned
... Immediately I performed the following Set-ExecutionPolicy -Scope MachinePolicy -executionpolicy Bypass command for the policy to be released ... ops:
Set-ExecutionPolicy: Can not set execution policy. Execution policies at the MachinePolicy or UserPolicy scopes must beset through Group Policy.
To correct this error, we are forced to make this modification directly in season record:
HKLM: \ Software \ Policies \ Microsoft \ Windows \ PowerShell and change the value ExecutionPolicy   toBypass.
By rerunning the command to list the scope for policy, we realize that now really the setting was uncommitted !!
Get-ExecutionPolicy -List
Scope ExecutionPolicy
- -----
MachinePolicy Bypass
UserPolicy Undefined
Process Undefined
CurrentUser Undefined
LocalMachine RemoteSigned
Then I could run my script and they all lived happily ever after!

No comments:

Post a Comment