I have a script that tries to run these...
Set-ExecutionPolicy -scope CurrentUser RemoteSigned -Force -ea silent
Set-ExecutionPolicy RemoteSigned -Force -ea silent
But I get this error:
Set-ExecutionPolicy : Windows PowerShell updated your execution policy successfully, but the setting is overridden by a policy defined at a
more specific scope. Due to the override, your shell will retain its current effective execution policy of Bypass. Type "Get-ExecutionPolicy
-List" to view your execution policy settings.
So I tried this:
if ($(Get-ExecutionPolicy) -ne "RemoteSigned") {
Set-ExecutionPolicy -scope CurrentUser RemoteSigned -Force -ea silent
Set-ExecutionPolicy RemoteSigned -Force -ea silent
}
But I get the same error (I thought this might skip the if body if I tried this.
I then tried
Set-ExecutionPolicy -Scope MachinePolicy Unrestricted
but I get this error:
Cannot set execution policy. Execution policies at the MachinePolicy or UserPolicy scopes must be set through Group
Policy.
But I don't use policies or anything AD related on my home system.
Get-ExecutionPolicy -list
Scope ExecutionPolicy
----- ---------------
MachinePolicy Undefined
UserPolicy Undefined
Process Undefined
CurrentUser RemoteSigned
LocalMachine RemoteSigned
How can I run the Set-Execution if the policy is not set, and skip that if it is not set?
The default scope is LocalMachine if you don't specify one. The message appears because CurrentUser takes priority over LocalMachine. One way to check is:
# [optional] temporarily suppress execution policy warnings
$E = $ErrorActionPreference
$ErrorActionPreference = 'SilentlyContinue'
if ((Get-ExecutionPolicy -Scope LocalMachine) -ne "RemoteSigned") {
# will always error if CurrentUser scope is set already
Set-ExecutionPolicy RemoteSigned -Scope LocalMachine -Force
}
if ((Get-ExecutionPolicy -Scope CurrentUser) -ne "RemoteSigned") {
Set-ExecutionPolicy RemoteSigned -Scope CurrentUser -Force
}
$ErrorActionPreference = $E
The warning can't be suppressed normally since it's written directly to the console for some reason.
Alternatively, you can set only the CurrentUser scope. If you're not using group policy, then there are only three scopes to worry about. The highest one takes priority (setting lower ones will show the warning):
Process: Set for only the current process Set-ExecutionPolicy RemoteSigned -Scope Process
CurrentUser: Set for only the current user: Set-ExecutionPolicy RemoteSigned -Scope CurrentUser
LocalMachine: Set for all users: Set-ExecutionPolicy RemoteSigned
For more information, check out about_Execution_Policies
Related
I have a startup script that runs during Window Sandbox startup that sets the execution policy while I am in that session.
$E = $ErrorActionPreference
$ErrorActionPreference = 'SilentlyContinue'
if ((Get-ExecutionPolicy -Scope LocalMachine) -ne "Unrestricted") {
Set-ExecutionPolicy Unrestricted -Scope LocalMachine -Force # Will always error if CurrentUser scope is set already
}
$ErrorActionPreference = $E
However, everytime tht script rung inside the Windows Sandbox, I get the following error:
Set-ExecutionPolicy : Windows PowerShell updated your execution policy
successfully, but the setting is overridden by a policy defined at a more
specific scope. Due to the override, your shell will retain its current
effective execution policy of Bypass. Type "Get-ExecutionPolicy -List" to view
your execution policy settings. For more information please see "Get-Help
Set-ExecutionPolicy".
At C:\Users\WDAGUtilityAccount\Desktop\MySandbox\MySandbox.ps1:1198
char:3
+ Set-ExecutionPolicy Unrestricted -Scope LocalMachine -Force # W ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (:) [Set-ExecutionPolicy], Sec
urityException
+ FullyQualifiedErrorId : ExecutionPolicyOverride,Microsoft.PowerShell.Com
mands.SetExecutionPolicyCommand
When I list the policy inside the Sandbox session, I get:
PS C:\> Get-ExecutionPolicy -List
Scope ExecutionPolicy
----- ---------------
MachinePolicy Undefined
UserPolicy Undefined
Process Undefined
CurrentUser Undefined
LocalMachine RemoteSigned
Why is the policy that I am trying to set, not being set (apparently)? Maybe the LocalMachine policy is being picked up from the Host system, but if so, how can I override that (this script the startup script that always runs with elevated privileges after all!)?
I'm trying to solve a problem where I can't run local .ps1 scripts from the right-click menu without the Execution Policy Change warning appearing after every reboot.
Steps to reproduce:
Open elevated Powershell and run:
Set-Executionpolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
Set-Executionpolicy -ExecutionPolicy RemoteSigned -Scope Process
Running ExecutionPolicy -List then returns:
Scope ExecutionPolicy
----- ---------------
MachinePolicy Undefined
UserPolicy Undefined
Process RemoteSigned
CurrentUser RemoteSigned
LocalMachine RemoteSigned
But upon closing and reopening the Powershell window and running ExecutionPolicy -List again, only the LocalMachine setting sticks:
Scope ExecutionPolicy
----- ---------------
MachinePolicy Undefined
UserPolicy Undefined
Process Undefined
CurrentUser Undefined
LocalMachine RemoteSigned
Why don't the other ones stick? I've run DISM restorehealth and sfc /scannow and didn't get any errors.
I am attempting to run a PowerShell script and I get this error. It does not seem to affect my script, but just wanted to know what this is.
Windows PowerShell Set-ExecutionPolicy Error:
Google is your friend, sir...
https://blogs.msdn.microsoft.com/pasen/2011/12/07/set-executionpolicy-windows-powershell-updated-your-execution-policy-successfully-but-the-setting-is-overridden-by-a-policy-defined-at-a-more-specific-scope/
Run powershell as Admin
However, if the issue persists and "Get-ExecutionPolicy -List" command shows something similar as shown below:
MachinePolicy = RemoteSigned
UserPolicy = Undefined
CurrentUser = Unrestricted
LocalMachine = RemoteSigned
Execute the below commands in powershell commandline as an administrator:
Set-ExecutionPolicy "RemoteSigned" -Scope Process -Confirm:$false
Set-ExecutionPolicy "RemoteSigned" -Scope CurrentUser -Confirm:$false
This will set the execution policy for the given scope.
On executing "Get-ExecutionPolicy -List", we should now see the below:
MachinePolicy = RemoteSigned
UserPolicy = Undefined
Process = RemoteSigned
CurrentUser = RemoteSigned
LocalMachine = RemoteSigned
I am getting below error while running any powershell script. It's happening on only one of the client's servers. I am not sure what is triggering this command.
If I change this registry key from RemoteSignedto to ByPass error goes away.
Set-ItemProperty -Path HKLM:\Software\Policies\Microsoft\Windows\PowerShell -Name ExecutionPolicy -Value ByPass
For example I have below simple script of one line.
Read-Host -Prompt "Hit Enter to exit"
Set-ExecutionPolicy : Windows PowerShell updated your execution policy successfully, but the setting is overridden by
a policy defined at a more specific scope. Due to the override, your shell will retain its current effective
execution policy of RemoteSigned. Type "Get-ExecutionPolicy -List" to view your execution policy settings. For more
information please see "Get-Help Set-ExecutionPolicy".
At line:1 char:46
+ if((Get-ExecutionPolicy ) -ne 'AllSigned') { Set-ExecutionPolicy -Scope Process ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (:) [Set-ExecutionPolicy], SecurityException
+ FullyQualifiedErrorId : ExecutionPolicyOverride,Microsoft.PowerShell.Commands.SetExecutionPolicyCommand
Result from Get-ExecutionPolicy -List
Scope ExecutionPolicy
----- ---------------
MachinePolicy RemoteSigned
UserPolicy RemoteSigned
Process Undefined
CurrentUser Undefined
LocalMachine Unrestricted
You need to Run as Administrator and then try to Set-ExecutionPolicy..
or you can run powershell by this way also :
powershell.exe -ExecutionPolicy bypass
or
Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope CurrentUser
Since i need to update npm manually using npm-windows-upgrade,
i put
Set-ExecutionPolicy Unrestricted -Scope CurrentUser -Force
setting into my PowerShell.
Now i already finished updating npm, so i need to return the PowerShell setting to previous state, i.e. rollback the Set-ExecutionPolicy Unrestricted -Scope CurrentUser -Force, how to do that?
You get the current execution policy via get-executionpolicy
So you might save that state in a variable and use it later on to reset the state.
$ep = get-executionpolicy
set-executionpolicy $ep