Can't bypass `Restricted` execution policy - powershell

I a tool just downloaded that opens a Visual Studio Command prompt from within the IDE, in the root of the current project. My main gripe is that it opens an old style command window, where I would rather have a PowerShell window. According to this post, this simple change should allow this:
cmd.exe /k ""%VS120COMNTOOLS%VsDevCmd.bat" & powershell"
When I this command from outside of VS 2015, it seems to work fine and gives me a PowerShell window. Yet when I try and run it from inside VS, using the utility's menu item, it gives me this error:
Cannot load PSReadline module. Console is running without PSReadline.
. : File
C:\Users\brady\Documents\WindowsPowerShell\Microsoft.PowerShell_profile.ps1
cannot be loaded because running scripts is disabled on this system.
For more information, see about_Execution_Policies at
http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:3
+ . 'C:\Users\brady\Documents\WindowsPowerShell\Microsoft.PowerShell_pr
...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : SecurityError: (:) [], PSSecurityException
+ FullyQualifiedErrorId : UnauthorizedAccess PS C:\Development\vNext\Commerce\src\Commerce.Test> Get-Execution-Policy
PS C:\Development\vNext\Commerce\src\Commerce.Test>
Get-ExecutionPolicy Restricted
My global execution policy is RemoteSigned, but in the same window that show me the error, when I run a Get-ExecutionPolicy, the returned value is Restricted.
I have tried modifying my command to include the PS switch:
cmd /k ""%VS140COMNTOOLS%VsDevCmd.bat" & powershell -ExecutionPolicy Bypass"
But this still gives me exactly the same error.
The output of the command suggested by #PetSerAl in the comments
[Environment]::Is64BitOperatingSystem;[Environment]::Is64BitProcess;Get-Executi‌​onPolicy -List
gives two different results. The first in a normal PS window external to VS:
Scope ExecutionPolicy
----- ---------------
MachinePolicy Undefined
UserPolicy Undefined
Process Undefined
CurrentUser Undefined
LocalMachine RemoteSigned
And the second in the only PS window I can find inside VS, the Package Manager:
Scope ExecutionPolicy
----- ---------------
MachinePolicy Undefined
UserPolicy Undefined
Process RemoteSigned
CurrentUser Undefined
LocalMachine Undefined

You can configure an external command and optionally configure a keystroke for it.
I just did this in my VS2015...neat!
Create a cmd file
Create cmd file to call VsDevCmd.bat (Developer Command Prompt for VS2015) and then PowerShell.
dev14powershell.cmd
call "C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\VsDevCmd.bat"
powershell -ExecutionPolicy Bypass
Configure External Tool
Tools -> External Tools
Calls the cmd file above, starts in Solution Dir (configurable)
Run the new External Tool
Result
A new command window started in Solution Directory.
Optional, configure keyboard shortcut
Tools -> Options -> Keyboard
Search for external and remember the number/order of the command you created (4 in my case)
Hit assign and you have:

Related

Set-ExecutionPolicy Error when not being called

When I run any script from a .ps1 file on my server I receive an error about the Set-ExcutionPolicy being successful but being overridden by a higher scope.
However none of the code I am running has anything to do with execution policies or changing them. Any Idea why I'm getting this error?
This is on a Windows 2012 R2 server where execution policy for all levels is set to remote signed. I'm running on PowerShell V4.0
If I open PowerShell or the ISE and type in the command it completes without showing the error it only occurs when I try and run a script from a .ps1 file.
This is the error:
Set-ExecutionPolicy : Windows PowerShell updated your execution policy
successfully, but the setting is overridden by a policy defined at a more
specific scope. Due to the override, your shell will retain its current
effective execution policy of RemoteSigned. Type "Get-ExecutionPolicy -List"
to view your execution policy settings. For more information please see
"Get-Help Set-ExecutionPolicy".
At line:1 char:46
+ if((Get-ExecutionPolicy ) -ne 'AllSigned') { Set-ExecutionPolicy -Scope Process ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (:) [Set-ExecutionPolicy], SecurityException
+ FullyQualifiedErrorId : ExecutionPolicyOverride,Microsoft.PowerShell.Commands.SetExecutionPolicyCommand
The "Run with PowerShell" context menu entry for .ps1 files invokes the following commandline:
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "-Command" "if((Get-ExecutionPolicy ) -ne 'AllSigned') { Set-ExecutionPolicy -Scope Process Bypass }; & '%1'"
It's stored in the registry key HKCU\Microsoft.PowerShellScript.1\Shell\0\Command. Since you have the execution policy defined via Group Policy, setting a conflicting execution policy in the Process scope whenever you're running a PowerShell script via its context menu causes the error you observed.
Change the commandline in the registry to something like this:
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -File "%L"
and the error will disappear.

Roslyn Setup - Powershell Scripts

I've been trying to install the Rosyln source code from Github and following the build setup instructions.
The first instruction is to run Restore.cmd - which produces the following error message:
File C:\Code\roslyn-master\build\scripts\build.ps1 cannot be loaded.
The file C:\Code\roslyn-master\build\scripts\build.ps1 is not digitally signed.
You cannot run this script on the current system. For more information about
running scripts and setting execution policy, see about_Execution_Policies
at
http://go.microsoft.com/fwlink/?LinkID=135170.
+ CategoryInfo : SecurityError: (:) [],
ParentContainsErrorRecordException
+ FullyQualifiedErrorId : UnauthorizedAccess
I have used Set-ExecutionPolicy to disable the checking:
PS C:\Code\roslyn-master> Get-ExecutionPolicy -List
Scope ExecutionPolicy
----- ---------------
MachinePolicy Undefined
UserPolicy Undefined
Process Undefined
CurrentUser Undefined
LocalMachine Undefined
However, I am still receiving the same error. I'm running Visual Studio 2017 Community on a Windows 10 Pro machine.
Thanks in advance
Jim
The Restore.Cmd file contained the following command:
powershell -noprofile -executionPolicy RemoteSigned -file "%~dp0\build\scripts\build.ps1" -restore %*
It didn't matter what I set the Powershell policy to - the file was going to override it. When I removed the execution policy clause, the file ran fine.

Launch powershell script with keyboard hotkey

I want to execute a powershell script (ps1-file) with a hotkey on my keyboard (CTRL + SHIFT + F for instance).
I managed to create a shortcut of the script (right click in explorer > new > shortcut). The shortcut's target is: "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -File "PATH_TO_THE_SCRIPT" ".
When I execute the script manually (by double-clicking the shortcut), it works like a charm. But when I try to assign a "Shortcut key" in the Shortcut Properties (CTRL + SHIFT + F) and press the shortcut key I just defined, nothing happens. What's the matter?
I'm quite sure it has something to do with security policies. But I don't know what exactly it is.
This is my Execution-Policy:
Scope ExecutionPolicy
----- ---------------
MachinePolicy Undefined
UserPolicy Undefined
Process RemoteSigned
CurrentUser Unrestricted
LocalMachine Unrestricted
Any help is appreciated.
That's it. As soon as I move the shortcut file to the desktop and redefine the "shortcut key", the shortcut key works!
Is there a particular reason, why the shortcut has to be on the desktop?
Fist start PowerShell with run as administrator .
then type this command on it :
Set-ExecutionPolicy Bypass -Force
after this you can run all script.
remember if you use Powershell_ise (IDE for powershell) don't use 86x when you're OS is 64 bit.and if you're directory in desktop you should fist set you're directory with :
cd "enter desktop directory"

Script to change PowerShell ExecutionPolicy

When I setup my system, I use a number of config scripts to have my cosy place to play.
Based on this, I run by double-clicking the following enableps.js:
new ActiveXObject("Shell.Application").ShellExecute(
"powershell", "-noexit -Command \"& Set-ExecutionPolicy RemoteSigned\"", "", "runas");
Because of the -noexit I can issue in the displayed PowerShell window:
Get-ExecutionPolicy
and get as expected:
RemoteSigned
Unfortunately, when opening a new instance of PowerShell, the policy keeps to be Restricted.
If I run in a standard cmd prompt:
cscript "path\to\enableps.js"
it works. But if I embed the command in the enableps.cmd batch and again try to run it by double-clicking, it doesn't work. If I right-click enableps.cmd and use the Runas-Administrator entry, it works again.
So how can I make things working with the standard double-click (plus the related Windows prompt)?
You need to run the command and give it the -Scope argument so that it applies to more than the current session. Add the argument:
-Scope CurrentUser
... and the solution is:
Double click on the file:
// enableps.js
// -----------
new ActiveXObject("Shell.Application").ShellExecute(
"powershell", "-Command \"Set-ExecutionPolicy RemoteSigned\" -Scope CurrentUser",
"", "runas");
Consider replacing RemoteSigned with Unrestricted to allow running downloaded scripts too.
Credit goes to TheMadTechnician, who anyway did not write the full code.
By default making system-wide changes will require you to elevate the process if it hasn't been elevated already. If you want your script to disable the execution policy at the machine level then you will either need to switch off UAC or else you will have to run your cscript using a shellExecute, which will present the user with the required UAC approval dialog.

Powershell: ExecutionPolicy is unable to be read/set

I was trying to run a powershell script (which I have run before) and received the following error:Authorizationmanager Check Failed
I figured it was the Execution Policy, so ran:
Set-ExecutionPolicy Unrestricted
I then received:
Set-ExecutionPolicy : Initialization failure
At line:1 char:20
+ set-executionpolicy <<<< unrestricted
+ CategoryInfo : NotSpecified: (:) [Set-ExecutionPolicy], ManagementException
+ FullyQualifiedErrorId : System.Management.ManagementException,Microsoft.PowerShell.Commands.SetExecutionPolicyCommand
The same initialization error occurs for Get-ExecutionPolicy
Some basic commands seem to work fine, such as:
Write-Output "hi"
Can anyone suggest a fix?
Note: This is on Windows XP
Update: If I run the contents of ascript from within the powershell command prompt, it works. I only get the errors if it is run as a script. Also, Get-ExecutionPolicy and Set-ExecutionPolicy still fail from within the powershell prompt.
Make sure you are running the console as admin [Right click] then [click] "run as administrator" when you run Set-ExecutionPolicy Unrestricted.
The source of the error was due to a problem with the WMI repository. I was able to repair the repository running the following command:
Note: This is for Windows XP
rundll32 wbemupgd, UpgradeRepository
Once this was run, I was successfully able to execute Get-ExecutionPolicy, and other powershell scripts again.
A couple of links that detail repairing the WMI Repository.
Another very common case (I think this only applies post-XP), is where the .ps1 file has been 'blocked' after being downloaded from an untrusted location.
Solution: open the 'Properties' of the file in Windows Explorer, and on the 'General' tab click 'Unblock', then 'Apply' or 'OK'.
Another potential reason for this error (seen on Windows Server 2012) is that the Windows Management Instrumentation service is not running.
Starting and running the service allows for Get-ExecutionPolicy to run, and then Set-ExecutionPolicy.