stackoom
  简体   繁体   中英

Windows Powershell policy execution bypass

 原文  2021-04-26 16:15:30       windows/ powershell/ batch-file

Question

I have been creating a powershell script to help me automate tasks across various user's PCs, I've encountered an issue where I have to manually allow scripts to run on each PC before I can execute it.

I have attempted to use various solutions that I have found but so far none seem to work.

Solutions I have tried as a batch file (Ideally I would like to have the batch file download the script (sorted this already) then open the powershell script and successfully bypass this):

powershell.exe -executionpolicy bypass -windowstyle hidden -noninteractive -nologo -file "multitool.ps1"

powershell -command "& {Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Force}"

    @echo off
reg add HKLM\system32\windows\microsoft\powershell\1\shellids\microsoft.powershell /v "Path" /d "c:\windows\system32\windowspowershell\v1.0\powershell.exe"
reg add HKLM\system32\windows\microsoft\powershell\1\shellids\microsoft.powershell /v "ExecutionPolicy" /d "unrestricted"

@echo off
regedit /s file.reg

Where file.reg contains the following:

[hkey_local_machine\system32\windows\microsoft\powershell\1\shellids\microsoft.powershell] 
"Path"="c:\windows\system32\windowspowershell\v1.0\powershell.exe"
"ExecutionPolicy"="unrestricted"

All of these result in the following when running the powershell script: 截屏

All help is greatly appreciated

3 answers

solution1
 2  2021-04-26 16:39:49

powershell.exe -executionpolicy bypass... is the right approach in principle for an ad-hoc policy override , but as the conceptual help topic that the error message points to, about_Execution_Policies , states, if execution policies are set via Group Policy (rather than via Set-ExecutionPolicy ), they cannot be overridden through other means, including on the command line :

From the Use Group Policy to Manage Execution Policy section (emphasis added):

You can use the Turn on Script Execution Group Policy setting to manage the execution policy of computers in your enterprise. The Group Policy setting overrides the execution policies set in PowerShell in all scopes.

See also: About Group Policy Settings (Windows PowerShell) and About Group Policy Settings (PowerShell (Core) 7+), which discusses the relevant Group Policy settings in detail.

solution2
 0 ACCPTED  2021-04-30 11:15:57

Closest solution I've found for this is running the following line in powershell as admin which will execute the script and bypass the restrictions:

powershell.exe -executionpolicy unrestricted C:\multitool.ps1

If anyone has a cleaner solution that can run the script from the bat file I would greatly appreciate it.

solution3
 0  2021-12-16 09:42:46

Try running this code, it helped me with same problem

Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Unrestricted

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question PowerShell: Execution policy workarounds to run a script Powershell cannot execute even set the execution policy What is the default execution policy on different Windows versions? Powershell Execution Policy is restricted, but only when run through python How do you successfully change execution policy and enable execution of PowerShell scripts Windows - Powershell - Configure "Local Group Policy Editor > ... > Account Lockout Policy > Account lockout threshold > invalid logon attempts" How do I export Account Lockout Policy or Password Policy in Windows via Powershell? Why PowerShell threw registry access error when setting execution policy rights? Bypass Windows Authentication Bypass windows built in function
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM