The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,740 other followers

Archive for March 21st, 2012

Enabling powershell to run unsigned scripts for the current user only (via: Absoblogginlutely!)

Posted by jpluimers on 2012/03/21

More than a year ago, I wrote about enabling PowerShell to run unsigned scripts, and a way to circumvent the “cannot be loaded because the execution of scripts is disabled on this system” error.

The solution  there uses the Set-ExecutionPolicy cmdlet, but only works for administrators. As of PowerShell 2.0, there is more fine grained control for the Set-ExecutionPolicy cmdlet, and an updated Set-ExecutionPolicy cmdlet topic which I overlooked.

The solution below shows what happens when the current user is not an administrator, and works around it by applying it only for the current user.

error message:

Set-ExecutionPolicy : Access to the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell' is denied.

Sure enough I don’t have permission to this registry key.

I checked with our admin to ensure this wasn’t set in group policy before I started fiddling around. Found out that there is another setting that is user specific that can be set with

Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy RemoteSigned

This will allow the current user to run unsigned scripts he wrote himself, but still require remote (for instance downloaded) scripts to be signed.

Note it is easy to strip the “remote” flag of a downloaded script: NTFS keeps this flag in the Zone:Identifier NTFS alternate data stream.
Only do that for scripts you trust.

–jeroen

via: Absoblogginlutely! » Enabling powershell to run scripts with registry permissions..

Posted in .NET, Development, PowerShell, Scripting, Software Development | 4 Comments »

 
%d bloggers like this: