2

I would not be surprised if this is not possible, but I need to set the execution policy (on the 32 bit PowerShell environment) on several build servers - it would be much quicker if I could script this, but my current attempt,

%SystemRoot%\syswow64\WindowsPowerShell\v1.0\
    powershell.exe -Version 2
    -Command "& {Set-ExecutionPolicy -ExecutionPolicy RemoteSigned}"

completes without any visible error, but the execution policy is not being set.

I guess it would create a bit of a security hole if users could be tricked into running a script that changed their execution policy, but I thought I would ask the question anyway.

OK - so Richard and Craika are entirely correct and I am a little bit stupid. After retrying the command - I find that it does work (despite what I said in the question). I guess I must have been getting mixed up between 32 and 64 PowerShell windows (i.e. setting the execution policy in one and then checking the value in another).

Apologies.

Improve this question
1
  • Since you need to be able to execute scripts to change the policy with a script, I think the idea is probably flawed. Commented Sep 21, 2011 at 14:24

2 Answers 2

Reset to default
2

You can do this, but the script will be run or not run under the currently (ie. before the script) in force execution policy.

The obvious approach would be to sign the script with a trusted certificate.

However if you want to manage the servers collectively, why not put them in an Active Directory OU or group and then use Group Policy to set the execution policy?

(And don't forget you'll need to set it for both 32 and 64bit processes.)

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

Your command will work (and does work on my computer) - the execution policy won't affect anything you pass directly into the Command parameter of powershell.exe (and even if it did there is also an ExecutionPolicy parameter). You're definitely running from a 64-bit session?

If you did want to script it, you could run this from your local workstation:

$LaunchLine = 'powershell.exe -Version 2 -Command "& {Set-ExecutionPolicy -ExecutionPolicy RemoteSigned}"'

$ComputerList = "PC01", "PC02"
foreach($Computer in $ComputerList)
{
    [String]$wmiPath = "\\{0}\root\cimv2:win32_process" -f $computer

    try
    {
        [wmiclass]$Executor = $wmiPath
        $executor.Create($LaunchLine)
    }
    catch
    {
        continue;
    }
}

It creates a new process on each computer in $ComputerList and executes your command. Like I say, your command does work on my computer. I would think the problem lies in whether whether it's actually running the version of PowerShell you're after.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.