PowerShell Script Execution Disabled

By default, PowerShell will not run script files. This is considered a security feature to help one from accidentally running a PowerShell script.

The error will look something like:  “File <path>\<file> cannot be loaded because the execution of scripts is disabled on this system. Please see “get-help about_signing” for more details.”

There are a few policy settings available:

  • Restricted – this is the default, it does not load configuration files or run scripts.
  • AllSigned – this setting requires that all scripts and configuration files be signed by a trusted publisher, including scripts that you write on the local computer.
  • RemoteSigned – this is the setting typically recommended if you are going to be working with scripts. It requires that all scripts and configuration files downloaded from the Internet be signed by a trusted publisher, but those created locally do not need to be signed.
  • Unrestricted – as you might expect, this setting loads all configuration files and runs all scripts. If you run an unsigned script that was downloaded from the Internet, it will still prompt you for permission before it runs.
  • Bypass – if you really want to shut this up and are not concerned about security, this setting blocks nothing and suppresses all warnings and prompts.

First, to change the policy you must have rights to do so. Right click on the PowerShell shortcut and choose “Run As Administrator”. Then, you’ll be able to change the script execution policy directly by typing: 

Set-ExecutionPolicy RemoteSigned

You’ll get the warning, “The execution policy helps protect you from scripts that you do not trust. Changing the execution policy might expose you to the security risks described in the about_Execution_Policies help topic. Do you want to change the execution?” 

If you skipped the part about ensuring the console is run as administrator, you’ll be stopped here with a security failure with the message, “Set-ExecutionPolicy : Access to the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell' is denied.”

The policy exists separately for both the 32 and 64 bit instance of PowerShell on your system. If you are running PowerShell via a 32-bit application, like the Admin Script Editor, be sure you set your script execution policy in the 32-bit instance of the PowerShell console.  If you look, you’ll find shortcuts for “Windows PowerShell” and “Windows PowerShell (x86)” this second one represents the 32-bit version of the console.

If you are using the Admin Script Editor, it actually provides an option in its program settings to change the PowerShell script execution policy. Just click on Tools, choose “Options” and navigate to Script > Security.


This post is locked
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ