Skip navigation
Menu
End-User Platforms>PowerShell

How to enable scripts and scripting in PowerShell

One of the neat things about running anad campaign is that Google lets you know what keywords people are using in searches - which basically helps me figure out what, in part, to write about. "powershell enable scripts" comes up a LOT - which isn't surprising, I guess, since PowerShell disables script execution by default.

So, the quick and dirty answer, in the event that you've run across this post looking for such an answer: Run Set-ExecutionPolicy RemoteSigned in the shell. You'll need to be a local admin, and be running the shell as admin (make sure it says "Administrator" in the window's title bar) for this to work. Pay attention to the output, too: If the local settings are being overridden by a Group Policy object, then you'll get a warning about that, letting you know that the command worked but won't do any good.

Now, you should probably read a few of the gory details. There are actually five execution policy levels you can set (run Help Set-ExecutionPolicy for a brief list, or help about_signing for a complete explanation). They are, in order of most-secure to least-secure:

  • Restricted: The default. Scripts don't run, although you can use the shell interactively to run commands.
  • AllSigned: Scripts will run if they've been digitally signed using a certificate issued by a trusted Certification Authority. You'll need a Class 3, or code-signing, certificate - that's not the same as the Class 1 you'd use to sign an e-mail. 
  • RemoteSigned: Local scripts will run, but anything "remote" - coming from an Internet path, downloaded from IE or Outlook, or potentially sitting on a UNC path, must be signed. Microsoft suggests this policy as a good balance between security and convenience. 
  • Unrestricted: All scripts will run without a signature. This isn't recommended - it provides a little too much room for a malicious script to be run unintentionally.
  • Bypass: This is meant for software products that are hosting PowerShell and providing their own layer of security. You're not meant to set the shell-wide policy to this on your own.
So there you have it: A brief overview of the possible settings, and a fast path for getting scripts running in your copy of the shell. Running help about_signing will reveal all the other little details, like how to sign a script, how to make a self-signed certificate for use on your local machine, and so on. 
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
3d hologram icon of a zipped file projected up from metal sci-fi pad
How To Optimize PowerShell ZIP Handling With the 7-Zip Module
Apr 25, 2024
Cute Conversational copilot AI robot with speech bubble, 3d rendering
Getting Started Using GitHub Copilot for PowerShell Scripting
Apr 23, 2024
Visual Studio Code logo close-up on website page
Exploring Visual Studio Code as a PowerShell ISE Alternative
Apr 19, 2024
Text caption presenting Password Cracking on a button on top of a keyboard
Using PowerShell for Brute-Force Password Cracking (Example Script)
Apr 17, 2024