Subscribe
Accepted Solution

Signing .ps1 scripts

Greetings all,

Am writing my first powershell script and have run into the problem of script signing on my lab box (Windows 2008R2). Looking for guidance on how to get this working.

The commands work individually but when I put them into 'first.ps1' file and try to execute it I get the following message.

--------------------------------------------

PS C:\Users\mrinal\Documents\powershell> .\first.ps1

File C:\Users\mrinal\Documents\powershell\first.ps1 cannot be loaded because the execution of scripts is disabled on th

is system. Please see "get-help about_signing" for more details.

At line:1 char:12

+ .\first.ps1 <<<<

    + CategoryInfo          : NotSpecified: (Smiley Happy [], PSSecurityException

    + FullyQualifiedErrorId : RuntimeException

---------------------------------------------------------

Based on the suggestion of 'get-help about_singning' I issue the following command

--------------------------------------------

PS C:\Users\mrinal\Documents\powershell> set-executionpolicy remotesigned

Execution Policy Change

The execution policy helps protect you from scripts that you do not trust. Changing the execution policy might expose

you to the security risks described in the about_Execution_Policies help topic. Do you want to change the execution

policy?

[Y] Yes  [N] No  [S] Suspend  [?] Help (default is "Y"): yes

Set-ExecutionPolicy : Access to the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft

.PowerShell' is denied.

At line:1 char:20

+ set-executionpolicy <<<<  remotesigned

    + CategoryInfo          : NotSpecified: (Smiley Happy [Set-ExecutionPolicy], UnauthorizedAccessException

    + FullyQualifiedErrorId : System.UnauthorizedAccessException,Microsoft.PowerShell.Commands.SetExecutionPolicyComma

   nd

--------------------------------------------

Using 'regedit' I can see that as a Domain Admin account I have access to the key path.

Re: Signing .ps1 scripts

Turns out I had to run the following command in an Administrator PowerShell window to get the script to work. Thanks to Jason Monger to pointing it out.

PS C:\Users\mrinal\Documents\powershell> Set-ExecutionPolicy -ExecutionPolicy bypass