Turn off Bypass parameter

Welcome Forums General PowerShell Q&A Turn off Bypass parameter

This topic contains 4 replies, has 3 voices, and was last updated by

1 year, 3 months ago.

  • Author
  • #83587

    Points: 1
    Rank: Member


    I work for an outsourcing company. We are trying to introduce Powershell Remoting and punch holes through the appliance firewalls in between different subnets.

    However there is one major requirement. That is they want to be absolutely sure that the scripts that are running on it have a signed certificate. The concern that they have is that people can use Bypass to get passed that. Is there anyway that we can remove that?

    They will be locking down Domain admins.

    Any help will be appreciated.

  • #83591

    Points: 1,811
    Helping HandTeam Member
    Rank: Community Hero

    What do you mean “remove that?”

    Like, what's the scenario you envision someone running Set-ExecutionPolicy Bypass under? On their local machines, or while connected to a remoting endpoint?

    You say “...the scripts that are running on it...” – what is “it,” specifically?

  • #83597

    Points: 1
    Rank: Member

    Thanks Don for replying. Lets say they create a scheduled task to say 'powershell.exe -bypass ...' Our clients security team are saying that they dont want to turn on remoting if the bypass option. I thought about using the GPO to set it.
    When I say 'it' I mean the remote endpoints. Not the local machines

  • #83606

    Points: 1
    Rank: Member

    Come to think of it....the powershell.exe -bypass is a bit of moot point. I'll come back to them and suggest GPO. Thanks Don.

  • #83629

    Points: 1
    Rank: Member

    Hi Wei-Yen,
    There are lots of ways to "bypass" execution policy that do not involve using the -bypass parameter. In the end, execution policy is not there to be a security mechanisim to protect you against rogue admins that will not follow the corporate policy.

    Good article for reference: https://blog.netspi.com/15-ways-to-bypass-the-powershell-execution-policy/

The topic ‘Turn off Bypass parameter’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort