Using -executionpolicy bypass -file?

This topic contains 5 replies, has 3 voices, and was last updated by  Vern Anderson 4 years, 8 months ago.

  • Author
  • #11218


    I'm trying to run a script written by someone else off of a network share. I'm executing it from a command line with the syntax powershell -executionpolicy bypass -file \\server\share\script.ps1. I get an error that the file is not digitally signed.

    I'm confused as to why isn't it bypassing the executionpolicy?

  • #11220

    Dave Wyatt

    Run this command at a PowerShell console, and post the results:

    Get-ExecutionPolicy -List

    It's possible that execution policy is being assigned to you via Group Policy; if that's the case, you can't override it with the -ExecutionPolicy parameter. This is from the about_Execution_Policies help file:

    When determining the effective execution policy for a
    session, Windows PowerShell evaluates the execution policies
    in the following precedence order:

    – Group Policy: Computer Configuration
    – Group Policy: User Configuration
    – Execution Policy: Process (or PowerShell.exe -ExecutionPolicy)
    – Execution Policy: CurrentUser
    – Execution Policy: LocalMachine

  • #11223


    Scope ExecutionPolicy
    —– —————
    MachinePolicy RemoteSigned
    UserPolicy Undefined
    Process Undefined
    CurrentUser Undefined
    LocalMachine RemoteSigned

  • #11226


    It gets stranger. I wrote a 1 liner 'Hello Word' script and saved it to my personal network share, and tried to run it on the same computer, using bypass -file; worked like a hero.

    I copied the exact same script to the network share of the script that won't run, and now the same script gives me the error that my script is not signed. Hurr?

  • #11229

    Dave Wyatt

    Yep, you've got RemoteSigned coming from Group Policy. Unless you'll be allowed to change that, you'll need to sign any script that's run from a UNC path like that.

  • #11265

    Vern Anderson

    Network shares are considered remote not local. I have run into the same problem too. Even if it's a mapped drive letter it is still "remote"

You must be logged in to reply to this topic.