Windows PowerShell Execution Policy Tutorial

Windows PowerShell provides a very advanced scripting environment that is used heavily by system administrators. PowerShell can be used for most administrative tasks by using different commands, scripts, etc. The scripts can be downloaded via official Windows repositories, the internet, etc. So the scripts can be dangerous and be a security hole for the systems in PowerShell.

PowerShell Execution Policies

PowerShell Execution Policies are used to restrict or enable PowerShell script execution. Different Policies are used for different permissions which change according to the PowerShell script source and attributes. Following PowerShell Execution Policies are provided by the PowerShell by default.

  • Restricted Policy
  • AllSigned Policy
  • RemoteSigned Policy
  • Unrestricted Policy
  • Bypass Policy
  • Undefined Policy

Restricted Policy

The Restricted Policy is the default execution policy. The Restricted policy prevents the script execution in PowerShell. So you can not execute PowerShell scripts by default which policy is named Restricted. You can just run script commands interactive in this policy.

AllSigned Policy

The AllSigned Policy is used to run only digitally signed PowerShell scripts. The sign is used to check if the provided script is signed and not tampered with.

PS> Set-ExecutionPolicy AllSigned

RemoteSigned Policy

The RemoteSigned Policy is used to run locally created scripts without any check but checking signatures for the remotely provided PowerShell scripts.

PS> Set-ExecutionPolicy RemoteSigned

Unrestricted Policy

The most relaxed and unsafe policy is the Unrestricted Policy . This policy is used to run every script without any prevention.

PS> Set-ExecutionPolicy Unrestricted

Bypass Policy

Bypass is not a policy actually. It is simply used to bypass the current policy temporarily.

Undefined Policy

The Undefined Policy is used to remove the existing policy which simply sets the machine policy as Restricted.

Leave a Comment