Search This Blog

Friday, 25 May 2012

Change execution policy of the shell.

Hi All,

Recently I have come across an issue while executing powershell script in SharePoint 2010 Management Shell. When i run my powershell script, i got the error that the file is not digitally signed.

Then go with the following option to resolve my issue

I have run the below script in SharePoint 2010 Management Shell,

Set-ExecutionPolicy Unrestricted
This solved my issue.

When i Google, i got some more details about this issue. I just added those things here for your better reference.

Changing the Windows PowerShell Script Execution Policy

The Set-ExecutionPolicy cmdlet enables you to determine which Windows PowerShell scripts (if any) will be allowed to run on your computer. Windows PowerShell has four different execution policies:
  • Restricted - No scripts can be run. Windows PowerShell can be used only in interactive mode.
  • AllSigned - Only scripts signed by a trusted publisher can be run.
  • RemoteSigned - Downloaded scripts must be signed by a trusted publisher before they can be run.
  • Unrestricted - No restrictions; all Windows PowerShell scripts can be run.
To assign a particular policy simply call Set-ExecutionPolicy followed by the appropriate policy name. For example, this command sets the execution policy to RemoteSigned:

Change the user preference for the execution policy of the shell.
      Set-ExecutionPolicy [-executionPolicy] Policy
        { Unrestricted | RemoteSigned | AllSigned | Restricted | Default | Bypass 
            | Undefined}
            [[-Scope] ExecutionPolicyScope ] [-Force]
               [-whatIf] [-confirm] [CommonParameters]

   -ExecutionPolicy Policy
       A new execution policy for the shell.

       Valid values:
       Do not load configuration files or run scripts.
       This is the default.
       Require that all scripts and configuration files be signed
       by a trusted publisher, including scripts that you write on the
       local computer.
       Require that all scripts and configuration files downloaded
       from the Internet be signed by a trusted publisher.
       Load all configuration files and run all scripts.
       If you run an unsigned script that was downloaded from the
       internet, you are prompted for permission before it runs.

       Nothing is blocked and there are no warnings or prompts.
       Remove the currently assigned execution policy from the
       current scope. This parameter will not remove an execution
       policy that is set in a Group Policy scope.

       Suppress all prompts.
       By default, Set-ExecutionPolicy displays a warning whenever the
       execution policy is changed.
    -Scope ExecutionPolicyScope
       The scope of the execution policy.
       Valid values:
         Process       Affect only the current PowerShell process.
         CurrentUser   Affect only the current user.
         LocalMachine  Affect all users of the computer.
       To remove an execution policy from a particular scope, set the
       execution policy for that scope to Undefined.

       Describe what would happen if you executed the command without actually
       executing the command.
       Prompt for confirmation before executing the command.

       -Verbose, -Debug, -ErrorAction, -ErrorVariable, -WarningAction, 
       -WarningVariable, -OutBuffer -OutVariable.
Runing unsigned scripts
If the PowerShell execution policy is set to RemoteSigned it is still possible to run unsigned scripts:
Save the script file on your computer, Right-click the file, and click "Properties."
At the bottom of the dialogue box click "Unblock."
Alternatively copy the text into a brand new text file and save it with a .ps1 extension.
64 bit Machines
These will include both the 64 and 32bit version of Powershell, they each can have different execution policies, so you need to set both.
Set the user preference for the shell execution policy to RemoteSigned and then display the effective execution policy. The commands are separated by a semicolon (;)
PS C:\> set-executionpolicy remotesigned; get-executionPolicy

Get the execution policy from a remote computer, server64 and apply that execution policy to the local computer:
PS C:\> invoke-command -computername Server64 -scriptblock {get-executionpolicy} | set-executionpolicy -force
Set an execution policy of AllSigned for the current user, then the execution policies set in each scope:
PS C:\> set-executionpolicy -scope CurrentUser -executionPolicy AllSigned -force
PS C:\> get-executionpolicy -list
Set an execution policy value of Undefined to effectively remove the execution policy that is set for the current user scope. As a result, the execution policy that is set in Group Policy or in the LocalMachine (all users) scope is effective:
PS C:\> set-executionpolicy -scope CurrentUser -executionPolicy Undefined
If the execution policy in all scopes is set to Undefined and the Group Policy is not set, the default execution policy, Restricted, is effective for all users of the computer.
“Laughing on the way to your execution is not generally understood by less-advanced life forms, and they call you crazy” - Richard Bach

No comments:

Post a Comment