PowerShell Scripts And The ExecutionPolicy Issue

Posted on April 20, 2011 by PiroNet

The other day I was trying to execute a modified version of Alan Renouf’s vCheckv5 PowerShell script on a vCenter server. usually before running PowerShell scripts locally on a server I made sure that the ExecutionPolicy is set to RemoteSigned at least. In this case I set it to an even lower security level, that is Unrestricted as shown below:

I noticed that even thought I had set the ExecutionPolicy to Unrestricted the script would still pop up with a security warning message as shown below:

For your information the script was copied over to the vCenter server from a remote file server.  You may say so what? That’s not a big deal! But actually it does have an impact on the execution of this PowerShell script locally on the server.

Here is a simple fix to solve my issue. Open up your PowerShell script with your favorite editor, in my case I used Notepad. then select all and copy it. Next,  locally on the server where you will run the script, create a new text document and paste the content of the clipboard in it. Now save the file with a proper name and a .PS1 extension of course.

Re-run VMware vSphere PowerCLI, and launch your new locally created script… No more warnings! Job done 🙂

Now what was my issue here? My script was copied from a remote file server and NOT created/written locally. PowerShell flags it as an unsecure script and therefore pops up a warning message.

Let me paste here an overview of the policy levels available in PowerShell:

Restricted: Individual cmdlets can run, but not saved Powershell scripts. This is the default setting.
AllSigned: Scripts can run, but must have a digital signature even if written on the local computer. Prompts you before running scripts from trusted publishers.
RemoteSigned: Scripts written on the local computer do not need a digital signature, but any script downloaded from outside (email, IM, Internet) must have a signature to execute. 
Unrestricted: Any script can run, but scripts downloaded from outside will run with a warning.

About PiroNet

Didier Pironet is an independent blogger and freelancer with +15 years of IT industry experience. Didier is also a former VMware inc. employee where he specialised in Datacenter and Cloud Infrastructure products as well as Infrastructure, Operations and IT Business Management products. Didier is passionate about technologies and he is found to be a creative and a visionary thinker, expressing with passion and excitement, hopefully inspiring and enrolling people to innovation and change.
This entry was posted in Uncategorized. Bookmark the permalink.

8 Responses to PowerShell Scripts And The ExecutionPolicy Issue

  1. hypervisor says:
    April 20, 2011 at 14:27

    Did you tried “bypass” instead of Unrestricted ?

    Reply
  2. deinoscloud says:
    April 20, 2011 at 14:53

    Hi Nitro 😉
    Set-ExecutionPolicy bypass doesn’t work with PowerShell 1.0 and I can’t upgrade to PS2.0
    Only values accepted are Unrestricted, RemoteSigned, AllSigned, Restricted, Default

    Reply
  3. afrivirt says:
    February 10, 2012 at 10:52

    With the new vCheck v6 script there is a whole plugin directory of scripts. To copy and paste them is very tedious. You can right click and Unblock each .ps1 script or you can download streams (http://technet.microsoft.com/en-us/sysinternals/bb897440.aspx) and run streams -d *.ps1 in your plugins directory

    Reply
  4. Torquemada says:
    July 7, 2012 at 21:45

    +1 on “Right-click > General Tab > Unblock” to satisfy just about any security popup concerning opening or executing a trusted file or script from source from another computer be it over a network or from an external drive.

    – Be pure! Be vigilant! Behave!

    Reply

Leave a comment