Working around the execution policy in PowerShell

Every now and them I get to a customer where they want me to write some code that will be executed at desktops.
However, most of the times I’m part of a team that’s responsible for managing servers and not desktops.
Desktops are managed by another team, sometimes it’s even outsourced.
…and they have the execution policy for desktop set to anything but Unrestricted, or even Bypass.
There are quite a few ways to work around this, but here comes one of my favorites:

  1. Create your script (in my case \\server\share\myscript.ps1)
  2. Create a *.cmd which executes your *.ps1 file:
    powershell.exe -NoLogo -ExecutionPolicy bypass -File \\server\share\myscript.ps1
  3. Execute the *.cmd you’ve created

This script assumes you’re allowed to execute *.cmd files and have access to the *.ps1 file you want to execute. Also, if the *.ps1 file performs tasks that you’re user account doen’t have the permissions to, it will fail. Well duuhh, but I still want to mention it 😉

Note that this is not a security leak, it completely works as designed… as described in the ExecutionPolicy help 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *