Whilst doing some research, for a presentation on Security and PowerShell, I came across this cheeky one-liner:
[Environment]::SetEnvironmentVariable('__PSLockdownPolicy', '4', 'Machine')
After running it, look what happens when I try and start PowerShell. Damn, my profile script won’t run… but, what’s this? I can’t do other stuff, too? Damn!
If you’ve never come across ConstrainedLanguage mode, it does exactly that… it constrains the PowerShell language. Very useful if you want to harden a system.
In WMF 5 on Windows 10 you can use this in conjunction with Applocker to enforce the restriction of PowerShell activity.