After finding a killer PowerShell script on the interwebs, you download it and then the excitement dies when you get a lovely PSSecurityException error like the example below:
File C:ScriptsScript.ps1 cannot be loaded. The file C:ScriptsScript.ps1 is not digitally signed.
You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170.
At line:1 char:1
+ .Script.ps1
+ ~~~~~~~~~~~~
+ CategoryInfo : SecurityError: (:) [], PSSecurityException
+ FullyQualifiedErrorId : UnauthorizedAccess
This seems a bit strange, as when you check the PowerShell script execution policy it is set to RemoteSigned. The big yellow arrow indicates the current status:
This file is local on the disk, so it should be allowed to run, no?
Not so Much.
Remote Origins
Windows knows that the script file was downloaded from the Internet. Looking at the file properties we can see that Windows has blocked access to the file to protect from potentially malicious attacks.
We can click the Unblock button in the file’s property sheet to remove the restriction and allow the script to be executed. Of course we only download files that we trust from the Internet from reputable sources, right? Every organisation will have different policies and procedures for ensuring that downloaded content is safe. Please follow your organisation’s policy for these matters.
This behaviour is expected. In the actual original error message the link takes us to the about_Execution_Policies content on TechNet. It says the following about RemoteSigned:
Scripts can run. This is the default execution policy in Windows Server 2012 R2. - Requires a digital signature from a trusted publisher on scripts and configuration files that are downloaded from the Internet (including e-mail and instant messaging programs).
TechNet covers that RemoteSigned is the default PowerShell execution policy for Windows Server 2012 R2, and Restricted is the default execution policy in Windows 8, Windows Server 2012, and Windows 8.1. Installing Exchange automatically changes the PowerShell execution policy as Exchange makes heavy use of PowerShell scripts.
Cheers,
Rhoderick
