Examining the Execution Policy

Updated: August 9, 2012

Applies To: Windows PowerShell 2.0, Windows PowerShell 3.0

Scripting is a very powerful tool, but it can be misused for malicious purposes. To protect user data and the integrity of the operating system, Windows PowerShell includes several security features, among which is the execution policy.

The Windows PowerShell execution policy determines whether scripts are allowed to run and, if they can run, whether they must be digitally signed. It also determines whether configuration files can be loaded.

The default execution policy, Restricted, is the most secure of the execution policies. It does not permit any scripts to run, and it does not permit any configuration files, including a Windows PowerShell profile, to be loaded. You can still use Windows PowerShell interactively.

However, if you want to run scripts or load configuration files, you can change the execution policy on your system. For information and instructions, type:

get-help about_execution_policies

To find the execution policy on your system, type:

get-executionpolicy

To change the execution policy on your system, use the Set-ExecutionPolicy cmdlet. For example, to change the execution policy to RemoteSigned, type:

set-executionpolicy remotesigned

The Windows PowerShell execution policy is saved in the Windows registry and is retained even when you uninstall and reinstall Windows PowerShell.

See Also

Other Resources

about_Execution_Policies
about_Signing
Get-ExecutionPolicy
Set-ExecutionPolicy