PowerShell: BATCH Script to Allow PowerShell Scripts to Execute

For some SysAdmins, they will use one or more tools to deploy software to a range of computers on their network. For me, it our monitoring tool that allows are to remote execute scripts to do some sort of task.

Writing in PowerShell is amazing and is Microsoft's best yet command line tool. However by default for security purposes, script execuition is blocked for untrusted or unsigned scripts.

I won't go into Signing scripts just now but using the following command will allow you to run PowerShell Scripts

 Set-ExecutionPolicy -RemoteSigned

This line still provides a level of protection while still allwoing you to execute custom scripts. Other switches include -bypass and -unrestricted.

So how can we get a large number of these set?

There are a number of ways:
  1. Group Policy
  2. Batch Script
The reason for me writing this BATCH Script is that it allows me to deploy and run on a computer regardless of the Domain it is joined to.

Copy and paste this code into a text file called SetExecutionPolicy.bat and then Save.

This script also creates entries into the Windows Event Viewer to tell you if and when the command has been executed, or if it failed to run.



@echo off

REM -------------------------------------------------------------
REM       Set-ExecutionPolicy RemoteSigned for Powershell
REM          Date: 10-Spet-2015
REM        Author: Daniel Burrowes
REM -------------------------------------------------------------



Echo Setting PowerShell Execution Policy for RemoteSigned

PowerShell.exe Set-ExecutionPolicy RemoteSigned

IF %ERRORLEVEL% NEQ 0 goto ERROR    

EVENTCREATE /T INFORMATION /L APPLICATION /ID 100 /D "PowerShell Execution Policy has been set to RemoteSigned"
GOTO DONE

:ERROR 

EVENTCREATE /T ERROR /L APPLICATION /ID 100 /D "PowerShell ExecutionPolicy batch script failed to run." 


:DONE

Echo Done!

EXIT

Comments

Post a Comment

Popular posts from this blog

Office 365 ScanPST to fix corrupted Outlook files

Image
In Office 365, which uses the Click-to-Run technology, Office program files are now in a new location. When you experience issues with Outlook, often you would use the ScanPST.exe tool to repair PST and OST files with Outlook. This tool can now be found in the following location: C:\Program Files\Microsoft Office 15\root\office15\ScanPST.exe This should apply for both 32-bit and 64-bit installations of Office 365. Update: Microsoft has published a Knowledge Base article list the locations of the ScanPST utility depending on your installation of Office 365. Whether you're using 32 or 64 bit versions. https://support.microsoft.com/en-us/kb/272227
Read more

Deleting Office 365 Tenant

Image
For a long time now, I have been using trials to test new technologies at home that I can use for my work like every good tech does. With the introduction of Office 365, more and more I need to be able to test the clouds services for different scenarios. However, I like to completely remove any services that I am finished with an no longer need as a end-of-the-day clean up task. So how do you do this with Office 365? By default, once the trial subscription expires the tenant will remain active allowing you a chance to purchase a new subscription and assign to your tenant. In this case I know I will never need the tenant again. So this is what I have found to decommission a Office 365 trial tenant using Azure Active Directory. WARNING! Please triple check that you are doing this on the correct tenant. This deletion is unrecoverable. You do this at your own risk. Prerequisites Before you can start this process you need to make sure: All subscriptions are d
Read more

PowerShell: Download and Install Java 8 JRE

This script I wrote for our automation system that will: Download the latest Java 8 JRE from Java.com Save in a local directory C:\Install Create a Install Options File Run the installer silently with the necessary Installer Options The Installer Options file determines what configuration is used the install of Java. For example, in the script I have configured. This will perform a silent install, auto updates enabled, no reboot after the installation, Sponsors/ads install disabled and will uninstall any older existing installations of Java JRE. INSTALL_SILENT=Enable AUTO_UPDATE=Enable REBOOT=Disable SPONSORS=Disable REMOVEOUTOFDATEJRES=Enable You can find these and other options to use from the Java website: https://docs.oracle.com/javase/8/docs/technotes/guides/install/config.html#installing_with_config_file This has been tested to work on PowerShell v2 and higher. --------------------------------------------------------------------------
Read more