Menu

Virtual Geek

Tales from real IT system administrators world and non-production environment

Powershell execution policy setting is overridden by a policy defined at a more specific scope

While setting up execution policy (Set-ExecutionPolicy) on powershell, there might be a below error.

Set-ExecutionPolicy : Windows PowerShell updated your execution policy successfully, but the setting is overridden by a policy defined at a more specific scope.  Due to the override, your shell will retain its current effective execution policy of Unrestricted. Type "Get-ExecutionPolicy -List" to view your execution policy settings. For more
information please see "Get-Help Set-ExecutionPolicy".
At line:1 char:1
+ Set-ExecutionPolicy Restricted
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : PermissionDenied: (:) [Set-ExecutionPolicy], SecurityException
    + FullyQualifiedErrorId : ExecutionPolicyOverride,Microsoft.PowerShell.Commands.SetExecutionPolicyCommand

Microsoft powershell get-executionpolicy, set-executionpolicy, overridden a policy, group policy, list of execution policy, restricted, unrestricted

This error appears due to below 2 reasons.
1) If different execution policy is setup at execution Scope level (Process, CurrentUser or LocalMachine) using cmdlet Set-ExecutionPolicy, as shown in Different ways to bypass Powershell execution policy :.ps1 cannot be loaded because running scripts is disabled. MachinePolicy and UserPolicy can only be changed and setup using Group policy as shown in 2nd point.
2) Setup Powershell execution policy with Group Policy

To resolve this issue, change the manual execution scope of Process, CurrentUser or LocalMachine to undefinedUndefined means there is no execution policy set in the current scope. If the execution policy in all scopes is Undefined, the effective execution policy is Restricted, which is the default execution policy. Running only Set-ExecutionPolicy without scope syntax changes LocalMachine by default and if tried to modify it, it will always generate error if Group policy is setup.

Current scope list can be viewed using command Get-ExecutionPolicy -List and changing the policy doesn't show error Set-ExecutionPolicy Undefined  -Scope CurrentUser.

If all scope policies are set to undefined (except LocalMachine), changing configuration will not show any error.

Microsoft powershell, get-executionpolicy -list, set-executionpolicy undefined currentuser, machine policy userpolicy, process, localmachine

Useful Articles
Powershell Trick : Execute or run any file as a script file
Installing, importing and using any module in powershell
How to Install and Use Microsoft PowerShell on Linux

Go Back



Comment

Blog Search

Page Views

11240678

Follow me on Blogarama