Reputation: 45
Powershell script reports execution-policy error when in a console window from File Explorer
My script runs fine in ISE however not in a PowerShell console window.
I have tried to replace any " with ' (just in case it was an encoding error but I am not sure).
EDIT: The script works when copy and pasted into the console but not when opened with the console.
Here is the script, ZAOCC.ps1:
$path = '\\auisasvc2k801\safe\Information Technology\Support\Powershell\ZAOCC\Excel'
$path2 = '\\auisasvc2k801\safe\Information Technology\Support\Powershell\ZAOCC\PDF'
$xlFixedFormat = 'Microsoft.Office.Interop.Excel.xlFixedFormatType' -as [type]
$excelFiles = Get-ChildItem -Path $path -include *.xls, *.xlsx -recurse
$objExcel = New-Object -ComObject excel.application
$objExcel.visible = $false
$date = Get-Date -Format 'dd.MM.yyyy'
foreach($workbook in $excelFiles)
{
$filepath = Join-Path -Path $path2 -ChildPath ('Mine Control Record - ' + $date + '.pdf')
$workbook = $objExcel.workbooks.open($workbook.fullname, 3)
$workbook.Saved = $true
'Saving $filepath'
$workbook.ExportAsFixedFormat($xlFixedFormat::xlTypePDF, $filepath)
$objExcel.Workbooks.close()
}
$objExcel.Quit()
Here is the error message:
Set-ExecutionPolicy : Windows PowerShell updated your execution policy successfully, but the setting is overridden by
a policy defined at a more specific scope. Due to the override, your shell will retain its current effective
execution policy of RemoteSigned. Type "Get-ExecutionPolicy -List" to view your execution policy settings. For more
information please see "Get-Help Set-ExecutionPolicy".
At line:1 char:46
+ ... -ne 'AllSigned') { Set-ExecutionPolicy -Scope Process Bypass }; & "\ ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (:) [Set-ExecutionPolicy], SecurityException
+ FullyQualifiedErrorId : ExecutionPolicyOverride,Microsoft.PowerShell.Commands.SetExecutionPolicyCommand
Upvotes: 2
Views: 3024
Answers (1)
Reputation: 437062
The error message suggests that you're running your script from File Explorer, using the shortcut menu's Run with PowerShell command (which uses Windows PowerShell; note that PowerShell [Core] (v6+) no longer offers this command - see middle section).
Note that doing so will automatically close the console window that is opened to run the script when the script exits.
To avoid that, open a Windows PowerShell console window first, and then run your script from there - this will also make your problem go away.
(Another option is to modify the shortcut-menu command definition, as shown below.)
The reason for the error is that your execution policy is set by either a machine-level or a user-level Group Policy, which takes precedence over the attempt to set the execution policy at the process level.
In fact, you cannot override an execution policy set via Group Policy from user code, neither with a Set-ExecutionPolicy call nor via the -ExecutionPolicy CLI parameter.
The attempt to set the execution at the process level - Set-ExecutionPolicy -Scope Process Bypass - is part of the command line that is used by the shortcut-menu command definition, and it is it - not your script - that triggers the error.
Therefore, the error message will appear on any system where the execution policy is defined via Group Policy, every time a script is directly invoked from File Explorer.
Note that the error message is confusing in this case, claiming that the command "updated your execution policy successfully", when in reality it had no effect.
Also note that the error is a statement-terminating error[1], which means that overall execution still continues and your script is invoked, despite the error - assuming that the Group Policy-set execution policy allows it.
In general, especially given that the console window automatically closes when the script terminates (for whatever reason), consider not using this direct-invocation feature.
In fact, PowerShell [Core] (v6+) doesn't even offer this shortcut-menu command anymore and instead offers commands at the directory / drive level to open an interactive session there.
If you still want to invoke your script via File Explorer and want to avoid the error message, you can modify the shortcut-menu command definition in the registry by simply removing the attempt to set the execution policy.
The definition is at HKEY_CLASSES_ROOT\Microsoft.PowerShellScript.1\Shell\0\Command and modifying it requires elevation (running as admin); however, it is possible to create a user-level definition as well.
The following command redefines the shortcut-menu command definition so that Set-ExecutionPolicy is no longer called:
# NOTE: Requires elevation:
Set-ItemProperty registry::HKEY_CLASSES_ROOT\Microsoft.PowerShellScript.1\Shell\0\Command '(default)' @'
powershell.exe -NoLogo -File "%1"
'@
If you also want to keep the window open, add -NoExit as the first parameter.
[1] Generally speaking, the message shouldn't be an error at all; it should be a warning, as suggested in this GitHub issue. However, in the interest of backward compatibility it was decided to keep the current behavior.
Upvotes: 3
Related Questions
- How do you successfully change execution policy and enable execution of PowerShell scripts
- Trouble with ExecutionPolicy when running Powershell scripts
- C# PowerShell Script not working with ExecutionPolicy
- Getting Set-ExecutionPolicy error while running any powershell script
- Execution Policy error when running powershell script from autohotkey
- Powershell: ExecutionPolicy is unable to be read/set
- execution policy error while calling powershell script from batch file, powershell v 1.0
- Powershell cannot execute even set the execution policy
- Powershell : Execution Policy
- Running powershell script from explorer = execution policy error