Set-ExecutionPolicy : Cannot set execution policy


Olá seus nerds maledetos!!!ehehehehe

Ao tentar executar um determinado script PS remotamente em um servidor Exchange, me deparei com a seguinte mensagem de erro:

.\UpdateIndexAllMailboxDatabases.ps1 : File C:\Temp\SCRIPTS\EXCHANGE\UpdateIndexAllMailboxDatabases.ps1 cannot be loaded. The file C:\Temp\SCRIPTS\EXCHANGE\UpdateIndexAllMailboxDatabases.ps1 is not digitally signed. The script will not execute on the system. Please see “get-help about_signing” for more details..
At line:1 char:37

…Após um Get-ExecutionPolicy tive o retorno RemoteSigned .Não pensei duas vezes!!!Set-ExecutionPolicy Unrestricted e me foi retornada a seguinte mensagem:

Execution Policy Change
The execution policy helps protect you from scripts that you do not trust. Changing the execution policy might expose you to the security risks described in the about_Execution_Policies help topic at
http://go.microsoft.com/fwlink/?LinkID=135170. Do you want to change the execution policy?
[Y] Yes [N] No [S] Suspend [?] Help (default is “Y”): y
Set-ExecutionPolicy : Windows PowerShell updated your execution policy successfully, but the setting is overridden by
a policy defined at a more specific scope. Due to the override, your shell will retain its current effective
execution policy of RemoteSigned. Type “Get-ExecutionPolicy -List” to view your execution policy settings. For more
information please see “Get-Help Set-ExecutionPolicy”.
At line:1 char:1
+ Set-ExecutionPolicy Unrestricted
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (:) [Set-ExecutionPolicy], SecurityException
+ FullyQualifiedErrorId : ExecutionPolicyOverride,Microsoft.PowerShell.Commands.SetExecutionPolicyCommand

Como recomendado na mensagem, executei o cmdlet para listar a politica de execution policy por escopo

Get-ExecutionPolicy -List

Scope                                  ExecutionPolicy
—–                                      —————
MachinePolicy                     RemoteSigned
UserPolicy                            Undefined
Process                                Undefined
CurrentUser                         Undefined
LocalMachine                      RemoteSigned

…imediatamente executei o seguinte comando Set-ExecutionPolicy -Scope MachinePolicy -ExecutionPolicy Bypass para que a política fosse liberada…ops:

Set-ExecutionPolicy : Cannot set execution policy. Execution policies at the MachinePolicy or UserPolicy scopes must beset through Group Policy.

Para corrigir este erro, somos forçados à efetuar esta modificação diretamente no registro da estação:

HKLM:\Software\Policies\Microsoft\Windows\PowerShell e altere o valor ExecutionPolicy para Bypass.

Executando novamente o comando para listar a política por escopo, percebemos que agora realmente a configuração foi comitada!!

Get-ExecutionPolicy -List

Scope                                  ExecutionPolicy
—–                                      —————
MachinePolicy                      Bypass
UserPolicy                            Undefined
Process                                Undefined
CurrentUser                         Undefined
LocalMachine                      RemoteSigned

Foi então que consegui executar meu script e todos viveram felizes para sempre!