08 February 2018

Home » » Set PowerShell Executionpolicy with verification One-Liner

Set PowerShell Executionpolicy with verification One-Liner

  Thursday, February 08, 2018    No comments
Recently, I have been revisiting our task sequence for our base build. One of the tasks it does it to set the PowerShell executionpolicy. Yes, we do have a GPO that does this, but this being the base build that generates the golden image, GPOs are not applied during the build process.

Originally, I had the simple command line task that implemented the following command line: powershell.exe set-executionpolicy RemoteSigned. I know that should work with no problems, but I wanted to have PowerShell verify that was set. To do that, I created this one-liner that checks if the executionpolicy is set to the defined policy specified in the variable $Policy. All you need to do is change the value assigned to the $Policy variable. If it does not match that, then it sets the executionpolicy and checks again. If it is set to the defined policy, then the script returns an exit code of 0, otherwise, it returns an exit code of 1 which will fail the build.

This is the command line for implementing this:

powershell.exe -command "&{$Policy='RemoteSigned';If ((get-executionpolicy) -ne $Policy) {set-executionpolicy $Policy; If ((Get-ExecutionPolicy) -eq $Policy) {Exit 0} else {Exit 1}} else {Exit 0}}"

Here is a screenshot on how to implement the executionpolicy command line.


Related Posts:

  • SCCM Mapped Drives Report Recently, we wanted to start keeping track of users with mapped drives due to cryptolocker vulnerabilities. There are a few applications we have that require mapped drives, so we have certain users with them. Once again, I … Read More
  • PowerShell: Cached Exchange Mode Status Reporting Recently, the firm I work at is going to cached exchange mode. Due to the sensitive nature of the industry I work in, we are turning on cached mode in blocks of users instead of all at once. We wanted to be able to track wh… Read More
  • SCCM: Local Administrators Reporting Here is a script that will gather a list of local administrators on a machine. The script can report the list to SCCM by writing the list to a WMI entry. It can also write the list to a text file at a specified location for… Read More
  • Automated Dell Command Update While working on implementing the new Windows 10 build, I decided to update the Dell Command | Update process. The old script was still looking at the old DCSU and had many inefficiencies that needed to be updated. I a… Read More
  • Report Last Reboot Time to SCCM We have started switching users over from desktops to laptops. In doing so, we realized that a good number of the laptops have not been rebooted in quite a while. The problem comes from sleep and hibernation mode. The LastB… Read More

0 comments:

Post a Comment