PowerShell ExecutionPolicy and Win7

  • Article

In my previous post I faced a problem on executing a script in PowerShell. I just blindly ran the command as shown below and got my work done.

image

This is not a good practice, neither in Development nor in Production. I quickly changed it to the recommended RemoteSigned.

image

The registry setting for the same can be found in:

On Windows Server 2003 machines:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell

image

In Windows 7 beta the ExecutionPolicy key does not exist by-default, if you fire Get-ExecutionPolicy you will get the following:

image

The registry shows:

image

If you run Process Monitor (Procmon.exe) when you fire the Get-ExecutionPolicy command in PowerShell , you will see

image

Now run Set-ExecutionPolicy RemoteSigned and then do Get-ExecutionPolicy

image

Check the registry and now the key is created.

image

There is still a question in my mind. You see the ScriptedDiagnostics key, it shows ExecutionPolicy as Unrestricted. I wonder what that key is all about and how it works.

image

I guess this key will come in picture when you Debug. I wonder what?

One of my colleague directed me to the following channel9 video Windows 7: Using Instrumentation and Diagnostics to Develop High Quality Software.

I thought of a test, stopped “Windows Audio Endpoint Builder” service and launched Troubleshooter.. i.e. Control Panel –> Troubleshooting

image

Ran Process Monitor and clicked Hardware and Sound -> Troubleshoot audio playback and click Next

image

After Troubleshooter completed its analysis, I checked Process Monitor and here you go

image

Windows 7 troubleshooter actually uses the Troubleshooting Pack (DiagPackage.diagpkg) which executes the diagnostics .ps1 (PowerShell Script files) to Troubleshoot such issues. The diagnostics pack extracts the ps1 scripts in C:\Windows\Temp\SDIAG_<some_random_number> folder.

image

Let’s change the ExecutionPolicy to Restricted under ScriptedDiagnostics.

image

Run the Troubleshooter again.. and you will see that the Troubleshoot quickly comes up with the following Dialog box:

image

NOTE: Remember to change the above key to Unrestricted after your test.

Happy troubleshooting :).