EPFL > VPSI > IT > EXAPP - Site d'information: WinAD (Windows Active Directory)
 

  Affiche tous les articles

 Mode d'emploi du moteur de recherche  Rechercher : 
Moteur de recherche
Home page
Accréditation
Activation MS
AD c'est quoi ?
AD PowerShell
· Ajout et suppression machine PS
· PS-about_Execution_Policies
· Clean and move old computer
Authentifications
Autorisations DHCP
bugs
Conseils AD
DCs Sécurité
Délégations OUs
Domaine SC
Gaspar
GPO
Grp-Staff
KMS
Migrations
Outils
Procès verbaux
Profiles Itinérants
PWAD
Règles de nommage
Restaurations DC Fac
ServerAD2003
ServerAD2008
Seven
Students
synchro
toto1
Trucs et Astuces
Win 8.1
WinAD
Windows 10
Windows 8
Windows Server
Wins
Work Shop
  Afficher une version imprimable de ce document dans une nouvelle fenêtre
 
PS-about_Execution_Policies
 

Updated: May 8, 2014

Applies To: Windows PowerShell 2.0, Windows PowerShell 3.0, Windows PowerShell 4.0
 
Pour voir le statut et la version de la policy = Get-ExecutionPolicy et la version PS = $PSVersionTable
 
 
WINDOWS POWERSHELL EXECUTION POLICIES
-------------------------------------

    The Windows PowerShell execution policies are as follows:

    "Restricted" is the default policy.

        Restricted
            - Default execution policy in Windows 8,
              Windows Server 2012, and Windows 8.1.

            - Permits individual commands, but will not run
              scripts.

            - Prevents running of all script files, including
              formatting and configuration files (.ps1xml), module
              script files (.psm1), and Windows PowerShell
              profiles (.ps1). 
   
        AllSigned
            - Scripts can run.

            - Requires that all scripts and configuration files
              be signed by a trusted publisher, including scripts
              that you write on the local computer.

        - Prompts you before running scripts from publishers
              that you have not yet classified as trusted or
              untrusted.

            - Risks running signed, but malicious, scripts.

     
        RemoteSigned
            - Scripts can run. This is the default execution
              policy in Windows Server 2012 R2.

            - Requires a digital signature from a trusted
              publisher on scripts and configuration files that
              are downloaded from the Internet (including
              e-mail and instant messaging programs).

          - Does not require digital signatures on scripts that
              you have written on the local computer (not
              downloaded from the Internet).

            - Runs scripts that are downloaded from the Internet
              and not signed, if the scripts are unblocked, such
              as by using the Unblock-File cmdlet.

            - Risks running unsigned scripts from sources other
              than the Internet and signed, but malicious, scripts.


        Unrestricted
            - Unsigned scripts can run. (This risks running malicious
              scripts.)

            - Warns the user before running srcipts and configuration
              files that are downloaded from the Internet. 


        Bypass
            - Nothing is blocked and there are no warnings or
              prompts.

            - This execution policy is designed for configurations
              in which a Windows PowerShell script is built in to a
              a larger application or for configurations in which
              Windows PowerShell is the foundation for a program
              that has its own security model.


        Undefined
            - There is no execution policy set in the current scope.

            - If the execution policy in all scopes is Undefined, the
              effective execution policy is Restricted, which is the
              default execution policy.


    Note: On systems that do not distinguish Universal Naming Convention (UNC)
          paths from Internet paths, scripts that are identified by a UNC path
          might not be permitted to run with the RemoteSigned execution policy.

Article N° 205, du 23.06.2014, par Alain Gremaud
URL de cet article : http://winad.epfl.ch/?article=205

© 2017 VPSI - EXAPP - TC