Tuesday, May 25, 2010

Execute PowerShell Scripts with a Restricted Execution Policy

 

By default, PowerShell will default to an execution policy of Restricted.  Hopefully this is not a surprise to anyone.  However, it is possible to execute scripts under this policy.  Simply start the shell using the ExecutionPolicy parameter.

For example, in our server loads, we need to prompt for an administrative password during the post-install process.  Previously, in W2K3, we were able to use the ScriptPW object to mask the input.  The object no longer exists in W2K8, so a different solution was needed.  Powershell provides the Read-Host cmdlet, which includes the AsSecureString parameter.  Using that cmdlet, I created a simple script that would prompt for the password.

I then needed to run the script automatically, but didn’t want to change the default execution policy.  To solve this, one can specify a one-time execution policy when starting the shell.

powershell -ExecutionPolicy RemoteSigned –File c:\postinstall\password.ps1