Windows and PowerShell have built-in security features and default configurations intended to prevent end-users from accidentally launching scripts in the course of their daily activities.
How and why Windows & PowerShell prevent script execution:
A PowerShell script can pretty much be configured to do anything you could do manually from the command line. If you could just double-click a PowerShell script and run it with full Administrator privileges.
Get-ChildItem "$env:SystemDrive" -Recurse -ErrorAction SilentlyContinue | Remove-Item -Force -Recurse -ErrorAction SilentlyContinue
DO NOT run the above command!
That simply goes through the file system and deletes whatever it can.
But now, we can use to either disable or work around a few road blocks:
Changing the .PS1 file association:
You could change the .PS1 file association to whatever program you want with the Default Programs control panel, but digging directly into the Registry will give you a bit more control over exactly how the files will be opened.
The registry settings controlling how PowerShell scripts are opened and stored in the following location:
HKEY_CLASSES_ROOTMicrosoft.PowerShellScript.1Shell
The Shell key should just have one value, “(Default)”, which is set to “Open”. This is a pointer to the default action for double-clicking the file, which we’ll see in the sub-keys.
Each of these represents an action you can perform which is specific to PowerShell scripts.
You’ll want to configure a PSDrive for HKEY_CLASSES_ROOT since this isn’t set up by default.
New-PSDrive HKCR Registry HKEY_CLASSES_ROOT
To configure double-clicking to launch PowerShell scripts directly:
Set-ItemProperty HKCR:Microsoft.PowerShellScript.1Shell '(Default)' 0
To configure double-clicking to open PowerShell scripts in the PowerShell ISE:
Set-ItemProperty HKCR:Microsoft.PowerShellScript.1Shell '(Default)' 'Edit'
To restore the default value:
Set-ItemProperty HKCR:Microsoft.PowerShellScript.1Shell '(Default)' 'Open'
Changing the PowerShell ExecutionPolicy setting:
There are multiple options for this, and a couple different ways it can be set.
To set the CurrentUser and LocalMachine policies as in the screenshot above, run the following commands.
Set-ExecutionPolicy Restricted
Set-ExecutionPolicy Unrestricted -Scope CurrentUser
To enforce the RemoteSigned policy on scripts run from Explorer.
Get-ItemProperty HKCR:Microsoft.PowerShellScript.1ShellCommand | Select-Object '(Default)'
Your default configuration will probably be one of the following two strings.
(Seen on Windows 7 SP1 x64, with PowerShell 2.0)
"C:WindowsSystem32WindowsPowerShellv1.0powershell.exe" "-file" "%1"
(Seen on Windows 8.1 x64, with PowerShell 4.0)
"C:WindowsSystem32WindowsPowerShellv1.0powershell.exe" "-Command" "if((Get-ExecutionPolicy ) -ne 'AllSigned') { Set-ExecutionPolicy -Scope Process Bypass }; & '%1”
To set the Process-level ExecutionPolicy for scripts launched from Explorer.
"C:WindowsSystem32WindowsPowerShellv1.0powershell.exe" "-ExecutionPolicy" "RemoteSigned" "-file" "%1"
Set-ItemProperty HKCR:Microsoft.PowerShellScript.1ShellCommand '(Default)' '"C:WindowsSystem32WindowsPowerShellv1.0powershell.exe" "-ExecutionPolicy" "RemoteSigned" "-file" "%1"'
Run PowerShell scripts as Administrator:
The UAC prompt into the default action for PowerShell scripts is not recommended.
So, we can add a new context menu option to allow us to easily run scripts in elevated sessions when we need to.
HKEY_CLASSES_ROOTMicrosoft.PowerShellScript.1Shell
In there, create a new sub-key. Call it “Run with PowerShell (Admin)”. Underneath that, create another sub-key called “Command”. Then, set the “(Default)” value.
"C:WindowsSystem32WindowsPowerShellv1.0powershell.exe" "-Command" ""& {Start-Process PowerShell.exe -ArgumentList '-ExecutionPolicy RemoteSigned -File "%1"' -Verb RunAs}"
A new context-menu entry for PowerShell scripts, called “Run with PowerShell (Admin)”.
The new option will spawn two consecutive PowerShell instances. The first is just a launcher for the second, which uses Start-Process with the “-Verb RunAs” parameter to request elevation for the new session. From there, your script should be able to run with Administrator privileges after you click through the UAC prompt.
Crafting a Django-Powered Support Ticket System
A support ticket system is an essential tool for managing customer inquiries and issues effectively. By leveraging Django, a high-level Python web framework, organizations can create a robust and scalable ticketing system tailored to their needs. This article delves into the intricacies of building a Django-based request ticket system, highlighting its uses, features, and a step-by-step guide to get started.
Unveiling Active Directory Last Logon Details
Active Directory (AD) is a critical component for managing network resources and user data in many organizations. Understanding user logon patterns is essential for security and auditing purposes. This article delves into the intricacies of displaying last logon information in Active Directory, highlighting the evolution from Windows 2000 to the more advanced attributes in Windows Server 2008. We'll explore how to enable these features and the implications for system performance and security.