How to get Powershell execution policy externally

0
votes

I need to find out the powershell (versions 4 and 5+) execution policy without using powershell itself

I tried to look into registry - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell

I found ExecutionPolicy value in two keys, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell and HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\ScriptedDiagnostics

The first one corresponded to the policy given by executing Get-ExecutionPolicy cmdlet, but on some servers in our environment the value is missing. Is there any other, 100% reliable, way to check the policy without using Powershell itself?

1
powershellexecutionpolicy
On the servers where the value appears to be "missing," are the OS' different, or are running a different architecture (x64 vs x86), possibly? For those that are missing, see if you find a hive/key pair here: HKLM\software\Wow6432Node\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell\ExecutionPolicy - gravity
It might not be in the registry. Then it would use a default one. - js2010

1 Answers

1
votes

No key would equal Undefined

If the execution policy in all scopes is Undefined, the effective execution policy is Restricted, which is the default execution policy.

x64

Current User

HKCU\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell : ExecutionPolicy

Local Machine

HKLM\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell : ExecutionPolicy

x86

Local Machine

HKLM\SOFTWARE\WOW6432Node\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell : ExecutionPolicy

Machine Policy

HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\PowerShell : ExecutionPolicy

User Policy

HKCU\Software\Policies\Microsoft\Windows\PowerShell : ExecutionPolicy