When you try to run a PowerShell script that has not been signed by a trusted publisher, you may get the following security error:
"script.ps1 :File path\script.ps1 cannot be loaded. The file path\script.ps1 is not digitally signed. You cannot run this script on the current system."
This security error can occur when the PowerShell's execution policy is set to Allsigned or Remotesigned and the script isn't signed.
Allsigned execution policy allows execution of all Powershell scripts that are signed. Before executing the script you will be prompted to confirm that you trust the publisher that has signed the script.
Remote execution policy restricts the execution of downloaded scripts that are unsigned. Scripts that are executed from the local computer doesn't have to be signed.
There are different methods to overcome this error. You may choose to either sign the PowerShell script, change the execution policy, bypass the policy or unblock the file so that it can run once on that session.
First of all check your execution policy using the cmdlet Get-ExecutionPolicy
PS C:\> Get-ExecutionPolicy AllSigned
The list parameter in Get-ExecutionPolicy cmdlet tells you the execution policy for each scope.
PS C:\> Get-ExecutionPolicy -list Scope ExecutionPolicy ----- --------------- MachinePolicy Undefined UserPolicy Undefined Process Undefined CurrentUser Undefined LocalMachine RemoteSigned
The default execution policy for all windows version except for Windows 2012 R2 is Restricted. The default execution policy in Windows 2012 R2 is RemoteSigned.
The easiest but unsecure method of getting rid of this error message is to change the ExecutionPolicy using the SetExecutionPolicy cmdlet. The following command sets the execution policy to unrestricted.
PS C:\> Set-ExecutionPolicy unrestricted
Press Y to confirm the change when prompted. The policy change is updated in the registry and will remain until you change it again.
Instead of changing the execution policy permanently you could set a different policy for a single PowerShell session. This is done using the ExecutionPolicy parameter of powershell.exe
Open a command prompt or PowerShell and run the command:
C:\> powershell.exe -executionpolicy -bypass
The above command opens a PowerShell session with execution policy for that session set to Bypass which means nothing is blocked.
When the execution policy is RemoteSigned, the files that are downloaded from the internet (or from emails) are blocked to protect your running unsafe scripts. If you trust the contents of the script are safe then you can unblock it to run on your session using the Unblock-File cmdlet
PS C:\> Unblock-File -Path C:\Downloads\script1.ps1
Once you have changed the Execution policy permanently or temporarily for a session or a particular script you can continue to run the script but before you do that make sure the contents of the script does not harm your computer