Invoke Power Shell and Execution Policy

Could anyone please help me understand how UiPath handles a pre-defined (and potentially even bypassed) execution policy? Let’s start with the error message:

image
Now, there are several topics like this covering the root cause. I did change the execution policy, and according to this article this affects anyone using the machine. Note that John isn’t an Administrator, and the policy is set to RemoteSigned (which I had selected earlier by using Set-ExecutionPolicy with elevated permissions):

However, when running Get-ExecutionPolicy in UiPath, I would get back the set default (i.e. restricted). It’s the same for a normal user, and for someone running Studio with elevated permissions:

Naturally, I can set the execution policy in Studio as well - and here is where things get fuzzy. When using Set-ExecutionPolicy in Studio, my user seems to be unaffected. I can set it to unrestricted, but Get-ExecutionPolicy in PowerShell would still show up as RemoteSigned. This setting persists, even across Studio, Session and Server restarts.

So, here’s what I’d like to understand:

  • Why wouldn’t UiPath be affected by me changing the execution policy for the entire machine?
  • Why is the policy different in Studio than in Windows, even when working with the same user?
  • What are best practices when rolling out packages?

Hi @redlynx82,
If you are using Windows 10 Professional you can try to go to gpedit.msc and search for Turn on Script Execution policy. It’s located under Computer Configuration\Administrative Templates\Windows Components\Windows PowerShell

However if you have only Home edition run PowerShell as an admin and put this commands:

Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope CurrentUser
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope LocalMachine
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope UserPolicy

This should help.

2 Likes

Thanks for your answer, @Pablito - yet this isn’t what I am looking for. I know how to set an execution policy (I am on Windows Server 2012 R2)

I used Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope LocalMachine, as the local administrator, which should affect any user on working the machine. This becomes evident when listing the policy as a non-admin in PowerShell:

However, when retrieving the active policy in Studio with a PowerShell activity using Get-ExecutionPolicy, you can see that it still defaults to Restricted. I would like to understand why.

@redlynx82 i don’t know specifics of the environment you are working on, but if it’s a domain machine maybe GPO is affecting this and some settings are spreading through machines and preventing from changing execution policy. You can also check what is happening in specific registry key:

HKEY_CURRENT_USER\Software\MicrosoftPowerShell\1\ShellIds\Microsoft.PowerShell > ExecutionPolicy

Thanks again for your answer. The machine isn’t part of a domain - it’s a simple VirtualBox guest with a server OS. It appears to me as if UiPath does some sandboxing when it comes to PowerShell activities - again, it’s not an issue as I can always set the required execution policy in another activity, yet I’d like to learn more about the specifics.

1 Like

@redlynx82 now i see your point. Hmm maybe it’s a stupid idea but have you tried to run Studio with run as an administrator option?

Thanks, I tried that. It’s the same - and interestingly, the policy level seems to be shared within Studio, regardless if opened with or without elevated mode (e.g. if you you change the level in Studio with a PowerShell activity, the same level will be used if you use Studio again - same user, but in elevated mode).

1 Like

Hmmm interesting. I will take a closer look into it. Will let you know if I will find something. Thank you for sharing this info.

1 Like

I come to you @redlynx82 with another thing to check :slight_smile:
I totally forgot about this solution:


So maybe this will help :slight_smile:

1 Like

Hey,
did you ever find the solution to this? I am having the same issue, but with an unattended.

1 Like