Change PowerShell Script Execution Policy in Windows 11 Tutorial (2024)

This tutorial will show you different ways on how to set the PowerShell script execution policy for the current user, local machine, or current process in Windows 10 and Windows 11.

PowerShell's execution policy is a safety feature that controls the conditions under which PowerShell loads configuration files and runs scripts. This feature helps prevent the execution of malicious scripts.

On a Windows computer you can set an execution policy for the local computer, for the current user, or for a particular session. You can also use a Group Policy setting to set execution policies for computers and users.

Execution policies for the local computer and current user are stored in the registry. You don't need to set execution policies in your PowerShell profile. The execution policy for a particular session is stored only in memory and is lost when the session is closed.

The execution policy isn't a security system that restricts user actions. For example, users can easily bypass a policy by typing the script contents at the command line when they cannot run a script. Instead, the execution policy helps users to set basic rules and prevents them from violating them unintentionally.

Enforcement of these policies only occurs on Windows platforms. The PowerShell execution policies are as follows:

You can set an execution policy that is effective only in a particular scope.

The valid values for Scope are MachinePolicy, UserPolicy, Process, CurrentUser, and LocalMachine. LocalMachine is the default when setting an execution policy.

The Scope values are listed in precedence order. The policy that takes precedence is effective in the current session, even if a more restrictive policy was set at a lower level of precedence.

Reference:

If you set the execution policy for the scopes LocalMachine or the CurrentUser, the change is saved in the registry and remains effective until you change it again.

If you set the execution policy for the Process scope, it's not saved in the registry. The execution policy is retained until the current process and any child processes are closed.

1 Open Windows Terminal, and select Windows PowerShell.

2 Copy and paste the command below into Windows Terminal, and press Enter. (see screenshot below)

Get-ExecutionPolicy -List​

3 You will now see all execution policies listed in precedence order.

1 Open Settings (Win+I).

2 Click/tap on Privacy & security on the left side, and click/tap on For developers on the right side. (see screenshot below)

Starting with Windows 11 version 22H2 KB5030310 Build 22621.2361, For developers is now in Settings > System.

3 Click/tap on PowerShell to expand it open. (see screenshot below step 4)

4 Turn On (RemoteSigned) or Off (default - Restricted) Change execution policy to allow local PowerShell scripts to run without signing. Require signing for remote scripts for what you want. (see screenshot below)

5 You can now close Settings if you like.

1 Open Windows Terminal, and select Windows PowerShell.

2 Copy and paste the command below for the execution policy your want to set into Windows Terminal, and press Enter. (see screenshot below)

AllSigned: Set-ExecutionPolicy AllSigned -Scope CurrentUser -Force​

Bypass: Set-ExecutionPolicy Bypass -Scope CurrentUser -Force​

Default: Set-ExecutionPolicy Default -Scope CurrentUser -Force​

RemoteSigned: Set-ExecutionPolicy RemoteSigned -Scope CurrentUser -Force​

Restricted: Set-ExecutionPolicy Restricted -Scope CurrentUser -Force​

Undefined: Set-ExecutionPolicy Undefined -Scope CurrentUser -Force​

Unrestricted: Set-ExecutionPolicy Unrestricted -Scope CurrentUser -Force​

3 You can now close Windows Terminal if you like.

1 Do step 2 (Restricted), step 3 (AllSigned), step 4 (RemoteSigned), step 5 (Unrestricted), step 6 (Bypass), or step 7 (Undefined) below for what you would like to do.

2. Set PowerShell Script Execution Policy to "Restricted" for Current User

A) Click/tap on the Download button below to download the file below, and go to step 8 below.​

CurrentUser_Restricted_PowerShell_ExcutionPolicy.reg​

(Contents of REG file for reference)

Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]"ExecutionPolicy"="Restricted"

3. Set PowerShell Script Execution Policy to "AllSigned" for Current User

A) Click/tap on the Download button below to download the file below, and go to step 8 below.​

CurrentUser_AllSigned_PowerShell_ExcutionPolicy.reg​

(Contents of REG file for reference)

Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]"ExecutionPolicy"="AllSigned"

4. Set PowerShell Script Execution Policy to "RemoteSigned" for Current User

A) Click/tap on the Download button below to download the file below, and go to step 8 below.​

CurrentUser_RemoteSigned_PowerShell_ExcutionPolicy.reg​

(Contents of REG file for reference)

Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]"ExecutionPolicy"="RemoteSigned"

5. Set PowerShell Script Execution Policy to "Unrestricted" for Current User

A) Click/tap on the Download button below to download the file below, and go to step 8 below.​

CurrentUser_Unrestricted_PowerShell_ExcutionPolicy.reg​

(Contents of REG file for reference)

Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]"ExecutionPolicy"="Unrestricted"

6. Set PowerShell Script Execution Policy to "Bypass" for Current User

A) Click/tap on the Download button below to download the file below, and go to step 8 below.​

CurrentUser_Bypass_PowerShell_ExcutionPolicy.reg​

(Contents of REG file for reference)

Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]"ExecutionPolicy"="Bypass"

7. Set PowerShell Script Execution Policy to "Undefined" for Current User

This is the default setting.

A) Click/tap on the Download button below to download the file below, and go to step 8 below.​

CurrentUser_Undefined_PowerShell_ExcutionPolicy.reg​

(Contents of REG file for reference)

Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]"ExecutionPolicy"=-

8 Save the .reg file to your desktop.

9 Double click/tap on the downloaded .reg file to merge it.

10 When prompted, click/tap on Run, Yes (UAC), Yes, and OK to approve the merge.

11 You can now delete the downloaded .reg file if you like.

1 Open Windows Terminal (Admin), and select Windows PowerShell.

2 Copy and paste the command below for the execution policy your want to set into Windows Terminal, and press Enter. (see screenshot below)

AllSigned: Set-ExecutionPolicy AllSigned -Scope LocalMachine -Force​

Bypass: Set-ExecutionPolicy Bypass -Scope LocalMachine -Force​

Default: Set-ExecutionPolicy Default -Scope LocalMachine -Force​

RemoteSigned: Set-ExecutionPolicy RemoteSigned -Scope LocalMachine -Force​

Restricted: Set-ExecutionPolicy Restricted -Scope LocalMachine -Force​

Undefined: Set-ExecutionPolicy Undefined -Scope LocalMachine -Force​

Unrestricted: Set-ExecutionPolicy Unrestricted -Scope LocalMachine -Force​

3 You can now close Windows Terminal (Admin) if you like.

1 Do step 2 (Restricted), step 3 (AllSigned), step 4 (RemoteSigned), step 5 (Unrestricted), step 6 (Bypass), or step 7 (Undefined) below for what you would like to do.

2. Set PowerShell Script Execution Policy to "Restricted" for Local Machine

A) Click/tap on the Download button below to download the file below, and go to step 8 below.​

LocalMachine_Restricted_PowerShell_ExcutionPolicy.reg​

(Contents of REG file for reference)

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]"ExecutionPolicy"="Restricted"

3. Set PowerShell Script Execution Policy to "AllSigned" for Local Machine

A) Click/tap on the Download button below to download the file below, and go to step 8 below.​

LocalMachine_AllSigned_PowerShell_ExcutionPolicy.reg​

(Contents of REG file for reference)

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]"ExecutionPolicy"="AllSigned"

4. Set PowerShell Script Execution Policy to "RemoteSigned" for Local Machine

A) Click/tap on the Download button below to download the file below, and go to step 8 below.​

LocalMachine_RemoteSigned_PowerShell_ExcutionPolicy.reg​

(Contents of REG file for reference)

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]"ExecutionPolicy"="RemoteSigned"

5. Set PowerShell Script Execution Policy to "Unrestricted" for Local Machine

A) Click/tap on the Download button below to download the file below, and go to step 8 below.​

LocalMachine_Unrestricted_PowerShell_ExcutionPolicy.reg​

(Contents of REG file for reference)

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]"ExecutionPolicy"="Unrestricted"

6. Set PowerShell Script Execution Policy to "Bypass" for Local Machine

A) Click/tap on the Download button below to download the file below, and go to step 8 below.​

LocalMachine_Bypass_PowerShell_ExcutionPolicy.reg​

(Contents of REG file for reference)

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]"ExecutionPolicy"="Bypass"

7. Set PowerShell Script Execution Policy to "Undefined" for Local Machine

This is the default setting.

A) Click/tap on the Download button below to download the file below, and go to step 8 below.​

LocalMachine_Undefined_PowerShell_ExcutionPolicy.reg​

(Contents of REG file for reference)

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]"ExecutionPolicy"=-

8 Save the .reg file to your desktop.

9 Double click/tap on the downloaded .reg file to merge it.

10 When prompted, click/tap on Run, Yes (UAC), Yes, and OK to approve the merge.

11 You can now delete the downloaded .reg file if you like.

The execution policy set using this option only affects the current PowerShell session for the current process until you close the current PowerShell window.

1 Open Windows Terminal, and select Windows PowerShell.

2 Copy and paste the command below for the execution policy your want to set into Windows Terminal, and press Enter. (see screenshot below)

AllSigned: Set-ExecutionPolicy AllSigned -Scope Process -Force​

Bypass: Set-ExecutionPolicy Bypass -Scope Process -Force​

Default: Set-ExecutionPolicy Default -Scope Process -Force​

RemoteSigned: Set-ExecutionPolicy RemoteSigned -Scope Process -Force​

Restricted: Set-ExecutionPolicy Restricted -Scope Process -Force​

Undefined: Set-ExecutionPolicy Undefined -Scope Process -Force​

Unrestricted: Set-ExecutionPolicy Unrestricted -Scope Process -Force​

3 You can now close Windows Terminal if you like.

That's it,
Shawn Brink