1

We have some Nagios checks that connects to a Windows server and runs a script. This script is not signed, and our admin had set the script exeuction policy for the server, about a year ago, to... unrestricted I believe. Whatever policy is the least secure.

What's happening now (this is an Exchange server FYI) is that at least once a day, the execution policy is being changed such that our Nagios check breaks. Our Windows admin goes to manually force the policy back to unrestricted, but the same thing happens.

Now, I don't really care of have the knowledge to get into a debate about whether this is or isn't good for security. But what our admin was wondering, and I am too, is how we can identify what is changing the policy "out from under us", and put an end to it?

After all, who's to say we don't change our minds to go with a more secure policy, only to have THAT one yanked out from under us.

Any insight is greatly appreciated. Let me know if I can track down any other helpful details.

Sathyajith Bhat
  • 286
  • 1
  • 5
  • 23
Larold
  • 802
  • 4
  • 13
  • 21

1 Answers1

3

Execution policies are not a security system, so the change could have been made by anyone with admin rights or via group policy. The simplest way to prevent scripts from being broken by the security policy is to use the bypass execution policy when invoking the script. EG: powershell -executionpolicy bypass -file .\myscriptfile.ps1 For more details see PowerShell.exe Console Help

Jim B
  • 23,938
  • 4
  • 35
  • 58
  • While technically speaking this is a work-around, it's an awesome one that gave us exactly what we needed. Thanks! – Larold Sep 14 '11 at 18:53
  • There isn't much more I can add without getting into the security aspects so all I can say is that the execution is not a security policy, so no one can yank the policy out from under you since it is designed to be removeable at a whim. – Jim B Sep 15 '11 at 00:52
  • yup makes sense. No need to add more. Thanks again for the solution - works great. – Larold Sep 15 '11 at 01:34