YouTip LogoYouTip

Powershell Start

PowerShell is a command-line shell and scripting environment developed by Microsoft for Windows systems, primarily used for system administration and automation tasks. In **Windows 11**, you can directly search for "PowerShell" in the Start menu. !(#) Common shortcuts include (for 64-bit systems): | Shortcut Name | Description | | --- | --- | | Windows PowerShell | 64-bit command-line version | | Windows PowerShell ISE | 64-bit graphical script editor | | Windows PowerShell (x86) | 32-bit command-line version | | Windows PowerShell ISE (x86) | 32-bit graphical script editor | ⚠️ Note: Windows 11 itself does not support 32-bit systems, but it still includes the x86 version of PowerShell to ensure compatibility with older programs. * * * ## Ways to Launch PowerShell ### Standard Launch Method Click the Windows PowerShell shortcut to open the PowerShell console. The title bar of the PowerShell console will display "Windows PowerShell". !(#) **Note:** Some commands can run normally when PowerShell is launched as a regular user, but PowerShell itself does not participate in User Account Control (UAC), so it cannot prompt users to elevate privileges. ### User Account Control (UAC) Explanation **UAC Function:** A Windows security feature that prevents malicious code from running with elevated privileges. **Regular User Privilege Restrictions:** When running as a standard user, attempting to execute commands requiring administrator privileges will result in an error. For example, stopping a Windows service: Stop-Service -Name W32Time Error message example: Stop-Service : Service 'Windows Time (W32Time)' cannot be stopped due to the following error: Cannot open W32Time service on computer '.'.At line:1 char:1+ Stop-Service -Name W32Time + ~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : CloseError: (System.ServiceProcess.ServiceCon troller:ServiceController) , ServiceCommandException + FullyQualifiedErrorId : CouldNotStopService,Microsoft.PowerShell.Comm ands.StopServiceCommand **Solution:** You need to run PowerShell with elevated local administrator privileges. A second domain user account has been configured, adhering to the principle of least privilegeβ€”this user is neither a domain administrator nor has elevated permissions within the domain. **Steps:** * Right-click the Windows PowerShell shortcut. * Select "Run as administrator." !(#) **System Prompt:** Since you are currently logged in as a standard user, Windows will prompt you to enter the credentials of a local administrator. !(#) **Confirm Elevation:** After elevation, the title bar of the PowerShell window displays "Administrator: Windows PowerShell." !(#) **Effect:** Running commands requiring administrator privileges in the elevated PowerShell no longer results in UAC errors. **Privilege Elevation Principle:** Only elevate PowerShell to administrator privileges when absolutely necessary. **Remote Computers:** When working with remote computers, there is no need to elevate PowerShell privileges. Elevation only affects local commands. **Pin Shortcut:** You can pin the PowerShell or Windows Terminal shortcut to the taskbar for easy access: !(#) **Securely Launching Elevated PowerShell:** If you need to launch PowerShell with elevated privileges, hold down the Shift key while right-clicking the pinned PowerShell icon on the taskbar, then select "Run as administrator." !(#) * * * ## Determining Your PowerShell Version and Execution Policy Guidelines ### I. Checking Your PowerShell Version PowerShell provides the automatic variable `$PSVersionTable`, which contains information about the current PowerShell session's version and related details. $PSVersionTable Output might look like this: Name Value---- -----PSVersion 5.1.22621.2428PSEdition DesktopPSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}BuildVersion 10.0.22621.2428CLRVersion 4.0.30319.42000WSManStackVersion 3.0PSRemotingProtocolVersion 2.3SerializationVersion 1.1.0.1 ### Version Notes * Windows PowerShell 5.1 comes pre-installed on all supported versions of Windows and is the recommended version. * PowerShell 7 (cross-platform edition) is not a replacement for Windows PowerShell 5.1; rather, it is installed alongside it as a separate product. * PowerShell 6 (also known as PowerShell Core) is no longer supported. ### II. Understanding Execution Policies Execution policies are a security feature of PowerShell that control how scripts are executed, preventing unintentional execution of malicious scripts. > Note: Execution policies are not absolute security boundaries; skilled users can bypass them. ### Scope of Execution Policies * Policies can be set for the local machine (LocalMachine), the current user (CurrentUser), or the current session (Process). * Group policies can also manage execution policies for both users and computers. ### Common Default Execution Policies in Windows | Operating System Version | Default Execution Policy | | --- | --- | | Windows Server 2022 | RemoteSigned | | Windows Server 2019 | RemoteSigned | | Windows Server 2016 | RemoteSigned | | Windows 11 | Restricted | | Windows 10 | Restricted | > **Restricted** means that, by default, no scripts are allowed to run. ### III. Querying the Current Execution Policy To check the current policy: Get-ExecutionPolicy Output might look like this: Restricted To list all execution policy settings across different scopes: Get-ExecutionPolicy -List Output might look like this: Scope ExecutionPolicy ----- ---------------MachinePolicy Undefined UserPolicy Undefined Process Undefined CurrentUser Undefined LocalMachine Undefined ### IV. Impact of Execution Policies on Script Execution Suppose you have a script file named `Get-TimeService.ps1`. Running this command directly in an interactive session works fine: Get-Service -Name W32Time However, if you try to run the same command from within the script, PowerShell will return an error. .Get-TimeService.ps1 Error message: .Get-TimeService.ps1 : File C:tmpGet-TimeService.ps1 cannot be loaded because running scripts is disabled on this system. For more information, see about_Execution_Policies at https:/go.microsoft.com/fwlink/?LinkID=135170.At line:1 char:1+ .Get-TimeService.ps1 + ~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : SecurityError: (:) [], PSSecurityException + FullyQualifiedErrorId : UnauthorizedAccess ### V. Modifying Execution Policies #### 1. Set to RemoteSigned (Recommended) This allows running local scripts and remotely signed scripts from trusted publishers. Set-ExecutionPolicy -ExecutionPolicy RemoteSigned * You must run PowerShell as an administrator to change the execution policy for the local machine (LocalMachine). * A confirmation prompt will appear: Do you want to change the execution policy? Yes Yes to All ... #### 2. Modify Only the Current User's Execution Policy (No Administrator Privileges Required) Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser ### VI. Common Error Messages and Solutions **Error when trying to modify the LocalMachine policy without administrator privileges:** Access to the registry key 'HKEY_LOCAL_MACHINESOFTWAREMicrosoftPowerShell1ShellIdsMicrosoft.PowerShell' is denied. **Solution:** Run PowerShell as an administrator and retry, or simply modify the policy for the current user. ### VII. Verifying After Modification After setting the execution policy to `RemoteSigned`, run the script: .Get-TimeService.ps1 Output: Status Name DisplayName------ ---- -----------Running W32Time Windows Time ### VIII. Important Notes * Scripts are plain text files with the `.ps1` extension. * It is recommended to use (#) or a text editor to write scripts. * Before modifying execution policies, please read the official documentation `about_Execution_Policies` to understand potential security risks.
← Powershell CmdletPowershell Install β†’