block / unlock powershell

Navigation
2

I have this bat script to block / unlock powershell but it does not work on x64 (and sometimes not on x86) and sometimes I manage to block it but not unlock it (Could not start CLR, HRESULT: 80070005.) and doing a Get-ExecutionPolicy - List 

MachinePolicy = Restricted
UserPolicy    = Undefined
Process       = Unrestricted
CurrentUser   = Undefined
LocalMachine  = Unrestricted

List of commands to lock / unlock 

:: Restore PS
%windir%\system32\takeown.exe /f %windir%\system32\WindowsPowerShell\v1.0\powershell.exe
%windir%\system32\takeown.exe /f %windir%\system32\WindowsPowerShell\v1.0\powershell_ise.exe
%windir%\system32\icacls.exe %windir%\system32\WindowsPowerShell\v1.0\powershell.exe /Grant *S-1-1-0:F
%windir%\system32\icacls.exe %windir%\system32\WindowsPowerShell\v1.0\powershell_ise.exe /Grant *S-1-1-0:F
%windir%\SysWOW64\takeown.exe /f %windir%\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
%windir%\SysWOW64\takeown.exe /f %windir%\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe
%windir%\SysWOW64\icacls.exe %windir%\sysWOW64\WindowsPowerShell\v1.0\powershell.exe /Grant *S-1-1-0:F
%windir%\SysWOW64\icacls.exe %windir%\sysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe /Grant *S-1-1-0:F

:: Disable PS
reg add "HKLM\SOFTWARE\Microsoft\PowerShell\ShellIds\Microsoft.PowerShell" /v ExecutionPolicy /t REG_SZ /d Restricted /f
%windir%\system32\takeown.exe /f %windir%\system32\WindowsPowerShell\v1.0\powershell.exe
%windir%\system32\takeown.exe /f %windir%\system32\WindowsPowerShell\v1.0\powershell_ise.exe
%windir%\system32\cacls.exe %windir%\system32\WindowsPowerShell\v1.0\powershell.exe /E /P %username%:N
%windir%\system32\icacls.exe %windir%\system32\WindowsPowerShell\v1.0\powershell.exe /Deny *S-1-1-0:F
%windir%\system32\icacls.exe %windir%\system32\WindowsPowerShell\v1.0\powershell_ise.exe /Deny *S-1-1-0:F
%windir%\SysWOW64\takeown.exe /f %windir%\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
%windir%\SysWOW64\takeown.exe /f %windir%\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe
%windir%\SysWOW64\icacls.exe %windir%\SysWOW64\WindowsPowerShell\v1.0\powershell.exe /Deny *S-1-1-0:F
%windir%\SysWOW64\icacls.exe %windir%\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe /Deny *S-1-1-0:F

In other words. I would like to know how to block / unlock the powershell.exe program by command line with a .bat .. thanks

    
asked by 11.10.2016 в 21:08
source

1 answer

2

You just have to add the command to create a record (to be able to use ps) and delete it to block, of course everything as administrator

ALLOW PS 

REG ADD "HKLM\SOFTWARE\Microsoft\PowerShell\ShellIds
\Microsoft.PowerShell" /v  "ExecutionPolicy" /t REG_SZ /d "Unrestricted" /f

BLOCK PS 

REG DELETE "HKLM\SOFTWARE\Microsoft\PowerShell\ShellIds
\Microsoft.PowerShell" /v  "ExecutionPolicy" /f
    
answered by 03.07.2017 в 05:03
Error executing code with ListView, SelectedItems Load data in $ scope dynamically