Execute remote Powershell script on shared folder

Locate In Network Remote Drive

Photo from: https://www.manning.com/books/windows-powershell-in-action

Suppose we got very simple Powershell script (TestRemote.ps1) over remote path: {REMOTE_ADDRESS}\{REMOTE_FOLDER} for execute:

#TestRemote.ps1
Write-Host "Testing."

We could expect that to invoke the script through below command:

\\{REMOTE_ADDRESS}\{REMOTE_FOLDER}\TestRemote.ps1

But somehow we might encounter below error: “UnauthorizedAccess”.

The reason was that our login account without setup properly of “ExecutionPolicy”. We could inquiry the current policy via command: Get-ExecutionPolicy -List.

Get-ExecutionPolicy -List

And you could find out the definition of each scope and policy from this link for more details.

The CurrentUser with policy “Undefined”, so the system will apply LocalMachine policy “RemoteSigned” to CurrentUser scope.

If you are in intranet environment and without others security consideration, the below command would be most simply way for firing the Poweshell script over remote drive.

Powershell.exe –ExecutionPolicy Bypass –file \\{REMOTE_ADDRESS}\{REMOTE_FOLDER}\TestRemote.ps1

You might wonder if we apply “Unrestricted” policy to the case?

Powershell.exe –ExecutionPolicy Unrestricted –file \\{REMOTE_ADDRESS}\{REMOTE_FOLDER}\TestRemote.ps1\TestRemote.ps1

The execution for current session would be okay but the system will prompt the security warning that let user confirm to continue or not. The condition could not apply to non-interactive purpose.

So far we notice that how powerful the Powerhsell script was but also need to caution the security as well. Yet we got alterative ways to invoke the powershell script(s) over remote drive:

Set-ExecutionPolicy -Scope CurrentUser Bypass
 > Please avoid the settings as above, this policy will accept all scripts execution without any security and for every startup session.   
Singed the remote Powershell script
> The normal and safe way to protect the production environment, usually if production open to public. please also setup the execution policy to "RemoteSigned" or "AllSigned".
Copy the remote Powershell script to local drive 
> If you got trust for the script and security. Then you could execute the copy one (in local) and initial running session without any policy issue.

Reference

• http://setspn.blogspot.com/2011/05/running-powershell-scripts-from-unc.html
• https://stackoverflow.com/questions/29242447/executing-powershell-on-remove-server-fails-when-path-to-script-is-fully-qualifi
• https://www.sqlshack.com/choosing-and-setting-a-powershell-execution-policy/