I cannot run unsigned scripts and load unsigned configuration files from a
replicated DFS domain share created on Windows Server 2008 R2 when my
execution policy is set to "RemoteSigned." CasPol doesn't help. For example,
I cannot run scripts from \\domain\Share even after executing this command:



C:\Windows\Microsoft.NET\Framework\v2.0.50727\caspol.exe -pp off -m -ag
1 -url file://domain/Share/* FullTrust -Exclusive on

I've considered all variations of the url parameter and several variations
of the ag parameter.

Help!

Hello David.

David Noble wrote:

> I cannot run unsigned scripts and load unsigned configuration files
> from a replicated DFS domain share created on Windows Server 2008 R2
> when my execution policy is set to "RemoteSigned."

On one of the clients copy the file from the dfs share to a local
NTFS folder and execute:
notepad.exe "thedownloadedscript.ps1:Zone.Identifier"
This will display the zone identifier of the security zone that is
associated with the file by AES (Attachment Execution Service).
The IDs are:
-1 = NoZone
0 = MyComputer
1 = Intranet
2 = Trusted
3 = Internet
4 = Untrusted

Probably the ZoneID of your file is -ge 3, which prevents the script
from being run (because if the ExecutionPolicy "RemoteSigned").
Try to use the IE security setting to add the UNC path to either the
local intranet zone or to the trusted sites.

--
Regards,
Wolfgang