We have a department policy that all PowerShell scripts should be signed. here is how you install the free tools to work in a signed environment.
- install the software normally with out changing your policy settings.
- sign the scripts that were installed in the following location ending in the extension .ps1
C:\Program Files (x86)\Now Micro\Right Click Tools - sign the script ending in .psm1 in the following location
C:\Program Files (x86)\Now Micro\Right Click Tools\PSModule\NowMicro-ClientActions - run the install.ps1
There are lots of instructions on line about signing scripts on line
I use the following ps script:
function sign ($filename) {
$cert=(dir cert:currentuser\my\ -CodeSigningCert)[0]
Set-AuthenticodeSignature $filename $cert -TimestampServer http://timestamp.verisign.com/scripts/timstamp.dll"
}
we use a organization server to generate the certificate that is part of our domain so they are trusted one can create a personal certifcate from the command line,
The -TimestampServer makes it so the will still run when the cert expires if I remember correctly.
The function above will take wildcards like *.ps1 and do all files in a directory so it does not take long to sign them.
After we signed them once we copied that over the other installs for any one using the tools and then ran the install.ps1 again