{"id":12835,"date":"2018-09-18T07:32:26","date_gmt":"2018-09-18T07:32:26","guid":{"rendered":"https:\/\/www.top-password.com\/blog\/?p=12835"},"modified":"2018-09-18T07:32:26","modified_gmt":"2018-09-18T07:32:26","slug":"disable-powershell-with-software-restriction-policies-gpo","status":"publish","type":"post","link":"https:\/\/www.top-password.com\/blog\/disable-powershell-with-software-restriction-policies-gpo\/","title":{"rendered":"How to Disable PowerShell with Software Restriction Policies GPO"},"content":{"rendered":"

Is there a way to block PowerShell from running through group policy? Windows PowerShell comes pre-installed in Windows 10 and it’s a command-line shell designed especially for programmers and IT professionals. If you’re a standard Windows user, you may want to get rid of it. In this tutorial we’ll show you how to disable PowerShell for all user accounts in Windows 10, using Software Restriction Policies GPO.<\/p>\n

Part 1: Find the PowerShell Executable Program<\/strong><\/p>\n

    \n
  1. After launching Windows PowerShell<\/a>, press the Ctrl + Shift + Esc keys simultaneously to bring up the Task Manager<\/a> window. Go to the Details<\/strong> tab, scroll down to find the process called powershell.exe<\/em>. Right-click on it and select “Open file location<\/strong>“.\n

    \"\"\n<\/li>\n

  2. Windows Explorer will open the folder where the powershell.exe<\/em> file is located. Note down the full path as we’ll need it later.\n

    \"\"\n<\/li>\n<\/ol>\n

    Part 2: Disable PowerShell with Software Restriction Policies<\/strong><\/p>\n

      \n
    1. Open the Local Group Policy Editor<\/a> and navigate to:
      \nComputer Configuration > Windows Settings > Security Settings > Software Restriction Policies<\/code><\/p>\n

      \"\"<\/p>\n

      \tRight-click on Software Restriction Policies<\/strong> on the left console tree, and then select New Software Restriction Policies<\/strong>.<\/li>\n

    2. Select the newly-created “Additional Rules<\/strong>” node. Right-click any empty space in the right pane and choose “New Hash Rule<\/strong>“.\n

      \"\"\n<\/li>\n

    3. Click the Browse<\/strong> button to select the powershell.exe<\/em> file we’ve located previously, and set the Security level<\/strong> to Disallowed<\/strong>. Click OK<\/strong>.\n

      \"\"\n<\/li>\n

    4. If you also want to block the Windows PowerShell ISE from running, just repeat the above steps to add a new rule to block powershell_ise.exe<\/em>.<\/li>\n
    5. Reboot your computer for the policies to take effect. When you try to run PowerShell you should receive the following error message “This app has been blocked by your system administrator<\/em>“.\n

      \"\"<\/p>\n

      \tRenaming the PowerShell executable file couldn’t bypass the above message as well.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"

      Is there a way to block PowerShell from running through group policy? Windows PowerShell comes pre-installed in Windows 10 and it’s a command-line shell designed especially for programmers and IT professionals. If you’re a standard Windows user, you may want to get rid of it. In this tutorial we’ll show you how to disable PowerShell […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,10,1894],"tags":[3972,3971,3970],"class_list":["post-12835","post","type-post","status-publish","format-standard","hentry","category-others","category-tips-tricks","category-windows-10","tag-block-powershell-gpo","tag-disable-powershell-group-policy","tag-disable-powershell-windows-10"],"_links":{"self":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts\/12835","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/comments?post=12835"}],"version-history":[{"count":13,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts\/12835\/revisions"}],"predecessor-version":[{"id":12854,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts\/12835\/revisions\/12854"}],"wp:attachment":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/media?parent=12835"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/categories?post=12835"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/tags?post=12835"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}