Windows PowerShell’s execution policy is well known feature that helps prevent users from accidentally running malicious scripts. I hit an interesting situation recently where Get-ExecutionPolicy showed that I was allowed to run scripts, but in practice I still couldn’t execute scripts from a .NET application’s hosted runspace. What was the problem? The execution policy settings differed across x64 and x86 processes. Since this problem isn’t covered in the official documentation I figured it deserved a quick write-up.
Different execution policies for x86 and x64
On a 64-bit Windows computer open a Windows PowerShell prompt (the default x64 version), and then open the x86 version. Run Get-ExecutionPolicy -List in each session and view the results. Depending on how your machine was configured you may see different results for each session. Here is an example on one of my machines where the results differ:
Why is this happening?
This behavior can be explained when looking at the Windows registry. On a 64-bit Windows operating system, parts of the registry are stored separately for keys used by 32-bit applications and 64-bit applications (however there are also shared keys — read more here). This allows applications to have different stored settings that may apply specifically to one platform target.
Windows PowerShell uses platform specific (32 bit or 64 bit) registry keys instead of shared keys for some of the execution policy settings. You can verify this by running a tool like Sysinternals Process Monitor and then running execution policy commands.
Tips for handling the execution policy
- Use Group Policy to configure the execution policy settings. This will enforce a consistent experience across all machines.
- If you can’t use group policy– remember to run your Set-ExecutionPolicy command in both x64 and x86 versions of PowerShell (if you use both).
- If you host a runspace in a .NET application: remember that the AnyCPU build target will likely set your application as x86, which in turn would launch the x86 specific PowerShell runspace. If you need x64 PowerShell then be sure to set the platform target to x64.