Script Returning Different Value than Powershell

I am trying to return the ExecutionPolicy for each machine to a custom field. Code below:

Import-Module $env:SyncroModule

$psExecPolicy = Get-ExecutionPolicy

Write-Host $psExecPolicy

Set-Asset-Field -Name "PS ExecPolicy" -Value $psExecPolicy

For some reason, no matter what I do, the script returns “unrestricted” as the policy. The screenshot below shows what Get-ExecutionPolicy returns in background tools Powershell. The next image is what the script returns upon execution. Any thoughts on why these values are different?

Because its base on account. In this case, the way Syncro runs scripts will be ran as the system user while you are running that at the local user level.

Try changing your “Run as” From “System” to “Logged in User”. There is a command I believe that will also report all as a stack, but I would have to do research on that.

That was my thought as well. I have tried it as System and Logged In User. Both ways return the same results.

This is the method you were referring to, correct?

Thank you for your help!

Correct, then in that case its the scope that might be different. Would have to add -List I believe. From there you should be able to filter down to what you are aiming for as far as scope.

Forgive my ignorance. Where would I add “-list”?

Thank you again!

$psExecPolicy = Get-ExecutionPolicy -List

The effective execution policy is determined by execution policies that are set by Set-ExecutionPolicy and Group Policy settings.

Like Travis was saying, you can get the full list of every type with -List or you can try to check a specific type of policy with -Scope

If you don’t select a specific scope, then you just see the effective scope at the end. In a normal PowerShell window, this looks like the below for me
image

However, part of Syncro’s process of running these scripts is to set it to be acceptable to run scripts!
I made this quick Script to Demo the effective ExecutionPolicy for Syncro and the list of all of them.

For me, output looks like this
image

So if you want to report the policy back in Syncro - you will need to check for specific scopes - or at least ignore the Process scope.
Something like this could work to get an overview idea
Get-ExecutionPolicy -List |where {$_.Scope -ne 'process'}
image

Do keep in mind the precedence of which policies might be setting it too - you can get more info on that here about Execution Policies - PowerShell | Microsoft Docs or they should apply in this order

Group Policy: UserPolicy
Execution Policy: Process (or pwsh.exe -ExecutionPolicy)
Execution Policy: CurrentUser
Execution Policy: LocalMachine

Pulled the list back and saw the LocalMachine was the scope I was looking for.

Get-ExecutionPolicy -Scope LocalMachine

Did the trick!

Cool PS font! What is it?