Unblock-File
Unblock-File [-Confirm] -LiteralPath* <String[]> [-WhatIf] [<CommonParameters>]Unblock-File [-Path*] <String[]> [-Confirm] [-WhatIf] [<CommonParameters>]The Unblock-File cmdlet lets you open files that were downloaded from the Internet. It unblocks Windows PowerShell script files that were downloaded from the Internet so you can run them, even when the Windows PowerShell execution policy is RemoteSigned . By default, these files are blocked to protect the computer from untrusted files.
Before using the Unblock-File cmdlet, review the file and its source and verify that it is safe to open.
Internally, the Unblock-File cmdlet removes the Zone.Identifier alternate data stream, which has a value of "3" to indicate that it was downloaded from the Internet.
For more information about Windows PowerShell execution policies, see about_Execution_Policies (http://go.microsoft.com/fwlink/?LinkID=135170).
This cmdlet was introduced in Windows PowerShell 3.0.
Parameters
-Confirm [<SwitchParameter>]
- Default value is False
- Accepts pipeline input False
Prompts you for confirmation before running the cmdlet.
-LiteralPath <String[]>
- This value is required
- Default value is None
- Accepts pipeline input ByPropertyName
Specifies the files to unblock. Unlike Path , the value of the LiteralPath parameter is used exactly as it is typed. No characters are interpreted as wildcards. If the path includes escape characters, enclose it in single quotation marks. Single quotation marks tell Windows PowerShell not to interpret any characters as escape sequences.
-Path <String[]>
- This value is required
- Default value is None
- Accepts pipeline input False
Specifies the files to unblock. Wildcard characters are supported.
-WhatIf [<SwitchParameter>]
- Default value is False
- Accepts pipeline input False
Shows what would happen if the cmdlet runs. The cmdlet is not run.
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,ErrorAction, ErrorVariable, WarningAction, WarningVariable,OutBuffer, PipelineVariable, and OutVariable.
Inputs
System.StringOutputs
NoneExamples
-
Unblock a file:
PS C:\> Unblock-File -Path C:\Users\User01\Documents\Downloads\PowerShellTips.chmThis command unblocks the PowerShellTips.chm file.
-
Unblock multiple files:
PS C:\> dir C:\Downloads\*PowerShell* | Unblock-FileThis command unblocks all of the files in the C:\Downloads directory whose names include "PowerShell". Do not run a command like this one until you have verified that all files are safe.
-
Find and unblock scripts:
-
The first command uses the *Stream* parameter of the Get-Item
cmdlet get files with the Zone.Identifier stream.Although you
could pipe the output directly to the **Unblock-File** cmdlet
(Get-Item * -Stream "Zone.Identifier" -ErrorAction
SilentlyContinue | ForEach {Unblock-File $_.FileName}), it is
prudent to review the file and confirm that it is safe before
unblocking.:
PS C:\> Get-Item * -Stream "Zone.Identifier" -ErrorAction SilentlyContinue FileName: C:\ps-test\Start-ActivityTracker.ps1 Stream Length ------ ------ Zone.Identifier 26The first command uses the *Stream* parameter of the Get-Item cmdlet get files with the Zone.Identifier stream.Although you could pipe the output directly to the **Unblock-File** cmdlet (Get-Item * -Stream "Zone.Identifier" -ErrorAction SilentlyContinue | ForEach {Unblock-File $_.FileName}), it is prudent to review the file and confirm that it is safe before unblocking.
-
The second command shows what happens when you run a blocked
script in a Windows PowerShell session in which the execution
policy is **RemoteSigned**:
PS C:\> C:\ps-test\Start-ActivityTracker.ps1 c:\ps-test\Start-ActivityTracker.ps1 : File c:\ps-test\Start-ActivityTracker.ps1 cannot be loaded. The file c:\ps-test\Start-ActivityTracker.ps1 is not digitally signed. The script will not execute on the system. For more information, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. At line:1 char:1 + c:\ps-test\Start-ActivityTracker.ps1 + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : SecurityError: (:) [], PSSecurityException + FullyQualifiedErrorId : UnauthorizedAccessThe RemoteSigned policy prevents you from running scripts that are downloaded from the Internet unless they are digitally signed.
-
The third command uses the **Unblock-File** cmdlet to unblock the
script so it can run in the session:
PS C:\> Get-Item C:\ps-test\Start-ActivityTracker.ps1 | Unblock-FileThis command shows how to find and unblock Windows PowerShell scripts.
-
The first command uses the *Stream* parameter of the Get-Item
cmdlet get files with the Zone.Identifier stream.Although you
could pipe the output directly to the **Unblock-File** cmdlet
(Get-Item * -Stream "Zone.Identifier" -ErrorAction
SilentlyContinue | ForEach {Unblock-File $_.FileName}), it is
prudent to review the file and confirm that it is safe before
unblocking.:
Additional Notes
The Unblock-File * cmdlet works only in file system drives. Unblock-File performs the same operation as the Unblock button on the Properties * dialog box in File Explorer. If you use the Unblock-File * cmdlet on a file that is not blocked, the command has no effect on the unblocked file and the cmdlet does not generate errors.
This work is licensed under a Creative Commons Attribution 4.0 International. It is attributed to Microsoft Corporation and can be found here.
PowerShell Commands