This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 30%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
We are using compliancy with powershell scripts to determine whether clients are compliant. Very small number of clients fail with the error 0X87D00327 - Script is not signed. When I look in the logfiles it clearly states the client uses the 'All Signed' policy instead of the 'Bypass' setting in the client settings. I checked the following:
I tried to resolve the issue by these actions
all to no avail.
Can you provide me with a root cause and solution for the clients?
Have you looked for a GPO that is overriding configmgr? Have you tried reinstalling the client?
Hi, @Arjan Kauffman
Thank you for posting in Microsoft Q&A forum.
You may try to run Get-ExecutionPolicy to confirm the current execution policy.
You may run Get-ExecutionPolicy -List to get the execution policy list, check if there any machine policy or user policy defined?
The machine policy is set by the group policy:
Computer Configuration -> Administrative Templates -> Windows Components -> Windows PowerShell
The user policy is set by the group policy:
User Configuration -> Administrative Templates -> Windows Components -> Windows PowerShell
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Add comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 68%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELT%3C/text%3E%3C/svg%3E)
Hi. Thank you for your question and reaching out. I’d be more than happy to help you with your query
The root cause of the issue appears to be that the clients are not set to use the 'Bypass' setting for the PowerShell execution policy. This setting can be configured either through Group Policy or through the registry. If the 'Bypass' setting is not configured, then the clients will be using the 'All Signed' policy, which results in the 0X87D00327 - Script is not signed error.
To resolve this issue, you should make sure that the clients are using the 'Bypass' setting for the PowerShell execution policy. You can do this by either configuring the appropriate Group Policy setting or by manually editing the registry on each client to set the ExecutionPolicy key to 'Bypass'. After doing this, you should trigger the Action 'Machine Policy Retrieval & Evaluation Cycle' again to ensure the policy is applied to the clients.
If the reply was helpful, please don’t forget to upvote or accept as answer, thank you.