Disable PowerShell v2 via GPO

powershell group-policy powershell-2.0

I'm trying to disable the old v2 version of PowerShell via GPO but have not been successful.

I have tried everything, to run a Scheduled Task (running a PowerShell script which command inside DOES indeed work if run locally), which included copying the file on the local machine, to setting up a new Software Restriction Policy, but nothing works as that version of PowerShell stays enabled.

Any suggestions?


Assuming you have a requirement like this STIG:

Windows PowerShell 5.0 added advanced logging features which can provide additional detail when malware has been run on a system. Disabling the Windows PowerShell 2.0 mitigates against a downgrade attack that evades the Windows PowerShell 5.0 script block logging feature.

The fix is to disable the windows Feature. For example:

# Windows 10:
Disable-WindowsOptionalFeature -Online -FeatureName MicrosoftWindowsPowerShellV2Root

# Windows Server:
Uninstall-WindowsFeature -Name PowerShell-V2

Uninstalling should take a minute or so, then show you whether a restart is required for the change:

Uninstall-WindowsFeature PowerShell-V2

Success Restart Needed Exit Code      Feature Result                               
------- -------------- ---------      --------------                               
True    No             Success        {Windows PowerShell 2.0 Engine}    

# running the command again does not error:

Success Restart Needed Exit Code      Feature Result                               
------- -------------- ---------      --------------                               
True    No             NoChangeNeeded {}

To check the current status:

# Windows 10
Get-WindowsOptionalFeature -Online -FeatureName MicrosoftWindowsPowerShellV2Root

FeatureName      : MicrosoftWindowsPowerShellV2Root
DisplayName      : Windows PowerShell 2.0
Description      : Adds or Removes Windows PowerShell 2.0
RestartRequired  : Possible
State            : Enabled
CustomProperties :

# Windows Server:
Get-WindowsFeature -Name PowerShell* 

Display Name                          Name           Install State
------------                          ----           -------------
[X] Windows PowerShell                PowerShellRoot     Installed
    [X] Windows PowerShell 5.1        PowerShell         Installed
    [X] Windows PowerShell 2.0 Engine PowerShell-V2      Installed  ## Should be "Available"
    [X] Windows PowerShell ISE        PowerShell-ISE     Installed

Related

How to easily transfer tabs from one PC to another?
"hostname: command not found" CentOS 8
Does upgrading RAM with different Speed, affect the pc or affect all the RAM?
Grep command inaccurate or bad command? Windows WSL
What is the teleporter and how does it work?
What does the "Threat" stat do?
Do guest passes have an expiration date?
Are there any non-cosmetic penalties for damaging the Regalia?
How to stop an infinite kill command loop in a realm server? [duplicate]
How long until a pokemon respawns in the same spot?
Is it possible to beat Frank the Zombie in Desktop Dungeon?
Graphical deterioration in gameplay?