I will try to clarify the confusion out there about the execution policy that should be in place for a successful upgrade of Exchange 2010+ to SP2. The Microsoft KB article is not fully correct
The KB article 2668686 lists that the execution policy should all be listed as “Undefined”, when you run Get-ExecutionPolicy –list on the Exchange 2010 box to be upgraded.
Scope ExecutionPolicy ----- --------------- MachinePolicy Undefined UserPolicy Undefined Process Undefined CurrentUser Undefined LocalMachine Undefined
If it is not, you will get the error below.
The following error was generated when "$error.Clear(); & $RoleBinPath\ServiceControl.ps1 EnableServices Critical
" was run: "AuthorizationManager check failed.". AuthorizationManager check failed.
I need to clarify that, the KB article info is not fully true. You don’t need to have the LocalMachine policy as Undefined, it will successfully install SP2 even if it is set to “RemoteSigned”. I think that is the default setting anyway (atleast on the few boxes that I have checked).
So, let me explain a bit further. The below screenshot is what you need for a successful upgrade to SP2.
You don’t have to worry too much about the KB article and try changing the local machine execution policy to undefined
With the settings above, I was successfully able to upgrade to SP2.
Let’s hope that Microsoft will update the KB article soon!