Turns out Microsoft decided to not allow you to run Powershell scripts out of the box. The Execution-Policy is set to be disabled and you have to go to Powershell to run

Set-ExecutionPolicy unrestricted -force

The -force switch skips the prompt. However, this is a chick and egg problem with slipstreaming as you need to execute this first programmatically. I tried to use CMD files to do powershell -command "Set-ExecutionPolicy unrestricted -force" but it does not work and quite a few people reported ignoring execution policy with -ExecutionPolicy Bypass switch to powershell.exe does not work with NTLite either.

It’s a colossal pain in the butt. Microsoft deciding to prevent Powershell scripts from running by default broke NTLite’s powershell scripting.

I decided to take a look at registry values that can be changed and this website suggested there is one. There’s a typo on the website. It’s not in HKCU but in HKLM (his screenshots says HKLM). The correct path is changing the string value ExecutionPolicy to Unrestricted in the key HKLM\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell

I cannot confirm when the registry files are loaded in NTLite. It could be too early or too late. (Looks like it’s too early to me since MDM fake enrollment registry files do not take effect and I had to use reg command script later).

So instead, I’ll do the registry change as a CMD script:

reg add "HKLM\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" /t REG_SZ  /v ExecutionPolicy /d "Unrestricted" /f

Set it as the first script to run, or at least it has to run before the .ps1 (powershell) script