I've been having trouble running the Team Foundation Server Best Practise Analyser (TfsBpa for short). It was failing with the following warning:

Cannot validate the URL provided The scan was generated using the corrected URL "%TFSServerURLValidated%".

I noticed in the "Other Reports" section that it listed the following additional errors:

23:03:07.351: Exception resetting Execution Policy in TFS PowerShell Object Processor: System.Management.Automation.CmdletInvocationException Access to the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell' is denied. at System.Management.Automation.Internal.PipelineProcessor.SynchronousExecuteEnumerate(Object input, Hashtable errorResults, Boolean enumerate) at System.Management.Automation.PipelineNode.Execute(Array input, Pipe outputPipe, ArrayList& resultList, ExecutionContext context) at System.Management.Automation.StatementListNode.ExecuteStatement(ParseTreeNode statement, Array input, Pipe outputPipe, ArrayList& resultList, ExecutionContext context) System.Management.Automation Script

Hmm.. I wonder if it's a problem related to PowerShell's execution policy setting?

I ran the following in an elevated PowerShell prompt:

Set-ExecutionPolicy RemoteSigned

And that's fixed it – now the BPA process runs as expected. Yay!