How to enable group policy toggle button using powershell or cmd - powershell

I am trying to automate sever setup of a windows 2019 server using userdata. I need to update the local group policy settings.
The specific group policy i want to enable is "Set time limit for disconnected sessions"
How can i enable this 'local' group policy for a vm using powershell or bash or even Regedit.
I have tried but i cant seem to get it be in an "enabled" state.

Look at this Registry Edit.
You can access this registry key in Powershell or Bash.
More information here.
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v MaxDisconnectionTime /t REG_DWORD /d 5000 /f

Try this, its the same registry key but using Powershell to set.
Set-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" -Name MaxDisconnectionTime -Type REG_DWORD -Value 900000
The value is in ms, this would set it to 15 minutes.
https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.TerminalServer::TS_SESSIONS_Disconnected_Timeout_2
After you run that, restart the device and the settings should be updated.

There is no way to directly configure the local group policy using PowerShell.
When configured, the GPO sets a registry key and value.
It's not bi-directional where you can set the registry key and then the GPO is configured.
You can use Microsoft's tool LGPO.exe to export the policy settings from a computer you've configured, and then use PowerShell to import those settings to your new computer.

Related

Required Help in RDP Automation

Below script is to Automate RDP and I am stuck with below two points:
How to map local drive as mapped drive in RDP session(tsclient) using
powershell script/command
Example like this in RDP : drivestoredirect:s:value
RDP Automation - PowerShell Script :
cmdkey /list | ForEach-Object{if($_ -like "*target=TERMSRV/*"){cmdkey /del:($_ -replace " ","" -replace "Target:","")}}
echo "Connecting to Server Name"
$Server="Server Name"
$User="Username"
$Password="Password"
cmdkey /generic:TERMSRV/$Server /user:$User /pass:$Password
mstsc /v:$Server
reg add "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client" /v "AuthenticationLevelOverride" /t "REG_DWORD" /d 0 /f
You can't control all aspects of your connection when using mstsc.exe via command line. The information for mapping local resources in the TS session are stored in the RDP file.
If not specified, it will use the default.rdp file located in "My Documents" folder (hidden file).
If you configure the default RDP to map local resources, all subsequent connections will also have the local resources mapped... but if you change it again, it will apply to all next connections.
So a better approach will be to create one *.rdp file and use it as a template in your script:
Create Template RDP file:
Launch mstsc.exe
Configure all options as per your needs
Save the file somewhere and use it in your script (i.e C:\Temp\MyRDPtemplate.rdp)
Now, change your script in order to use this template file when connecting to a Server:
mstsc "C:\temp\MyRDPtemplate.rdp" /v:$Server
When you first connect to a Server while mapping local resources, you will receive a warning message:
If you want to avoid this message, add the following registry key before launching:
reg add "HKCU\Software\Microsoft\Terminal Server Client\LocalDevices" /v $Server /t "REG_DWORD" /d 0x4d /f
mstsc "C:\temp\MyRDPtemplate.rdp" /v:$Server
There may be a global parameter you can add to avoid this message for all Servers (like for "AuthenticationLevelOverride") but I don't know for sure.
On last word about the stored credentials... if you use cmdkey /generic:xxx, you don't need to specify the service type (TERMSRV), that's the purpose of the /generic switch. But it also works fine...
PS: Very last remark, if you want to bypass the certificate prompt (in case your server doesn't present a valid one, you should add the registry key AuthenticationLevelOverride before connecting to the Server. Also note that this key is valid for all connections.
Another choice is get a help form some 3rd-part tools for RDP.
https://github.com/VShawn/PRemoteM

Change Documents default location with powershell

I am trying to change the default location of the documents folder using powershell or cmd specifically.
What I have tried:
I have tried changing both the shell folders and user folders registry path and restarted the computer but nothing happens:
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Personal /t REG_EXPAND_SZ /d "C:\users\JatonJustice\desktop\testfolder"
But I still see it in the users folder in documents(even after restarting. The picture below is after restarting the computer.):
I tried using the answer from here: Set location of Special Folders with PowerShell
However that didn't seem to do anything either:
If anyone has any ideas for this, that would be awesome. If I have to I guess I can use wswshell but that is the last resort.
I found out that reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Personal /t REG_EXPAND_SZ /d "C:\users\JatonJustice\desktop\testfolder" works but when you are using an azure domain account or an amazon workspace account, the registry location for the user shell folders will be in a different place
you can verify the user location of the shell folder key by navigating to HKEY_CURRENT_USER and double checking which account you are in. There are accounts like .DEFAULT, or S-1-5-18 (SYSTEM ACCOUNT), etc.

How to Edit HKCU values with PowerShell

When I run the command to edit a registry value on HKCU with PowerShell, I have to run PS as an admin to have perms to edit the registry. Unfortunately, this changes HKCU to my admin account (as far as I can tell, at least), which keeps me from editing the user.
I need to automate this as we’re rolling out hundreds of machines. Am I missing something?
When running an elevated PowerShell, the user specific registry can be edited under HKEY_USERS\<Users SID>\.... For example:
Get-ItemProperty -Path "registry::hkey_users\$($strSID.Value)\Software\Policies\Microsoft\Windows\Control Panel\Desktop"

Run a script after a Windows 10 (non-Domain) Reset to enable RDP

For the Reset function, I go to Settings > Updates and Security > Recovery > Reset this PC. So this is a choice that I make, and on that basis I want to choose for that system to run a script after the Reset - and we know that should be possible as we can create completely customised Windows installation ISOs that install apps and Features in a clean state, so can someone tell me how to do a quite simple things - to just get Windows to run a PowerShell script after that Reset?
Actually, I only want to run a couple of lines:
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
i.e. This will enable RDP and allow me to connect remotely and continue the configuration without having to plug in a monitor and keyboard and mouse all just to run the above two commands. As per title, this is a non-Domain scenario so accessing the system as Domain Admin is not possible (and really a Domain should not be necessary, these are my systems on my local network).
The other reason that should make all of the above completely possible is that performing a Reset is not an absolute reset as it retains user information (my main user is still there with the password intact), so just enabling RDP would make everything possible post-Reset.
For reference, nothing in the following have helped me to achieve this goal so far:
Run a powershell script on a remote system with elevated permissions to enable remoting
https://interfacett.com/blogs/how-to-remotely-enable-and-disable-rdp-remote-desktop
The easiest way to do this is to download PStools from Microsoft and use psexec to give yourself remote access:
psexec \\machinename reg add hklm\system\currentcontrolset\control\terminal server /f /v fDenyTSConnections /t REG_DWORD /d 0
psexec \\machinename netsh firewall set service remoteadmin enable
psexec \\machinename netsh firewall set service remotedesktop enable
psexec will let you supply credentials with -u and -p

Delete remote registry keys via PS

I am needing to use PowerShell to delete a registry entry from multiple computers. The only thing is that PowerShell scripts are not enabled on the remote computers. Is it possible to manipulate the registry of multiple computers from my computer? What command could I use?
There is a pre powershell registry tool called reg. It will perform registry operations on remote computers.
REG DELETE /?
REG DELETE \\Computer\HKLM\Software\MyCo /v MTU
Deletes the registry value MTU under MyCo on Computer
If you have a list of computers in a list, then you can do something like this
$computers | ForEach-Object {
REG DELETE "\\$_\HKLM\Software\MyCo" /v MTU
}