I am trying to make a reg key change based on the OS version.
The Key change pat works fine however the if function to work out if the device needs it or not I can not get to work. Any advice would be helpful. The powershell is below.
$verCheckOS = (Get-WmiObject win32_operatingsystem).version
if ($verCheckOS -lt 10.0.19043 -and $verCheckOS -gt 10.0.17134)
{
if (Test-Path HKLM:\SOFTWARE\Policies\Microsoft\AzureADAccount)
{
CD HKLM:\SOFTWARE\Policies\Microsoft
New-Item -Name AzureADAccount
New-ItemProperty -Path "AzureADAccount" -Name "AllowPasswordReset" -Value 1 -PropertyType DWord
}
}
Else
{
}
To make PowerShell compare version numbers properly you need to cast them to the proper type.
$verCheckOS = [version](Get-CimInstance -ClassName CIM_OperatingSystem).Version
if ($verCheckOS -lt [version]'10.0.19043' -and $verCheckOS -gt [version]'10.0.17134') {
if (-not (Test-Path HKLM:\SOFTWARE\Policies\Microsoft\AzureADAccount)) {
Push-Location 'HKLM:\SOFTWARE\Policies\Microsoft'
New-Item -Name 'AzureADAccount'
New-ItemProperty -Path 'AzureADAccount' -Name 'AllowPasswordReset' -Value 1 -PropertyType DWord
}
}
$verCheckOS = (Get-WmiObject win32_operatingsystem).version
if ($verCheckOS -lt "10.0.19043" -and $verCheckOS -gt "10.0.17134")
{
if (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\AzureADAccount"))
{
$null = New-Item -Name "AzureADAccount" -Path "HKLM:\SOFTWARE\Policies\Microsoft\"
$null = New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\AzureADAccount" -Name "AllowPasswordReset" -Value 1 -PropertyType DWord
}
}
I am a bit confused by your code. You check if the full path to the AzureADAccount key exists and then if it does you proceed to try and create it? I think you meant if it does NOT exist then create it? I mean your code won't execute if it isn't there so the line to create it is just going to error out. So I changed it to run the block only if the path doesn't exist. If that's wrong then put the Test-Path line back the way you had it and remove the 'New-Item -Name "AzureADAccount"' line as its meaningless and keep the New-ItemProperty line.
Also just adding quotes around the numbers made the version check if statement work fine for me in my testing.
Related
I have a reason why I don't want to use an array. But is it possible to use variable folder$i in the Remove-Item command
Set-Variable -Name "folder1" -Value "c:\windows\temp\1\*"
Set-Variable -Name "folder2" -Value "c:\windows\temp\2\*"
Set-Variable -Name "folder3" -Value "c:\windows\temp\3\*"
for ($i=1; $i -le 3; $i++)
{
Write-Host "folder to delete : Remove-Item –path folder$i -recurse"
Write-Host "$(folder$i)"
Remove-Item –path "$(folder$i)" -recurse
}
generally speaking, NOT using an array for this is ... a really good self-foot-gun situation. [grin]
however, if you have found some bizarre reason to NOT use the logical method, the following will work. it uses the Get-Variable cmdlet to do the actual work.
$Var1 = 'Variable_One'
$Var2 = 'Two_Variable'
foreach ($Index in 1..2)
{
Get-Variable -Name "Var$Index" -ValueOnly
}
output ...
Variable_One
Two_Variable
We are running Coded UI tests on IE in Windows 8.1, and we're doing it through Visual Studio Team Services. As part of our build, we run a Powershell script that disables the popup manager. The code we use to disable it is this:
Remove-ItemProperty "HKCU:\Software\Microsoft\Internet Explorer\New Windows" -Name "PopupMgr"
New-ItemProperty "HKCU:\Software\Microsoft\Internet Explorer\New Windows" -Name "PopupMgr" -Value 00000000 -PropertyType "DWord"
When I create and deploy a build in Release Manager, running this generates the following error:
The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop: Cannot find path 'HKCU:\Software\Microsoft\Internet Explorer\New Windows' because it does not exist.
(Emphasis mine)
I've logged onto the VM and looked at the registry, and HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows absolutely exists. The only thing I can think of is that its value isn't a DWORD but rather a string -- the PopupMgr key has a Data value of "yes" rather than 1 or 0. But that doesn't match the error message -- the error says it can't even find the path of the key, not that the value type is a mismatch. Plus, the code removes the existing key before inserting a new one, so I don't even know how it would notice the mismatch.
Even weirder, if I open Powershell inside the VM and run those exact two lines (I copied and pasted to avoid typos), they ran just fine.
This script worked on Windows 10 perfectly and has for a while, so I'm unsure what's going on here. The user is a member of the Administrators group, so I don't think it's a permissions issue.
Can anyone shed some light on this?
I think you are trying to add the Registry key Property Value
You need to test for the existence of the registry key. If the registry key does not exist, then you need to create the registry key, and then create the registry key property value.
You should create the path to the registry key, then specify the property name and the value you want to assign. This consists of three variables as shown here:
This should help you out:
$registryPath = "HKCU:\Software\Microsoft\Internet Explorer\New Windows"
$Name = "PopupMgr"
$value = "00000000"
IF(!(Test-Path $registryPath))
{
New-Item -Path $registryPath -Force | Out-Null
New-ItemProperty -Path $registryPath -Name $name -Value $value `
-PropertyType DWORD -Force | Out-Null}
ELSE {
New-ItemProperty -Path $registryPath -Name $name -Value $value `
-PropertyType DWORD -Force | Out-Null}
Hope it helps.
I had the same problem when renaming values, so I understood that for values you can (need / should) just define them, so I stopped trying to rename these values and started to define them :)
Just try to use Set-ItemProperty to change, set and reset values ...
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Internet Explorer\New Windows" -Name PopupMgr -Value 00000000 -Type DWORD
Some further reading:
[√] MS-Doc's | set-itemproperty
[√] SS64.com | set-itemproperty
I wrapped Duttas answer in an easy to use function:
Set_Registry_key -key "HKLM:\FULL\PATH\pad\pat\KEYNAME" `
-type String `
-value 'value'
Function definition:
function Set_Registry_key{
# String REG_SZ; ExpandString: REG_EXPAND_SZ; Binary: REG_BINARY; DWord: REG_DWORD; MultiString: REG_MULTI_SZ; Qword: REG_QWORD; Unknown: REG_RESOURCE_LIST
Param(
[Parameter(Mandatory=$true)]
[string]
$key,
[ValidateSet('String', 'DWord', 'ExpandString', 'Binary', 'MultiString', 'Qword', 'Unknown')]
$type,
[Parameter(Mandatory=$true)]
$value
)
$registryPath = $key -replace "[^\\]*$", ""
$name = $key -replace ".*\\", ""
if(!(Test-Path $registryPath)){
New-Item -Path $registryPath -Force | Out-Null
New-ItemProperty -Path $registryPath -Name $name -Value $value -PropertyType $type -Force | Out-Null
}else {
New-ItemProperty -Path $registryPath -Name $name -Value $value -PropertyType $type -Force | Out-Null
}
}
I am currently creating a powershell script in which the technicians can run to help apply various registry edits to create certain PCs which have automatic logins. However, whenever I run my script the powershell has no issue when changing values with pre-existing keys, yet it will not create keys when using the "new-item" command. I was wondering whether anyone would have any idea as to why this would not create the registry key given that I receive no errors when run.
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" –Name AutoAdminLogon -Value 1
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name DefaultUserName -Value domain\TEST
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name DefaultPassword -Value TEST123
Test-Path –Path "HKLM:\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\ForceAutoLogon"
if ( -Not (Test-Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"))
{
New-Item -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name ForceAutoLogon -Value 1
}
Test-Path is not designed for registy values. What you can do it use a Try/Catch block. You also need to Get/Set the itemPropery.
$Path = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"
Try {
Get-ItemProperty -Path $Path | Select-Object -ExpandProperty ForceAutoLogon -ErrorAction Stop | Out-Null
Set-ItemProperty -Path $Path -Name ForceAutoLogon -Value 1
} Catch {
New-ItemProperty -Path $Path -Name ForceAutoLogon -Value 1
}
If the Get-ItemProperty fails the the key must not exist. Then we can create it! If Get-ItemProperty succeeds then we can ensure the value is set properly. I might be using the registry keywords wrong but let the code speak for itself.
I need to run a powershell script that disables autorun for ALL drives on a computer.
It can be done manually as described here, but I need to do it for multiple computers (with Windows XP and 7) using a WDS server.
Give this a try:
$path ='HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer'
Set-ItemProperty $path -Name NoDriveTypeAutorun -Type DWord -Value 0xFF
you can try this:
function Disable-AutoRun
{
$item = Get-Item `
"REGISTRY::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\AutoRun.inf" `
-ErrorAction SilentlyContinue
if (-not $item) {
$item = New-Item "REGISTRY::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\AutoRun.inf"
}
Set-ItemProperty $item.PSPath "(default)" "#SYS:DoesNotExist"
}
and this to re-enable:
function Enable-AutoRun
{
Remove-Item "REGISTRY::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\AutoRun.inf" -Force
}
Explication.
Can some one suggest How to turn on smart screen filter for IE using power shell script?
thanks.
Here's a link to a script to turn on Windows SmartScreen. Not sure if that's the same as IE
http://gallery.technet.microsoft.com/scriptcenter/Script-to-enable-9076d20e
This worked for me!!
Function EnableDisableSmartScreen($status) {
if($status -eq 1)
{
Write-Output "Enabling SmartScreen Filter..."
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "EnableSmartScreen"
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Name "EnabledV9"
}
else
{
Write-Output "Disabling SmartScreen Filter..."
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "EnableSmartScreen" -Type DWord -Value 0
If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter")) {
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Force | Out-Null
}
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Name "EnabledV9" -Type DWord -Value 0
}
}