I need a bit of help, I need to add my File Share \169.254.100.100\Share to the trusted Sites in IE, I did it the manual way, so I know that is working. But I'd like to do it also in PS. I tried adding it in the Registry and GPO in different ways but failed. For websites it works but not for the Server.. any suggestions?
New-Item -Path '.\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap' -Name \\169.254.100.100\Share
New-ItemProperty -Path '.\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains' -Name\\169.254.100.100\Share -Value 1 -PropertyType Dword
But this fails which is ok but I don't have other ideas.
BR Tim
If you're adding an IP Address it goes in the Ranges subkey not the Domains subkey, you also need to specify the file URL scheme and populate the ZoneMapKey. The parent subkeys may not exist, on my test PC even ZoneMap was not present. The example below should be expanded to test what exists and what needs creating.
Set-Location "HKCU:"
New-Item -Path '\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\' -name ZoneMap
New-Item -Path '\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap' -name Domains
New-Item -Path '\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap' -name Ranges
New-Item -Path '\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges' -name Range1
New-ItemProperty -Path '\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1' -Name ":Range" -Value "169.254.100.100"
New-ItemProperty -Path '\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1' -Name "file" -Value 2
New-Item -Path '\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\' -name ZoneMapKey
New-ItemProperty -Path '\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapKey' -Name "file://169.254.100.100" -Value "2"
You'd need to make sure Range1 doesn't exist and find RangeN where N doesn't exist.
Related
I'm a learning System engineer and I have to Script a PowerShell Script who simply creates a Registry Key and a Value in it. I can't get it right, there is always this weird error popping up. Likewise, I already tried running it as an Administrator. Please Help!
Translation of the Error.
“The requested registry access is invalid.”
Script:
$regkey="HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Defender\Reporting"
$regparam="DisableEnhancedNotifications"
cd HKLM:\
New-ItemProperty -Path "$regkey" -Name "$regparam" -Value "test" -PropertyType "String"
Thanks!
$regkey='HKLM:\SOFTWARE\Microsoft\Windows Defender\Reporting'
$regparam='DisableEnhancedNotifications'
# create key
New-Item -Path $regkey -Force
# create entry
New-ItemProperty -Path $regkey -Name $regparam -PropertyType String -Value 'test' -Force
more examples: Working with Registry Entries (learn.microsoft.com)
I want to place a word template, template.dotm into the Word custom templates folder.
Using Office 365, latest version of Word. Windows 10. Apologies if my terminology is incorrect, still a powershell/programming novice.
This folder doesn't exist by default, and the directory Word looks for default templates in doesn't exist by default either. If a user has created a template, then it will create an expanding string named PersonalTemplates at the following registry key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options, with the value being the directory they've elected as their default custom templates directory.
I want to make a script which:
Checks for presence of PersonalTemplates. If present, and value is not null, store as $regvalue.
If not present, or value is null, create expanding string with the following value $newreg at HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options.
Then copy template.dotm into the $regvalue or $newreg. Powershell will be run from the same directory as the template.dotm is stored in.
I've got a bunch of snippets which do some of the principle operations, though I can't work out how to tie them together, and am missing some bits which I just can't work out:
Copy the template to the destination
ForEach ($user in (Get-ChildItem "C:\Users" -Exclude Public)) {
New-Item -ItemType Directory -Force -Path "C:\Users$($user.Name)\Documents\Custom Office Templates"
Copy-Item template.dotm -Destination "C:\Users$($user.Name)\Documents\Custom Office Templates"
Create registry key with value
Set-Location -Path
'HKCU:\SOFTWARE\Microsoft\Office\16.0\Word\Options'
New-ItemProperty -Path
'HKCU:\SOFTWARE\Microsoft\Office\16.0\Word\Options' -Name
'PersonalTemplates' -Value "C:\Users$($user.Name)\Documents\Custom
Office Templates" -PropertyType ExpandString -Force }
Get regvalue
$regvalue = (Get-ItemPropertyValue
'HKCU:\SOFTWARE\Microsoft\Office\16.0\Word\Options'
'PersonalTemplates')
I have put together your code snippets in order, also corrected the logic for checking if the Registry key is present or not.
ForEach ($user in (Get-ChildItem "C:\Users" -Exclude Public))
{
$location = "C:\Users\$($user.Name)\Documents\Custom Office Templates"
$IsPresent = Get-ItemProperty 'HKCU:\SOFTWARE\Microsoft\Office\16.0\Word\Options' | ForEach-Object {If($_ -like '*PersonalTemplates*'){ Return 'True' }}
if(-Not($IsPresent -eq 'True'))
{
New-ItemProperty -Path 'HKCU:\SOFTWARE\Microsoft\Office\16.0\Word\Options' -Name 'PersonalTemplates' -Value $location -PropertyType ExpandString -Force \\Not tested
New-Item -ItemType Directory -Force -Path $location
}
$existingValue= Get-ItemPropertyValue -Path 'HKCU:\SOFTWARE\Microsoft\Office\16.0\Word\Options' -Name 'PersonalTemplates'
if([string]::IsNullOrWhiteSpace($existingValue)){
Set-ItemProperty -Path 'HKCU:\SOFTWARE\Microsoft\Office\16.0\Word\Options' -Name 'PersonalTemplates' -Value $location
}
else{
$location=$existingValue
if(!(test-path $existingValue))
{
New-Item -ItemType Directory -Force -Path $existingValue
}
}
Copy-Item template.dotm -Destination $location
}
I have not tested the creation of registry key as I am on my work laptop, so assuming that line of code works.
Also, question for you: With this approach wouldn't the registry entry have the single value that of the first user folder, you may have to look into the logic? I feel you may have to run this script for each user after they login using $env:Username instead of looping through the user folder. But I could be wrong, there may be other who could suggest better.
For our website to run we need to:
add site to trusted sites list [Solved]
disable IE protected mode [Solved]
bring down security level for all zones. [facing Issue]
I am automating this site. As a prerequisite i have to take care of security features.
I have create below code. But i am not able to set security level to zero. I can't find 1A10 in zones.
I am adding solved issues code as well. Hoping it might help someone in need
Helpful sites -
https://x86x64.wordpress.com/2014/05/20/powershell-ie-zones-protected-mode-state/
https://support.microsoft.com/en-in/help/182569/internet-explorer-security-zones-registry-entries-for-advanced-users
https://blogs.technet.microsoft.com/heyscriptingguy/2015/04/02/update-or-add-registry-key-value-with-powershell/
#1. Add site to trusted sites
#Setting IExplorer settings
Write-Verbose "Now configuring IE"
#Navigate to the domains folder in the registry
set-location "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
set-location ZoneMap\Domains
#Create a new folder with the website name
new-item testsite.site.com/ -Force #website part without https
set-location testsite.site.com/
new-itemproperty . -Name https -Value 2 -Type DWORD -Force
Write-Host "Site added Successfully"
Start-Sleep -s 2
# 2. Disable IE protected mode
# Disabling protected mode and making level 0
#Zone 0 – My Computer
#Zone 1 – Local Intranet Zone
#Zone 2 – Trusted sites Zone
#Zone 3 – Internet Zone
#Zone 4 – Restricted Sites Zone
#“2500” is the value name representing “Protected Mode” tick. 3 means Disabled, 0 – Enabled
#Disable protected mode for all zones
Set-ItemProperty -path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" -Name 2500 -Value "3"
Set-ItemProperty -path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" -Name 2500 -Value "3"
Set-ItemProperty -path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" -Name 2500 -Value "3"
Set-ItemProperty -path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" -Name 2500 -Value "3"
Write-Host "IE protection mode turned Off successfully"
Start-Sleep -s 2
# 3. Bring down security level for all zones
#Set Level 0 for low
Set-ItemProperty -path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" -Name 1A10 -Value "0"
Set-ItemProperty -path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" -Name 1A10 -Value "0"
Set-ItemProperty -path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" -Name 1A10 -Value "0"
Set-ItemProperty -path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" -Name 1A10 -Value "0"
Stop-Process -name explorer
Thanks in Advance Guys!!
just remove "0" and replace with 0 it worked for me.
Set-ItemProperty -path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" -Name 1A10 -Value 0
Windows 10 allows you to configure Settings > Start > Use Start full screen, I'm trying to find a way to configure this through powershell/dsc scripting/automation. I was able to find the MDM and GPO documentation (https://learn.microsoft.com/en-us/windows/configuration/windows-10-start-layout-options-and-policies) but this does not appear to apply to desktop Windows 10 Pro - powershell has no commands/cmdlets with GP* nouns.
The scripts below, inspired by the .bat-files in this article adjust the local policies and should probably work. I have tested on 10.0.16299.431 (Enterprise).
Based on the article (Created by Shawn Brink, January 24th 2015):
To force fullscreen:
$forceStartSizePath = "\Software\Policies\Microsoft\Windows\Explorer"
New-ItemProperty -Path "HKCU:$forceStartSizePath" -Name "ForceStartSize" -Value 2 -Force
New-ItemProperty -Path "HKLM:$forceStartSizePath" -Name "ForceStartSize" -Value 2 -Force
Stop-Process -name explorer
To force normal mode:
$forceStartSizePath = "\Software\Policies\Microsoft\Windows\Explorer"
New-ItemProperty -Path "HKCU:$forceStartSizePath" -Name "ForceStartSize" -Value 1 -Force
New-ItemProperty -Path "HKLM:$forceStartSizePath" -Name "ForceStartSize" -Value 1 -Force
Stop-Process -name explorer
To reset to default:
$forceStartSizePath = "\Software\Policies\Microsoft\Windows\Explorer"
Remove-ItemProperty -Path "HKCU:$forceStartSizePath" -Name "ForceStartSize"
Remove-ItemProperty -Path "HKLM:$forceStartSizePath" -Name "ForceStartSize"
Stop-Process -name explorer
Note: The last line (making explorer restart) may not desirable, but it will make sure the settings are picked up instantly. Your screen will flicker (if running local) as explorer is restarted.
Also; if parts of the registry-path is missing, you will get an error message. Use Test-Pathand New-Item to check for and create the missing part of the path.
I'm running my PowerShell as Admin and I try to create a symbolic link to another directory.
To do so, I want to use the New-Item cmdlet as described in the
Microsoft documentation.
New-Item -ItemType SymbolicLink -Path C:\Temp -Name TestDir -Value C:\LinkedDir
I made sure, all directories (except the symbolic link itself) exist, but still I get this error:
New-Item : Type unkonwn Typ. Only "file" and "directory" can be used.
In Line:1 Row:9
+ New-Item <<<< -ItemType SymbolicLink -Path C:\Temp -Name TestDir -Value C:\LinkedDir
+ CategoryInfo : InvalidArgument: (:) [New-Item], PSArgumentException
+ FullyQualifiedErrorId : Argument,Microsoft.PowerShell.Commands.NewItemCommand
If I use the New-Item cmdlet just like this
PS C:\Temp> New-Item -ItemType SymbolicLink
I can enter the paths manually, so this means, that my PowerShell actually knows the cmdlet.
Does anyone know what the problem is and can help me out?
The code above does not work with PowerShell 2.0 .
After Mark Wragg asked which PS version I use, I upgraded to 4.0 and it worked.
So it seems, that some parameters from the New-Item cmdlet are not supported in PS 2.0.
New-Item SymbolicLink error Workaround:
On my computer, this command does't work:
New-Item -ItemType SymbolicLink -Path $link_fullpath -Target $Target
If $link and $target are on the same unit, for example, if $Target= "y:\xxx\myfile1" and $link= "y:\zzz\Myfile2" (both on Y:). If it's not on the same unit, it works.
On the other hand and fortunately, New-Item works if I use -Name like this:
New-Item -ItemType SymbolicLink -name $name_link -Path $path_link -Target $target
Where $name_link = "Myfile2" , $path_link = "y:\zzz" and $Target = "y:\xxx\myfile1"
So, use -Name in New-Item SymbolicLink if you have the same error.