I am doing an automated deployment process within a single server that deploys a few different virtual machines. Once all the virtual machines are imported using a base image I start them and rename them and try to setup the auto logon process by setting the expected registry keys.
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name "AutoLogonCount" -Force -ErrorAction SilentlyContinue
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name "DefaultUserName" -Value "$Username" -Force
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name "DefaultPassword" -Value "$Password" -Force
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name "AutoAdminLogon" -Value "1" -Force
This is wrapped in an Invoke-Command with a working session and passing in the correct information into it. After this has been ran I use [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey( method to obtain the key value information and verify it has been set correctly. Which everything equals what it should.
However once this is complete I do a reboot of the virtual machine but occasionally a vm will not have the registry keys saved and it will not login automatically. When I manually login and look at the registry the keys are blank or not created.
I even have it written up that after the reboot if the registry keys do not equal what they should to try again, and after every attempted reboot to login automatically the keys seemingly disappear. I am running it again as I am writing this to attempt to do it and this time look in the event logs to see if anything is found.
This process can take some time since it doesn't seem to happen consistently and I delete the vms and run the automated process from scratch.
Related
I'm new to this and want to create a registry inside HKCR using powershell, but its not creating when i tries to run complete script at once.
However it gets created when i select that part and run seperately.
Am i missing something
Here is my code for creating a registry:
if (Get-PSDrive HKCR -ErrorAction SilentlyContinue) {
#Write-Host 'The X: drive is already in use.'
} else {
New-PSDrive -PSProvider Registry -Root HKEY_CLASSES_ROOT -Name HKCR
}
$path4="HKCR:\CLSID\"
New-Item -Path $path4 -Name "<key Name>" -Force
$path5=$path4+"<key Name>"
New-ItemProperty $path5 -Name β(Default)β -Value "PanPlapProvider" -Force
Any help will be thankfull.
HKCR hive does not exist actually. This virtual registry hive is combined of HKEY_LOCAL_MACHINE\SOFTWARE\Classes and HKEY_CURRENT_USER\Software\Classes.
Doc says:
HKEY_CLASSES_ROOT key provides a view of the registry that merges the
information from HKEY_LOCAL_MACHINE\Software\Classes with the
information from HKEY_CURRENT_USER\Software\Classes.
...
To change the settings for the interactive user, store the changes
under HKEY_CURRENT_USER\Software\Classes rather than
HKEY_CLASSES_ROOT.
etc, read this doc carefully.
I'm a learning System engineer and I have to Script a PowerShell Script who simply creates a Registry Key and a Value in it. I can't get it right, there is always this weird error popping up. Likewise, I already tried running it as an Administrator. Please Help!
Translation of the Error.
βThe requested registry access is invalid.β
Script:
$regkey="HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Defender\Reporting"
$regparam="DisableEnhancedNotifications"
cd HKLM:\
New-ItemProperty -Path "$regkey" -Name "$regparam" -Value "test" -PropertyType "String"
Thanks!
$regkey='HKLM:\SOFTWARE\Microsoft\Windows Defender\Reporting'
$regparam='DisableEnhancedNotifications'
# create key
New-Item -Path $regkey -Force
# create entry
New-ItemProperty -Path $regkey -Name $regparam -PropertyType String -Value 'test' -Force
more examples: Working with Registry Entries (learn.microsoft.com)
I trying to run a command that opens up Software Center on my machine. It works just fine if I run it in Command Prompt but not when I call it from my custom protocol handler in the registry. The main problem is that when called from the protocol handler, via a Toast button, Windows tells me I need a new app to open this.
Here is the command.
"C:\WINDOWS\CCM\ClientUX\SCClient.exe" softwarecenter:Page=Applications FilterType=0 SortType=6 View=Upcoming
Here is how I am setting up the protocol handler in registry
New-item 'HKLM:\SOFTWARE\ToastSoftwareCenter' -force
Set-itemproperty 'HKLM:\SOFTWARE\ToastSoftwareCenter' -name '(DEFAULT)' -value 'url:ToastSoftwareCenter' -force
Set-itemproperty 'HKLM:\SOFTWARE\ToastSoftwareCenter' -name 'URL Protocol' -value '' -force
New-itemproperty -path 'HKLM:\SOFTWARE\ToastSoftwareCenter' -propertytype dword -name 'EditFlags' -value 2162688
New-item 'HKLM:\SOFTWARE\ToastSoftwareCenter\Shell\Open\command' -force
Set-itemproperty 'HKLM:\SOFTWARE\ToastSoftwareCenter\Shell\Open\command' -name '(DEFAULT)' -value '"C:\WINDOWS\CCM\ClientUX\SCClient.exe" softwarecenter:Page=InstallationStatus FilterType=0 SortType=6 View=Upcoming' -force
I have tried appending these other commands on the end of the command to associate it as an exe so it wont ask anymore, but to no avail.
ftype exefile="%1" %*
assoc .exe=exefile\
The commands work when running them from a command prompt but not from the protocol handler. Am I setting it up wrong?
Thank You.
You're creating the protocol in the wrong location. It needs to be created under HKEY_CLASSES_ROOT
You also need to create the PSDrive in order to easily access that location within PowerShell.
New-PSDrive -PSProvider Registry -Root HKEY_CLASSES_ROOT -Name HKCR
New-Item 'HKCR:\ToastSoftwareCenter' -Force
Registering the Application Handling the Custom URI Scheme
We are currently leveraging a VNet at Azure that is configured to force all traffic over our site-to-site connection to on-premise networks and then out through our corporate firewall. All HTTP/HTTPS traffic is proxied.
This is causing significant issue in that newly-provisioned VMs can not see the outside world to access necessary configuration items like Azure Extensions or even no-proxied internal IPs.
To date, I've created a perverse work-around via PowerShell where I provision the VM, bootstrap it with Chef which overrides the proxy settings in order to get to the Chef server which then configures the proxies.
But, until the user fires up Internet Explorer, it does not set the proxies so that they can be used in PowerShell. Specifically, before IE is fired up, [System.Net.GlobalProxySelection]::Select is empty. Once IE has been started, it is populated.
I also tried preconfiguring an image and sysprep'ing it, but sysprep wipes the proxy settings.
As a final step, I created a PowerShell script which I thought would set the proxies. I was going to use this script via Azure Script Extension (assuming it is on the VM by default), but I can't get it to give me the desired results.
So, my question is, how do I make a Windows 2012 R2 (and Windows 2008 R2) newly provisioned VM proxy aware so that other processes in the provisioning sequence will work (i.e., extensions like the Chef extension)?
Here is the script I created (that doesn't perform as expected):
# See: http://www.geoffchappell.com/notes/windows/ie/firstrun.htm
$regKey = 'HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings'
$proxyServerToDefine = 'http://<PROXY URI>:<PORT>'
Set-ItemProperty -path $regKey ProxyEnable -value 1
Set-ItemProperty -path $regKey ProxyServer -value $proxyServerToDefine
Set-ItemProperty -path $regKey ProxyOverride -value '137.185.235.196;137.185.235.199'
New-Item -Path 'HKLM:\\Software\\Policies\\Microsoft\\Internet Explorer' -Name 'Main' -Force # Does not exist by default
Set-ItemProperty -Path 'HKLM:\Software\Policies\Microsoft\Internet Explorer\Main' -Name DisableFirstRunCustomize -Value 1
(New-Object System.Net.WebClient).Proxy.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials
The trick here was assigning both the HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings AND system account's Internet Settings.
Suggestion: Set your proxy and overrides up once, confirm that it works and then grab the registry values to use in your script.
Here's the list of values I set to make the Users and the System accounts proxy aware:
$userReg = 'HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings'
Set-ItemProperty -path $userKey ProxyEnable -value 1
Set-ItemProperty -path $userKey ProxyServer -value ''
Set-ItemProperty -path $userKey ProxyOverride -value ''
$sysReg = 'HKU:\\S-1-5-18\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings'
Set-ItemProperty -path $sysReg ProxyEnable -value 1
Set-ItemProperty -path $sysReg ProxyServer -value ''
Set-ItemProperty -path $sysReg ProxyOverride -value ''
$sysRegCon = 'HKU:\\S-1-5-18\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\Connections'
$DefaultConnectionSettings = ([byte[](0x46,0x00,...))
$SavedLegacySettings = ([byte[](0x46,0x00,...))
Set-ItemProperty -path $sysRegCon DefaultConnectionSettings -value $DefaultConnectionSettings
Set-ItemProperty -path $sysRegCon SavedLegacySettings -value $SavedLegacySettings
Hope this helps someone else more rapidly down the path...
I am developing a powershell script file which shall execute some disk cleanup without user intervention. The user shall not be able to configure anything.
When I run cleanmgr.exe /d c: sageset:1 a popup window appears to select files/folders to be cleaned(cleanup options).
This will create a registry entry containing the settings with the cleanup options and after this, you can run cleanmgr.exe /sagerun:1 which will actually execute the cleanup.
Is there a way to specify the cleanup options directly with powerhell/command line(without the need to manually select things to be deleted)?
The following Powershell script automates CleanMgr.exe. In this case, it removes temporary files and runs the Update Cleanup extension to purge superseded Service Pack Backup files (Windows 10 now does this automatically via a scheduled task). To automate other extensions, create a "StateFlags0001" property in the corresponding Registry key, as done in the New-ItemProperty lines. You will find the Registry key names in the "VolumeCaches" branch.
As far as being silent, this script attempts to start CleanMgr.exe in a hidden window. However, at some point CleanMgr spawns new processes which are visible and must be waited on separately.
Write-Host 'Clearing CleanMgr.exe automation settings.'
Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\*' -Name StateFlags0001 -ErrorAction SilentlyContinue | Remove-ItemProperty -Name StateFlags0001 -ErrorAction SilentlyContinue
Write-Host 'Enabling Update Cleanup. This is done automatically in Windows 10 via a scheduled task.'
New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Update Cleanup' -Name StateFlags0001 -Value 2 -PropertyType DWord
Write-Host 'Enabling Temporary Files Cleanup.'
New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Temporary Files' -Name StateFlags0001 -Value 2 -PropertyType DWord
Write-Host 'Starting CleanMgr.exe...'
Start-Process -FilePath CleanMgr.exe -ArgumentList '/sagerun:1' -WindowStyle Hidden -Wait
Write-Host 'Waiting for CleanMgr and DismHost processes. Second wait neccesary as CleanMgr.exe spins off separate processes.'
Get-Process -Name cleanmgr,dismhost -ErrorAction SilentlyContinue | Wait-Process
$UpdateCleanupSuccessful = $false
if (Test-Path $env:SystemRoot\Logs\CBS\DeepClean.log) {
$UpdateCleanupSuccessful = Select-String -Path $env:SystemRoot\Logs\CBS\DeepClean.log -Pattern 'Total size of superseded packages:' -Quiet
}
if ($UpdateCleanupSuccessful) {
Write-Host 'Rebooting to complete CleanMgr.exe Update Cleanup....'
SHUTDOWN.EXE /r /f /t 0 /c 'Rebooting to complete CleanMgr.exe Update Cleanup....'
}
The PowerShell logic provided below is dynamic and ready for use or automation with the sageset options all being selected and no user interaction being required. This was inspired by multiple answers and comments from this post.
Note: I've adjusted for my needs and used successfully without any issues on multiple remote and local Windows 10 systems in particular.
Run on Local System
Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\*' | % {
New-ItemProperty -Path $_.PSPath -Name StateFlags0001 -Value 2 -PropertyType DWord -Force
};
Start-Process -FilePath CleanMgr.exe -ArgumentList '/sagerun:1' ##-WindowStyle Hidden
Run on Remote System
$cred = Get-Credential "domain\administrator";
Invoke-Command -ComputerName "computer004" {
Process {
Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\*' | % {
New-ItemProperty -Path $_.PSPath -Name StateFlags0001 -Value 2 -PropertyType DWord -Force
};
Start-Process -FilePath CleanMgr.exe -ArgumentList '/sagerun:1' -WindowStyle Hidden
}
} -AsJob -Credential $cred
Supporting Resources
cleanmgr
Invoke-Command
-AsJob
Run the command as a background job on a remote computer.
Use this parameter to run commands that take an extensive time to complete.
Get-Credential
Automate process of Disk Cleanup cleanmgr.exe without user intervention
Creating a Disk Cleanup Handler
You can use cleanmgr /verylowdisk to silently automate all the cleanup steps.
The only solution I found is to manually set the registry values like this:
...
#Set StateFlags0012 setting for each item in Windows 8.1 disk cleanup utility
if (-not (get-itemproperty -path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Active Setup Temp Folders' -name StateFlags0012 -ErrorAction SilentlyContinue)) {
set-itemproperty -path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Active Setup Temp Folders' -name StateFlags0012 -type DWORD -Value 2
set-itemproperty -path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\BranchCache' -name StateFlags0012 -type DWORD -Value 2
set-itemproperty -path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Downloaded Program Files' -name StateFlags0012 -type DWORD -Value 2
...
see full example
I ran into the same issue. Researching the possible ways, I have found the following:
http://stealthpuppy.com/cleaning-up-and-reducing-the-size-of-your-master-image/
It shows how to create the sageset registry settings via cmd. You can then use the sagerun:# cmd. I have not tried it via script yet, but have validated that it works...
This script will get all the Volume Caches from the Registry, enable them to be cleaned and run the CLEANMGR.EXE for all caches.
$VolumeCachesRegDir = "hklm:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches"
$CacheDirItemNames = Get-ItemProperty "$VolumeCachesRegDir\*" | select -ExpandProperty PSChildName
$CacheDirItemNames |
%{
$exists = Get-ItemProperty -Path "$VolumeCachesRegDir\$_" -Name "StateFlags6553" -ErrorAction SilentlyContinue
If (($exists -ne $null) -and ($exists.Length -ne 0))
{
Set-ItemProperty -Path "$VolumeCachesRegDir\$_" -Name StateFlags6553 -Value 2
}
else
{
New-ItemProperty -Path "$VolumeCachesRegDir\$_" -Name StateFlags6553 -Value 0 -PropertyType DWord
}
}
Start-Sleep -Seconds 3
Write-Host 'Running CleanMgr.exe...'
Start-Process -FilePath CleanMgr.exe -ArgumentList '/sagerun:65535' -WindowStyle Hidden -PassThru
cls
Running CleanMgr.exe in a powershell script or by itself seems to work fine as long as you run it locally with an account that has local admin rights. But try running it remotely via any remote management tool or remote scripting command (Invoke-Command) and it does not run. You might see the process running on the remote system but it doesn't seem to cleanup anything and the process never ends. I would be interested if anyone has been able to get cleanmgr.exe to run remotely without any user interaction. E.G. ConfigMgr Right Click Tools, ConfigMgr App or PKG, Task Scheduler.