I am trying to use powershell commands to get the registry key advanced audit settings, after a while of testing I have managed to come to this point:
(Get-Acl -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion).AuditToString
Using that command gives me no output (advanced audit settings are in place so I am expecting an output). It seems like I am very close with this command and I may be missing a parameter. I have been at this for a while with no luck so I really appreciate any help.
Let's assume you have an element "AdvancedAudit" at HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion"
This is how you access it...Hope it helps!
(Get-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion).AdvancedAudit
Related
start "odopen://sync/?siteId=$siteid17&webId=$webid17&listId=$listid17&userEmail=$upn&webUrl=$URL17&webtitle=$webtitle17&listtitle=$listtitle17"
How is it possible to run the following command inside Powershell without an appearing popup window or any userinteraction? I've tried adding /ArgumentList "/S", "/Background". Also tried with -WindowStyle Hidden at the end. Appreciate some help :)
Your command as-is basically says "Start the program that opens odopen:// (OneDrive) links" and can't really be given any silent style instructions. The proper way to configure this kind of thing is through OneDrive Group Policies, but we can cheat and set registry keys.
The link above goes into detail about how to configure group policy, but also tells us that the specific group policy setting to "Configure team site libraries to sync automatically" sets this registry key:
[HKCU\Software\Policies\Microsoft\OneDrive\TenantAutoMount]"LibraryName"="LibraryID"
And that your LibraryID is in this format, which looks familiar:
tenantId=xxx&siteId=xxx&webId=xxx&listId=xxx&webUrl=httpsxxx&version=1
So to put it in a script, I would use something like this, adapted from Nicola Suter's blog post here:
$tenantAutoMountRegKey = "HKLM:\SOFTWARE\Policies\Microsoft\OneDrive\TenantAutoMount"
$autoMountTeamSitesList= #{
#Enter your SharePoint libraries to configure here as key/value pairs
MySharePoint="odopen://sync/?siteId=$siteid17&webId=$webid17&listId=$listid17&userEmail=$upn&webUrl=$URL17&webtitle=$webtitle17&listtitle=$listtitle17"
}
# Check if the key exists and create if missing:
if (-not (Test-Path $tenantAutoMountRegKey)){ New-Item -Path $tenantAutoMountRegKey -Force }
# Add the sites for automatic mounting
$autoMountTeamSitesList | Set-ItemProperty -Path $tenantAutoMountRegKey -Name $_.Key -Value $_.Value
This generally takes effect the next time a user signs into OneDrive, though Microsoft warns it may take up to 8 hours to start syncing (Keeps hundreds of users from syncing the same library at the same time)
TL;DR: You cannot.
Using odopen will always show sign-in window (as stated here: https://learn.microsoft.com/en-us/onedrive/deploy-on-windows#help-users-sign-in), what you can do is only populate it with data, which is what you are already doing.
If you want to do it silently, there is documentation about it: https://learn.microsoft.com/en-us/onedrive/use-silent-account-configuration
I want to access this path Computer Configuration\Policies\Windows Settings\Security Settings\Account Policies\Password Policy\Maximum password age in local group policy editor and modify its value through powershell script. I have tried to import module group (Get-Command -Module group*) but no methods/module is found.I have tried the following way in powershell and it didn't work.
Set-ItemProperty -Path \Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy -Name Maximum password age -Value 20
Can someone help me in modifying the value through powershell scripting.
I am new to powershell scripting,so please ignore if any wrong info is
provided.
You can find it in windows registry, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
MaximumPasswordAge REG_DWORD
You can get/set Registry values, somewhat counter-intuitively with the [get/set]-itemproperty commands.
Example:
Get-ItemProperty HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service\ -Name AllowCredSSP
However, this likely won't reflect in the Local Group Policy Editor interface.
Look up LGPO.exe, documentation is scarce, but it seems to work:
https://blogs.technet.microsoft.com/secguide/2016/01/21/lgpo-exe-local-group-policy-object-utility-v1-0/
(Current download is in the "Security Compliance Toolkit")
https://www.microsoft.com/en-us/download/details.aspx?id=55319
For parameters like max password age, I think best way is to use net.exe commant. Try to execute
net.exe accounts /?
For more complicated group policies in computer without domain, you can prepare policies in one computer, export it to file, and inport in other computers, by using secedit.exe
Try to google secedit /export, secedit /import usage
You can call secedit from powershell without any problems
Im trying to create a batch file or a script that enables this option in Windows 7x64
The reason for this is that when running a silent installation I get en error pointing to this. If I do it manually all works fine.
Im not sure how to create this batchfile/script/powershell...?
Any ideas?
Thank you all
The option 'sits' in the registry according to MSDN - http://msdn.microsoft.com/en-us/library/cc224817.aspx
With PowerShell it will be like this:
Set-ItemProperty "HKLM:\\SOFTWARE\\Microsoft\\MSDTC\\Security\\" -Name "XaTransactions" -Value "1"
Note that you need admin rights. Tried it on Windows 8.
You may want to experiment with reading the value first - here's the way:
Get-ItemProperty "HKLM:\\SOFTWARE\\Microsoft\\MSDTC\\Security\\" -Name "XaTransactions"
thanks for taking the time to try any help me out!
As the title suggests I cannot get the Merge-SPLogFile cmdlet to return me any results!
I find hunting down error messages in SharePoint logs a very time consuming and laborious process- Being relatively new to PowerShell I only recently stumbled across the cmdlet. Knowing how much time this could save me I was excited to implement it.
I started with the following code:
Add-PSSnapin Microsoft.SharePoint.Powershell
$correlationId = "C826869C-4A8E-10E2-6C5E-58A1C87EB651"
Merge-SPLogFile –Path “C:\Users\Administrator\Desktop\SPLog.log” –Correlation $correlationId -Overwrite
This gives me the warning- "WARNING: Cmdlet did not return any records in the log file. Check your time range or filters."
Naturally I typed the error into my search engine and it seems other people have had the same problems when the -Correlation argument isn't in upper case. I tried both uppercase and lowercase but to no avail. I was able to manually find the GUID in the logs so I know it exists.
When I ran out of luck with this technique I thought I would try filtering using different arguments (by time):
Add-PSSnapin Microsoft.SharePoint.Powershell
[int] $HowFarBack = 15
[int] $howFarBackInMinutes = (-1) * $HowFarBack
[datetime] $startDateTime = [System.DateTime]::Now.AddMinutes($howFarBackInMinutes)
write-host $startDateTime
Merge-SPLogFile -Path 'C:\Users\Administrator\Desktop\SPLog.log' -Overwrite -StartTime $startDateTime
I get exactly the same error. To rule out my arguments being incorrect I tried not giving it a filter at all:
Add-PSSnapin Microsoft.SharePoint.Powershell
Merge-SPLogFile -Path 'C:\Users\Administrator\Desktop\SPLog.log' -Overwrite
I still get- "WARNING: Cmdlet did not return any records in the log file. Check your time range or filters." The logs are all there and in the default "LOG" folder within the 15 hive. I haven't changed any logging settings away from the defaults.
I am running on SharePoint 2013 Foundation.
What am I doing wrong?
The problem in my case was that there was no diagnostic logging activated for my SharePoint Farm.
How to enable diagnostic logging
Go to your Central Administration (usually http://YOUR_SHAREPOINT:10000/) (there is also a shortcut in your start menu on the server you installed the SharePoint at)
Go to "Monitoring"
Under "Reporting" click "Configure diagnostic logging"
Select the categories that you want to merge in case of an Error. I just selected All Categories here. Then click the "Ok" button at the bottom of the page.
(5. Reproduce the error and use the SP Shell again to Merge the Log Files)
I'm trying to develop my own Boxstarter script for spinning up new machines. I just realized that I'd really like to add a line that will change default applications to open certain file types. For example, I want to open .txt files with Notepad++. I know how to do this by right-click the file and checking it's properties, but is there a line I can add to my Boxstarter script that will do it? Or, since Boxstarter is basically a special set of PowerShell commands, is there a PowerShell command I can invoke directly to change the opens with property? I did some searching, and most of the results were about how to get PowerShell to open something, not change the opens with property. The rest were all about how to open PowerShell.
Another similar, but not quite the same, way to go about this is to change the file association you want to associate with a particular applicaition. Chocolatey includes some helper commands to do this and is therefore available to your Boxstarter package. Here is an excerpt from one of my Boxstarter packages:
Install-ChocolateyFileAssociation ".txt" "$env:programfiles\Sublime Text 2\sublime_text.exe"
Install-ChocolateyFileAssociation ".dll" "$($Boxstarter.programFiles86)\jetbrains\dotpeek\v1.1\Bin\dotpeek32.exe"
So now double clicking on any text file opens sublime or any dll opens dotpeek.
But I agree. Its still helpful to be able to add to the "Open With..." list.
Thanks to #Raf for pointing me in the right direction. Here's the code to change the OpensWith property of .txt files:
$principal = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
$key = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\UserChoice",[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::ChangePermissions)
$acl = $key.GetAccessControl()
$right = "SetValue"
$denyrule = New-Object System.Security.AccessControl.RegistryAccessRule($principal,$right,"DENY")
$ret = $acl.RemoveAccessRule($denyrule)
$ret = $key.SetAccessControl($acl)
Set-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\UserChoice -Name ProgId -Value Applications\notepad++.exe
Slightly modified from an answer in the TechNet forums.
I haven't figured out if there's a boxstarter shortcut for this, but changing the ACL rules was the key. Without it, you don't have the proper access to change this particular registry item. Even when I tried running Powershell as Admin and made sure I had all the right permissions on the UserChoice key (both the administrator account and my user account had Full Control), I kept getting an error that the Requested registry access is not allowed.