I need to run a powershell script that disables autorun for ALL drives on a computer.
It can be done manually as described here, but I need to do it for multiple computers (with Windows XP and 7) using a WDS server.
Give this a try:
$path ='HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer'
Set-ItemProperty $path -Name NoDriveTypeAutorun -Type DWord -Value 0xFF
you can try this:
function Disable-AutoRun
{
$item = Get-Item `
"REGISTRY::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\AutoRun.inf" `
-ErrorAction SilentlyContinue
if (-not $item) {
$item = New-Item "REGISTRY::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\AutoRun.inf"
}
Set-ItemProperty $item.PSPath "(default)" "#SYS:DoesNotExist"
}
and this to re-enable:
function Enable-AutoRun
{
Remove-Item "REGISTRY::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\AutoRun.inf" -Force
}
Explication.
Related
I made a simple PowerShell script to change the taskbar settings (Hiding the Search and Task View buttons, as well as alignment). I was able to get them to push out properly, however on first run the scripts would only partially work, the Task View button would be removed however the other ones wouldn't.
The script would work however when you would manually change the taskbar settings through the GUI, for example switching the alignment to left and then back to center, the script would then work and adjust the alignment back to the left side. I just need to find what's causing it not to run properly the first time when units are deployed.
This short script goes as follows:
Set-ExecutionPolicy bypass -Scope CurrentUser
$registryPath1 = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Search"
$registryPath2 = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
$registryPath3 = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
$name1 = "SearchboxTaskbarMode"
$name2 = "ShowTaskViewButton"
$name3 = "TaskbarAl"
$value1 = "0"
$value2 = "0"
$value3 = "0"
IF(!(Test-Path $registrypath1))
{
New-Item -Path $registryPath1 -Force | Out-Null
Set-ItemProperty -Path $registryPath1 -Name $name1 -Value $value1 `
}
ELSE {
Set-ItemProperty -Path $registryPath1 -Name $name1 -Value $value1 `
}
IF(!(Test-Path $registryPath2))
{
New-Item -Path $registryPath2 -Force | Out-Null
Set-ItemProperty -Path $registryPath2 -Name $name2 -Value $value2 `
}
ELSE {
Set-ItemProperty -Path $registryPath2 -Name $name2 -Value $value2 `
}
IF(!(Test-Path $registryPath3))
{
New-Item -Path $registryPath3 -Force | Out-Null
Set-ItemProperty -Path $registryPath3 -Name $name3 -Value $value3 `
}
ELSE {
Set-ItemProperty -Path $registryPath3 -Name $name3 -Value $value3 `
}
I am trying to make a reg key change based on the OS version.
The Key change pat works fine however the if function to work out if the device needs it or not I can not get to work. Any advice would be helpful. The powershell is below.
$verCheckOS = (Get-WmiObject win32_operatingsystem).version
if ($verCheckOS -lt 10.0.19043 -and $verCheckOS -gt 10.0.17134)
{
if (Test-Path HKLM:\SOFTWARE\Policies\Microsoft\AzureADAccount)
{
CD HKLM:\SOFTWARE\Policies\Microsoft
New-Item -Name AzureADAccount
New-ItemProperty -Path "AzureADAccount" -Name "AllowPasswordReset" -Value 1 -PropertyType DWord
}
}
Else
{
}
To make PowerShell compare version numbers properly you need to cast them to the proper type.
$verCheckOS = [version](Get-CimInstance -ClassName CIM_OperatingSystem).Version
if ($verCheckOS -lt [version]'10.0.19043' -and $verCheckOS -gt [version]'10.0.17134') {
if (-not (Test-Path HKLM:\SOFTWARE\Policies\Microsoft\AzureADAccount)) {
Push-Location 'HKLM:\SOFTWARE\Policies\Microsoft'
New-Item -Name 'AzureADAccount'
New-ItemProperty -Path 'AzureADAccount' -Name 'AllowPasswordReset' -Value 1 -PropertyType DWord
}
}
$verCheckOS = (Get-WmiObject win32_operatingsystem).version
if ($verCheckOS -lt "10.0.19043" -and $verCheckOS -gt "10.0.17134")
{
if (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\AzureADAccount"))
{
$null = New-Item -Name "AzureADAccount" -Path "HKLM:\SOFTWARE\Policies\Microsoft\"
$null = New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\AzureADAccount" -Name "AllowPasswordReset" -Value 1 -PropertyType DWord
}
}
I am a bit confused by your code. You check if the full path to the AzureADAccount key exists and then if it does you proceed to try and create it? I think you meant if it does NOT exist then create it? I mean your code won't execute if it isn't there so the line to create it is just going to error out. So I changed it to run the block only if the path doesn't exist. If that's wrong then put the Test-Path line back the way you had it and remove the 'New-Item -Name "AzureADAccount"' line as its meaningless and keep the New-ItemProperty line.
Also just adding quotes around the numbers made the version check if statement work fine for me in my testing.
I have created a powershell script that enables basic authentication, I needed this to allow the winrm to work when running some of our older powershell scripts.
What I need to do now is be able to call this script as a function with either a true false argument. e.g. disable or enable basic authentication.
How can I wrap this code into a function so that I can call it from other powershell scripts?
SO if I send a command to this script e.g.
basicauth($true) - it will run the script as is
basicauth($false - would disable basic authentication
I can create the alternate if else statement for when the true of false is sent to this, but not sure how I can wrap the whole script into a function.
Apologies for the novice status with powershell, it took me awhile to get this script working the way it is.
param([switch]$Elevated)
# Get variables
$registryPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client"
$key1 = "AllowDigest"
$key2 = "AllowUnencryptedTraffic"
$key3 = "AllowBasic"
$off = "00000000"
$on = "00000001"
# enables admin privileges
function Test-Admin {
$currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
$currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
}
if ((Test-Admin) -eq $false) {
if ($elevated)
{
'tried to elevate, did not work, aborting...'
}
else {
Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
}
exit
}
# checks if the registry path is available, before adding the registry key values
If (!(Test-Path $registryPath))
{
New-Item -Path $registryPath -Force | out-Null
New-ItemProperty -Path $registryPath -Name $key1 -Value $off -PropertyType DWORD -Force | Out-Null
New-ItemProperty -Path $registryPath -Name $key2 -Value $off -PropertyType DWORD -Force | Out-Null
New-ItemProperty -Path $registryPath -Name $key3 -Value $on -PropertyType DWORD -Force | Out-Null
#'registry key did not exist'
exit
}
Else
{
New-ItemProperty -Path $registryPath -Name $key1 -Value $off -PropertyType DWORD -Force | Out-Null
New-ItemProperty -Path $registryPath -Name $key2 -Value $off -PropertyType DWORD -Force | Out-Null
New-ItemProperty -Path $registryPath -Name $key3 -Value $on -PropertyType DWORD -Force | Out-Null
#'registry key exists'
exit
}
NOTE: Now I know that the Else statement should have the values as: Set-ItemProperty although if I change the code to have Set-ItemProperty the script no longer works, only way I have this working is to have it as: New-ItemProperty. Doesn't really make sense but it works.
Ideally it would be better to just update the current powershell scripts to use modern authentication, but there is 100's of them so not really a viable option for me.
Any assistance would be greatly appreciated.
If you wrap the entire function in an if statement like:
param([switch]$Elevated)
if($elevated) {
...script code here
}
Then you can call the function with that parameter like . "scriptname.ps1" -Elevated to execute what is inside the scriptblock. Instead just calling . "scriptname.ps1" without the -Elevated parameter will not do anything because you'll hit your if statement:
if ($elevated) {
and elevated doesn't exist which means nothing inside the scriptblock executes.
I don't see the purpose of doing this in your case because if you already have logic to decide whether or not to pass in true or false, why not just use that logic to decide whether or not to call the script at all? My guess is that you don't actually mean that you only want to execute the entire script if a user is 'elevated' but rather check if they can be elevated in the script and then do something else.
In that case you should take a look at Advanced PowerShell Functions. You could do something like this:
# Get variables
$registryPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client"
$key1 = "AllowDigest"
$key2 = "AllowUnencryptedTraffic"
$key3 = "AllowBasic"
$off = "00000000"
$on = "00000001"
# enables admin privileges
function Test-Admin {
$currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
$isAdmin = $currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
return $isAdmin
}
function Do-TheRestOfTheThings {
[CmdletBinding()]
param()
Get-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
If (!(Test-Path $registryPath)) {
New-Item -Path $registryPath -Force | out-Null
New-ItemProperty -Path $registryPath -Name $key1 -Value $off -PropertyType DWORD -Force | Out-Null
New-ItemProperty -Path $registryPath -Name $key2 -Value $off -PropertyType DWORD -Force | Out-Null
New-ItemProperty -Path $registryPath -Name $key3 -Value $on -PropertyType DWORD -Force | Out-Null
#'registry key did not exist'
exit
}
Else {
New-ItemProperty -Path $registryPath -Name $key1 -Value $off -PropertyType DWORD -Force | Out-Null
New-ItemProperty -Path $registryPath -Name $key2 -Value $off -PropertyType DWORD -Force | Out-Null
New-ItemProperty -Path $registryPath -Name $key3 -Value $on -PropertyType DWORD -Force | Out-Null
#'registry key exists'
}
}
if(Test-Admin) {
Do-TheRestOfTheThings
}
else {
'tried to elevate, did not work, aborting...'
}
I have a PowerShell script which removes LogMeIn (or any program where you search by name) from add/remove programs.
This works perfectly however I would like to remove all instances of LMI, meaning any version that has been installed locally via plug-ins etc.
The only way I thought of doing this was to delete the respective registry entries and app data - however querying the HKEY_USERS hive instead of HKCU hive is proving troublesome.
Anyone had to do something similar, where they have a search term in registry they want to blitz off?
I have tried the mapping HKEY_USERS to a PS-Drive to query but just cant get the terminology right.
function ForceUninstall {
Stop-Process -processname LMIGuardian*
Stop-Process -processname LogMeIn*
Stop-Process -processname LogMeInSystray*
Stop-Process -processname ramaint*
$null = New-PSDrive -PSProvider Registry -Name HKEY_USERS -Root HKEY_USERS
cd HKEY_USERS:/
$objects = get-childItem HKEY_USERS:\ -ErrorAction SilentlyContinue
foreach ($object in $objects){
$testpath = "$($object.name)\Software\LogMeIn"
$testpath = $testpath -replace [Regex]::Escape("HKEY_USERS\"),'HKEY_USERS:\'
$testpath2 = "$($object.name)\Software\LogMeIn Ignition"
$testpath2 = $testpath2 -replace [Regex]::Escape("HKEY_USERS\"),'HKEY_USERS:\'
If (test-path $testpath) {
$PathsToDelete += $testpath
}
If (test-path $testpath2) {
$PathsToDelete += $testpath2
}
}
foreach ($Path in $PathsToDelete){
write-host "removing $path"
(Get-ChildItem $Path).PsPath |Remove-Item -Recurse
"Deleted registry key"
}
$LocalPaths = #("HKEY_LOCAL_MACHINE:\System\Current Control Set\Services\LMIInfo",
"HKEY_LOCAL_MACHINE:\SOFTWARE\LogMeIn"
"HKEY_LOCAL_MACHINE:\System\Current Control Set\Services\LMIMaint",
"HKEY_LOCAL_MACHINE:\System\Current Control Set\Services\LMImirr",
"HKEY_LOCAL_MACHINE:\System\Current Control Set\Services\LMIRfsClientNP",
"HKEY_LOCAL_MACHINE:\System\Current Control Set\Services\LMIRfsDriver",
"HKEY_LOCAL_MACHINE:\System\Current Control Set\Services\LogMeIn")
$Location = New-PSDrive -PSProvider Registry -Name HKEY_LOCAL_MACHINE -Root HKEY_LOCAL_MACHINE
cd HKEY_LOCAL_MACHINE:/
foreach ($Path in $LocalPaths){
write-host "removing $path"
(Get-ChildItem $Path).PsPath |Remove-Item -Recurse
"Deleted registry key"
}
Remove-ItemProperty -Path "HKEY_LOCAL_MACHINE:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" -Name "LogMeIn GUI"
write-host "removed LogMeIn GUI file"
}
Can some one suggest How to turn on smart screen filter for IE using power shell script?
thanks.
Here's a link to a script to turn on Windows SmartScreen. Not sure if that's the same as IE
http://gallery.technet.microsoft.com/scriptcenter/Script-to-enable-9076d20e
This worked for me!!
Function EnableDisableSmartScreen($status) {
if($status -eq 1)
{
Write-Output "Enabling SmartScreen Filter..."
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "EnableSmartScreen"
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Name "EnabledV9"
}
else
{
Write-Output "Disabling SmartScreen Filter..."
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "EnableSmartScreen" -Type DWord -Value 0
If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter")) {
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Force | Out-Null
}
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Name "EnabledV9" -Type DWord -Value 0
}
}