I am trying to set a registry key for all users on a remote machine. I have a script that I've been using to edit registry entries in HKLM and it goes as follows:
$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $computername)
$regKey= $reg.OpenSubKey("SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon",$true)
$regKey.SetValue("DefaultUserName",$hostname,[Microsoft.Win32.RegistryValueKind]::String)
I also have a piece that retreives user SIDs that goes like this:
$sids = (Get-WmiObject -Class Win32_UserProfile -computername $computername | Where{$_.LocalPath -notlike "*$env:SystemRoot*"}).sid
I am wanting to do a foreach loop to edit a registry setting for each individual SID, but I am having trouble going from using'local machine' to 'user'/'sid'. I have found ways to work with the user hive, but have been unable to find a way to plug in the sid.
CodePudding user response:
This connects to the RegHive HKEY_LOCAL_MACHINE
$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $computername)
But as you say you want to set something for all users it has to be (HKEY_USERS):
$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('Users', $computername)
If you want to set a key for all users the right path is:
#HKEY_USERS\.DEFAULT
$regkey = $reg.OpenSubKey(".Default")
If you want to set a key for a specific user the path is:
HKEY_USERS\[SID]
$regkey = $reg.OpenSubKey("[SID]")
#Sample how to loop
$sids = (Get-WmiObject -Class Win32_UserProfile -computername $computername | Where-Object {$_.LocalPath -notlike "$env:SystemRoot"}).sid
foreach ($sid in $sids){
$regkey = $reg.OpenSubKey($sid)
}
Here $reg.OpenSubKey("$sid")
you can add the path e.g. $reg.OpenSubKey("$sid\Control Panel")
CodePudding user response:
Thanks for the help Toni. I had to play with the syntax a bit and I threw in a try/catch since not every profile would have the registry key I'm looking for, but here is my final result:
$computername=Read-Host -prompt "Enter computer name"
$sids = (Get-WmiObject -Class Win32_UserProfile -computername $computername | Where{$_.LocalPath -notlike "*$env:SystemRoot*"}).sid
$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('Users',$computername)
foreach ($sid in $sids)
{
$regkey = $reg.OpenSubKey("$sid\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Search",$true)
try{$regKey.SetValue("SearchboxTaskbarMode","0",[Microsoft.Win32.RegistryValueKind]::dword)}
catch{}
}