Home > Software engineering >  Edit/Add GPO on DC via Powershell
Edit/Add GPO on DC via Powershell

Time:09-26

I'm given the task to migrate all the printers installed on workstations via GPO to another server. As for now all printers are installed in a local decentralized Distribution Point, we want to move on a centralized Distribution Point/Print Server. On mine DC, via Group Policy Management Editor, I've a lot of printers in

Computer Configuration\Preferences\Control Panel Settings\Printers

All printers are mapped from \DP00x\Printer and given a local name.

What i want to change is the \DP00x to \CentralDP01\Printer in the GPO.

I've managed via powershell to create all printer ports, install all printers and publish/list in the directory all of them. Given that they are more than 100, I wish to automate the process to edit the GPO editing, so that i don't need to open each policy and each printer to modify the destination.

I've tried the cmdlet Get-GPRegistryValue because I know (at least) that printers are installed on HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers

but i get this error every time:

Get-GPRegistryValue : The following Group Policy registry setting was not found: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers".
Parameter name: keyPath
At line:1 char:1
  Get-GPRegistryValue -Guid 6b464ed9-66c8-47fa-8327-1fe9b074a0d7 -Key H...
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      CategoryInfo          : InvalidArgument: (Microsoft.Group...tryValueCommand:GetGPRegistryValueCommand) [Get-GPRegistryValue], ArgumentException
      FullyQualifiedErrorId : UnableToRetrievePolicyRegistryItem,Microsoft.GroupPolicy.Commands.GetGPRegistryValueCommand

I tried as well Get-GPPrefRegistryValue

Get-GPPrefRegistryValue -Context Computer -Guid 6b464ed9-66c8-47fa-8327-1fe9b074a0d7 -Key HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers

But error looks the same:

Get-GPPrefRegistryValue : The Preference registry setting "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers" was not found in the 
"x-x-x-x-x-x" GPO in the x-x-x-x-x-x-x.com domain.
Parameter name: keyPath
At line:1 char:1
  Get-GPPrefRegistryValue -Context Computer -Guid 6b464ed9-66c8-47fa-83 ...
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      CategoryInfo          : InvalidArgument: (Microsoft.Group...tryValueCommand:GetGPPrefRegistryValueCommand) [Get-GPPrefRegistryValue], ArgumentException
      FullyQualifiedErrorId : UnableToRetrievePreferenceRegistryItem,Microsoft.GroupPolicy.Commands.GetGPPrefRegistryValueCommand

I found a workaround. Backup the GPO, manually edit the XML with the new value and import back the GPO. I don't fancy the idea of manually editing because it can lead to errors and with over 100 GPOs I can have alot of errors. Can anyone help me? Maybe i'm using the wrong commands, but so far documentations state to use GPO Module.

CodePudding user response:

Unfortunately the GroupPolicy commands are limited to registry key settings only, and printer-preferences fall outside that. You can safely edit the live GPO xml files themselves though (or use Backup-GPO/Restore-GPO).

If you're only replacing the server name, this should work fine. Try it on a test GPO, updating the path as needed:

$guid = (Get-GPO -Name 'Test GPO')

# Check the GPO version before changes:
Get-GPO -guid $guid

$domain = 'domain.com'
$path = "\\$domain\SYSVOL\$domain\Policies\{$guid}\User\Preferences\Printers\Printers.xml"

# Update the path in the GPO xml:
(Get-Content $path -Raw) -replace 'DP00x','CentralDP01' | Set-Content $path

# Validate the GPO version/change date have updated - might take a while if xml is on a different DC:
Get-GPO -guid $guid

Page link:https//www.codepudding.com/Softwareengineering/127984.html

Prev:Powershell script for generating
Next:How do I successfully run Pester Unit tests locally on a cloned GitHub repo?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding