Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Powershell script to modify registry keys to a OU in AD

Posted on 2011-09-09
15
Medium Priority
?
781 Views
Last Modified: 2012-05-12
Hi Experts,

I am looking for a PowerShell and/or any other scripting methods to modify the following registry key:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Personal"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
  4c,00,45,00,25,00,5c,00,4d,00,79,00,20,00,44,00,6f,00,63,00,75,00,6d,00,65,\
  00,6e,00,74,00,73,00,00,00


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable"=dword:00000000


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable"=dword:00000000


Please let me know, How may I accomplished this task.  ( I am on a dead line ) your fast response will be appreciated.

Thanks,
0
Comment
Question by:Islandr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 3
  • +1
15 Comments
 
LVL 49

Accepted Solution

by:
Akhater earned 750 total points
ID: 36515467
you can simply save the below in a .reg file and then run

regedit.exe /s file.reg
[Windows Registry Editor Version 5.00]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Personal"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
  4c,00,45,00,25,00,5c,00,4d,00,79,00,20,00,44,00,6f,00,63,00,75,00,6d,00,65,\
  00,6e,00,74,00,73,00,00,00


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable"=dword:00000000


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable"=dword:00000000

Open in new window

0
 
LVL 49

Expert Comment

by:Akhater
ID: 36515474
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 36516059
Another option you may have is to use Group Policy Preferences. Depending on how your permissions are set you may need two scripts or GPP, one for the user and one for the computer. Most of the time users do not have permissions to change HKLM settings.

So if your users do not have permissions to HKLM create one GPP for HKCU settigns and link to the OU the users are in and create another for HKLM and link to the OU the computers are in.

Here is a link for GPP and the regisrty settings.

http://technet.microsoft.com/en-us/library/cc771589.aspx


If you do not want to create two policies or scripts you could look into using loopback processing in a GPP linked to the computers OU.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 

Author Comment

by:Islandr
ID: 36516115
Akhater/KenMcF,

So, if I decide to run this using a PowerShell script against a list of computers, How may I accomplish this?
0
 
LVL 49

Expert Comment

by:Akhater
ID: 36516150
you create an OU and put all the computers in that OU then you follow one of the links to create a GPO to deploy the changes on that OU
0
 

Author Comment

by:Islandr
ID: 36518919
Akhater,

But script that you provided is not written on PS.
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 36518940
If you are looking to change these keys by running a script on a remote computer it will be difficult. Especially if you only want to change for certain users. The HKCU key is for the interactive user, if you want to change this key you will need to go through the HKU key and find the specific users hive. It would be easier to create a GPO and use a script or Preferences to change these keys. The problem you may run into though is users usually do not have the rights to change HKLM keys so you will need to link this GPO to the computers OU with using another script of GPP.
0
 

Author Comment

by:Islandr
ID: 36519601
KenMcF,

Which script type should I use?  The one above by Akhater? or which one do you recommend?
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 36519787
You could use either. I like to use GPP, i think it is easier to use than login scripts for this.
0
 

Author Comment

by:Islandr
ID: 36528646
Folks,

I did find in the Script Repository, partially what I am looking for, this script modify and change the HKCU value, below is the script:

# ------------------------------------------------------------------------
Param([switch]$get,[switch]$set)
Function Get-ExplorerSettings()
{
 $RegExplorer =  Get-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
"The Current Path for the Personal Key Value is $($RegExplorer.Personal)"
} #end Get-ExplorerSettings

Function Set-ExplorerSettings()
{
 $RegValues = @{
             "Personal" = "%USERPROFILE%\Documents" ;
                                    }
 $path = 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
 ForEach ($key in $RegValues.Keys)
  {
    Set-ItemProperty -path $path -name $key -value $RegValues[$key]
   "Setting $path $($key) to $($RegValues[$key])"
  }

} #end Set-ExplorerSettings
# *** Entry Point to script ***

if($get) { Get-ExplorerSettings }
if($set) { Set-ExplorerSettings }

The way to execute the script is by typing the following:

.\GetExplorersettings.ps1 -get
This will display the current value of the specific key in this case Personal  AND
.\GetExplorersettings.ps1 -get -set
This will query the current value and set the one specified in the script.  Now the real question is HOW DO I RUN THIS SCRIPT AGAINST AN OU IN AD? I found a piece of information that might be able to help us, but I do not know how to put it together, I am going to insert below a few lines of codes and see if anyone of you could help me integrating the whole script together:

$objOU = [ADSI]"LDAP://OU=Workstations,DC=fabrikam,DC=com"
$colItems = $objOU.psbase.children

$colItems | ForEach-Object
{
    if ($_.objectCategory -eq "CN=Computer,CN=Schema,CN=Configuration,DC=fabrikam,DC=com")
        {Get-WMIObject Win32_BIOS -computername $_.Name}
}

The code above looks for BIOS information in a specific OU in AD.

The next piece of code will work against all the Computers in AD:

$strFilter = "computer"
 
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
 
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = "LDAP://OU= Workstations,DC=fabrikam,DC=com"
$objSearcher.SearchScope = "Base"
$objSearcher.PageSize = 1000

$objSearcher.Filter = "(objectCategory=$strFilter)"
$colResults = $objSearcher.FindAll()

foreach ($i in $colResults)
    {
        $objComputer = $i.GetDirectoryEntry()
        Get-WMIObject Win32_BIOS -computername $objComputer.Name
    }

But we can always modify this line:
$objSearch.SearchRoot = "LDAP://OU= Workstations,DC=fabrikam,DC=com"

And finally, this will run against a computer list in this case Excel spreadsheet:

$a = New-Object -comobject Excel.Application

$a.Visible = $True

$b = $a.Workbooks.Open("C:\Scripts\Test.xls")
$c = $b.Worksheets.Item(1)

$i = 1

do
    {
        $d = $c.Cells.Item($i,1).Value()
        if ($d -ne $null)
            {Get-WMIObject Win32_BIOS -computername $d}
        $i++
    }
while ($d -ne $null)

Again, I need assistance putting the script together in one piece, with all the information that provided, please let me know how can we accomplish this.

Thanks,
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 750 total points
ID: 36571006
You can use a single GPO to apply the settings to both the user and the computer. You will need to to apply to both the OUs containing the PCs and the OUs containing the users. Using Group Policy Preferences, the changes will happen the next time that the group policies get applied or refreshed, which is better than making everyone reboot.

Follow the instructions in the link below.
http://technet.microsoft.com/en-us/library/cc753092.aspx
0
 

Author Comment

by:Islandr
ID: 36950139
None of the answers worked maybe because of the security restrictions on my environment.
0
 

Author Closing Comment

by:Islandr
ID: 36950157
None the ansers worked for me, maybe becaus the security restrictions on my environment.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
A walk-through example of how to obtain and apply new DID phone numbers to your cloud PBX enabled users that are configured in Office 365. Whether you have 1, 10 or 100+ users in your tenant, it's quite easy to get them phone-enabled and making/rece…
Starting up a Project
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question