stian.frostad Posted September 12, 2023 Posted September 12, 2023 Hi, I have created a powershell script to activate a specific screensaver, password enable it and set the idle timeout value, but it does not work when I try to run it from the PulseWay Web interface. I have also tried it from a batch script, but it does not work either. Both scripts work fine when running them directly from the local computer. The Powershell script it as follows: #Values to customize $ScreenSaveActive = 1 #set to 1 if you want the screensaver enabled, 0 to disable $TimeOutValue = 60 # number of idle seconds before screensaver gets active $ScreenSaverFile = "C:\Windows\system32\mystify.scr" # full path to screensaver file $ScreenSaverIsSecure = 1 # set to 1 if you need a password to get out of screensaver, a.k.a. unlocking the pc #If the screensaver is not compliant with $ScreenSaveActive, we reset it to the preferred value if((Get-ItemProperty -Path "hkcu:control panel\desktop" -Name "ScreenSaveActive").ScreenSaveActive -ne $ScreenSaveActive) { Set-ItemProperty -Path "hkcu:control panel\desktop" -Name "ScreenSaveActive" -Value $ScreenSaveActive } #If user set screensaver timeout to a value larger than 1200 seconds (20 minutes), we set the value back to 1200 seconds [int]$Current_TimeOutValue = (Get-ItemProperty -Path "hkcu:control panel\desktop" -Name "ScreenSaveTimeOut").ScreenSaveTimeOut if($Current_TimeOutValue -eq 0 -OR $Current_TimeOutValue -gt 1200) { Set-ItemProperty -Path "hkcu:control panel\desktop" -Name "ScreenSaveTimeOut" -value 1200 } #If no screensaver file is set or if the path doesn't exist anymore, we set it to the blank screensaver $Current_ScreenSaverFile = (Get-ItemProperty -Path "hkcu:control panel\desktop" -Name "SCRNSAVE.EXE")."SCRNSAVE.EXE" if($Current_ScreenSaverFile -eq "" -OR (Test-Path $Current_ScreenSaverFile) -eq $false) { Set-ItemProperty -Path "hkcu:control panel\desktop" -Name "SCRNSAVE.EXE" -Value $ScreenSaverFile } #If the screensaver "lock" is not compliant with $ScreenSaverIsSecure, we reset it to the preferred value if((Get-ItemProperty -Path "hkcu:control panel\desktop" -Name "ScreenSaverIsSecure").ScreenSaverIsSecure -ne $ScreenSaverIsSecure) { Set-ItemProperty -Path "hkcu:control panel\desktop" -Name "ScreenSaverIsSecure" -Value $ScreenSaverIsSecure } #Before our changes become active in the current Windows session, we need to run the following command more than 3 times for ($i=1; $i -le 4; $i++) { rundll32.exe user32.dll, UpdatePerUserSystemParameters } I have also tried this from batch script, but it does not work either. @echo off reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\Mystify.scr /f reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /v ScreenSaveActive /t REG_SZ /d 1 /f reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /v ScreenSaveTimeOut /t REG_SZ /d 60 /f reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /v ScreenSaverIsSecure /t REG_SZ /d 1 /f
Administrators Paul Posted September 12, 2023 Administrators Posted September 12, 2023 The Pulseway service runs scripts under the local SYSTEM user. You will probably need to load the correct user registry and make changes there. -Paul Anne and Carl T 1 1
stian.frostad Posted September 13, 2023 Author Posted September 13, 2023 Thank you for the reply. I have just started to use PulseWay so I am not familiar with automated script running directly from the PulseWay web interface. I have about 100 computers that I have to roll out the password enabled screensaver script to and if I have to load individual user registry hives it would have to run and change the script for each computer? I was hoping that it would be possible to run it for a "group" of computers in the PulseWay web interface, but I guess thats not possible then? /Stian
Carl T Posted November 30, 2023 Posted November 30, 2023 @stian.frostad, yes, if your goal is to impact a user's reg hive, you would need to impact each user profile on each workstation. Here is what I have used in the past for manipulating reg keys of user profiles (specifically for manipulating/clearing out outlook profiles in this example). #Must Run As Admin $profiles = Get-childitem c:\users\ -Directory $folders = '\AppData\Roaming\Microsoft\Outlook','AppData\Local\Microsoft\Outlook' $regkeys = 'HKU:\Hive\SOFTWARE\Microsoft\Office\16.0\Outlook\', 'HKU:\Hive\SOFTWARE\Microsoft\Office\Outlook\' $timestamp = (Get-Date).ToUniversalTime() -replace ':', '.' -replace '/', '.' New-PSDrive -PSProvider Registry -Root hkey_users -Name hku foreach($prof in $profiles){ #Mount-DiskImage -ImagePath $prof.fullname #Get-CimInstance -ClassName win32_volume | Where-Object label -Match 'profile' | Set-CimInstance -Property @{DriveLetter = 'x:'} foreach($fold in $folders){ if(Test-Path "$($prof.fullname)\$fold"){ Remove-Item "$($prof.fullname)\$fold" -Recurse -Force } } reg load HKU\Hive "$($prof.FullName)\NTUSER.DAT" foreach($reg in $regkeys){ if(Test-Path $reg){ Remove-Item $reg -Recurse -Force "$($reg).name existed for $($prof.Name) and was deleted" | Out-File -FilePath "c:\temp\$timestamp-Rcleared.txt" -Append } } #clears memory of loaded reg to ensure proper unload of reg hive. [gc]::Collect() reg unload HKU\Hive #Dismount-DiskImage -ImagePath $prof.FullName } Remove-PSDrive -Name hku
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now