Jump to content
Announcing Pulseway 9.6 🥳
Scheduled Server Maintenance - Saturday, April 20 | ET 12am to 4am | GMT 5am to 9am

Powershell script to change registry values

stian.frostad

By stian.frostad
in PowerShell

 Share

Recommended Posts

stian.frostad

stian.frostad

Posted
Posted

Hi,

 

I have created a powershell script to activate a specific screensaver, password enable it and set the idle timeout value, but it does not work when I try to run it from the PulseWay Web interface.

I have also tried it from a batch script, but it does not work either.

Both scripts work fine when running them directly from the local computer.

 

The Powershell script it as follows:

#Values to customize
$ScreenSaveActive = 1 #set to 1 if you want the screensaver enabled, 0 to disable
$TimeOutValue = 60 # number of idle seconds before screensaver gets active
$ScreenSaverFile = "C:\Windows\system32\mystify.scr" # full path to screensaver file
$ScreenSaverIsSecure = 1 # set to 1 if you need a password to get out of screensaver, a.k.a. unlocking the pc

#If the screensaver is not compliant with $ScreenSaveActive, we reset it to the preferred value
if((Get-ItemProperty -Path "hkcu:control panel\desktop" -Name "ScreenSaveActive").ScreenSaveActive -ne $ScreenSaveActive)
    { Set-ItemProperty -Path "hkcu:control panel\desktop" -Name "ScreenSaveActive" -Value $ScreenSaveActive }

#If user set screensaver timeout to a value larger than 1200 seconds (20 minutes), we set the value back to 1200 seconds
[int]$Current_TimeOutValue = (Get-ItemProperty -Path "hkcu:control panel\desktop" -Name "ScreenSaveTimeOut").ScreenSaveTimeOut
if($Current_TimeOutValue -eq 0 -OR $Current_TimeOutValue -gt 1200)
   { Set-ItemProperty -Path "hkcu:control panel\desktop" -Name "ScreenSaveTimeOut" -value 1200 }

#If no screensaver file is set or if the path doesn't exist anymore, we set it to the blank screensaver
$Current_ScreenSaverFile = (Get-ItemProperty -Path "hkcu:control panel\desktop" -Name "SCRNSAVE.EXE")."SCRNSAVE.EXE"
if($Current_ScreenSaverFile -eq "" -OR (Test-Path $Current_ScreenSaverFile) -eq $false)
    { Set-ItemProperty -Path "hkcu:control panel\desktop" -Name "SCRNSAVE.EXE" -Value $ScreenSaverFile }

#If the screensaver "lock" is not compliant with $ScreenSaverIsSecure, we reset it to the preferred value
if((Get-ItemProperty -Path "hkcu:control panel\desktop" -Name "ScreenSaverIsSecure").ScreenSaverIsSecure -ne $ScreenSaverIsSecure)
    { Set-ItemProperty -Path "hkcu:control panel\desktop" -Name "ScreenSaverIsSecure" -Value $ScreenSaverIsSecure }

#Before our changes become active in the current Windows session, we need to run the following command more than 3 times
for ($i=1; $i -le 4; $i++)
    { rundll32.exe user32.dll, UpdatePerUserSystemParameters }
 

 

I have also tried this from batch script, but it does not work either.

@echo off
reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /v SCRNSAVE.EXE /t REG_SZ /d C:\Windows\System32\Mystify.scr /f
reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /v ScreenSaveActive /t REG_SZ /d 1 /f
reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /v ScreenSaveTimeOut /t REG_SZ /d 60 /f
reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /v ScreenSaverIsSecure /t REG_SZ /d 1 /f
 

 

 

Link to comment
Share on other sites
stian.frostad

stian.frostad

Posted
  • Author
Posted

Thank you for the reply.

I have just started to use PulseWay so I am not familiar with automated script running directly from the PulseWay web interface. I have about 100 computers that I have to roll out the password enabled screensaver script to and if I have to load individual user registry hives it would have to run and change the script for each computer?

I was hoping that it would be possible to run it for a "group" of computers in the PulseWay web interface, but I guess thats not possible then?

 

/Stian

Link to comment
Share on other sites
  • 2 months later...
Carl T

Carl T

Posted
Posted

@stian.frostad, yes, if your goal is to impact a user's reg hive, you would need to impact each user profile on each workstation. 

Here is what I have used in the past for manipulating reg keys of user profiles (specifically for manipulating/clearing out outlook profiles in this example). 
  

#Must Run As Admin
$profiles = Get-childitem c:\users\ -Directory
$folders = '\AppData\Roaming\Microsoft\Outlook','AppData\Local\Microsoft\Outlook'
$regkeys = 'HKU:\Hive\SOFTWARE\Microsoft\Office\16.0\Outlook\', 'HKU:\Hive\SOFTWARE\Microsoft\Office\Outlook\'
$timestamp = (Get-Date).ToUniversalTime() -replace ':', '.' -replace '/', '.'
New-PSDrive -PSProvider Registry -Root hkey_users -Name hku
foreach($prof in $profiles){
    #Mount-DiskImage -ImagePath $prof.fullname
    #Get-CimInstance -ClassName win32_volume | Where-Object label -Match 'profile' | Set-CimInstance -Property @{DriveLetter = 'x:'}
    foreach($fold in $folders){
        if(Test-Path "$($prof.fullname)\$fold"){
            Remove-Item "$($prof.fullname)\$fold" -Recurse -Force
        }
    }
    reg load HKU\Hive "$($prof.FullName)\NTUSER.DAT"

    foreach($reg in $regkeys){
        if(Test-Path $reg){
            Remove-Item $reg -Recurse -Force
            "$($reg).name existed for $($prof.Name) and was deleted" | Out-File -FilePath "c:\temp\$timestamp-Rcleared.txt" -Append
        }
    }
    #clears memory of loaded reg to ensure proper unload of reg hive.
    [gc]::Collect()
    reg unload HKU\Hive
    #Dismount-DiskImage -ImagePath $prof.FullName
}
Remove-PSDrive -Name hku

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...