Creating registry DWORD entry with PowerShell - powershell-2.0

I am trying to create registry entries for some time now.
Enviroment:
Offline environment (No Domain)
1 Windows Server 2012 R2
200 Windows 7 clients
The following entry should be created on several computers:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system]
"LocalAccountTokenFilterPolicy"=dword:00000001
For this I would like to use the following script
$Computers = Get-Content "C:\Scripts\Clients.txt"
$Path = "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System"
$Name = "LocalAccountTokenFilterPolicy"
$PropertyType = "DWord"
$Value = 1
$results = foreach ($computer in $Computers) {
if (Test-Connection -ComputerName $computer -Count 1 -Quiet) {
try {
Set-ItemProperty -Path $path -Name $Name -Value $Value -Type $PropertyType -ErrorAction 'Stop'
$status = "Success"
} catch {
$status = "Failed"
}
} else {
$status = "Unreachable"
}
New-Object -TypeName PSObject -Property #{
'Computer' = $computer
'Status' = $status
}
}
$results | Export-Csv -NoTypeInformation -Path "./error.csv"
The script is executed, no error appears, but the entries were not created.
Where is my error?

Always try a simple 'Get' first, and then progress to testing lines before trying your 'Set'...
So you first test locally on a system, before your foreach invoke, on single system:
`Get-ItemProperty HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -Name LocalAccountTokenFilterPolicy`
If you get a good response like this:
LocalAccountTokenFilterPolicy : 0
PSPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curre
ntVersion\Policies\System
PSParentPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curre
ntVersion\Policies
PSChildName : System
PSDrive : HKLM
PSProvider : Microsoft.PowerShell.Core\Registry
Then you've got the right command to work with. Now change the 'Get' to a 'Set' and work out the values LOCALLY.
I think you are close, but missed something in your tests...
Do ONE at a time, locally, first in PowerShell ISE. Then invoke-command to that same single system, then one by one add your tests...
- Patrick Burwell, 25 year Windows and Linux SysAdmin

Related

Bulk Export file paths from sharepoint

I am adding 200+ hyperlinks to an excel file for easier access to sharepoint folders. Rather than manually pulling each one I am trying to bulk export the file paths from a sharepoint folder. Any ideas on how to do this?
We can use PnP PowerShell to achieve it.
#Config Variables
$SiteURL = "https://tenant.sharepoint.com/sites/lz"
$ListName = "DL0906"
$FolderRelativeURL= "/sites/lz/DL0910/Test"
$ExportFile="C:\temp\FileUrls.csv"
#Get Credentials to connect
$Cred = Get-Credential
Try {
#Connect to PNP Online
Connect-PnPOnline -Url $SiteURL -Credentials $Cred
#Get All Items from the Folder
$CAMLQuery = "<View Scope='RecursiveAll'><Query><Where><Eq><FieldRef Name='FileDirRef'/><Value Type='Text'>$FolderRelativeURL</Value></Eq></Where></Query></View>"
$FolderItems = Get-PnPListItem -List $ListName -Query $CAMLQuery
$FileCollection = #()
ForEach($Item in $FolderItems)
{
$ExportFileUrl = New-Object PSObject
$ExportFileUrl | Add-Member -MemberType NoteProperty -name "File URL" -value $Item["FileRef"]
$FileCollection += $ExportFileUrl
}
$FileCollection | Export-CSV $ExportFile -NoTypeInformation
}
catch {
write-host "Error: $($_.Exception.Message)" -foregroundcolor Red
}
Refer to: SharePoint Online: Get All Files from a Folder using PowerShell

How do I turn this simple command into something that loops from a list of remote systems?

I received a request to run this on each of my systems which pulls a list of installed applications and outputs it into a text file. I then have to combine all of these things into something more readable which will take a while. I am learning Powershell and want to make this be executed from one system, pull from a list of servers in a text file and run this query from one place against all of the systems:
Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table –AutoSize > "$Env:userprofile\desktop\Installed Programs for $env:computername.txt"
I've started working on it but am thinking I am missing something to get this to work. I am currently piping this to a string to then output to a csv (I am open to suggestions). This is what I have so far.
# Computer running this script
$WhoAmI = $env:ComputerName
$ServerList = get-content -path "C:\scripts\ServerList.txt"
$Path = "C:\scripts\results"
foreach ($server in $ServerList)
{
$InstalledApps = Invoke-Command -ComputerName $server {Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* }
$Results += $InstalledApps |
Select-Object DisplayName, DisplayVersion, Publisher, InstallDate |
Out-String
}
Write-Host $InstallApps
# $InstallApps | export-csv "$Path\InstalledFiles.csv"
I currently am testing the functionality of the loop by just trying to get it to write to the screen. I only get a blank response.
You weren't getting output because you used the (undefined) variable $InstallApps instead of the variable $results.
With that said, I wouldn't recommend doing string concatenation in a loop. Something like this would be a more elegant approach:
Get-Content -Path 'C:\scripts\ServerList.txt' | ForEach-Object {
$server = $_
Invoke-Command -ComputerName $server -ScriptBlock {
Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*
} | Select-Object #{n='Server';e={$server}}, DisplayName, DisplayVersion,
Publisher, InstallDate
} | Export-Csv 'C:\scripts\results\InstalledPrograms.csv' -NoType
I kind of figured it out. Rested eyes on a fresh day. Some mistakes in what I am writing out, etc. I am open to improvements if anyone has anything to contribute.
EDIT: I got it working mostly with the following but the output is messy. Open to suggestions.
# Computer running this script
$ServerList = get-content -path "C:\scripts\ServerList.txt"
$Path = "C:\scripts\results"
foreach ($server in $ServerList)
{
$Results += "Results for $server"
$InstalledApps = Invoke-Command -ComputerName $server -ScriptBlock {Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* }
$Results += $InstalledApps |
Select DisplayName, DisplayVersion, Publisher, InstallDate |
Out-String
}
# Write-Host $Results
$Results | out-file -filepath "$Path\InstalledPrograms.txt" -width 200

PowerShell - Problems Passing Variables into ForEach Loop

I am trying to enumerate a list of servers from Active Directory, and then insert the server name into a UNC path as part of a copy command.
When I execute the script, I get the result below. I think that maybe I have to convert my variable, but I am not sure what to convert it to.
VERBOSE: Performing the operation "Copy File" on target "Item: C:\davidtemp\Logo.png Destination: \#{name=NCIDITSTWEB07}\c$\program files...
$webdev = Get-ADOrganizationalUnit -filter {name -like "*dev*"} | where {$_.DistinguishedName -like "*relativity*"}
$ServerList = Get-ADComputer -SearchBase $webdev | where {$_.name -like "*web*"} | select name | sort name
Foreach($server in $ServerList)
{
$scriptBlockwork = { copy C:\davidtemp\Logo.png "\\$server\c$\program files\web\images" -Force -Verbose}
Invoke-Command -ScriptBlock $scriptBlockwork -verbose
}
I reached out to a friend who was able to help. I was not defining the variable properly.
I needed to use -expandProperty to get the results into a format that worked with the pipeline
$ServerList = Get-ADComputer -SearchBase $webdev | where {$_.name -like "web"} | select -expandProperty name
Hopefully this helps someone else who might be having a similar issue.

Comparing Registry Keys on Two Servers using Powershell

I would like to compare two Servers registry keys to make sure they both match.
Something simple like this was the initial plan:
$remote1 = (invoke-command -computername hostname `
{Get-ItemProperty "HKLM:SOFTWARE\VENDOR\APP\SUBFOLDER"})
$local1 = (invoke-command `
{Get-ItemProperty "HKLM:SOFTWARE\VENDOR\APP\SUBFOLDER"})
$compare1 = Compare-Object $local1 $remote1
That works great for one single specified key but I have multiple keys with sub folders. I can't provide a list of the ones I want to check (and loop round) as I want to make sure nothing new has been added. So I was drawn down this route to get all the keys under a specified branch in the Registry (to get me a list):
$local1 = Get-ChildItem HKLM:SOFTWARE\MICROSOFT\DirectShow -Recurse `
-ErrorAction SilentlyContinue
So I now have an object that will tell me all the registry SUBFOLDERS on the server and I could then loop round using $local1.PSPath to give me all the paths but I noticed something in the object that was interesting:
$local1 | select -first 1 -prop *
This returns:
Property : {dbl3, dbl4, dbl5, dbl6...}
PSPath : A path
PSParentPath : A Parent Path
PSChildName : 0
PSDrive : HKLM
PSProvider : Microsoft.PowerShell.Core\Registry
PSIsContainer : True
SubKeyCount : 0
View : Default
Handle : Microsoft.Win32.SafeHandles.SafeRegistryHandle
ValueCount : 8
Name : A Name
So the Object member "Property" contains what looks like an array of all the keys or is it a sub Object?
If it was a sub-object does it contain the keys values that I am looking to compare?
I could just snatch out the $local.Name member and loop round comparing using the code above and storing any differences but I just wondered if it would be more efficient to use the data that I already have if it contains the information I need?
I am hoping that someone could confirm that if I did:
$local1 = Get-ChildItem HKLM:SOFTWARE\MICROSOFT\DirectShow -Recurse `
-ErrorAction SilentlyContinue
$remote1 (invoke-command -computername remoteserver1 `
{Get-ChildItem HKLM:SOFTWARE\MICROSOFT\DirectShow -Recurse `
-ErrorAction SilentlyContinue})
When I do the compare am I actually comparing the keys and values match or just that keys exist? :
Compare-Object $local1 $remote1
To cut a long story short, I think I have all the data I need to compare that the Registry key values match (by running this):
$local1
Returns (extract):
Hive: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\DirectShow
Name Property
---- --------
Debug
DoNotUse
DoNotUseDrivers32
Preferred {00001602-0000-0010-8000-00aa00389b71} : {E1F1A0B8-BEEE-490D-BA7C-066C40B5E2B9}
{e06d8032-db46-11cf-b4d1-00805f6cbbea} : {E1F1A0B8-BEEE-490D-BA7C-066C40B5E2B9}
{00000160-0000-0010-8000-00aa00389b71} : {2eeb4adf-4578-4d10-bca7-bb955f56320a}
{41564D57-0000-0010-8000-00AA00389B71} : {82d353df-90bd-4382-8bc2-3f6192b76e34}
{e06d8026-db46-11cf-b4d1-00805f6cbbea} : {212690FB-83E5-4526-8FD7-74478B7939CD}
Am I correct and does anyone know how to access individual items from the $local1 object? Taking the example above, what is a Hive? Say I wanted the "00001602-0000-0010-8000-00aa00389b71" value how would I get it from the $local1 object.
A point to note that the servers are running Powershell 2 while I am testing on Powershell 4 (I can't test on a Production server). I mention this as running $local1 on the v2 servers I get a different output in that the properties do not seem to be in pairs.
Hive: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\DirectShow
SKC VC Name Property
--- -- ---- --------
0 0 Debug {}
0 0 DoNotUse {}
0 0 DoNotUseDrivers32 {}
0 10 Preferred {{00000050-0000-0010-8000-00AA00389B71}, {e436eb80-524f-11ce-9f53-0020af0ba77...
Is this case where the v4 objects will do what I want but the v2 won't?
Well fought my way back through the tumble-weed on this one to answer my own question. I had to assume that PowerShell V2 did not contain the key values as I couldn't find a way of extracting them so to be sure I was performing a comparison of the keys and key values I went with this:
foreach ( $KeyPath in $RegPath )
{
$_Path = (invoke-command {Get-ChildItem $KeyPath -Recurse -ErrorAction SilentlyContinue})
ForEach ($key in $_Path)
{
$local = #()
$remote = #()
ForEach ( $Property in $key.Property )
{
if ( $Key.Name -like "*HKEY_LOCAL_MACHINE*" )
{
$KeyPath = [regex]::Replace($key.Name,[regex]"HKEY_LOCAL_MACHINE\\","HKLM:")
} elseif ( $Key.Name -like "*HKEY_CURRENT_USER*" ) {
$KeyPath = [regex]::Replace($key.Name,[regex]"HKEY_CURRENT_USER\\","HKCU:")
} else {
Write-Host "I was unable to set the Registry Hive path, exiting........"
exit 1
}
$lentry = (invoke-command {Get-ItemProperty -Path $KeyPath -Name $Property})
$lfound = New-Object -TypeName PSObject
$lfound | Add-Member -Type NoteProperty -Name Path -Value $KeyPath
$lfound | Add-Member -Type NoteProperty -Name Name -Value $Property
$lfound | Add-Member -Type NoteProperty -Name Data -Value $lentry.$Property
$local += $lfound
$rentry = (invoke-command -computername remoteservername -Script {Get-ItemProperty -Path $args[0] -Name $args[1]} -Args $KeyPath, $Property -ErrorVariable errmsg 2>$null)
if ( $errmsg -like "*does not exist at path*" )
{
$Value = "KEY IS MISSING"
} else {
$Value = $rentry.$Property
}
$rfound = New-Object -TypeName PSObject
$rfound | Add-Member -Type NoteProperty -Name Path -Value $KeyPath
$rfound | Add-Member -Type NoteProperty -Name Name -Value $Property
$rfound | Add-Member -Type NoteProperty -Name Data -Value $Value
$remote += $rfound
}
$compare = Compare-Object -ReferenceObject $local -DifferenceObject $remote -Property Path,Name,Data
$results += $compare
}
}
You then have all the results in an $results object that can be worked on. I used the object in an HTML table similar to this Powershell Hash Table to HTML.
I think it would have been much simpler in PowerShell version four with no need to build $lfound and $rfound.
In powershell v4 you can just export the registry keys at whatever point you want and then use the following to compare them:
$badReg = Get-content C:\Data\badReg.reg
$goodReg = Get-ChildItem C:\Data\goodReg.reg
$results = Compare-Object -ReferenceObject $goodReg -DifferenceObject $badReg

Unable to collect *.bak files as a single object

I am new to PowerShell.
I wanted to write a simple program to list all *.bak files which I can then either sort by date or size as shown below.
$Drives = Get-WMIObject -class win32_logicaldisk -filter "DriveType = 3" ;
foreach ($d in $Drives){
If (($d.deviceId -ne "C:") -and ($d.VolumeName -ne "PAGEFILE")) {
$backups += Get-ChildItem -Path $d.deviceID -Recurse -filter *.bak
}
This generally works fine except when say for example D: drive has only one *.bak file.
In that case I get an error.
Method invocation failed because [System.IO.FileInfo] doesn't contain a method named 'op_Addition'.
At F:\work\PowerShell\DiskSpace\generate-disk-report-v2.ps1:39 char:13
+ $backups += <<<< Get-ChildItem -Path $d.deviceID -Recurse -filter *.bak
+ CategoryInfo : InvalidOperation: (op_Addition:String) [], RuntimeException
+ FullyQualifiedErrorId : MethodNotFound
If I add an additional junk.bak to that drive, it works fine.
In my case, I found that the variable needs to be initialized as an array and Get-ChildItem needs to be returned as an array even, or especially, if it's only returning one file.
In your case:
$backups = #() - (Before calling Get-ChildItem)
and
$backups = #(Get-ChildItem -Path $d.deviceID -Recurse -filter *.bak) - (Cast as an array)

Resources