Set-RegistryProperty.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202

<#PSScriptInfo
 
.VERSION 1.1
 
.GUID 763aeb1a-0f6f-4053-bf16-23ada0836d81
 
.AUTHOR bikush
 
.COMPANYNAME
 
.COPYRIGHT
 
Copyright (c) Microsoft Corporation. All rights reserved.
 
.TAGS
 
.LICENSEURI
 
.PROJECTURI
 
.ICONURI
 
.EXTERNALMODULEDEPENDENCIES
 
.REQUIREDSCRIPTS
 
.EXTERNALSCRIPTDEPENDENCIES
 
.RELEASENOTES
 
Create Registry entries at various locations. End user need to just pass on Key path, registry name, value and Type
 
AUTHOR
Bindusar Kushwaha
Microsoft Senior Premier Field Engineer
bikush@microsoft.com
 
.EXAMPLE
 
Creating TLS 1.2 Keys in Registry
Set-RegistryProperty.ps1 -regkey "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server" -regName "DisabledByDefault" -regValue 0 -RegType "DWord"
 
.PARAMETER
 
-RegKey
Specifies the path of the item. Wildcard characters are permitted. This parameter identifies the item to which this cmdlet adds the new property.
 
Required? True
Position? 0
 
-RegName
Specifies a name for the new property. If the property is a registry entry, this parameter specifies the name of the entry.
 
-RegValue
Specifies the property value. If the property is a registry entry, this parameter specifies the value of the entry.
 
-RegType
 
Specifies the type of property that this cmdlet adds. The acceptable values for this parameter are:
 
String: Specifies a null-terminated string. Equivalent to REG_SZ.
ExpandString: Specifies a null-terminated string that contains unexpanded references to environment variables that are expanded when the value is retrieved. Equivalent to REG_EXPAND_SZ.
Binary: Specifies binary data in any form. Equivalent to REG_BINARY.
DWord: Specifies a 32-bit binary number. Equivalent to REG_DWORD.
MultiString: Specifies an array of null-terminated strings terminated by two null characters. Equivalent to REG_MULTI_SZ.
Qword: Specifies a 64-bit binary number. Equivalent to REG_QWORD.
Unknown: Indicates an unsupported registry data type, such as REG_RESOURCE_LIST.
#>


<#
 
.DESCRIPTION
 "This is to help IT admins who want to automate Registry creation for any reason"
 
#>
 


<#
DISCLAIMER STARTS
This Sample Code is provided for the purpose of illustration only and is not intended to be used in a #production environment. THIS SAMPLE CODE AND ANY RELATED INFORMATION ARE PROVIDED "AS IS" #WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO #THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. We #grant You a nonexclusive, royalty-free right to use and modify the Sample Code and to reproduce and #distribute the object code form of the Sample Code, provided that You agree:(i) to not use Our name, #logo, or trademarks to market Your software product in which the Sample Code is embedded; (ii) to #include a valid copyright notice on Your software product in which the Sample Code is embedded; and #(iii) to indemnify, hold harmless, and defend Us and Our suppliers from and against any claims or #lawsuits, including attorneys´┐Ż fees, that arise or result from the use or distribution of the Sample Code."
"This sample script is not supported under any Microsoft standard support program or service. The #sample script is provided AS IS without warranty of any kind. Microsoft further disclaims all implied #warranties including, without limitation, any implied warranties of merchantability or of fitness for a #particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in #the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, #without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or #documentation, even if Microsoft has been advised of the possibility of such damages"
DISCLAIMER ENDS
#>


Param($RegPath, $RegName, $RegValue, $RegPropertyType)

#Set Log Variables
$Global:ErrorActionPreference = "SilentlyContinue"
$Global:Var = New-Object System.Collections.Stack

Function Write-Host()
{
    <# .SYNOPSIS This fucntion will create Log file under LogDir. #>
    Param($T)
    $logdir="C:\ProgramData\Microsoft\IntuneManagementExtension\Logs"

    If(!(Test-Path $logdir))
    {
        New-Item -Path $logdir -ItemType Directory -Force
    }
    $ExecutionTime = Get-Date 
    $StartTime = Get-Date $ExecutionTime -Format "dd-MM-yyyy"
    $Log = "C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\TLS_$StartTime.log"

    (Get-Date -Format yyyy_MM_dd_HH:mm:ss)+" $T " >> $Log
}

Function Set-RegistryKey
{
    <#
    .SYNOPSIS
    This function will check the registry path and if this is missing or any of its parent path is missing, its going to call itself recursively to create missing parent/child/child2
    #>

    param($RegKey)
    Write-Host "Set-RegitryKey is called with $RegKey."
    If(!(Test-Path $RegKey))
    {
        Write-Host "$regKey is missing..."
        $tmp=(Split-Path $RegKey -Leaf)

        Write-Host "Pushing Leaf Value $tmp in Stack"
        $Global:Var.Push($tmp)

        $RegKey=Split-path $RegKey -Parent
        Write-Host "Parent of Previous RegKey is $RegKey"

        Write-Host "Checking if we need to break it further..."
        Set-RegistryKey -RegKey $RegKey
    }
    Else
    {
        Write-Host "RegKey Found... Checking if there is anything in Stack"
        If($Global:Var.Count -gt 0)
        {
            Write-Host "Stack is containing data... emptying it one by one..."
            $tmp =$Global:Var.Pop()

            Write-Host "Popped from Top: $tmp"

            Write-Host "Creating a new KEY named $tmp under $RegKey"
            New-Item $RegKey -Name $tmp -ItemType Directory
            $Regkey="$RegKey\$tmp"

            Write-Host "New Regkey is $RegKey"
            Write-Host "Checking if there is something else in Stack to Pop."
            Set-RegistryKey -RegKey $RegKey
        }
    }
}

Function Set-RegistryProperty
{
    <#
    .SYNOPSIS
    This function will be called to create reg keys at specified location. If location is missing, it will call Set-registryKey function to create one first.
    #>

    param($regkey, $regName, $regValue, $regType)
    Write-Host "Set-RegistryKeyProperty is called with value $regkey | $regName | $regValue | $regType..."

    Write-Host "Checking if $regkey exists..."
    If(!(Test-Path $regkey))
    {
        Write-Host "$Regkey is missing... Calling Set-RegistryKey function to create one first"
        Set-RegistryKey -RegKey $regkey
    }
    
    If(Test-Path $regkey)
    {
        Write-Host "$regkey found... Checking to create Item Properties..."
        If(!(Get-ItemProperty -Path $RegKey -Name $regName))
        {
            Write-Host "Registry $regName is missing... creating..."
            New-ItemProperty -Path $regkey -Name $regName -Value $regValue -PropertyType $regType
        }

        ElseIf((Get-ItemPropertyValue -Path $RegKey -Name $regName) -eq $regValue)
        {
            Write-Host "Registry Already exists with expected value..."
        }

        Elseif((Get-ItemPropertyValue -Path $RegKey -Name $regName) -ne $regValue)
        {
            Write-Host "Registry Exists with another value...$(Get-ItemPropertyValue -Path $RegKey -Name $regName). Overwriting it..."
            Set-ItemProperty -Path $regkey -Name $regName -Value $regValue -Force
        }
        Else
        {
            Write-Host "Something Went Wrong!!!"
        }
    }

}

Set-RegistryProperty -regkey $RegPath -regName $RegName -regValue $RegValue -regType $RegPropertyType
<#
Example can be...
Set-RegistryProperty -regkey "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" -regName "Enabled" -regValue 1 -RegType "DWord"
#>