Set-RegistryProperty.ps1
|
<#PSScriptInfo .VERSION 1.1 .GUID 763aeb1a-0f6f-4053-bf16-23ada0836d81 .AUTHOR bikush .COMPANYNAME .COPYRIGHT Copyright (c) Microsoft Corporation. All rights reserved. .TAGS .LICENSEURI .PROJECTURI .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS .EXTERNALSCRIPTDEPENDENCIES .RELEASENOTES Create Registry entries at various locations. End user need to just pass on Key path, registry name, value and Type AUTHOR Bindusar Kushwaha Microsoft Senior Premier Field Engineer bikush@microsoft.com .EXAMPLE Creating TLS 1.2 Keys in Registry Set-RegistryProperty.ps1 -regkey "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server" -regName "DisabledByDefault" -regValue 0 -RegType "DWord" .PARAMETER -RegKey Specifies the path of the item. Wildcard characters are permitted. This parameter identifies the item to which this cmdlet adds the new property. Required? True Position? 0 -RegName Specifies a name for the new property. If the property is a registry entry, this parameter specifies the name of the entry. -RegValue Specifies the property value. If the property is a registry entry, this parameter specifies the value of the entry. -RegType Specifies the type of property that this cmdlet adds. The acceptable values for this parameter are: String: Specifies a null-terminated string. Equivalent to REG_SZ. ExpandString: Specifies a null-terminated string that contains unexpanded references to environment variables that are expanded when the value is retrieved. Equivalent to REG_EXPAND_SZ. Binary: Specifies binary data in any form. Equivalent to REG_BINARY. DWord: Specifies a 32-bit binary number. Equivalent to REG_DWORD. MultiString: Specifies an array of null-terminated strings terminated by two null characters. Equivalent to REG_MULTI_SZ. Qword: Specifies a 64-bit binary number. Equivalent to REG_QWORD. Unknown: Indicates an unsupported registry data type, such as REG_RESOURCE_LIST. #> <# .DESCRIPTION "This is to help IT admins who want to automate Registry creation for any reason" #> <# DISCLAIMER STARTS This Sample Code is provided for the purpose of illustration only and is not intended to be used in a #production environment. THIS SAMPLE CODE AND ANY RELATED INFORMATION ARE PROVIDED "AS IS" #WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO #THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. We #grant You a nonexclusive, royalty-free right to use and modify the Sample Code and to reproduce and #distribute the object code form of the Sample Code, provided that You agree:(i) to not use Our name, #logo, or trademarks to market Your software product in which the Sample Code is embedded; (ii) to #include a valid copyright notice on Your software product in which the Sample Code is embedded; and #(iii) to indemnify, hold harmless, and defend Us and Our suppliers from and against any claims or #lawsuits, including attorneys� fees, that arise or result from the use or distribution of the Sample Code." "This sample script is not supported under any Microsoft standard support program or service. The #sample script is provided AS IS without warranty of any kind. Microsoft further disclaims all implied #warranties including, without limitation, any implied warranties of merchantability or of fitness for a #particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in #the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, #without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or #documentation, even if Microsoft has been advised of the possibility of such damages" DISCLAIMER ENDS #> Param($RegPath, $RegName, $RegValue, $RegPropertyType) #Set Log Variables $Global:ErrorActionPreference = "SilentlyContinue" $Global:Var = New-Object System.Collections.Stack Function Write-Host() { <# .SYNOPSIS This fucntion will create Log file under LogDir. #> Param($T) $logdir="C:\ProgramData\Microsoft\IntuneManagementExtension\Logs" If(!(Test-Path $logdir)) { New-Item -Path $logdir -ItemType Directory -Force } $ExecutionTime = Get-Date $StartTime = Get-Date $ExecutionTime -Format "dd-MM-yyyy" $Log = "C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\TLS_$StartTime.log" (Get-Date -Format yyyy_MM_dd_HH:mm:ss)+" $T " >> $Log } Function Set-RegistryKey { <# .SYNOPSIS This function will check the registry path and if this is missing or any of its parent path is missing, its going to call itself recursively to create missing parent/child/child2 #> param($RegKey) Write-Host "Set-RegitryKey is called with $RegKey." If(!(Test-Path $RegKey)) { Write-Host "$regKey is missing..." $tmp=(Split-Path $RegKey -Leaf) Write-Host "Pushing Leaf Value $tmp in Stack" $Global:Var.Push($tmp) $RegKey=Split-path $RegKey -Parent Write-Host "Parent of Previous RegKey is $RegKey" Write-Host "Checking if we need to break it further..." Set-RegistryKey -RegKey $RegKey } Else { Write-Host "RegKey Found... Checking if there is anything in Stack" If($Global:Var.Count -gt 0) { Write-Host "Stack is containing data... emptying it one by one..." $tmp =$Global:Var.Pop() Write-Host "Popped from Top: $tmp" Write-Host "Creating a new KEY named $tmp under $RegKey" New-Item $RegKey -Name $tmp -ItemType Directory $Regkey="$RegKey\$tmp" Write-Host "New Regkey is $RegKey" Write-Host "Checking if there is something else in Stack to Pop." Set-RegistryKey -RegKey $RegKey } } } Function Set-RegistryProperty { <# .SYNOPSIS This function will be called to create reg keys at specified location. If location is missing, it will call Set-registryKey function to create one first. #> param($regkey, $regName, $regValue, $regType) Write-Host "Set-RegistryKeyProperty is called with value $regkey | $regName | $regValue | $regType..." Write-Host "Checking if $regkey exists..." If(!(Test-Path $regkey)) { Write-Host "$Regkey is missing... Calling Set-RegistryKey function to create one first" Set-RegistryKey -RegKey $regkey } If(Test-Path $regkey) { Write-Host "$regkey found... Checking to create Item Properties..." If(!(Get-ItemProperty -Path $RegKey -Name $regName)) { Write-Host "Registry $regName is missing... creating..." New-ItemProperty -Path $regkey -Name $regName -Value $regValue -PropertyType $regType } ElseIf((Get-ItemPropertyValue -Path $RegKey -Name $regName) -eq $regValue) { Write-Host "Registry Already exists with expected value..." } Elseif((Get-ItemPropertyValue -Path $RegKey -Name $regName) -ne $regValue) { Write-Host "Registry Exists with another value...$(Get-ItemPropertyValue -Path $RegKey -Name $regName). Overwriting it..." Set-ItemProperty -Path $regkey -Name $regName -Value $regValue -Force } Else { Write-Host "Something Went Wrong!!!" } } } Set-RegistryProperty -regkey $RegPath -regName $RegName -regValue $RegValue -regType $RegPropertyType <# Example can be... Set-RegistryProperty -regkey "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" -regName "Enabled" -regValue 1 -RegType "DWord" #> |