Written by Sometimes you have to script something instead of using a GPO. In these instances, it can be helpful to update the registry on a remote computer.
The easy way is using Powershell (New-ItemProperty or Set-ItemProperty) on a local box with Powershell 2.0. Modifying the registry on a remote computer is a little more complicated.
Here are some ways I found to do this (with examples):
Windows 2003/2008 (Remote)
(the example is only relevant for 2003 DCs in order to set SiteCostedReferrals)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | [string] $RegistryPath = "System\CurrentControlSet\Services\DFS\Parameters" [string] $RegistryKeyName = "SiteCostedReferrals" [string] $RegistryValue = "1" [string] $RegistryType = "dword" # DELETE VALUE Write-output "Connecting to $Computer for registry value removal `r " $Registry = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $Computer) $RegistryKey = $Registry.opensubkey($RegistryPath,$true) ## $True = Write $RegistryKeyValue = $RegistryKey.getvalue($RegistryKeyName) Write-output "Attempting to delete $RegistryKeyName on $Computer `r " $RegistryKey.DeleteValue("$RegistryKeyName") Write-Output "Removed registry key ($RegistryKeyName) on $Computer `r " # VALIDATE REG VALUE Write-output "Connecting to $Computer for registry Check `r " $Registry = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $Computer) $RegistryKey = $Registry.opensubkey($RegistryPath,$False) ## $False = ReadOnly $RegistryKeyValue = $RegistryKey.getvalue($RegistryKeyName) IF ($RegistryKeyValue -eq $RegistryValue) { $RegKeyValueSet = $True ; Write-Output "Registry key on $Computer is already set ($RegistryKeyName has a value of $RegistryKeyValue) `r " } # MODIFY VALUE Write-output "Connecting to $Computer for registry modification `r " $Registry = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $Computer) $RegistryKey = $Registry.opensubkey($RegistryPath,$true) ## $True = Write $RegistryKeyValue = $RegistryKey.getvalue($RegistryKeyName) $RegistryKey.SetValue("$RegistryKeyName","$RegistryValue") |
Windows 2008 (Local)
(sometimes you have to delete a key in order to change it)
1 2 3 4 | Remove-ItemProperty -Path 'HKLM:System\CurrentControlSet\Services\NTFRS\Parameters\Backup/Restore\Process at Startup'-Name 'BurFlags' New-ItemProperty -Path 'HKLM:System\CurrentControlSet\Services\NTFRS\Parameters\Backup/Restore\Process at Startup'-Name 'BurFlags' -Value '210' -PropertyType "DWORD" [string]$BurFlagsKeyValue = (Get-ItemProperty -Path 'HKLM:System\CurrentControlSet\Services\NTFRS\Parameters\Backup/Restore\Process at Startup'-Name 'BurFlags' ).BurFlags Write-OutPut "Burflags is set to $BurFlagsKeyValue on $DCHostName `r " |
Windows 2008 Remote (with Powershell Remoting)
1 2 3 4 | Invoke-Command -ComputerName $Computer -ScriptBlock { Remove-ItemProperty -Path 'HKLM:System\CurrentControlSet\Services\NTFRS\Parameters\Backup/Restore\Process at Startup'-Name 'BurFlags' } Invoke-Command -ComputerName $Computer -ScriptBlock { New-ItemProperty -Path 'HKLM:System\CurrentControlSet\Services\NTFRS\Parameters\Backup/Restore\Process at Startup'-Name 'BurFlags' -Value '210' -PropertyType "DWORD" } [string]$BurFlagsKeyValue = Invoke-Command -ComputerName $Computer -ScriptBlock ({ Get-ItemProperty -Path 'HKLM:System\CurrentControlSet\Services\NTFRS\Parameters\Backup/Restore\Process at Startup'-Name 'BurFlags' }).BurFlags Write-OutPut "Burflags is set to $BurFlagsKeyValue on $Computer `r " |
