Last active
March 27, 2017 11:54
-
-
Save SteloNLD/052b9b0e00a16c95fe6eb5702b53c099 to your computer and use it in GitHub Desktop.
Registry Changer, Adds predefined registry keys to the windows registry.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #requires -version 3 | |
| <# | |
| .SYNOPSIS | |
| Registry Changer | |
| .DESCRIPTION | |
| Adds predefined registry keys to the windows registry. | |
| .PARAMETER UserName | |
| Optional, The UserName to use, defaults to $env:USERNAME (the username of the current user) | |
| .PARAMETER UserDomain | |
| Optional, The UserDomain to use, defaults to $env:USERDOMAIN (the domain of the current user) | |
| .INPUTS | |
| None | |
| .OUTPUTS | |
| ErrorEvents in the EventViewer under Log $EventViewerLogName Source: $EventViewerSource | |
| .NOTES | |
| Version: 1.2 | |
| Author: Sten Lootens ([email protected]) | |
| Creation Date: 27-03-2017 | |
| Purpose/Change: Cmndline variable UserDomain for UserSID retrieval. | |
| Bug fixed: UserName not used, hardcoded $env:username | |
| Version: 1.1 | |
| Author: Sten Lootens ([email protected]) | |
| Creation Date: 24-03-2017 | |
| Purpose/Change: Cmndline variable UserName for UserSID retrieval. | |
| Error checkking for UserSID retrieval. | |
| Better formatting, code clean-up. | |
| Version: 1.0 | |
| Author: Sten Lootens ([email protected]) | |
| Inspired by Hasan Ördek ([email protected]) | |
| Creation Date: 22-03-2017 | |
| Purpose/Change: Initial script development | |
| .EXAMPLE | |
| Run the script with powershell, with or without -UserName | |
| - powershell.exe -file "path\script.ps1" | |
| - powershell.exe -file "path\script.ps1" -UserName "username" | |
| #> | |
| #-----------------------------------------------------------[Initialization]------------------------------------------------------------ | |
| ###Script Parameters | |
| # DO NOT ADD ANY UNCOMMENTED CODE BEFORE param( | |
| param( | |
| [String]$UserName, | |
| [String]$UserDomain | |
| ) | |
| #Console cleanup | |
| Clear-Host | |
| # Variables for common use. | |
| $ScriptName = "Registry Changer" | |
| $ScriptMaintainer = "Your name here" | |
| ### EventViewer vars for ErrorLogging. | |
| # LogName, for example Application, Windows PowerShell or $ScriptName. | |
| $EventViewerLogName = "Application" | |
| # Source, for example Application, PowerShell or $ScriptName. | |
| $EventViewerSource = "Application" | |
| # | |
| # Please be aware that a Source and Log need to be registered in order for them to be used. | |
| # Some default logs and sources are | |
| # Log:Windows PowerShell Source:PowerShell | |
| # Log:Application Source:Application | |
| # | |
| # You'll need to run the command New-EventLog -LogName $EventViewerLogName -Source $EventViewerSource as Admin if you want a customized log. | |
| # This is a permanent change, you dont have to repeat this step between scripts or reboots, only between Computers or Operating System instalations. | |
| # After that you could use Write-EventLog –LogName $EventViewerLogName –Source $EventViewerSource –EntryType Error –EventID 0 –Message "ErrorMessage" | |
| #Set Error Action to Stop, if an error occurs the script wil stop! | |
| $ErrorActionPreference = "Stop" | |
| #-----------------------------------------------------------[Execution]------------------------------------------------------------ | |
| ### Retrieve the UserName | |
| # if the UserName is not provided trough the commandline it wil default to the username of the current user. | |
| if (!($UserName)) {$UserName = $env:USERNAME } | |
| ### Retrieve the UserDomain | |
| # if the UserDomain is not provided trough the commandline it wil default to the domain of the current user. | |
| if (!($UserDomain)) {$UserDomain = $env:USERDOMAIN } | |
| ### Retrieve UserSID | |
| # You can do this in more than one way for example (get-aduser $env:USERNAME).sid.value but this command requires the Active Directory Module, the following sollution does not: | |
| try {$sUserSID = ((New-Object System.Security.Principal.NTAccount("$UserDomain", "$UserName")).Translate([System.Security.Principal.SecurityIdentifier])).Value} | |
| catch { Write-EventLog –LogName $EventViewerLogName –Source $EventViewerSource –EntryType Error –EventID 0 –Message ("Could not retrieve UserSID for user $($UserName) `n " + | |
| "Execution aborted Script $ScriptName Maintainer $ScriptMaintainer `n " + | |
| "ErrorDetails: $($_ | Out-String)"); exit} # Error handling | |
| ### Registry Drives | |
| # You can use any Registry Root but only HKLM: and HKCU: are mounted by default, HKU for example has to be mounted manually | |
| if (!(Test-Path "HKU:\")) { | |
| Try {New-PSDrive -PSProvider Registry -Name HKU -Root HKEY_USERS} | |
| catch { Write-EventLog –LogName $EventViewerLogName –Source $EventViewerSource –EntryType Error –EventID 0 –Message ("Could not mount Registry Drive HKU:\ `n " + | |
| "Execution aborted Script $ScriptName Maintainer $ScriptMaintainer `n " + | |
| "ErrorDetails: $($_ | Out-String)"); exit} # Error handling | |
| } | |
| ### Registry Paths | |
| # Place frequently used paths or paths that need complex formatting here. | |
| # AppV example: | |
| $RegPath_AppV_Test = "HKLM:\SOFTWARE\Microsoft\AppV\Client\Packages\**********\$sUserSID\Registry\MACHINE\Software\test" | |
| # HKU example: | |
| $RegPath_HKU_Test = "HKU:\$sUserSID\Software\test" | |
| #Normal example: | |
| $RegPath_HKCU_Test = "HKCU:\Software\test" | |
| ###Registry Keys | |
| # Seperated by ','. | |
| # Path, the path to the key prefixed with HKLM:\ for example. | |
| # Key, the name of the key. | |
| # Value, the value of the key. | |
| # Type, the keytype, allowed values: | |
| # "String, Expand String, Binary, DWord, MultiString, QWord, Unknown". | |
| $RegKeys = | |
| @{ Path="$RegPath_AppV_Test"; | |
| Key="Key Name"; | |
| Value="Key Value"; | |
| Type="String" }, | |
| @{ Path="$RegPath_HKU_Test"; | |
| Key="Key Name"; | |
| Value="Key Value"; | |
| Type="String" }, | |
| @{ Path="$RegPath_HKCU_Test"; | |
| Key="Key Name"; | |
| Value="Key Value"; | |
| Type="String" } | |
| #-----------------------------------------------------------[Registry Key Creation/ main functionality] | |
| #Loop trough every Key (variable) defined in the $RegKeys array | |
| Foreach ($RegKey in $RegKeys) { | |
| #Check if the path exist or try to create it if not. | |
| If (!(test-path $RegKey.Path)) { | |
| try { New-Item -Path $RegKey.Path -Force | Out-Null } | |
| # -Force allows a subfolder of an non existing folder to be created (folders will be created recursively) | |
| # This will also overwrite an existing folder wich is a potential risk! | |
| # | Out-Null prevents the command response from being printed in the console | |
| catch { Write-EventLog –LogName $EventViewerLogName –Source $EventViewerSource –EntryType Error –EventID 0 –Message ("Could not create path $($RegKey.Path) `n " + | |
| "Execution aborted Script $ScriptName Maintainer $ScriptMaintainer `n " + | |
| "ErrorDetails: $($_ | Out-String)"); exit} # Error handling | |
| } | |
| #Check if the key exist and change it or try to create it if not. | |
| If ((Get-ItemProperty -Path $RegKey.Path)."$($RegKey.Key)") { | |
| try { Set-ItemProperty -Path $RegKey.Path -Name $RegKey.Key -Value $RegKey.Value | Out-Null} | |
| # | Out-Null prevents the command response from being printed in the console | |
| catch { Write-EventLog –LogName $EventViewerLogName –Source $EventViewerSource –EntryType Error –EventID 0 –Message ("Could not change key $($RegKey.Key) for $($RegKey.Path) `n " + | |
| "Execution aborted Script $ScriptName Maintainer $ScriptMaintainer `n " + | |
| "ErrorDetails: $($_ | Out-String)"); exit} # Error handling | |
| } Else { | |
| try { New-ItemProperty -Path $RegKey.Path -Name $RegKey.Key -Value $RegKey.Value -PropertyType $RegKey.Type | Out-Null} | |
| # | Out-Null prevents the command response from being printed in the console | |
| catch { Write-EventLog –LogName $EventViewerLogName –Source $EventViewerSource –EntryType Error –EventID 0 –Message ("Could not create key $($RegKey.Key) for $($RegKey.Path) `n " + | |
| "Execution aborted Script $ScriptName Maintainer $ScriptMaintainer `n " + | |
| "ErrorDetails: $($_ | Out-String)"); exit} # Error handling | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment