reg.exe question
I'm trying to deploy out a reg.exe to change an IE setting. It sets the Trusted Site Zones to "Automatic logon with current user name and password". Below is the command I have written. When I deploy it says successful but never updates the key value. If I copy from the reg.exe on and put that in my cmd box it works with no problem on changing the key. Am I missing something?
%SystemRoot%\System32\REG.exe ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1A00 /t REG_DWORD /d 0 /f
-
I'm unfamiliar with the syntax here. Can I make some assumptions?
You are setting a new DWORD Value with a name of 1A00 to a Data Value of 0
If that assumption is correct, try creating a powershell script containing the following:
New-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" -Name 1A00 -Value 0 -Type Dword
-
Roger that. Then I would ammend my script as follows:
#Delete existing 1A00 key
Remove-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" -Name 1A00
#Re-add key with desired values
New-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" -Name 1A00 -Value 0 -Type Dword
-
You're welcome. When testing it make sure you are setting your execution policy to bypass (Set-executionpolicy Bypass in the powershell window.)
When you have your script tested and create a package for it just make sure the command line is something like powershell.exe -executionpolicy bypass -file $pdqrepo (sub this for whatever the path is)
-
I should have clarified more as well. Each employee has their own PC, so either HKCU or HKLM should be fine. I'm trying to accomplish this without a log off and back on. I think that is where my problem lies. I've tried the command to force without the reboot but it didn't go, so i'm guessing a log off and on will be required.
-
HKCU would be fine if the deployment is run as the logged on user. If you're using a service account for deployments (as you should be!), HKCU would run against the service account user context.
There used to be a way to reload the registry without a logoff/logon.....but that appears to have gone away in Win7+
Run the deployment outside business hours and when they log in in the morning, the setting will be there.
Please sign in to leave a comment.
Comments
12 comments