reg.exe question
I'm trying to deploy out a reg.exe to change an IE setting. It sets the Trusted Site Zones to "Automatic logon with current user name and password". Below is the command I have written. When I deploy it says successful but never updates the key value. If I copy from the reg.exe on and put that in my cmd box it works with no problem on changing the key. Am I missing something?
%SystemRoot%\System32\REG.exe ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1A00 /t REG_DWORD /d 0 /f
Comments
I'm unfamiliar with the syntax here. Can I make some assumptions?
You are setting a new DWORD Value with a name of 1A00 to a Data Value of 0
If that assumption is correct, try creating a powershell script containing the following:
New-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" -Name 1A00 -Value 0 -Type Dword
The DWORD value 1A00 is already in the Registry. I am trying to change the Value of it from 20000 to 0.
Roger that. Then I would ammend my script as follows:
#Delete existing 1A00 key
Remove-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" -Name 1A00
#Re-add key with desired values
New-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" -Name 1A00 -Value 0 -Type Dword
Thanks for this. I'll write it up real quick and test.
You're welcome. When testing it make sure you are setting your execution policy to bypass (Set-executionpolicy Bypass in the powershell window.)
When you have your script tested and create a package for it just make sure the command line is something like powershell.exe -executionpolicy bypass -file $pdqrepo (sub this for whatever the path is)
You are deploying to HKCU, which means this will only affect your deployment user. If you want it to be system wide you need to find the matching key in HKLM.
While this is exactly right, I was going with the assumption that he meant to deploy it to HKCU. It will also depend wildly on how he is deploying it.
Dan: Test it with HKCU and HKLM and see which works out for you. My money is going to be on HKLM.
I should have clarified more as well. Each employee has their own PC, so either HKCU or HKLM should be fine. I'm trying to accomplish this without a log off and back on. I think that is where my problem lies. I've tried the command to force without the reboot but it didn't go, so i'm guessing a log off and on will be required.
HKCU would be fine if the deployment is run as the logged on user. If you're using a service account for deployments (as you should be!), HKCU would run against the service account user context.
There used to be a way to reload the registry without a logoff/logon.....but that appears to have gone away in Win7+
Run the deployment outside business hours and when they log in in the morning, the setting will be there.
Thanks Stephen and Colby!
You're very welcome. Let us know if that works so we can bump it to be ANSWERED.