Making Registry Changes for All Users with PowerShell
I recently had to throw together a quick script to modify the registry of each current user on a set of given laptops, as well as any future users. While a GPO is normally the way to go for something like this, it wasn't an option for me here. This builds a little more on my May 2017 post where I just needed to get the profile folders.
Feel free to steal, use, and abuse - but like all samples found online, please run through a test environment first, and use at your own risk!
1<#
2
3*******************************************************************************************************************************
4** All code is for demonstration only and should be used at your own risk. I cannot accept liability for unexpected results. **
5*******************************************************************************************************************************
6
7Use: You're welcome to use, modify, and distribute this script. I'd love to hear about how you're using it or
8modifications you've made in the comments section of the original post over at ChristopherKibble.com.
9
10#>
11
12# This key contains all of the profiles on the machine (including non-user profiles)
13$profileList = Get-ChildItem -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList"
14
15# This key contains the path to the folder that contains all the profiles (typically c:\users)
16$profileFolder = (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList').ProfilesDirectory
17
18# This key contains the path to the default user profile (e.g. C:\Users\Default). This is **NOT** HKEY_USERS\.DEFAULT!
19# We don't do anything with it in this sample script, but it can be loaded and modified just like any other profile.
20$defaultFolder = (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList').Default
21
22# HKEY_USER key is not loaded into PowerShell by default and we'll need it, so we'll create new PSDrive to reference it.
23New-PSDrive -Name HKU -PSProvider Registry -Root HKEY_USERS | Out-Null
24
25$profileList | % {
26
27 $profileKeys = Get-ItemProperty $_.PSPath
28
29 $sid = $profileKeys.PSChildName
30 $profilePath = $profileKeys.ProfileImagePath
31
32 # This is an easy way to exclude profiles outside of the default USERS profile folder, e.g. LocalSystem.
33 # You may or may not want to do this depending on your requirements.
34 if ($profilePath -like "$($profileFolder)*") {
35
36 # Check if the profile is already loaded.
37 if (Get-ChildItem "HKU:\$sid" -ErrorAction SilentlyContinue) {
38 $profileLoaded = $true
39 } else {
40 $profileLoaded = $false
41 }
42
43 Write-Output "$sid \`t $profilePath \`t $profileLoaded"
44
45 # Load the key if necessary
46 if ($profileLoaded) {
47 $userKeyPath = "HKU:\$sid"
48 } else {
49 $userKeyPath = "HKLM:\TempHive_$sid"
50 & reg.exe load "HKLM\TempHive_$sid" "$profilePath\ntuser.dat"
51 }
52
53 # DO SOMETHING WITH $USERKEYPATH HERE.
54
55 if (!$profileLoaded) {
56 & reg.exe unload "HKLM\TempHive_$sid"
57 }
58
59 }
60}
61
62Remove-PSDrive -Name HKU
2 comments
Just the Best, I used to remove the Microsoft Teams from starting at user logon, pushed to 501 users and it even got the logged in users, just the best, thanks for posring
Hey there, I'm a real newbie with PowerShell and have a couple of questions Will this also include adding to the the default profile, so all future users will key these reg keys? Where in the script do I put the keys that I want added to every user, and in what format? an example key is below (is this the correct syntax to use) New-Item -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Policies' - Name 'Network' New-ItemProperty ???Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Policies\Network' -Name 'NoEntireNetwork' -Value '1' -PropertyType 'DWord'