RegistryWork

From Terminal23wiki

Jump to: navigation, search

This is a small script where I check for the presence of a registry key, and if it is not already present, creates the key, a bunch of values, and a couple subkeys. Note that I do key creation two different ways. The first way ($key = md...) is done because I needed to create a MultiString value which I couldn't figure out using New-ItemProperty. The values and names are obviously custom and interchangable, but I got to use nearly every value type. 

$strRegCheck = get-itemproperty hklm:\SYSTEM\ControlSet001\Services\EventLog\New  -ErrorAction SilentlyContinue
if ($strRegCheck){ }
else
   {
      $key = md hklm:\SYSTEM\ControlSet001\Services\EventLog\New
      $key.SetValue("Sources", [string[]]("New", "New2"))
      New-ItemProperty -Path HKLM:\SYSTEM\ControlSet001\Services\EventLog\NewApplication -Name "AutoBackupLogFiles" -Type "DWord" -Value "0" | out-null
      New-ItemProperty -Path HKLM:\SYSTEM\ControlSet001\Services\EventLog\NewApplication -Name "CustomSD" -Type "String" -Value "O:BAG:SYD:(D;;0xf0007;;;AN)(D;;0xf0007;;;BG)(A;;0xf0007;;;SY)(A;;0x7;;;BA)(A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)" | out-null
      New-ItemProperty -Path HKLM:\SYSTEM\ControlSet001\Services\EventLog\NewApplication -Name "File" -Type "ExpandString" -Value "%SystemRoot%\System32\Config\NewApplication.evt" | out-null
      New-ItemProperty -Path HKLM:\SYSTEM\ControlSet001\Services\EventLog\NewApplication -Name "Maxsize" -Type "DWord" -Value "8388608" | out-null
      New-ItemProperty -Path HKLM:\SYSTEM\ControlSet001\Services\EventLog\NewApplication -Name "Retention" -Type "DWord" -Value "0" | out-null
		
      New-Item -Path HKLM:\SYSTEM\ControlSet001\Services\EventLog\NewApplication\New | out-null
      New-ItemProperty -Path HKLM:\SYSTEM\ControlSet001\Services\EventLog\NewApplication\New -Name "EventMessageFile" -Type "String" -Value "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\EventLogMessages.dll" | out-null
      New-Item -Path HKLM:\SYSTEM\ControlSet001\Services\Eventlog\NewApplication\NewApplication | out-null
      New-ItemProperty -Path HKLM:\SYSTEM\ControlSet001\Services\Eventlog\NewApplication\NewApplication -Name "EventMessageFile" -Type "String" -Value "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\EventLogMessages.dll" | out-null
}
Retrieved from "http://wiki.terminal23.net/index.php/RegistryWork"
Personal tools