-
Notifications
You must be signed in to change notification settings - Fork 76
/
Edit-HKCURegistryfromSystem.ps1
44 lines (41 loc) · 1.44 KB
/
Edit-HKCURegistryfromSystem.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
<#
.SYNOPSIS
Modify registry for the CURRENT user coming from SYSTEM context
.DESCRIPTION
Same as above
.NOTES
Filename: Edit-HKCURegistryFromSystem.ps1
Version: 1.0
Author: Martin Bengtsson
Blog: www.imab.dk
Twitter: @mwbengtsson
.LINK
https://www.imab.dk/back-to-basics-modifying-registry-for-the-current-user-coming-from-system-context
#>
function Get-CurrentUser() {
try {
$currentUser = (Get-Process -IncludeUserName -Name explorer | Select-Object -First 1 | Select-Object -ExpandProperty UserName).Split("\")[1]
}
catch {
Write-Output "Failed to get current user."
}
if (-NOT[string]::IsNullOrEmpty($currentUser)) {
Write-Output $currentUser
}
}
function Get-UserSID([string]$fCurrentUser) {
try {
$user = New-Object System.Security.Principal.NTAccount($fcurrentUser)
$sid = $user.Translate([System.Security.Principal.SecurityIdentifier])
}
catch {
Write-Output "Failed to get current user SID."
}
if (-NOT[string]::IsNullOrEmpty($sid)) {
Write-Output $sid.Value
}
}
$currentUser = Get-CurrentUser
$currentUserSID = Get-UserSID $currentUser
$userRegistryPath = "Registry::HKEY_USERS\$($currentUserSID)\SOFTWARE\Policies\Microsoft\office\16.0\outlook\cached mode"
New-ItemProperty -Path $userRegistryPath -Name "Enabled" -Value 0 -PropertyType DWORD -Force | Out-Null