Writing Current User registry keys in SCCM as System

It is possible to write CurrentUser registry keys by deploying an application/package that runs as the System.  This could be useful when installing an application and wanting to set the personalisation registry keys for the logged in user at the same time.  The script I’ve used below also allows you to install it for all users on that machine, and also for the Default User so all future users get those settings.

 

You’ll need 3 things:

  1. A registry file that contains the settings you want to add.

1

  1. This script from TechNet https://gallery.technet.microsoft.com/scriptcenter/Write-to-HKCU-from-the-3eac1692

 

  1. A batch file similar to this.

It basically enables the powershell script to run, runs the script to add the registry key(s) for the Current User that is logged on, and then returns the powershell execution policy back to what it was.

2

PowerShell.exe Set-ExecutionPolicy -ExecutionPolicy Unrestricted

PowerShell.exe -File “%~dp0WriteToHkcuFromsystem.ps1” -RegFile “%~dp0DisableTaskBarThumbnails.reg” -CurrentUser

PowerShell.exe Set-ExecutionPolicy -ExecutionPolicy Restricted

 

I created a new package in SCCM containing the following files

3

 

Ensure that you choose “Only when a user is logged on”. This means it will be able to pick up the Current User and apply the registry settings to that user.

4

 

For the Command being run just choose the install.bat.   I made sure it runs hidden as well.

5

 

Deploy out to some test machines and you should find it populates the Current User hive of the registry.  Take a look at the script on TechNet as it shows how to add the registry key(s) to   -CurrentUser -AllUsers -DefaultProfile

Advertisements

One thought on “Writing Current User registry keys in SCCM as System

  1. Thanks for the post, this helps me a lot.
    I was able to run the HKCU + .reg file directly from command line as oneliner, as a package. May it helps others too if you want to avoid creating an extra installer file.

    Here my line, which I use:
    “%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe” -ExecutionPolicy Bypass -Command .\WriteToHkcuFromSystem.ps1 -RegFile Registry-Settings.reg –CurrentUser –AllUsers –DefaultProfile

    Regards,
    Dan

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s