Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
Max2021-02-16 16:16:48
PowerShell
Max, 2021-02-16 16:16:48

Changing the HKCU of the currently logged in user from a script run as SYSTEM?

Hello. There is a task like this:
Copy offline files from c\win\csc.. to the same wheelbarrow where they are, only to a different location C:\csc
disable offline files
fix the path of home folders in the registry of the logged in user (desktop, documents) from the network dfs \\dfs.example to local %localprofile%\docs..
disable offline files
move files files from C:\csc to %localprofile%\
Question:
The script will be run as nt authority\system from the scheduler. Registry keys
which I want to change are in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders and you need to change these keys for a user who is logged into the system at the time the script is filled. But if the script is run on behalf of nt authority\system, then such a command 

Set-Itemproperty -path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders' -Name 'Personal' -value 'TEST'

will cause the key to change at nt authority\system. How to be? I look in the direction of HKEY_USERS but this branch is not registered by default
Yes, and in general for the first time I write something on ps, poke where and what I did wrong)

spoiler
$drive_free = "{0:N0} GB" -f ((get-psdrive c | measure Free -s).sum / 1Gb)
$folder_size = "{0:N0} GB" -f ((gci c:\windows\csc | measure Length -s).sum / 1Gb)
$new_folder = mkdir C:\CSC_copy -ErrorAction SilentlyContinue
$user_logon = (get-wmiobject Win32_ComputerSystem).UserName.Split('\')[1]
$userlogon_sid = ([System.Security.Principal.WindowsIdentity]::GetCurrent()).User.Value
$ExcludedUsers = "Public","Migr","daimyo",”adm”,”$user_logon”, "adam", "DefaultAccount", "eve", "WDAGUtilityAccount", "Admin", "User", "ADMT.USER", "LocalService", "systemprofile", "NetworkService", "gamer"
$LocalProfiles = Get-WMIObject -class Win32_UserProfile | Where {(!$_.Special) -and (!$_.Loaded) -and ($_.ConvertToDateTime($_.LastUseTime) -lt (Get-Date).AddDays(-30))}
#$csc_copy = cd C:\CSC_copy
#$domain = example.com
#$domainuser = example.com
$csdomain = (Get-WmiObject Win32_ComputerSystem).domain
$csuserdomain = (get-wmiobject Win32_ComputerSystem).UserName.Split('\')[0]
 
#Write-Host $drive_free
#Write-Host $folder_size
 
ForEach-Object -Process{
 
    if ($drive_free -lt $folder_size){
        robocopy C:\Windows\CSC C:\CSC_Copy /MIR /FFT /R:3 /W:10 /Z /NP /NDL
 
        }
    else { foreach ($LocalProfile in $LocalProfiles){
 
           if (!($ExcludedUsers -like $LocalProfile.LocalPath.Replace("C:\Users\","")))
{
#удалить папки старых профилей..
#$LocalProfile | Remove-WmiObject
Write-host $LocalProfile
Write-host $LocalProfile.LocalPath.Replace("C:\Users\","")
  }
    }
      }
                }
 
#Отключаем автономные файлы, отключаем дфс путь, копируем файлы на землю
 
foreach ($csdomain in $domain){
 
    if ($csdomain -like $domain -and $csuserdomain -like $domainuser) {
#{FDD39AD0-238F-46AF-ADB4-6C85480369C7} - документы
#{B4BFCC3A-DB2C-424C-B029-7FE99A87C641} - десктоп
#Отключаем автономные файлы 
        Set-Itemproperty -path 'HKLM:\SYSTEM\CurrentControlSet\Services\CSC' -Name 'Start' -value '00000004'
        Set-Itemproperty -path 'HKLM:\SYSTEM\CurrentControlSet\Services\CscService' -Name 'Start' -value '00000004'
#как поменять на logon user ветке?? регистрировать ветку в psitem HKEY_USERS??
       #??? Set-Itemproperty -path 'HKU:\$userlogon_sid\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders' -Name 'Desktop' -value '%USERPROFILE\Desktop'
       #??? Set-Itemproperty -path 'HKU:\$userlogon_sid\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders' -Name 'Personal' -value 'TEST'
 
        (Get-Process -Name explorer).Kill()
        #вырезать файлы? 
        #robocopy C:\CSC_Copy\... C:\%USERPROFILE\... /MIR /FFT /R:3 /W:10 /Z /NP /NDL
        }
 
    else { break 
                }
                    }

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
M
Max, 2021-02-17
@WarStyle

Googling a couple of days found this install-module RunAsUser

Invoke-AsCurrentUser -UseWindowsPowerShell  {Set-Itemproperty -path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders' -Name 'Desktop' -value '%USERPROFILE\Desktop' }

works)

Similar questions
V
vista1x2015-12-02 22:53:32
How to limit the rights of the user (or the process he runs)? 1Reply
N
nfire2020-05-30 12:41:22
What command can be used to repeat the "Suspend Process" action in the Resource Monitor on the "Network" tab? 1Reply
G
Gagatyn2018-05-01 00:31:23
How to sort numbers not by the first digit? 3Reply
S
SMARTi2015-12-28 12:15:55
How to handle exceptions on Invoke-WebRequest to get Http StatusCode? 1Reply
E
Eugene2015-12-31 16:24:26
How to parallelize package installation execution in Windows Powershell? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question