DoNotOpenServerManagerAtLogon not working

This topic contains 2 replies, has 2 voices, and was last updated by  Leandro Wajswajn Pereyra 3 weeks, 5 days ago.

  • Author
    Posts
  • #80657

    Deep
    Participant

    Below script getting executed successfully but does not perform any changes in the registry.
    can someone please help me with this.

    Verified the registry key values before and after no change appeared.

    Thank you in advance.

    Configuration ServerConfig {

    Node localhost {

    Registry DoNotOpenServerManagerAtLogon {

    Ensure = 'Present'
    Key = 'HKEY_CURRENT_USER\Software\Microsoft\ServerManager'
    ValueName = "DoNotOpenServerManagerAtLogon"
    ValueData = "1"
    ValueType = "DWORD"
    Force = $true
    }
    }
    }

    ServerConfig -output C:\Automation

    Start-DscConfiguration -Path C:\Automation -Wait -Force -Verbose

  • #80663

    Deep
    Participant

    I'm unable to update any of the HKEY_CURRENT_USER registries, but I can update HKEY_LOCAL_MACHINE registries with DSC.

    can someone please help.

  • #80717

    DSC Resources are not able to modify HKCU keys since those are managed per user while DSC runs under SYSTEM context; in case of this, a custom resource would be needed to go throw each user and mount their hives. However, a workaround you can implement is disabling through the Policies registry key which will block it meaning it won't be option but it will be disabled for every user and they won't be able to change it:

    Configuration ServerConfig {
      Node localhost {
        Registry DoNotOpenServerManagerAtLogon {
          Ensure = 'Present'
          Key = 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Server\ServerManager'
          ValueName = "DoNotOpenAtLogon"
          ValueData = "1"
          ValueType = "Dword"
          Force = $true
        }
      }
    }
    

You must be logged in to reply to this topic.