Author Posts

September 27, 2017 at 7:51 am

Below script getting executed successfully but does not perform any changes in the registry.
can someone please help me with this.

Verified the registry key values before and after no change appeared.

Thank you in advance.

Configuration ServerConfig {

Node localhost {

Registry DoNotOpenServerManagerAtLogon {

Ensure = 'Present'
Key = 'HKEY_CURRENT_USER\Software\Microsoft\ServerManager'
ValueName = "DoNotOpenServerManagerAtLogon"
ValueData = "1"
ValueType = "DWORD"
Force = $true
}
}
}

ServerConfig -output C:\Automation

Start-DscConfiguration -Path C:\Automation -Wait -Force -Verbose

September 27, 2017 at 9:04 am

I'm unable to update any of the HKEY_CURRENT_USER registries, but I can update HKEY_LOCAL_MACHINE registries with DSC.

can someone please help.

September 27, 2017 at 4:38 pm

DSC Resources are not able to modify HKCU keys since those are managed per user while DSC runs under SYSTEM context; in case of this, a custom resource would be needed to go throw each user and mount their hives. However, a workaround you can implement is disabling through the Policies registry key which will block it meaning it won't be option but it will be disabled for every user and they won't be able to change it:

Configuration ServerConfig {
  Node localhost {
    Registry DoNotOpenServerManagerAtLogon {
      Ensure = 'Present'
      Key = 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Server\ServerManager'
      ValueName = "DoNotOpenAtLogon"
      ValueData = "1"
      ValueType = "Dword"
      Force = $true
    }
  }
}