Hi All,
Tried to set ACL on remote registry but it doesn't work. Tested the same code on local computer which works fine. Please help
objective : Need to assign full permission to "Domain Users" on registry (HKLM\Software\Microsoft) of several remote computers.
Code :
Set-ExecutionPolicy unrestricted -Force
Import-Module -Name psrr -Force
$servers= Get-Content -Path 'D:\ServerList.txt'
foreach($pc in $servers)
{
write-host "Setting ACL Permission for $PC"
$RegSec = new-object system.Security.AccessControl.RegistrySecurity
$rule = New-Object System.Security.AccessControl.RegistryAccessRule("Domain users", "FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")
$RegSec.AddAccessRule($rule)
$RemoteKey = [microsoft.Win32.RegistryKey]::OpenRemoteBaseKey("LocalMachine", $pc)
$RemoteAccess = $RemoteKey.OpenSubKey("Software\Microsoft", $true)
$RemoteAccess.SetAccesscontrol($RegSec)
}
***************
please let me know whats wrong here
This code works well on for the same computer from where this PS run.. but doesn't work for remote computer on same domain.