Last active
December 2, 2023 05:07
-
-
Save angstyloop/8e9a6a69b995ccaaa70490dfced8e5d5 to your computer and use it in GitHub Desktop.
This PowerShell script creates a GPO that configures Privacy Settings Registry values.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/usr/pwsh | |
# Prefixes for registry key paths. | |
$currentVersion = 'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion' | |
$consentStore = "${currentVersion}\CapabilityAccessManager\ConsentStore" | |
$deviceAccess = "${currentVersion}\DeviceAccess" | |
# A list of Objects like. | |
# { Description: String, RegistryKey: String, Value: Int } | |
$registryKeys = @( | |
@{ | |
Description = 'Location' | |
RegistryKey = "${consentStore}\location" | |
Value = 0 | |
}, | |
@{ | |
Description = 'Webcam' | |
RegistryKey = "${consentStore}\webcam" | |
Value = 0 | |
}, | |
@{ | |
Description = 'Microphone' | |
RegistryKey = "${consentStore}\microphone" | |
Value = 0 | |
}, | |
@{ | |
Description = 'Notifications' | |
RegistryKey = "${consentStore}\userNotificationListener" | |
Value = 0 | |
}, | |
@{ | |
Description = 'Motion' | |
RegistryKey = "${consentStore}\activity" | |
Value = 0 | |
}, | |
@{ | |
Description = 'AccountInfo' | |
RegistryKey = "${consentStore}\userAccountInformation" | |
Value = 0 | |
}, | |
@{ | |
Description = 'Contacts' | |
RegistryKey = "${consentStore}\contacts" | |
Value = 0 | |
}, | |
@{ | |
Description = 'Appointments' | |
RegistryKey = "${consentStore}\appointments" | |
Value = 0 | |
}, | |
@{ | |
Description = 'PhoneCallHistory' | |
RegistryKey = "${consentStore}\phoneCallHistory" | |
Value = 0 | |
}, | |
@{ | |
Description = 'Email' | |
RegistryKey = "${consentStore}\email" | |
Value = 0 | |
}, | |
@{ | |
Description = 'Tasks' | |
RegistryKey = "${consentStore}\userDataTasks" | |
Value = 0 | |
}, | |
@{ | |
Description = 'Messaging' | |
RegistryKey = "${consentStore}\chat" | |
Value = 0 | |
}, | |
@{ | |
Description = 'Radios' | |
RegistryKey = "${consentStore}\radios" | |
Value = 0 | |
}, | |
@{ | |
Description = 'OtherDevices' | |
RegistryKey = "${consentStore}\bluetoothSync" | |
Value = 0 | |
}, | |
@{ | |
Description = 'BackgroundApps' | |
RegistryKey = "${currentVersion}\Search" | |
Value = 0 | |
}, | |
@{ | |
Description = 'AppDiagnostics' | |
RegistryKey = "${consentStore}\appDiagnostics" | |
Value = 0 | |
}, | |
@{ | |
Description = 'Documents' | |
RegistryKey = "${consentStore}\documentsLibrary" | |
Value = 0 | |
}, | |
@{ | |
Description = 'Pictures' | |
RegistryKey = "${consentStore}\picturesLibrary" | |
Value = 0 | |
}, | |
@{ | |
Description = 'Videos' | |
RegistryKey = "${consentStore}\videosLibrary" | |
Value = 0 | |
}, | |
@{ | |
Description = 'FileSystems' | |
RegistryKey = "${consentStore}\broadFileSystemAccess" | |
Value = 0 | |
}, | |
@{ | |
Description = 'SyncInfoWithWirelessDevices' | |
RegistryKey = "${deviceAccess}\Global\LooselyCoupled" | |
Value = 0 | |
}, | |
@{ | |
Description = 'ImprovedTyping' | |
RegistryKey = "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Input\TIPC" | |
Value = 0 | |
} | |
) | |
# Create a new GPO. | |
Write-Host "New-GPO -Name 'gpo-privacy-settings' | New-GPLink -Target 'DC=forest,DC=local'`n" | |
New-GPO -Name 'gpo-privacy-settings' | New-GPLink -Target 'DC=forest,DC=local' | |
# Add registry settings to the GPO. | |
$registryKeys | foreach { | |
Write-Host $_.Description | |
Write-Host "Set-GPRegistryValue -Name 'gpo-privacy-settings' -Key $($_.RegistryKey) -ValueName Enabled -Type DWord -Value $($_.Value)`n" | |
Set-GPRegistryValue ` | |
-Name 'gpo-privacy-settings' ` | |
-Key $_.RegistryKey ` | |
-ValueName Enabled ` | |
-Type DWord ` | |
-Value $_.Value | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment