Created
February 27, 2020 10:31
-
-
Save arcotek-ltd/99b2a86296f19f5b3cff2d9d50c0a4d2 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Registry enties for Windows Hello for Business | |
param | |
( | |
[parameter(HelpMessage="Public facing domain. e.g. contoso.com")] | |
[string]$VanityDomain, | |
[parameter(HelpMessage="Internal AD DNS domain. e.g. netbios.local")] | |
[string]$ADDNSDomain, | |
[parameter(HelpMessage="BASE-64 exported root certificate file name. e.g. myRoot.cer")] | |
[string]$CertName | |
) | |
$Hive = "HKLM" | |
$Data = @( | |
@{ | |
hive = $Hive | |
path = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\$VanityDomain" | |
type = "DWORD" | |
name = "*" | |
data = "00000001" | |
} | |
@{ | |
hive = $Hive | |
path = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\$ADDNSDomain" | |
type = "DWORD" | |
name = "*" | |
data = "00000001" | |
} | |
@{ | |
hive = $Hive | |
path = "Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" | |
type = "DWORD" | |
name = "2103" | |
data = "00000000" | |
} | |
@{ | |
hive = $Hive | |
path = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoftonline.com\device.login" | |
type = "DWORD" | |
name = "https" | |
data = "00000001" | |
} | |
@{ | |
hive = $Hive | |
path = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoftazuread-sso.com\autologon" | |
type = "DWORD" | |
name = "https" | |
data = "00000001" | |
} | |
) | |
$Output = @() | |
foreach($item in $Data) | |
{ | |
#$item.path | |
if(-Not(Test-Path -Path "$($item.hive):\$($item.path)")) | |
{ | |
Write-Host "Creating key..." | |
New-Item -Path "$($item.hive):\$($item.path)" -Force | |
} | |
Get-Item -Path "$($item.hive):\$($item.path)" | New-ItemProperty -Name $item.name -Value $item.data -PropertyType $item.type -Force | Out-Null | |
$Output += "`t$($item.hive):\$($item.path)\$($item.name) Data: $($item.data)`r`n" | |
} | |
Write-Host "Registry entries created:-" | |
Write-Host "$Output" | Out-String | |
$CertPath = Join-Path $PSScriptRoot $CertName | |
If(-not (Test-Path -Path "filesystem::$CertPath")) | |
{ | |
Throw "Root certificate not found in '$CertPath'. It should be in the same directory as this script." | |
} | |
Import-Certificate -FilePath $CertPath -CertStoreLocation cert:\LocalMachine\Root -Verbose | |
Write-Host "Root certificate imported." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment