Insert SID within registry path
Hi everyone,
I'm trying to modify a registry key which has a sid of the current user in the path. I tried to do but I'm not so good scripting. :(
I know that I can get the SID of current user with this command: wmic useraccount where name='%username%' get sid
I have to put this SID in a variable and insert it on this command:
Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.RegWrite HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\('SID')
Can anyone help me with that? Just show me how to do and I make my way :)
Thanks!!
August 26th, 2015 8:21am
Hi Jonny,
you can do that in PowerShell
References:
https://technet.microsoft.com/en-us/library/ff730940.aspx
http://blogs.technet.com/b/heyscriptingguy/archive/2012/05/09/use-powershell-to-easily-create-new-registry-keys.aspx
Code (execute Powershell as Administrator):
$objUser = New-Object System.Security.Principal.NTAccount("domain", "username")
$strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier])
New-Item -Path HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features -Name $strSID.Value
August 26th, 2015 8:35am
Thanks MStoppl!
I'll read and try to do it now. Actually I have to register this:
HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\SID\FeatureStates=33c
In hexdecimal.
I'll let you know if I succeed.
August 26th, 2015 8:44am
OK,
I made this:
"set-item -Path HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\SID\FeatureStates -Value 33c -Type DWord"
and it return with the error:
Set-Item: The string of input characters was not in an incorrect format .
When I remove or change -Type DWord it appears to run normally but nothing happens effectively on the registry.
Also
How can I insert the variable inside the registry path?
"set-item -Path HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\$strSID.Value\FeatureStates"
Thanks! I'm still trying!
August 26th, 2015 10:10am
What is the purpose of the script?
August 26th, 2015 10:11am
Hi Bill.
I have a registry that the path changes from user to user. This path uses the user SID. So I have to create a script to change this key getting the current user SID to work correctly.
Path:
HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\UserSID
Name: FeatureStates
Value: 33c
Type: DWORD
That's my prob
August 26th, 2015 10:17am
That isn't the question. Why are you trying to change the 'featurestates' registry value? What problem are you fixing?
August 26th, 2015 10:58am
I want to disable the feature wifi sense from Windows 10 in all my domain!
August 26th, 2015 11:01am
I recommend not modifying an undocumented registry value unless you are certain of the exact bits you are changing.
August 26th, 2015 11:10am
Bill,
It is already tested in my environment since technical preview. I am sure about it. This value is responsable to disable wifi sense totally. If you do this by GUI it changes the regist
August 26th, 2015 11:18am
Usually those DWORD values are treated as a bit array and not a whole value.
If the bits in the value are not documented, rewriting the entire value is not recommended as it may change other bits indiscriminately.
The storage of the bits in that value are most likely an implementation detail and are not designed to be overwritten indiscriminately. I hope it works out for you, but you have been warned that this is not a good idea and may have unpredictable side effects.
August 26th, 2015 11:24am
Yes I understand that. It is in a small group of computers. I have to follow some rules here in because I'm inside a high secure environment (bank). So my client are aware about the risks of changing this key and he takes responsability for it. :)
About the script, I'm rewriting just to change it from 38b to 33c, which is the same that I disable by GUI.
Do you know how can I insert the variable inside this path:
"set-item -Path HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\$variable\FeatureStates"?
Thanks for the warnings Bill!
August 26th, 2015 11:49am
August 26th, 2015 11:57am
Hey Mike!
Unfortunately this solution only works blocking to connect automaticaly on open networks. It does not disable the feature entirely. Users still can share and connect on contacts networks. The only way to totally disable it is changing the value SID by SID.
I already posted this solution (equal to WindowsITPro) in my blog (Portuguese): http://www.nextadmins.com.br/saiba-o-que-e-o-wifi-sense-do-windows-10-e-como-proteger-sua-rede/
Thanks for the reply :)
August 26th, 2015 12:07pm
0x38B = decimal 907 and corresponds to this 16-bit pattern:
0000 0011 1000 1011
0x33C = decimal 828 and corresponds to this 16-bit pattern:
0000 0011 0011 1100
This means that this registry modification is reversing bits 0, 1, 2, 4, 5, and 7 (underlined above).
This seems like a lot of bits (6) to be changing without knowing what each of those bits do.
To reiterate, this is not recommended unless you know what each of those bits are for.
August 26th, 2015 12:48pm
Hi Jonny,
maybe a silly question, isn't this settings included in Windows 10 Group policies?
https://www.microsoft.com/en-us/download/details.aspx?id=48257
Maybe it could help you to configure Windows 10 (not only this settings) in your domain according to your needs.
M.
-
Edited by
MStoppl
23 hours 46 minutes ago
August 27th, 2015 3:25am
Hi Jonny,
maybe a silly question, isn't this settings included in Windows 10 Group policies?
https://www.microsoft.com/en-us/download/details.aspx?id=48257
Maybe it could help you to configure Windows 10 (not only this settings) in your domain according to your needs.
M.
-
Edited by
MStoppl
Thursday, August 27, 2015 7:23 AM
August 27th, 2015 7:23am
Hi Mike,
Unfortunately, no. It isn't there yet.
Thanks!
August 27th, 2015 9:32am
Bill,
Actually the only values are:
37d (893)- All enabled 0000001101111101
33c (828)- All disabled 0000001100111100
33d (829)- Only option to connect automatically in open networks enabled (not contacts)
0000001100111101
37c (892)- Only option to connect in contacts networks enabled (not opened networks)
0000001101111100
I've tested all of those values and other possibilities. And also tracked what the funcion (wifi sense) changes inside Windows when I enable or disable all options.
I made this script, if someone need:
for /f %A in ('reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" ^| find "S-1"') do (reg add %A /v FeatureStates /t REG_DWORD /d 828 /f)
:EOF
I apreciate all the help from
Bill_Stewart,
Mike Laughlin and MStoppl!
Thanks guys! It solved my problem!
August 27th, 2015 9:35am
You mentioned the value 0x38B, not listed in your list above.
But again: It is not recommended to modify undocumented registry values. It is probably an implementation detail that is subject to change without notice with any patch or update of the operating system.
August 27th, 2015 10:28am
The error is explixit. You cannot use a string to set a DWORD.
$value=0x33c
set-item -Path HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\SID\FeatureStates -Value $value -Type DWord
This generates an integer from the hex '33c'
You can do this in Group P
August 27th, 2015 12:23pm
Yes jrv,
Should be this:
$value=
828
set-item -Path HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\SID\FeatureStates -Value $value -Type DWord
But I already made a script to do it in vb. it's in this post.
Thanks!
August 27th, 2015 12:42pm
Other recent topics
