Hoping someone has done something like this before where you need to loop
through the user profiles and look for something in their registry hive. I've
made Configuration Item that runs a powershell script that checks for
connections to a particular print server. It does a reg load on each user's
profile and then checks for reg keys pointing to the server we're interested
in. I'm getting inconsistent results, the configuration item is checking for a
Boolean value returned by the script, if it's false then the machine is
compliant. But I'm getting non-compliant results for machines I know shoul d
evaluate as compliant.
The script is below, if anyone has a simpler way to accomplish this, that would
be super helpful.
#Create New PS Drive to access the user Keys
New-PSDrive -PSProvider Registry -Name HKU -Root HKEY_USERS | Out-Null
Set-Location HKU:
#Create empty array to which we will add our list of wrong printer connections
$BadPrinters = @()
#Gets the current user's SID to look for printers
$strCurrentUser = (Get-WmiObject Win32_ComputerSystem -Computer ".").UserName
$objCurrentUser = New-Object
System.Security.Principal.NTAccount($strCurrentUser)
$strCurrentUserSID =
($objCurrentUser.Translate([System.Security.Principal.SecurityIdentifier])).Value
$PrintServer = '*PrintServer01*'
#Lookup the printer in the current user hive
$GetKey = Test-Path .\$strCurrentUserSid\Printers\Connections
IF ($GetKey -eq $true)
{
$BadPrintServer = Get-ChildItem -Path
.\$strCurrentUserSid\Printers\Connections | Where-Object {$_.Name -like
$Printserver}
Foreach ($badconnects in $BadPrintServer)
{
$BadPrinters += "$badconnects"
}
}
#Exclude users from list of profiles we will load
$strUserName = ((Get-WmiObject Win32_ComputerSystem -Computer
".").UserName).Split('\')[1]
$ExcludedUsers = @($strUserName, 'ADMINI~1', 'Public')
#Reg load each user profile and check for the printers
$GetUsersToLoad = Get-ChildItem -path "$env:SystemDrive\Users" -Exclude
$ExcludedUsers
$UserList = @()
Foreach ($user in $GetUsersToLoad)
{
$UserList += $user.Name
}
Foreach ($profile in $UserList)
{
&Reg.exe Load HKU\$Profile c:\users\$Profile\ntuser.dat | Out-Null
Start-Sleep -s 3
$TempGetKey = Test-Path HKU:\$Profile\Printers\Connections
IF ($TempGetKey -eq $true)
{
$TempBadPrintServer = Get-ChildItem -Path
HKU:\$Profile\Printers\Connections | Where-Object {$_.Name -like $PrintServer}
Foreach ($connection in $TempBadPrintServer)
{
IF ($connection -ne $Null)
{
$BadPrinters += $connection.ToString()
Remove-Variable connection
}
}
Remove-Variable TempBadPrintServer
}
Remove-Variable TempGetKey
[gc]::Collect()
Try{
& cmd /c Reg.exe Unload HKU\$Profile 2>&1 | Out-Null
}
Catch{}
Start-Sleep -s 3
cd HKU:
}
cd c:
Remove-PSDrive HKU
$BadPrinters.count -gt '0'
Jeff Krueger
[email protected]<mailto:[email protected]>
IT - Henry Ford Health System
248.853.4466
________________________________
CONFIDENTIALITY NOTICE: This email contains information from the sender that
may be CONFIDENTIAL, LEGALLY PRIVILEGED, PROPRIETARY or otherwise protected
from disclosure. This email is intended for use only by the person or entity to
whom it is addressed. If you are not the intended recipient, any use,
disclosure, copying, distribution, printing, or any action taken in reliance on
the contents of this email, is strictly prohibited. If you received this email
in error, please contact the sending party by reply email, delete the email
from your computer system and shred any paper copies.
Note to Patients: There are a number of risks you should consider before using
e-mail to communicate with us. See our Privacy & Security page on
www.henryford.com for more detailed information as well as information
concerning MyChart, our new patient portal. If you do not believe that our
policy gives you the privacy and security protection you need, do not send
e-mail or Internet communications to us.
