Jump to content

Registry Key werden nicht hinzugefügt


Recommended Posts

Hallo zusammen!

Wir müssen auf spezielle Art und weise ein VPN Tunnel erstellen.

Nun haben wir ein Script zusammen gestellt, welches eigentlich den Sinn erfüllt, jedoch funktioniert ein Teil nicht.
 

Der Anfang funktioniert - VPN Verbindung wird erstellt inkl. Route.
Dies wird mi Add-VpnConnection und Route erstellt.
 

Jetzt benötigen wir jedoch noch AlwaysOn. Dies würden wir gerne mit dem unten angefügten Script erstellen.
Führt man die Abschnitte einzeln aus, funktioniert es und die Registry Keys werden erstellt. Führt man Script als ganzes aus - wird kein einziger Registry Eintrag erstellt und es gibt kein Fehler-Output.

 

Ich habe es bereits versucht mit und ohne Transaction...
Was zur Hölle mache ich hier falsch?
 

$ProfileName = "VPNNAME"

# Validate VPN profile
Write-Verbose "Searching VPN profiles for `"$ProfileName`"."

If ($AllUserConnection) {

# Get VPN profile running in the user's context
    $Vpn = Get-VpnConnection -Name $ProfileName -AllUserConnection -ErrorAction SilentlyContinue

}

Else {

# Get VPN profile running in the 'all users' context
    $Vpn = Get-VpnConnection -Name $ProfileName -ErrorAction SilentlyContinue

}

If ($Null -eq $Vpn) {

# Exit if VPN profile does not exist
    Write-Warning "VPN connection `"$ProfileName`" not found."
    Return

}

Else {

Write-Verbose "VPN connection `"$ProfileName`" found."

}

# Use transaction for registry updates
Start-Transaction

#Create registry
REG add "HKLM\System\CurrentControlSet\Services\RasMan\Config\"

# Search AutoTriggerDisabledProfilesList for VPN profile
$Path = 'HKLM:\System\CurrentControlSet\Services\RasMan\Config\'
$Name = 'AutoTriggerDisabledProfilesList'

Write-Verbose "Searching $Name in $Path for VPN profile `"$ProfileName`"..."

Try {

# Get the current registry values as an array of strings
    [string[]]$DisabledProfiles = Get-ItemPropertyValue -Path $Path -Name $Name -ErrorAction Stop

}

Catch {

Write-Verbose "$Name does not exist in $Path. No action required."
    Return

}

If ($DisabledProfiles) {

# Create ordered hashtable
    $List = [Ordered]@{}
    $DisabledProfiles | ForEach-Object { $List.Add("$($_.ToLower())", $_) }

# Search hashtable for matching VPN profile and remove if present
    If ($List.Contains($ProfileName)) {

Write-Verbose 'Profile found. Removing entry...'
        $List.Remove($ProfileName)
        Write-Verbose 'Updating the registry...'
        Set-ItemProperty -Path $Path -Name $Name -Value $List.Values -UseTransaction

}

}

Else {

Write-Verbose "No profiles found matching `"$ProfileName`"."
    Return

}

# Add user SID to registry
If ($AllUserConnection) {

$SID = 'S-1-1-0'
    Write-Verbose "Adding SYSTEM SID $SID to registry..."

}

Else {

Try {

$SID = [System.Security.Principal.WindowsIdentity]::GetCurrent().User.Value
        Write-Verbose "Adding user SID $SID to registry..."

}

Catch {

Write-Warning $_.Exception.Message
        Return

}

}

$Parameters = @{

Path           = 'HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Config\'
    Name           = 'UserSID'
    PropertyType   = 'String'
    Value          = $SID
    UseTransaction = $True

}

New-ItemProperty @Parameters -Force | Out-Null

# Add VPN profile name to registry
$Parameters = @{

Path           = 'HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Config\'
    Name           = 'AutoTriggerProfileEntryName'
    PropertyType   = 'String'
    Value          = $ProfileName
    UseTransaction = $True

}

New-ItemProperty @Parameters | Out-Null

# Add VPN profile GUID to registry
Write-Verbose "Adding VPN GUID $GUID to registry..."
[guid]$GUID = $Vpn | Select-Object -ExpandProperty Guid
$Binary = $Guid.ToByteArray()

$Parameters = @{

Path           = 'HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Config\'
    Name           = 'AutoTriggerProfileGUID'
    PropertyType   = 'Binary'
    Value          = $Binary
    UseTransaction = $True

}

New-ItemProperty @Parameters | Out-Null

# Add phonebook path to registry
If ($AllUserConnection) {

$Path = Join-Path -Path $env:programdata -ChildPath Microsoft\Network\Connections\Pbk\rasphone.pbk
    Write-Verbose "RAS phonebook path is $Path."

}

Else {

$Path = Join-Path -Path $env:userprofile -ChildPath AppData\Roaming\Microsoft\Network\Connections\Pbk\rasphone.pbk
    Write-Verbose "RAS phonebook path is $Path."

}

$Parameters = @{

Path           = 'HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Config\'
    Name           = 'AutoTriggerProfilePhonebookPath'
    PropertyType   = 'String'
    Value          = $Path
    UseTransaction = $True

}

New-ItemProperty @Parameters | Out-Null

# Commit registry changes
Complete-Transaction

# Disable the "Disconnect" button in VAN UI/Settings > ensuring that "Connect Automatically" cannot be unchecked
(get-content -Path "$env:appdata\Microsoft\Network\Connections\Pbk\rasphone.pbk") |ForEach-Object {$_ -Replace "Options=0", "Options=18"} | set-content -Path "$env:appdata\Microsoft\Network\Connections\Pbk\rasphone.pbk"


 

Link to comment

Problematisch finde ich das hier:

 

vor 11 Stunden schrieb DeathSheep:
REG add "HKLM\System\CurrentControlSet\Services\RasMan\Config\"

 

Das bleibt mit "Vorhanden, überschreiben? (j/n)" stehen, wenn man's interaktiv ausführt. Was schreiben denn die ganzen Write-Verbose so in die Konsole?

 

Ich habe mir auch erlaubt, den Code etwas lesbarer zu machen :-)

 

$ProfileName = "VPNNAME"

# Validate VPN profile
Write-Verbose "Searching VPN profiles for `"$ProfileName`"."

If ( $AllUserConnection ) {
    # Get VPN profile running in the user's context
    $Vpn = Get-VpnConnection -Name $ProfileName -AllUserConnection -ErrorAction SilentlyContinue
} Else {
    # Get VPN profile running in the 'all users' context
    $Vpn = Get-VpnConnection -Name $ProfileName -ErrorAction SilentlyContinue
}

If ( $Null -eq $Vpn ) {
    # Exit if VPN profile does not exist
    Write-Warning "VPN connection `"$ProfileName`" not found."
    Return
} Else {
    Write-Verbose "VPN connection `"$ProfileName`" found."
}

# Use transaction for registry updates
Start-Transaction

#Create registry
REG add "HKLM\System\CurrentControlSet\Services\RasMan\Config\"

# Search AutoTriggerDisabledProfilesList for VPN profile
$Path = 'HKLM:\System\CurrentControlSet\Services\RasMan\Config\'
$Name = 'AutoTriggerDisabledProfilesList'

Write-Verbose "Searching $Name in $Path for VPN profile `"$ProfileName`"..."

Try {
    # Get the current registry values as an array of strings
    [string[]]$DisabledProfiles = Get-ItemPropertyValue -Path $Path -Name $Name -ErrorAction Stop
} Catch {
    Write-Verbose "$Name does not exist in $Path. No action required."
    Return
}

If ( $DisabledProfiles ) {
    # Create ordered hashtable
    $List = [Ordered]@{}
    $DisabledProfiles | ForEach-Object { $List.Add("$($_.ToLower())", $_) }

    # Search hashtable for matching VPN profile and remove if present
    If ( $List.Contains( $ProfileName )) {
        Write-Verbose 'Profile found. Removing entry...'
        $List.Remove( $ProfileName )
        Write-Verbose 'Updating the registry...'
        Set-ItemProperty -Path $Path -Name $Name -Value $List.Values -UseTransaction
    }
} Else {
    Write-Verbose "No profiles found matching `"$ProfileName`"."
    Return
}

# Add user SID to registry
If ( $AllUserConnection ) {
    $SID = 'S-1-1-0'
    Write-Verbose "Adding SYSTEM SID $SID to registry..."
} Else {
    Try {
        $SID = [System.Security.Principal.WindowsIdentity]::GetCurrent().User.Value
        Write-Verbose "Adding user SID $SID to registry..."
    } Catch {
        Write-Warning $_.Exception.Message
        Return
    }
}

$Parameters = @{
    Path           = 'HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Config\'
    Name           = 'UserSID'
    PropertyType   = 'String'
    Value          = $SID
    UseTransaction = $True
}
New-ItemProperty @Parameters -Force | Out-Null

# Add VPN profile name to registry
$Parameters = @{
    Path           = 'HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Config\'
    Name           = 'AutoTriggerProfileEntryName'
    PropertyType   = 'String'
    Value          = $ProfileName
    UseTransaction = $True
}
New-ItemProperty @Parameters | Out-Null

# Add VPN profile GUID to registry
Write-Verbose "Adding VPN GUID $GUID to registry..."
[guid]$GUID = $Vpn | Select-Object -ExpandProperty Guid
$Binary = $Guid.ToByteArray()

$Parameters = @{
    Path           = 'HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Config\'
    Name           = 'AutoTriggerProfileGUID'
    PropertyType   = 'Binary'
    Value          = $Binary
    UseTransaction = $True
}
New-ItemProperty @Parameters | Out-Null

# Add phonebook path to registry
If ( $AllUserConnection ) {
    $Path = Join-Path -Path $env:programdata -ChildPath Microsoft\Network\Connections\Pbk\rasphone.pbk
    Write-Verbose "RAS phonebook path is $Path."
} Else {
    $Path = Join-Path -Path $env:userprofile -ChildPath AppData\Roaming\Microsoft\Network\Connections\Pbk\rasphone.pbk
    Write-Verbose "RAS phonebook path is $Path."
}

$Parameters = @{
    Path           = 'HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Config\'
    Name           = 'AutoTriggerProfilePhonebookPath'
    PropertyType   = 'String'
    Value          = $Path
    UseTransaction = $True
}
New-ItemProperty @Parameters | Out-Null

# Commit registry changes
Complete-Transaction

# Disable the "Disconnect" button in VAN UI/Settings > ensuring that "Connect Automatically" cannot be unchecked
( get-content -Path "$env:appdata\Microsoft\Network\Connections\Pbk\rasphone.pbk") |
    ForEach-Object {$_ -Replace "Options=0", "Options=18"} |
    Set-Content -Path "$env:appdata\Microsoft\Network\Connections\Pbk\rasphone.pbk"

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...