<#
# It is recommended to test the script on a local machine for its purpose and effects.
# Endpoint Central will not be responsible for any
# damage/loss to the data/setup based on the behavior of the script.
# Description: Script to check value data of Multiple Regsitry Keys & write the registry value data
# Remarks: The script has to be deployed as Computer / User Configuration
# Configuration Type - Computer / User
# Note:
If it is Computer Based Hive the configuration to be executed as Computer Based configuration
If it is User Based Hive the configuration to be executed as User Based configuration
# Limitation: Mixed path's won't be effective
#>
# Define the registry paths and values (Regsitry values needs to be hardcoded here)
$regKeys = @(
@{Path = "HKLM:\Software\Microsoft\Cryptography\Wintrust\Config"; Name = "EnableCertPaddingCheck"; Value = "1"},
@{Path = "HKLM:\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config"; Name = "EnableCertPaddingCheck"; Value = "1"}
)
# Loop through each registry key and check if the value exists
foreach ($regKey in $regKeys) {
$keyPath = $regKey.Path
$keyName = $regKey.Name
$keyValue = $regKey.Value
# Check if the registry key exists
if (-not (Test-Path $keyPath)) {
Write-Host "Registry path '$keyPath' does not exist. Creating it now..."
New-Item -Path $keyPath -Force
}
# Check if the registry value exists and matches the desired value
$currentValue = Get-ItemProperty -Path $keyPath -Name $keyName -ErrorAction SilentlyContinue
if ($null -eq $currentValue) {
Write-Host "Registry value '$keyName' not found in '$keyPath'. Adding it now..."
Set-ItemProperty -Path $keyPath -Name $keyName -Value $keyValue
} elseif ($currentValue.$keyName -ne $keyValue) {
Write-Host "Registry value '$keyName' in '$keyPath' does not match the desired value. Updating it..."
Set-ItemProperty -Path $keyPath -Name $keyName -Value $keyValue
} else {
Write-Host "Registry value '$keyName' already exists and is correct in '$keyPath'."
}
}
Write-Host "Registry check and update complete."