Disclaimer
JUMPCLOUD EXPRESSLY DISCLAIMS ALL REPRESENTATIONS, WARRANTIES, CONDITIONS, AND LIABILITIES OF ANY KIND ARISING FROM OR RELATED TO THIRD-PARTY SOFTWARE, SCRIPTS, REPOSITORIES, AND APIS. JUMPCLOUD IS NOT REQUIRED TO SUPPORT ANY SUCH THIRD-PARTY MATERIALS AND ALL RISKS RELATED TO THIRD-PARTY MATERIALS ARE YOUR RESPONSIBILITY. PLEASE ALSO REVIEW THE JUMPCLOUD TOS.
Deleting a Registry Key from the Logged in User Account using JC Commands
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
โ05-06-2024 01:33 PM
Hey Everyone,
Here is a Powershell script to remove a registry key from the logged in User Accounts using JC Commands.
JC Commands run as "nt authority\system", hence we need a logic defined to find the logged in user and to find the SID for the username and finally run the registry delete command.
# Get the username of the active session $activeSession = (Get-WmiObject -Class Win32_ComputerSystem | Select-Object -ExpandProperty UserName) $activeUserName = $activeSession.Split('\')[-1] # Extract the username from the session string # Display the username Write-Host "Active user: $activeUserName" # Get the SID of the active user $userSID = (Get-WmiObject Win32_UserAccount -Filter "Name='$activeUserName'").SID Write-Host "User SID: $userSID" # Delete the registry key associated with the active user reg delete "HKEY_USERS\$userSID\Software\Google\Endpoint Verification\Safe Storage" /f
Hope this helps some of the Admins out there!
Labels:
- Labels:
-
PowerShell
0 REPLIES 0
![](/skins/images/1519CD93B86343CA58368DF3BFFB373D/responsive_peak/images/icon_anonymous_message.png)
![](/skins/images/1519CD93B86343CA58368DF3BFFB373D/responsive_peak/images/icon_anonymous_message.png)