cancel
Showing results for 
Search instead for 
Did you mean: 
Disclaimer
JUMPCLOUD EXPRESSLY DISCLAIMS ALL REPRESENTATIONS, WARRANTIES, CONDITIONS, AND LIABILITIES OF ANY KIND ARISING FROM OR RELATED TO THIRD-PARTY SOFTWARE, SCRIPTS, REPOSITORIES, AND APIS. JUMPCLOUD IS NOT REQUIRED TO SUPPORT ANY SUCH THIRD-PARTY MATERIALS AND ALL RISKS RELATED TO THIRD-PARTY MATERIALS ARE YOUR RESPONSIBILITY. PLEASE ALSO REVIEW THE JUMPCLOUD TOS.

[PowerShell] How to bulk import Custom Policies from Registry Files based on GPO's (update considering previous articles)

JuergenKlaassen
Rising Star III
Rising Star III

Hi Community Peeps 

Did you know that the PowerShell Module for JumpCloud has a neat capability to create a Policy for Windows from a Registry File? (Kudos to @jworkman)

What does this actually mean? 

Before the release 2.7 it was rather cumbersome to bulk import policies and I've written about this in multiple articles before (here, here and here), but now you can basically do this in a one-liner and I'm giving you a little script here to do this in bulk - meaning: this script will create a new Custom Policy for each existing .reg-File in a given folder. 

Example:

To demonstrate how it works, I'm using two custom policies, one for Chrome and one for Zoom.

  1. You will need a reference machine which has the respective Administrative Templates added to the Group Policy Editor
    SCR-20240725-nejf.png

     

  2. Now you can make you settings according to your custom needs here:
    SCR-20240725-neyd.png

  3. Once applied, the setting will be reflected in the local registry:
    SCR-20240725-nfhh.png

  4. Now you can export your custom .REG-files to be able to import them into JumpCloud
    SCR-20240725-nfmg.png

  5. Next we will employ this script to create the new policies: 

    # Define the folder containing the registry files
    $folderPath = "/Users/user/Downloads/registries"
    
    # Get all .reg files in the folder
    $registryFiles = Get-ChildItem -Path $folderPath -Filter *.reg
    
    # Loop through each registry file and create a new policy
    foreach ($file in $registryFiles) {
        # Extract the file name without extension to use as the policy name
        $policyName = [System.IO.Path]::GetFileNameWithoutExtension($file.Name)
    
        # Define the full path to the registry file
        $registryFilePath = $file.FullName
    
        # Create a new policy using the registry file
        New-jcpolicy -templateName "windows_Advanced:_Custom_Registry_Keys" -RegistryFile $registryFilePath -Name "Windows - $policyName"
    
        # Output the result for confirmation
        Write-Output "Created policy: $policyName Windows Policies using $registryFilePath"
    }

    - It will name the Policies based on the Filename (without the extension) and the prefix "Windows - " -> you can customize this to your own needs.
    Also make sure that the FolderPath is set correctly and you have established the connection to your JumpCloud Tenant via `Connect-JCOnline`

  6. Once executed, you will find the new policies in your tenant:

SCR-20240725-nnqs.png

That's basically it, you can customize the policies here if needed or you can further explore the PowerShell Command `Set-JCPolicy` to add new registry keys to an existing policies. 

Thanks for reading and sharing as usual

-Juergen

   

P.S.: if you really only need one policy, here's the one-liner 😉

New-jcpolicy -templateName windows_Advanced:_Custom_Registry_Keys -RegistryFile "~/Downloads/policy_templates/windows/examples/chrome.reg" -Name "Chrome Windows Policies"

 

0 REPLIES 0