JumpCloud Community

Hey @Rcap 
Do you mind sharing with me what/how you change the script according to your needs? 

.EXAMPLE
1. $org_id: Your Organization ID from the JumpCloud Admin Console 
   (https://console.jumpcloud.com/#/settings/organization#general)
2. $apikey: Your API Key from the JumpCloud Admin Console 
   (https://console.jumpcloud.com/#/settings/apikeys)
3. $policyID: The ID of the Policy you want to import the registry keys into
4. $policyName: The name of the Policy you want to import the registry keys into
5. $csvPath: The path to the CSV file containing the registry keys to import
6. $path_to_export: The path in the registry to be exported and imported into JumpCloud

Above here is what needs to match to your custom settings. 
The $policyID is unique, the paths etc. need to match as well. 

Hi @JuergenKlaassen ,

Thank you so much for taking the time to reply back to me!
Here are the values we are using. I got the policy ID by looking up the policy in powershell. 

# Put in your JumpCloud org ID & API Key (Writeable):
$org_id = "6*******************************"
$apikey = "2*******************************"

# Change the policy ID & name accordingly:
$policyID = "5f********************f"
$policyName = "Zoom Settings" # e.g. "Advanced: Imported Custom Registry Keys"

# Specify the path to the CSV file including the filename:
$csvPath = "C:\Users\rcap\Documents\ZoomGeneralSettings.csv"

# Full Registry Path to be exported (e.g. HKLM:\SOFTWARE\Policies\Microsoft\Edge)
# Copy it from the registry editor
$path_to_export = "HKLM:\SOFTWARE\Policies\Zoom"

Hey

Looks good to me in the first place. The only thing I observed once in a while - and that might need more debugging - is that: 
If the root of the hive (i.e. \Software]Policies\Zoom) has no actual entry, the export can fail. So the recursive parsing through entries doesn't seem to be the most robust yet. 

I tried to replicate your scenario and it's actually the case right now (so I consider this as a bug). Instead I started from \SOFTWARE\Policies\Zoom\Zoom Meetings\General (where are actual values present) and the script works as intended. 

Maybe you can retry again with the adjusted hive and let me know. 
Will try to find some time to debug and get it fixed. 

Thank you for the guidance. That inputing the full location of the registry hive allows the registry to export to CSV. The next hurdle I am getting stuck on is some error messages that appear to be working on getting the policies to JumpCloud:  

 Exporting the registry keys to the specified CSV file C:\Users\tmunley\Documents\ZoomGeneralSettings.csv

Constructing the request body containing existing and new registry keys...

Invoke-RestMethod : {"message":"Not Found"}

At C:\Users\rcap\Documents\3RCAP.ps1:244 char:13

+ $response = Invoke-RestMethod -Uri $url -Method GET -Headers $headers

+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod] 

   , WebException

    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodComm 

   and

Updating the policy with the new registry keys:

@{value=System.Object[]; configFieldID=; configFieldName=; sensitive=}

Invoke-RestMethod : {"message":"Error: Request validation failed: Parameter (body) failed schema validation: 

expected type boolean but found type null, expected type string but found type null"}

At C:\Users\rcap\Documents\3RCAP.ps1:300 char:12

+ $change  = Invoke-RestMethod -Uri $url -Method Put -Headers $headers  ...

+            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod] 

   , WebException

    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodComm 

   and

Completed.

Hey

the only obvious right now to me is this: 

Invoke-RestMethod : {"message":"Error: Request validation failed: Parameter (body) failed schema validation:

expected type boolean but found type null, expected type string but found type null"}

-> one or some of your registry entries may not be correct or you may have an empty one on the existing policy before updating it maybe? 
A bit hard to debug with out having the full set of existing and to-be-updated registry keys

Thanks for the guidance. I manually went through and got the keys entered into the JC Policy. I believe the "HKLM:\" in the CSV was preventing it from uploading to JC.

My next conundrum is how did you get the ADMX or ADM group policy to the remote machines?

Hey
Glad to see that you're making progress. 💪

How to get the ADMX over: I wrote about here previously. In my case, I did put them on a S3 bucket (due to their size, instead of carrying them in a Command).

It can look similar to this then: 

### Policy Templates from: https://www.microsoft.com/en-us/edge/business/download?form=MA13FJ ###
$URLadmx = "https://custom-pkg.s3.ap-southeast-1.amazonaws.com/msedge.admx"
$URLadml = "https://custom-pkg.s3.ap-southeast-1.amazonaws.com/msedge.adml" 

### Download the templates from a public S3-bucket ###
### Place them in the respective folders; reference: https://learn.microsoft.com/en-us/deployedge/configure-microsoft-edge#add-the-administrative-template-to-an-individual-computer ###
Invoke-WebRequest -Uri $URLadmx -OutFile "C:\Windows\PolicyDefinitions\msedge.admx" 
Invoke-WebRequest -Uri $URLadml -OutFile "C:\Windows\PolicyDefinitions\en-US\msedge.adml"

Does that help? Please let me know. 

Cheers
Juergen

Now we're cooking with fire! I was able to get the reg keys and group policy templates to the devices. Thank you so much, Juergen! 

Hey @Rcap , really happy to read that it's working now is intended. 💪
Are you looking at other policies to configure and rollout?