How to Modify Registry Keys and Entries with a Script Task

Article Id: 178818
Status: Published
Updated On: 28-07-2016 12:21
Legacy Id: HOWTO124661
Products:
Management Platform (Formerly known as Notification Server)
Issue/Introduction:

 

Resolution:

Script tasks can be used to run commands to add, remove, or modify registry keys and/or entries without interferring with other tasks and policies.

1. Create the Script Task to modify the registry

  • Go to Manage>Jobs and Tasks
  • Select an appropriate folder to create the task under
  • Right-click on the folder and go to New>Task
  • The Create New Task window will appear
  • Scroll down to the bottom of the available tasks and select Run Script
  • Name the task appropriately
  • Leave Script type: set to Command Script
  • In the empty box enter the command line to modify the registry key and/or registry entry with the appropriate reg add or reg delete command. 
  • Example 1. The following command will create or modify a Reg_SZ registry entry called “Execution Policy” with a value of "Remote Signed" under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell:
    • REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell /f /v ExecutionPolicy /t REG_SZ /d RemoteSigned
  • Example 2. This command will only modify the registry on 64-bit computers and would insert text including qoute characters (") into the value: 
    • if "%PROCESSOR_ARCHITECTURE%" == "AMD64" REG ADD "HKLM\SYSTEM\CurrentControlSet\Services\CA AIP SSH Server for Windows" /f /v ImagePath /t REG_EXPAND_SZ /d "\"C:\Program Files (x86)\CAS\SC\AutoShellClient\SSHD.exe\"
  • Click OK to close the Create New Task window and create the task

2. Run the Script Task

  • If the script task needs to access HKEY_CURRENT_USER click Advanced, then change the Run As credentials to Current logged-on user and click OK. Symantec Management Agent credentials will work for other registry hives.
  • Click on New Schedule, choose Now or specify a schedule time and repeat interval.
  • Specify target computers to run the task on.
  • To target a single computer click in the Quick add: box and search for the name of the computer, or use the Quick Run feature instead of New Schedule.
  • To target a list of computers click on Add>Computers or Devices then manually select the desired computers and click > and OK.
  • To target a computer filter (such as All Computers) click on Add>Target, click Add rule, choose exclude computers not in, and search the name of the filter in the final drop-down box, then click OK.