Difference between revisions of "Registry Windows"
Jump to navigation
Jump to search
(Created page with "``` $regFile = @" Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "MaxUserPort"=dword:00005000 "TcpTimedWaitDela...") |
|||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | # Export & Import via Registry even Non-Exportable | ||
| + | |||
| + | Get existing | ||
| + | ``` | ||
| + | Get-ChildItem -Path Cert:LocalMachine\MY | select subject | ||
| + | ``` | ||
| + | |||
| + | Migrate All certs to destination host | ||
| + | ``` | ||
| + | $DST_HOST = "example.com" | ||
| + | $Session = New-PSSession -ComputerName $DST_HOST | ||
| + | foreach ( $TP in (Get-ChildItem -Path Cert:LocalMachine\MY).Thumbprint ) { | ||
| + | reg export "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\MY\Certificates\$TP" $env:TEMP\cert.$TP.reg | ||
| + | $Session = New-PSSession -ComputerName $DST_HOST | ||
| + | $DST_TMP_DIR = (invoke-command $DST_HOST -ScriptBlock { write-output $env:TEMP }) | ||
| + | Copy-Item -Path "$env:TEMP\cert.$TP.reg" -ToSession $Session -Destination "$DST_TMP_DIR\" *>&1 | out-null | ||
| + | invoke-command $DST_HOST -ScriptBlock { reg.exe import "$env:TEMP\cert.$Using:TP.reg" } *>&1 | out-null | ||
| + | } | ||
| + | ``` | ||
| + | |||
| + | Migrate Specific Cert based on CN - Use -Like with * for regex | ||
| + | ``` | ||
| + | $DST_HOST = "foo.example.com" | ||
| + | $CN="CN=foo, OU=bar" | ||
| + | $TP=(Get-ChildItem -Path Cert:LocalMachine\MY | where Subject -eq "$CN").Thumbprint | ||
| + | reg export "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\MY\Certificates\$TP" $env:TEMP\cert.$TP.reg | ||
| + | |||
| + | $Session = New-PSSession -ComputerName $DST_HOST | ||
| + | Copy-Item -Path $env:TEMP\cert.$TP.reg -ToSession $Session -Destination "$env:TEMP\" | ||
| + | invoke-command $DST_HOST -ScriptBlock { reg.exe import "$env:TEMP\cert.$Using:TP.reg" } | ||
| + | ``` | ||
| + | |||
| + | |||
| + | # Other | ||
| + | |||
``` | ``` | ||
$regFile = @" | $regFile = @" | ||
Latest revision as of 22:23, 2 November 2023
Export & Import via Registry even Non-Exportable
Get existing
Get-ChildItem -Path Cert:LocalMachine\MY | select subject
Migrate All certs to destination host
$DST_HOST = "example.com"
$Session = New-PSSession -ComputerName $DST_HOST
foreach ( $TP in (Get-ChildItem -Path Cert:LocalMachine\MY).Thumbprint ) {
reg export "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\MY\Certificates\$TP" $env:TEMP\cert.$TP.reg
$Session = New-PSSession -ComputerName $DST_HOST
$DST_TMP_DIR = (invoke-command $DST_HOST -ScriptBlock { write-output $env:TEMP })
Copy-Item -Path "$env:TEMP\cert.$TP.reg" -ToSession $Session -Destination "$DST_TMP_DIR\" *>&1 | out-null
invoke-command $DST_HOST -ScriptBlock { reg.exe import "$env:TEMP\cert.$Using:TP.reg" } *>&1 | out-null
}
Migrate Specific Cert based on CN - Use -Like with * for regex
$DST_HOST = "foo.example.com"
$CN="CN=foo, OU=bar"
$TP=(Get-ChildItem -Path Cert:LocalMachine\MY | where Subject -eq "$CN").Thumbprint
reg export "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\MY\Certificates\$TP" $env:TEMP\cert.$TP.reg
$Session = New-PSSession -ComputerName $DST_HOST
Copy-Item -Path $env:TEMP\cert.$TP.reg -ToSession $Session -Destination "$env:TEMP\"
invoke-command $DST_HOST -ScriptBlock { reg.exe import "$env:TEMP\cert.$Using:TP.reg" }
Other
$regFile = @"
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"MaxUserPort"=dword:00005000
"TcpTimedWaitDelay"=dword:0000001e
"@
Invoke-Command -ComputerName computerName -ScriptBlock {param($regFile) $regFile | out-file $env:temp\a.reg;
reg.exe import $env:temp\a.reg } -ArgumentList $regFile