Forum Discussion

oryxway's avatar
oryxway
Iron Contributor
Jan 19, 2025

Import Registry in Intune

I tried creating a powershell script to import a registry. I have the registry and the powershell script and created an Intunewin file and tried to use the apps method to push it as an app to the users computers and try to import, am not sure whether I am doing it right. Here is the script and the detection script

 

# Define the path for the registry file
$RegistryFileName = "SystemCertificates.reg"

# Get the user's TEMP folder
$TempFolder = [System.IO.Path]::GetTempPath()

# Define the full path to copy the .reg file
$RegistryFilePath = Join-Path -Path $TempFolder -ChildPath $RegistryFileName

# Ensure the registry file is copied to the TEMP folder
# Replace 'path\to\RegistryKey.reg' with the actual file location
if (!(Test-Path -Path $RegistryFilePath)) {
    Copy-Item -Path "path\to\$RegistryFileName" -Destination $RegistryFilePath -Force
}

# Import the registry file
try {
    reg.exe import $RegistryFilePath
    Write-Output "Registry file imported successfully."
} catch {
    Write-Output "Failed to import registry file: $_"
}

# Optional: Cleanup - Remove the registry file after importing (if needed)
Remove-Item -Path $RegistryFilePath -Force -ErrorAction SilentlyContinue

 

Detection script

# Custom Defined script for registry Import
# Define a marker registry path and value to check
$MarkerPath = "HKLM:\SOFTWARE\Microsoft\SystemCertificates"
$MarkerValueName = "ReplacementCompleted"  # A custom value to indicate the replacement
$ExpectedMarkerValue = "True"              # The value data to confirm successful replacement

Check if the marker value exists and is correct
if (Test-Path -Path $MarkerPath) {
    $MarkerValue = Get-ItemProperty -Path $MarkerPath -ErrorAction SilentlyContinue
    if ($MarkerValue.$MarkerValueName -eq $ExpectedMarkerValue) {
        # Replacement has already been completed
        exit 0
    } else {
        # Marker does not exist or is incorrect
        exit 1
    }
} else {
    # Registry path does not exist (replacement not completed)
    exit 1
}

 

It is a GOOD registry that I exported to import it on users computers.

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates

Intune
Software Management

1 Reply

  • kyazaferr's avatar
    kyazaferr
    MCT
    Jan 20, 2025

    # Define the path for the registry file
    $RegistryFileName = "SystemCertificates.reg"

    # Get the user's TEMP folder
    $TempFolder = [System.IO.Path]::GetTempPath()

    # Define the full path to copy the .reg file
    $RegistryFilePath = Join-Path -Path $TempFolder -ChildPath $RegistryFileName

    # Ensure the registry file is copied to the TEMP folder
    if (!(Test-Path -Path $RegistryFilePath)) {
        try {
            Copy-Item -Path "path\to\$RegistryFileName" -Destination $RegistryFilePath -Force
            Write-Output "Registry file copied successfully."
        } catch {
            Write-Output "Failed to copy registry file: $_"
            exit 1
        }
    }

    # Import the registry file
    try {
        reg.exe import $RegistryFilePath
        Write-Output "Registry file imported successfully."
    } catch {
        Write-Output "Failed to import registry file: $_"
        exit 1
    }

    # Optional: Cleanup - Remove the registry file after importing (if needed)
    try {
        Remove-Item -Path $RegistryFilePath -Force -ErrorAction SilentlyContinue
        Write-Output "Temporary registry file removed."
    } catch {
        Write-Output "Failed to remove registry file: $_"
    }