Forum Discussion

Rambo363636's avatar
Rambo363636
Brass Contributor
Jun 26, 2024

Below Powershell script is not working without running as administrator.

Hi All,
I want to change the default font to Verdana on excel to all users on the intune endpoints.
But script is not working for some users. When checked directly on powershell i get the below errors

 

If i run as administrator it will work and the default font changes to verdana straight away.

Please help correcting the below script to run as administrator so that i can deploy to all intune devices.

 

if((Test-Path -LiteralPath "HKCU:\Software\Policies\Microsoft\office\16.0\excel\options") -ne $true) { New-Item "HKCU:\Software\Policies\Microsoft\office\16.0\excel\options" -force -ea SilentlyContinue };
if((Test-Path -LiteralPath "HKCU:\Software\Policies\Microsoft\office\16.0\excel\options\binaryoptions") -ne $true) { New-Item "HKCU:\Software\Policies\Microsoft\office\16.0\excel\options\binaryoptions" -force -ea SilentlyContinue };
New-ItemProperty -LiteralPath 'HKCU:\Software\Policies\Microsoft\office\16.0\excel\options' -Name 'extractdatadisableui' -Value 1 -PropertyType DWord -Force -ea SilentlyContinue;
New-ItemProperty -LiteralPath 'HKCU:\Software\Policies\Microsoft\office\16.0\excel\options' -Name 'font' -Value 'Verdana, 11' -PropertyType String -Force -ea SilentlyContinue;
New-ItemProperty -LiteralPath 'HKCU:\Software\Policies\Microsoft\office\16.0\excel\options' -Name 'disableautorepublish' -Value 1 -PropertyType DWord -Force -ea SilentlyContinue;
New-ItemProperty -LiteralPath 'HKCU:\Software\Policies\Microsoft\office\16.0\excel\options' -Name 'disableautorepublishwarning' -Value 0 -PropertyType DWord -Force -ea SilentlyContinue;
New-ItemProperty -LiteralPath 'HKCU:\Software\Policies\Microsoft\office\16.0\excel\options\binaryoptions' -Name 'fupdateext_78_1' -Value 0 -PropertyType DWord -Force -ea SilentlyContinue;

  • Thihan_Lin's avatar
    Thihan_Lin
    Jun 27, 2024

    Hi Rambo363636 

     

    I understand that pain. I assume that is an issue with the 32 and 64-bit versions.

    Could you please put the script code below at the beginning of your script and try to push it again?

     

    If ($ENV:PROCESSOR_ARCHITEW6432 -eq "AMD64") {

        Try {

            &"$ENV:WINDIR\SysNative\WindowsPowershell\v1.0\PowerShell.exe" -File $PSCOMMANDPATH

        }

        Catch {

            Throw "Failed to start $PSCOMMANDPATH"

        }

        Exit

    }

     

    Please mark it as resolved if this is the solution for you.

    Thank you.

    Thihan

  • LainRobertson's avatar
    LainRobertson
    Silver Contributor

    Rambo363636 

     

    Hi, Ram.

     

    In your screenshot, those commands are never going to work.

     

    It seems as though you've copied-and-pasted the actual command as well as the prompt sitting in front of the command, and then tried to execute the combined value.

     

    "PS" is an alias for Get-Process, hence the "weird" errors originating from PS.

     

    As a final comment, the commands from your screenshot are nowhere to be found in your script, meaning the screenshot is of no use to us in its current form. We also cannot see the initial value of the variable "registryPath", meaning we can't even comment on the screenshot as a standalone exercise. It might simply be a case that the only error is with the commands you're trying to run.

     

    Commenting purely on the script, there's nothing in it that would require administrative access.

     

    I'm not an InTune expert, however, make sure this script runs in a user context and not a machine context, as it's not written with the latter in mind.

     

    Cheers,

    Lain

    • Rambo363636's avatar
      Rambo363636
      Brass Contributor
      Hi Lain,
      I agreed screenshot is wrong. But if i open powershell as administrator and run the script it will work and it will change the excel font to verdana. I have tried both user and machine context deploying in intune. It is working only for some devices and users.
      Please let me know if i need to add anything into the above script.
      Thanks.
      • LainRobertson's avatar
        LainRobertson
        Silver Contributor

        Rambo363636 

         

        Technically, there's nothing wrong with the script meaning there's nothing PowerShell has to offer you. The issue you're facing is a permissions issue when accessing that particular area of the registry as it's locked down for use by the group policy engine - which makes sense. You have to resolve this requirement through InTune, not PowerShell.

         

        The script will work just fine once the deployment rights issue is sorted out.

         

        Have you tried asking this question in an InTune forum?

         

        Cheers,

        Lain

  • Thihan_Lin's avatar
    Thihan_Lin
    Copper Contributor
    Hi Rambo363636,

    My understanding of your post is you are trying to run the script via Intune, and it doesn't apply the changes you make in the registry.
    Are you trying to push the script via win32app?

    I assume you are running a script in a 64-bit OS with a 32-bit Win app. As a result, your registry path is not correct and throws errors.

    If this is the correct scenario, maybe I could help you to resolve this.

    Thanks,
    Thihan





    • Rambo363636's avatar
      Rambo363636
      Brass Contributor
      Hi Thihan,
      I am trying to push the script through Platform scripts in Scripts and remediations in Devices on intune. Tried both user and system. Selected to run script in 64 bit Powershell host. For some users it is working and for some users not working. very strange.
      Regards,
      Ram
      • Thihan_Lin's avatar
        Thihan_Lin
        Copper Contributor

        Hi Rambo363636 

         

        I understand that pain. I assume that is an issue with the 32 and 64-bit versions.

        Could you please put the script code below at the beginning of your script and try to push it again?

         

        If ($ENV:PROCESSOR_ARCHITEW6432 -eq "AMD64") {

            Try {

                &"$ENV:WINDIR\SysNative\WindowsPowershell\v1.0\PowerShell.exe" -File $PSCOMMANDPATH

            }

            Catch {

                Throw "Failed to start $PSCOMMANDPATH"

            }

            Exit

        }

         

        Please mark it as resolved if this is the solution for you.

        Thank you.

        Thihan

Resources