Not sure what is wrong that this script does not change the registry to 0

Iron Contributor

Wrote a PowerShell script and I am running it under User Context in Intune (Scripts). I thought I will run it under the admin context.

 

I want to delete the LsaCfgFlagsDefault to LsaCfgFlags=0 as Microsoft has set it as LSACfgFlagsDefault which is causing users to not start their VPNs. So, I am trying to change it. It is not changing the value from 2 to 0 and also I do not see it deleting the LsaCfgFlagsDefault reg key.

 

 Define the registry path and value names
$registryPath = "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa"
$oldValueName = "LsaCfgFlagsDefault"
$newValueName = "LsaCfgFlags"
$newValue = 0

# Check if the old registry key exists and delete it
if (Test-Path -Path $registryPath) {
    if (Test-Path -Path "$registryPath\$oldValueName") {
        Remove-ItemProperty -Path $registryPath -Name $oldValueName
        Write-Host "Deleted the old registry key: $oldValueName"
    }
    else {
        Write-Host "Old registry key $oldValueName does not exist."
    }

    # Check if the new registry key exists, and if not, create it and set the value to 0
    if (-not (Test-Path -Path "$registryPath\$newValueName")) {
        New-ItemProperty -Path $registryPath -Name $newValueName -Value $newValue -PropertyType DWORD
        Write-Host "Created and set the new registry key: $newValueName with a value of $newValue."
    } else {
        Write-Host "The $newValueName value already exists."
    }
}
else {
    Write-Host "Registry path not found: $registryPath"
}

 

1 Reply
This is a machine registry key. Why not run under System context?