I have seen many examples on the net about getting remote registry but I want to check the folder redirection for logged in users not the user I run the script as.
Is this even possible using PowerShell? Before I joined this company their IT was outsourced and the whole AD/GPO everything is a big big mess. Some users are redirecting and some are not so I want to check who has the redirection enabled without having to go to each computer physically.
$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('CurrentUser','10.0.0.113')
$regkey = $reg.OpenSubKey("Software\\Microsoft\\Windows\CurrentVersion\\Explorer\\User Shell Folders")
$regkey.GetValue("Personal")
I tried this but again only shows me information about the admin user account that the script runs as.
It's possible, but would require finding out who is currently logged in, then loading their ntuser.dat file into the registry.
$computer = '...'
$qry = 'SELECT * FROM Win32_Process WHERE Name="explorer.exe"'
$key = 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
$username = (Get-WmiObject -Computer $computer -Query $qry).GetOwner().User
Invoke-Command -Computer $computer -ScriptBlock {
& reg load "HKU\foo C:\Users\$using:username\ntuser.dat" | Out-Null
(Get-ItemProperty "HKU:\foo\$using:key").Personal
& reg unload 'HKU\foo' | Out-Null
}
A simpler approach might be using a logon script to write the information to a file (either on the user's computer or a central share), so you can collect the information from there:
$key = 'Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders'
$output = "\\server\share\$env:USERNAME.txt"
Get-ItemProperty "HKCU:\$key" | Select-Object -Expand Personal |
Set-Content $output