Update Script.ps1

master
Chris Nutter 2023-09-04 09:59:30 -07:00
parent 41abbc73a4
commit 3953e627b9
1 changed files with 1 additions and 25 deletions

View File

@ -9,31 +9,7 @@ Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'
Enable-NetFirewallRule -DisplayGroup "Remote Desktop" Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
# Enable c$ # Enable c$
$rootShare = Get-WmiObject -Class Win32_Share | Where-Object { $_.Name -eq "C$" } reg add HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /f /v AutoShareWks /t REG_DWORD /d 0
$rootAcl = $rootShare.GetAccessControl().Access
# Specify the username to grant access
$username = "cdnutter"
# Check if the user already has access
$userHasAccess = $rootAcl | Where-Object { $_.Trustee.Name -eq $username }
if ($userHasAccess) {
Write-Output "The user $username already has access to the root C$ share."
} else {
# Get the SecurityIdentifier (SID) for the username
$sid = (New-Object System.Security.Principal.NTAccount($username)).Translate([System.Security.Principal.SecurityIdentifier]).Value
# Grant the user access to the root C$ share
$accessRule = New-Object System.Management.ManagementObject("Win32_ACE")
$accessRule.Properties["AccessMask"].Value = 2032127 # Full Control
$accessRule.Properties["AceType"].Value = 0x0 # Access Allowed
$accessRule.Properties["Trustee"].Value = $sid
$rootAcl += $accessRule
$rootShare.SetShareInfo($null, $null, $rootAcl)
Write-Output "Access to the root C$ share has been granted for user $username."
}
# Disable UAC prompt # Disable UAC prompt
Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\policies\system' -Name "ConsentPromptBehaviorAdmin" -Value 0 Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\policies\system' -Name "ConsentPromptBehaviorAdmin" -Value 0