You can also just create the key on a test machine and import it from there via GPO.
Computer Configuration\Preferences\Registry and User Configuration\preferences\Windows Settings\Registry From: David Lum [mailto:[email protected]] Sent: Friday, November 11, 2011 3:54 PM To: NT System Admin Issues Subject: RE: Creating an .ADM file Ok this is waaaay too cool. Like restricted groups, this is another trick I picked up that I will find amazingly useful, I *KNEW* there had to be a better way to manage the registry than .REG files via login script. As Homer Simpson would sing "I am so smart, SMRT". Lol Dave From: David Lum [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Friday, November 11, 2011 11:56 AM To: NT System Admin Issues Subject: RE: Creating an .ADM file You sir, are money! Thanks so much. Once again I look brilliant! I typically use Notepad on this but apparently the source I used threw it off just enough. From: Carl Houseman [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Friday, November 11, 2011 8:30 AM To: NT System Admin Issues Subject: RE: Creating an .ADM file Careful if cutting and pasting from the web, your double quotes may not be "real" double quotes. This is one of mine. Notice the difference between the double quotes from mine compared to what you included in your mail message. CLASS MACHINE CATEGORY "System" CATEGORY "DLL Search Behavior" EXPLAIN "LoadLibrary and LoadLibraryEx search path behavior." POLICY "Global Search Path Behavior" KEYNAME "SYSTEM\CurrentControlSet\Control\Session Manager" EXPLAIN "Global LoadLibrary and LoadLibraryEx search path behavior." SUPPORTED "MSKB2264107 must be installed." PART "Search Policy" DROPDOWNLIST VALUENAME CWDIllegalInDllSearch ITEMLIST NAME "Legacy Behavior" VALUE NUMERIC 0 DEFAULT NAME "Block WebDAV CWDs" VALUE NUMERIC 1 NAME "Block WebDAV and UNC CWDs" VALUE NUMERIC 2 NAME "No CWDs allowed" VALUE NUMERIC 4294967295 END ITEMLIST END PART END POLICY END CATEGORY END CATEGORY Carl From: David Lum [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Friday, November 11, 2011 9:59 AM To: NT System Admin Issues Subject: Creating an .ADM file Found an awesome article on rolling your own .ADM file http://www.frickelsoft.net/blog/downloads/howto_admTemplates.pdf However, I cannot figure out how to properly quote the "KEYNAME" field, and all the examples I find don't have a space in it KEYNAME "SOFTWARE\JavaSoft\Java Update\Policy" When I try and import this I get an "unexpected keyword' Found: Update\policy Expected; KEYNAME, CATEGORY, POLICY, END, EXPLAIN David Lum Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
