Programmatically create machine startup script in local Group Policy: script executes but is not visible in Group Policy Editor

It turns out that local Group Policy Editor gets the list and order of scripts not only from the Registry but also from C:\Windows\System32\GroupPolicy\Machine\Scripts\psScripts.ini. This is almost usual .ini file with some weird features: it should be in UTF-16LE BOM format and can be with both CR+LF and LF line endings (which is rather strange for Windows).

Below you'll find a piece of code to write correct psScripts.ini for adding machine startup script to local Group Policy.

Code requires PsIni module which can be installed by Install-Module -Name PsIni

#Requires -Module psIni

$scriptsConfig = @{
    StartExecutePSFirst = 'true'
    EndExecutePSFirst =   'true'
}
$startup = @{
    '0CmdLine' =    'AllUsersStartup.ps1'
    '0Parameters' = ''
}
$newIniContent = [ordered] @{ 
    ScriptsConfig = $scriptsConfig
    Startup =       $startup 
}
$newIniContent | Out-IniFile -filePath C:\Windows\System32\GroupPolicy\Machine\Scripts\psScripts.ini -encoding Unicode -force

Programmatically create machine startup script in local Group Policy: script executes but is not visible in Group Policy Editor

Tags:

Windows

Powershell

Windows 10

Group Policy

Powershell 5.0

Related

Recent Posts