This repository has been archived by the owner on Nov 16, 2020. It is now read-only.
forked from gpoguy/ADMXToDSC
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathADMXToDSC.PS1
89 lines (77 loc) · 2.48 KB
/
ADMXToDSC.PS1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
#This script requires MS GroupPolicy module be installed to run
param
(
[Parameter(Mandatory=$true)]
[string]$gpoName,
[Parameter(Mandatory=$true)]
[string] $outputFolder
)
function ADMtoDSC
{
param
(
[String] $gpo,
[String] $path
)
$policies = Recurse_PolicyKeys -key "HKLM\Software\Policies" -gpo $gpo
$policies += Recurse_PolicyKeys -key "HKLM\Software\Microsoft\Windows NT\CurrentVersion" -gpo $gpo
#build the DSC configuration doc
GenConfigDoc -path $path -gpo $gpo -policies $policies
}
function Recurse_PolicyKeys
{
param
(
[string]$key,
[string]$gpoName
)
$current = Get-GPRegistryValue -Name $gpo -Key $key
foreach ($item in $current)
{
if ($item.ValueName -ne $null)
{
[array]$returnVal += $item
}
else
{
Recurse_PolicyKeys -Key $item.FullKeyPath -gpoName $gpo
}
}
return $returnVal
}
function GenConfigDoc
{
param
(
[string] $path,
[string] $gpo,
[array] $policies
)
#parse the spaces out of the GPO name, since we use it for the Configuration name
$gpo = $gpo -replace " ","_"
$outputFile = "$path\$gpo.ps1"
"Configuration `"$gpo`"" | out-file -FilePath $outputFile
'{' | out-file -FilePath $outputFile -Append
'Node localhost' | out-file -FilePath $outputFile -Append
' {' | out-file -FilePath $outputFile -Append
foreach ($regItem in $policies)
{
if ($regItem.FullKeyPath -eq $null) #throw away any blank entries
{
continue
}
#now build the resources
" Registry `"" + $regItem.ValueName + "`""| out-file -FilePath $outputFile -Append
' {' | out-file -FilePath $outputFile -Append
" Ensure = `"Present`"" | out-file -FilePath $outputFile -Append
" Key = `""+ $regItem.FullKeyPath + "`""| out-file -FilePath $outputFile -Append
" ValueName = `"" + $regItem.ValueName + "`"" | out-file -FilePath $outputFile -Append
" ValueType = `"" +$regItem.Type + "`"" | out-file -FilePath $outputFile -Append
" ValueData = `"" +$regItem.Value + "`""| out-file -FilePath $outputFile -Append
' }' | out-file -FilePath $outputFile -Append
}
' }' | out-file -FilePath $outputFile -Append
'}' | out-file -FilePath $outputFile -Append
$gpo | out-file -FilePath $outputFile -Append
}
ADMToDSC -gpo $gpoName -path $outputFolder