使用 VBScript 或其他从文本文件填充 GPO
Populate GPO from Text File using VBScript or other
好的,所以我们需要创建一个允许我们的用户仅使用特定程序的 GPO。
GPO 位置:
- 用户配置
- 政策
- 管理模板 [...]
- 系统
- 运行 仅指定 Windows 个应用程序
然后将 GPO 设置为 已启用 并单击允许的应用程序列表 --> 显示...
我创建了一个 excel 电子表格,其中包含所有程序的名称及其关联的可执行文件以及其他相关信息,以便我们可以轻松地组织、添加、删除等我们需要的可执行文件允许我们的用户访问。
此电子表格随后将所有可执行文件转储到一个文本文件中。
下面是文本文件的示例:
Acrobat.exe
chrome.exe
calc.exe
.
.
.
有很多条目,这些条目可能会有所更改。我想要做的是创建一个脚本,该脚本将获取该文本文件并自动填充 GPO。我不在乎我们是否必须打开 window 然后 运行 它,它不需要从任务调度程序 运行 (尽管如果有人有那个代码那会很棒准备好)。我们只需要它来将数量可笑的可执行文件名填充到字段中。
这是我发现的代码 (VBScript),当 运行 时,应该会自动填充字段,但是我无法在组策略管理编辑器中将其添加到 运行(它 运行s 在 windows 资源管理器中 window 而不是搜索一些文件)
' Open the text file, located in the same path as the script
Set objFSO = CreateObject("Scripting.FileSystemObject")
strPath = Mid(Wscript.ScriptFullName, 1, InStrRev(Wscript.ScriptFullName, wscript.ScriptName) -1)
Set objFile = objFSO.OpenTextFile(strPath & "appList.txt")
' Activate the "Show Contents" window with the "List of allowed applications".
' Note the window must be opened already and we should have selected where in
' the list we want to enter the data before running the script
set WshShell = WScript.CreateObject("WScript.Shell")
WScript.Sleep 1000
WshShell.AppActivate "Show Contents"
' Read the file line by line
Do While objFile.AtEndOfStream <> True
' Each line contains one EXE name
exeName = objFile.ReadLine
' Escape forbidden chars { } [ ] ( ) + ^ % ~
exeName = Replace(exeName, "[", "{[}")
exeName = Replace(exeName, "]", "{]}")
exeName = Replace(exeName, "(", "{(}")
exeName = Replace(exeName, ")", "{)}")
exeName = Replace(exeName, "+", "{+}")
exeName = Replace(exeName, "^", "{^}")
exeName = Replace(exeName, "%", "{%}")
exeName = Replace(exeName, "~", "{~}")
' Send the EXE name to the window
WScript.Sleep 100
WshShell.SendKeys exeName
' Move to the next one
WshShell.SendKeys "{TAB}"
Loop
objFile.Close
"C:\Windows\System32\GroupPolicy\User\Registry.pol"
是存储我的政策的地方。这是一个半文本文件。尝试写入该文件。
好的,所以我尝试了很多不同的方法。如果有人正在寻找这样做的答案,这就是我想出来的方式以及我决定继续进行的方式。我将 post 下面的所有相关代码。
在Excel中,我的table格式如下:
(显然有更多条目)
这是我用来将此文件中的数据转换为注册表项的正确格式的 VBA 代码:
VBA - 在 Excel
Public Sub ExportToTextFile(FName As String, _
Sep As String, SelectionOnly As Boolean, _
AppendData As Boolean)
Dim WholeLine As String
Dim FNum As Integer
Dim RowNdx As Long
Dim ColNdx As Integer
Dim StartRow As Long
Dim EndRow As Long
Dim StartCol As Integer
Dim EndCol As Integer
Dim CellValue As String
Application.ScreenUpdating = False
On Error GoTo EndMacro:
FNum = FreeFile
StartRow = 2
If SelectionOnly = True Then
With Selection
StartCol = .Cells(2).Column
EndRow = .Cells(.Cells.Count).Row
EndCol = .Cells(2).Column
End With
Else
With ActiveSheet.UsedRange
StartCol = .Cells(2).Column
EndRow = .Cells(.Cells.Count).Row
EndCol = .Cells(2).Column
End With
End If
If AppendData = True Then
Open FName For Append Access Write As #FNum
Else
Open FName For Output Access Write As #FNum
End If
For RowNdx = StartRow To EndRow
WholeLine = ""
For ColNdx = StartCol To EndCol
If Cells(RowNdx, ColNdx).Value = "" Then
CellValue = ""
Else
CellValue = Cells(RowNdx, ColNdx).Value
End If
WholeLine = WholeLine & Chr(34) & CellValue & ".exe" & Chr(34) & "=" & Chr(34) & CellValue & ".exe" & Chr(34) & Sep
Next ColNdx
WholeLine = Left(WholeLine, Len(WholeLine) - Len(Sep))
Print #FNum, WholeLine; ""
Next RowNdx
EndMacro:
On Error GoTo 0
Application.ScreenUpdating = True
Close #FNum
End Sub
Sub PipeExport()
Dim FileName As Variant
Dim Sep As String
FileName = Application.GetSaveAsFilename(InitialFileName:="appList", filefilter:="Text (*.txt),*.txt")
If FileName = False Then
''''''''''''''''''''''''''
' user cancelled, get out
''''''''''''''''''''''''''
Exit Sub
End If
Sep = "|"
If Sep = vbNullString Then
''''''''''''''''''''''''''
' user cancelled, get out
''''''''''''''''''''''''''
Exit Sub
End If
Debug.Print "FileName: " & FileName, "Extension: " & Sep
ExportToTextFile FName:=CStr(FileName), Sep:=CStr(Sep), _
SelectionOnly:=False, AppendData:=False
End Sub
Private Sub Workbook_BeforeSave(ByVal SaveAsUI As Boolean, Cancel As Boolean)
PipeExport
End Sub
创建的文件为appList.txt,其格式与注册表项的格式相同:
"Acrobat.exe"="Acrobat.exe"
"AcroRd32.exe"="AcroRd32.exe"
现在在您的 GPO 中,将唯一的程序名称添加到允许的应用程序列表中(比如 test1234.exe),然后在您的注册表编辑器中,转到编辑 > 查找 test1234.exe。
在“文件”>“导出”下导出该注册表项。删除 test1234.exe 行并粘贴到您的文本文件中。然后重新导入该文件,大功告成!
好的,所以我们需要创建一个允许我们的用户仅使用特定程序的 GPO。
GPO 位置:
- 用户配置
- 政策
- 管理模板 [...]
- 系统
- 运行 仅指定 Windows 个应用程序
- 系统
- 管理模板 [...]
- 政策
然后将 GPO 设置为 已启用 并单击允许的应用程序列表 --> 显示...
我创建了一个 excel 电子表格,其中包含所有程序的名称及其关联的可执行文件以及其他相关信息,以便我们可以轻松地组织、添加、删除等我们需要的可执行文件允许我们的用户访问。
此电子表格随后将所有可执行文件转储到一个文本文件中。
下面是文本文件的示例:
Acrobat.exe
chrome.exe
calc.exe
.
.
.
有很多条目,这些条目可能会有所更改。我想要做的是创建一个脚本,该脚本将获取该文本文件并自动填充 GPO。我不在乎我们是否必须打开 window 然后 运行 它,它不需要从任务调度程序 运行 (尽管如果有人有那个代码那会很棒准备好)。我们只需要它来将数量可笑的可执行文件名填充到字段中。
这是我发现的代码 (VBScript),当 运行 时,应该会自动填充字段,但是我无法在组策略管理编辑器中将其添加到 运行(它 运行s 在 windows 资源管理器中 window 而不是搜索一些文件)
' Open the text file, located in the same path as the script
Set objFSO = CreateObject("Scripting.FileSystemObject")
strPath = Mid(Wscript.ScriptFullName, 1, InStrRev(Wscript.ScriptFullName, wscript.ScriptName) -1)
Set objFile = objFSO.OpenTextFile(strPath & "appList.txt")
' Activate the "Show Contents" window with the "List of allowed applications".
' Note the window must be opened already and we should have selected where in
' the list we want to enter the data before running the script
set WshShell = WScript.CreateObject("WScript.Shell")
WScript.Sleep 1000
WshShell.AppActivate "Show Contents"
' Read the file line by line
Do While objFile.AtEndOfStream <> True
' Each line contains one EXE name
exeName = objFile.ReadLine
' Escape forbidden chars { } [ ] ( ) + ^ % ~
exeName = Replace(exeName, "[", "{[}")
exeName = Replace(exeName, "]", "{]}")
exeName = Replace(exeName, "(", "{(}")
exeName = Replace(exeName, ")", "{)}")
exeName = Replace(exeName, "+", "{+}")
exeName = Replace(exeName, "^", "{^}")
exeName = Replace(exeName, "%", "{%}")
exeName = Replace(exeName, "~", "{~}")
' Send the EXE name to the window
WScript.Sleep 100
WshShell.SendKeys exeName
' Move to the next one
WshShell.SendKeys "{TAB}"
Loop
objFile.Close
"C:\Windows\System32\GroupPolicy\User\Registry.pol"
是存储我的政策的地方。这是一个半文本文件。尝试写入该文件。
好的,所以我尝试了很多不同的方法。如果有人正在寻找这样做的答案,这就是我想出来的方式以及我决定继续进行的方式。我将 post 下面的所有相关代码。
在Excel中,我的table格式如下:
这是我用来将此文件中的数据转换为注册表项的正确格式的 VBA 代码:
VBA - 在 Excel
Public Sub ExportToTextFile(FName As String, _
Sep As String, SelectionOnly As Boolean, _
AppendData As Boolean)
Dim WholeLine As String
Dim FNum As Integer
Dim RowNdx As Long
Dim ColNdx As Integer
Dim StartRow As Long
Dim EndRow As Long
Dim StartCol As Integer
Dim EndCol As Integer
Dim CellValue As String
Application.ScreenUpdating = False
On Error GoTo EndMacro:
FNum = FreeFile
StartRow = 2
If SelectionOnly = True Then
With Selection
StartCol = .Cells(2).Column
EndRow = .Cells(.Cells.Count).Row
EndCol = .Cells(2).Column
End With
Else
With ActiveSheet.UsedRange
StartCol = .Cells(2).Column
EndRow = .Cells(.Cells.Count).Row
EndCol = .Cells(2).Column
End With
End If
If AppendData = True Then
Open FName For Append Access Write As #FNum
Else
Open FName For Output Access Write As #FNum
End If
For RowNdx = StartRow To EndRow
WholeLine = ""
For ColNdx = StartCol To EndCol
If Cells(RowNdx, ColNdx).Value = "" Then
CellValue = ""
Else
CellValue = Cells(RowNdx, ColNdx).Value
End If
WholeLine = WholeLine & Chr(34) & CellValue & ".exe" & Chr(34) & "=" & Chr(34) & CellValue & ".exe" & Chr(34) & Sep
Next ColNdx
WholeLine = Left(WholeLine, Len(WholeLine) - Len(Sep))
Print #FNum, WholeLine; ""
Next RowNdx
EndMacro:
On Error GoTo 0
Application.ScreenUpdating = True
Close #FNum
End Sub
Sub PipeExport()
Dim FileName As Variant
Dim Sep As String
FileName = Application.GetSaveAsFilename(InitialFileName:="appList", filefilter:="Text (*.txt),*.txt")
If FileName = False Then
''''''''''''''''''''''''''
' user cancelled, get out
''''''''''''''''''''''''''
Exit Sub
End If
Sep = "|"
If Sep = vbNullString Then
''''''''''''''''''''''''''
' user cancelled, get out
''''''''''''''''''''''''''
Exit Sub
End If
Debug.Print "FileName: " & FileName, "Extension: " & Sep
ExportToTextFile FName:=CStr(FileName), Sep:=CStr(Sep), _
SelectionOnly:=False, AppendData:=False
End Sub
Private Sub Workbook_BeforeSave(ByVal SaveAsUI As Boolean, Cancel As Boolean)
PipeExport
End Sub
创建的文件为appList.txt,其格式与注册表项的格式相同:
"Acrobat.exe"="Acrobat.exe"
"AcroRd32.exe"="AcroRd32.exe"
现在在您的 GPO 中,将唯一的程序名称添加到允许的应用程序列表中(比如 test1234.exe),然后在您的注册表编辑器中,转到编辑 > 查找 test1234.exe。 在“文件”>“导出”下导出该注册表项。删除 test1234.exe 行并粘贴到您的文本文件中。然后重新导入该文件,大功告成!