How can I edit local Group Policy settings using command line?

windows command-line windows-registry batch-file group-policy
43,228

Solution 1

There is no way to automate Group Policy from the command line. That's what domain controllers are for. The only thing you can do is script the registry change that the GPO would have affected. The location you observed from Process Monitor is just the copy of the GPO itself, not the application of it. The actual location in the registry you need to change is in the last part of the string.

To enable this with a script, just use the REG command:

REG ADD HKLM\SOFTWARE\Policies\Microsoft\FVE /v EnableBDEWithNoTPM /t REG_DWORD /d 1

That will enable the value you're looking for.

Solution 2

As I noted at https://superuser.com/a/1140638/459921, you can use the following command line utility to modify local group policy on a non domain-joined machine:

https://blogs.technet.microsoft.com/secguide/2016/01/21/lgpo-exe-local-group-policy-object-utility-v1-0/

Share:
43,228

Related videos on Youtube

Sandfrog
Author by

Sandfrog

Updated on September 18, 2022

Comments

  • Sandfrog
    Sandfrog almost 2 years

    I'm attempting to throw together a script for work that allows BitLocker without a compatible TPM. The setting is Configuration \ Administrative Templates \ Windows Components \ Bit Locker Drive Encryption \ Operating System Drives and Require additional authentication at startup under gpedit.

    It just needs to be enabled. I used Process Monitor to watch which registry settings are changed when manually Enabling, which on mine is HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{5C0CD1B3-C6CC-448-AFA7-B69059CFF648}Machine\SOFTWARE\Policies\Microsoft\FVE EnableBDEWithNoTPM data is changed to 1.

    At first I figured I just somehow need to compensate for the Unique ID in curly brackets, but after looking on another Windows 8.1 Pro machine and "Group Policy Objects" wasn't even in the registry.

    So I'm out of ideas. Anyone know how this can be done using a script?

    • Julian Knight
      Julian Knight about 9 years
      What version of Windows 8 are you using? Is it an enterprise licensed version?
    • Sandfrog
      Sandfrog about 9 years
      It's licensed 8.1 Pro.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Randomizing text color and background color in batch file
How to parse a XML file with Command Line (cmd/batch)
batch file remove all but the newest 10 files
How to accept user input command in batch file?
.BAT file - What are all of the possible switches that will work outside a batch script?
run 'net user' command as administrator
CMD Batch file virtually press the enter key
Create a Batch file (.bat) to search an string through multiple files
Batch command to open url and fulfill username and password
sed.exe expression in bat file