I need to write a PowerShell script that should configure the below settings of Group policy in all the machines.
Gpedit.msc → Computer Configuration → Administrative Templates → System → User Profiles → "Do not forcefully unload the users registry at user logoff" to "Enabled".
As I am aware this can be done using the registry value also
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System]
"DisableForceUnload"=dword:00000001
But through the script, when I add the required registry entry, the change is not reflected in the Group Policy console. Of course, I need to use the Group Policy cmdlets!
When I tried with Set-GPRegistryValue with below statement
Set-GPRegistryValue -Name "User Profiles" `
-key "HKLM\SOFTWARE\Policies\Microsoft\Windows\System\" `
-ValueName DisableForceUnload -Type DWord -Value 1
It shows exception saying "A Referral was returned from the server."
Set-GPRegistryValue : A referral was returned from the server. (Exception from HRESULT: 0x8007202B)
At D:\Work\XYZ\Desktop\GPO1.ps1:6 char:1
+ Set-GPRegistryValue -Name "User Profiles" -key "HKLM\SOF ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Set-GPRegistryValue], COMException
+ FullyQualifiedErrorId : System.Runtime.InteropServices.COMException,Microsoft.GroupPolicy.Commands.SetGPRegistryValue
Command
What exactly I missing out here?
A domain controller returning a referral means that the object is present in the directory, but not on that particular domain controller. This can happen for instance with partitioned directories or trusted/child domains.
You can use the
-Domainand-Serverparameters for connecting to a specific domain and/or server. Default is to connect to the PDC emulator of the domain of the current user.