Remotely updating machine account group membership

 In this script, an operating system tool called klist is being called to update the machine account group memberships.  It then triggers a GPO update.  This would be useful where GPO security filtering has been limited to a group and new members have been added to the group for the GPO to apply to.

Consider adjusting the gpupdate call to restrict it machine or user as necessary.

param (
    [Parameter (ValueFromPipeline=$true, Mandatory=$true)]
    [string]$Groupname = $null
            )

$TargetMachineList=get-adgroupmember $groupname | select -expand name | sort name

foreach ($compname in $TargetMachineList)

    {
    $online = test-connection -computername $compname -Beffersize 16 -count 1 -quiet

    if ($online -like "true")
        {
        invoke-command -cn $compname -command {c:\windows\system32\klist -lh 0 -li 0x3e7 purge}
        invoke-command -cn $compname -command {c:\windows\system32\gpupdate /force}
        }

    }

Edit XML

 

This code locates a XML code section and modifies it.  It is based on a couple of articles:

https://gist.github.com/aadennis/1efa5015fca7b0ec23ee341d0665a067

https://superuser.com/questions/560329/how-to-modify-create-values-in-xml-files-using-powershell

The powershell is here followed by the structure of the target XML

#Checks the user config file

#Checks the AllowBatchPrinting setting is set to false and changes it to false if not.

 #Target Config File Name

$ConfigFileName = $env:LOCALAPPDATA+"\Microsoft\AppV\Client\VFS\5BC6440A-16C1-4529-B9B9-1A55D86892F5\ProgramFilesX86\Mitratech Holdings Inc\DataStoreDSX\Searching Client\HitecLabs.DataStore.SearchingClient.exe.config"

#Create XML object from file

$xml = [xml] (get-content -Raw $ConfigFileName)

#Check the item number of the target item

$names=$xml.configuration.applicationSettings.'HitecLabs.DataStore.Client.Applications.VisualDataStoreHelperLibrary.Properties.Settings'.Setting.name
$count=0
foreach ($name in $names)
    {

    if ($name -like "AllowBatchPrinting")

        {$item=$count}

    else

        {$count=$count+1}

    }

#Read current value of target value
$TargetSettingValue=$xml.configuration.applicationSettings.'HitecLabs.DataStore.Client.Applications.VisualDataStoreHelperLibrary.Properties.Settings'.Setting.item($item).value

 

#Change value if necessary.
if ($TargetSettingValue="True"){$xml.configuration.applicationSettings.'HitecLabs.DataStore.Client.Applications.VisualDataStoreHelperLibrary.Properties.Settings'.Setting.item($item).value = "False"
$xml.Save($ConfigFileName)
}

Target XML structure partial file section:

<?xml version="1.0" encoding="utf-8"?>

<!--

Configuration settings for DataStore Searching Client Application

-->

<configuration>

  <configSections>

    These sections removed

    </sectionGroup>

  </configSections>

  <applicationSettings>

    <HitecLabs.DataStore.Help.Properties.Settings>

      <setting name="DSSearchingClientHelpURL" serializeAs="String">

        <value>http://servername/DSXHelp/SearchingClient/SearchingClient.htm</value>

      </setting>

    </HitecLabs.DataStore.Help.Properties.Settings>

    <!-- Document Comparer setting for document revisions dialog -->

    <HitecLabs.DataStore.Client.Applications.VisualDataStoreHelperLibrary.Properties.Settings>

      <setting name="DocumentComparisonMethod" serializeAs="String">

        <!--

            0=Microsoft Word

            1=Aspose.Words

         -->

        <value>0</value>

      </setting>

      <setting name="MaxLogFileSizeToZipForEmailInMBs" serializeAs="String">

        <value>200</value>

      </setting>

      <setting name="AllowBatchPrinting" serializeAs="String">

        <value>False</value>

      </setting>

      <setting name="PrintBatchSize" serializeAs="String">

        <value>100</value>

      </setting>

    </HitecLabs.DataStore.Client.Applications.VisualDataStoreHelperLibrary.Properties.Settings>