CIS Benchmarks Simplified PS script

#Requires -Version 5.1

<#

.SYNOPSIS

Simple Registry SID Processor

.DESCRIPTION

This simplified PowerShell script processes Windows Registry files listed in a text file.

It replaces <***USER_SID***> placeholders with the current user's actual SID and

applies the registry changes.

.PARAMETER FileList

Path to a text file containing a list of registry files to process

.EXAMPLE

.\Process-RegistrySimple.ps1 "registry_files.txt"

Process all registry files listed in registry_files.txt

.NOTES

Version: 1.0 (Simplified)

Requires: PowerShell 5.1 or later, Administrator privileges for some registry keys

#>

param(

[Parameter(Mandatory = $true, Position = 0)]

$TempDir = $env:TEMP

# Statistics

$ProcessedCount = 0

$FailedCount = 0

function Write-Message {

param(

[string]$Message,

[string]$Type = "INFO"

)

$timestamp = Get-Date -Format "HH:mm:ss"

switch ($Type) {

"ERROR" { Write-Host "[$timestamp] ERROR: $Message" -ForegroundColor Red }

"WARN" { Write-Host "[$timestamp] WARN: $Message" -ForegroundColor Yellow }

"SUCCESS" { Write-Host "[$timestamp] SUCCESS: $Message" -ForegroundColor Green }

default { Write-Host "[$timestamp] INFO: $Message" -ForegroundColor White }

}if ($user -and $user.User) {

return $user.User.Value

}

# Fallback to WMI

$userAccount = Get-WmiObject -Class Win32_UserAccount -Filter "Name='$env:USERNAME'"

if ($userAccount) {

return $userAccount.SID

}

throw "Could not detect user SID"

}

catch {

Write-Message "Failed to get user SID: $($_.Exception.Message)" -Type "ERROR"

return $null

}

}

function Process-RegistryFile {

param(

[string]$FileName,

[string]$UserSID

)

$sourceFile = Join-Path $SourcePath $FileName

Write-Message "Processing: $FileName"

# Check if file exists

if (-not (Test-Path $sourceFile)) {

Write-Message "File not found: $sourceFile" -Type "ERROR"

return $false

}

try {

# Read and process content

$content = Get-Content $sourceFile -Raw

$processedContent = $content -replace '<\*\*USER_SID\*\*\*>', $UserSID

# Create temporary file

$Encoding UTF8

# Apply registry changes

$result = & reg import $tempFile 2>&1

if ($LASTEXITCODE -eq 0) {

Write-Message "Successfully applied: $FileName" -Type "SUCCESS"

$success = $true

}

else {

Write-Message "Failed to apply: $FileName - $result" -Type "ERROR"

$success = $false

}

# Clean up temp file

Remove-Item $tempFile -Force -ErrorAction SilentlyContinue-RegistryFilesFromList {

param([string]$ListFile)

if (-not (Test-Path $ListFile)) {

Write-Message "File list not found: $ListFile" -Type "ERROR"

return @()

}

try {

$files = Get-Content $ListFile |

Where-Object { $_ -and $_ -notmatch '^\s*#' -and $_.Trim() -ne '' } |

ForEach-Object { $_.Trim() }

Write-Message "Found $($files.Count) files in list"

return $files

}

catch {

Write-

}

}

# Main execution

try {

Write-Host ""

Write-Host "Simple Registry SID Processor" -ForegroundColor Cyan

Write-Host "=============================" -ForegroundColor Cyan

Write-Host ""

# Get user SID

Write-Message "Getting current user SID..."

$userSID = Get-CurrentUserSID

if (-not $userSID) {

Write-Message "Cannot proceed without user SID" -Type "ERROR"

exit 1

}

Write-Message "User SID: $userSID"

Write-Message "Source path: $SourcePath"

Write-Message "File list: $FileList"

Write-Host ""

# Get files to process

$filesToProcess = Get-RegistryFilesFromList -ListFile $FileList

if ($filesToProcess.Count -eq 0) {

Write-Message "No files to process" -Type "WARN"

exit 0

}

# Confirmation

Write-Host "Files to be processed:" -ForegroundColor Yellow

$filesToProcess | ForEach-Object { Write-Host " - $_" -ForegroundColor Gray }

Write-Host ""

$response = Read-Host "Do you want to proceed? (Y/N)"

if ($response -notmatch '^[Yy]') {

Write-Message "Operation cancelled by user" -Type "WARN"

exit 0

}

Write-Host ""

# Process each file

foreach ($file in $filesToProcess) {

if (Process-RegistryFile -FileName $file -UserSID $userSID) {

$ProcessedCount++

}

else {

$FailedCount++

}

}

# Summary

Write-Host ""

Write-Host "Processing Summary:" -ForegroundColor Cyan

Write-Host "==================" -ForegroundColor Cyan

Write-Host "Files processed successfully: " -NoNewline

Write-Host $ProcessedCount -ForegroundColor Green

Write-Host "Files failed: " -NoNewline

Write-Host $FailedCount -ForegroundColor Red

Write-Host "Total files: " -NoNewline

Write-Host ($ProcessedCount + $FailedCount) -ForegroundColor White

Write-Host ""

if ($FailedCount -gt 0) {

Write-Message "Some files failed to process" -Type "WARN"

exit 1

}

else {

Write-Message "All files processed successfully" -Type "SUCCESS"

exit 0

}

}

catch {

Write-Message

```txt

# Registry Files List

# ===================

# List the registry files to process (one per line)

# Lines starting with # are comments and will be ignored

# Empty lines are also ignored

screensaver_policy.reg

windows_update_policy.reg

security_policy.reg

explorer_settings.reg