Step 1: Create a reg key using Notepad.
- Open Notepad and add the following lines, changing the path and value for what you require (Make sure there is no whitespace above the first line or last line.)
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Adobe Acrobat\DC\FeatureLockDown\]
"bDisableJavaScript"=dword:1
- Save the file as YOURFILE.reg with encoding as ANSI, in C:\Intune\Source.
Step 2: Create the install.ps1 script
- Using Powershell create a script with the following line:
reg import .\YOURFILE.reg
- Save the file as install.ps1 in C:\Intune\Source
Step 3: Create the uninstall.ps1 script
- Using Powershell create an uninstall script with the following line (Remember to change the Path and Name to match your path and name).
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Adobe\Adobe Acrobat\DC\FeatureLockDown" -Name "bDisableJavaScript"
- Save the file as uninstall.ps1 in C:\Intune\Source
Step 4: Test the reg key works
- Its probably a good idea to test your reg key actually installs before pushing it through Intune.
- Open PowerShell as admin and change directory to C:\Intune\Source by running cd C:\Intune\Source
- Then run the following command: reg import .\YOURFILE.reg. If it works you should see a success message that its installed.
- Check the registry exists where you expect it to in regedit.
- If so move on to Step 5, if not go back through step 1 to 4 and troubleshoot.
Step 5: Create a Intune package file so we can import this as a Win32 app in Intune.
- Download the 'Microsoft-Win32-Content-Prep-Tool" from the following Github link and unzip it to your C:\Intune folder.
https://github.com/Microsoft/Microsoft-Win32-Content-Prep-Tool
- Open command prompt as admin and change directory to the Microsoft-Win32-Content-Prep-Tool folder you just extracted, then run the IntuneWinAppUtil.exe
cd C:\Intune\Microsoft-Win32-Content-Prep-Tool-1.8.6
IntuneWinAppUtil.exe
- It will ask for your source folder which is C:\Intune\Source
- It will then ask for your setup file which is install.ps1
- It will then ask for your output folder which is C:\Intune\Output
- It will ask you if you want to include the cataloug, type N and click enter.
Once this is done it will spit out a .intunewin file. We are going to use this to create the Win32 app in Intune.
Step 6: Import package file into Intune and assign properties
- Login to Intune using your admin credentials
- Navigate to Apps > Windows > Create > Windows App (Win32)
- The app package file is the one we just created and is located in C:\Intune\Output
- Give it a proper name in the form Registry-Descriptionofscript
- Change the description so others know what it does.
- Enter BELL Lighting Ltd as publisher and click next
- Install command needs to be: %windir%\sysnative\WindowsPowerShell\v1.0\powershell.exe -Executionpolicy Bypass .\install.ps1
- Uninstall command needs to be: %windir%\sysnative\WindowsPowerShell\v1.0\powershell.exe -Executionpolicy Bypass .\uninstall.ps1
-Install behaviour needs to be 'System'.
-Device restart behaviour needs to be: 'No specific action' and click next.
- Operating System architecture = 64 bit
- Minimum operating system = Windows 10 22H2 and click next.
- Rules format needs to be 'Manually configure detection rules', then click Add
- Rule Type needs to be 'Registry'
- Key Path needs to match the registry path where you're installing the DWORD.
- Value name needs to match the name of the DWORD.
- Detection method needs to be 'Key exists' then click OK, then Next.
- Click Next to skip past Dependencies and Supersedence.
- In Assignments, assign the app to 'it-it-mdm' first to test it works and doesn't break anything. When satisfied its working, assign the app to the all devices group and click Next.
- Then click Create.