[wpkg-users] [OT?] Nested for on a cmd script...

Marco Gaiarin gaio at sv.lnf.it
Mon Feb 2 17:45:48 CET 2015

I'm poking a bit with SRP (Software Restriction Policies), trying to
make it effective only using registry editing.
(clearly, the host part, not the user part)

I'm coding a little batch, but i've hitted a trouble.

The script do:

 reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers" /f /v "TransparentEnabled" /t REG_DWORD /d "1"
 reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers" /f /v "PolicyScope" /t REG_DWORD /d "1"
 reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers" /f /v "AuthenticodeEnabled" /t REG_DWORD /d "0"
 reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers" /f /v "ExecutableTypes" /t REG_MULTI_SZ /d "WSC\0VB\0URL\0SHS\0SCR\0REG\0PIF\0PCD\0OCX\0MST\0MSP\0MSI\0MSC\0MDE\0MDB\0LNK\0ISP\0INS\0

 for /F "eol=; tokens=1,2,3*" %%l in ( %WPKGROOT%\packages\srp.dirs ) do (

        set level=%%l
        set type=%%m
        set pathrule=%%n

        for /F "tokens=1" %%u in ( '%WPKGROOT%\tools\Uuidgen.Exe' ) do (
                set UUID=%%u 

        reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\%level%\Paths\%UUID%" /f /v "ItemData" /t %type% /d "%pathrule%"
        reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\%level%\Paths\%UUID%" /f /v "LastModified" /t REG_QWORD /d 130673587356114114
        reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\%level%\Paths\%UUID%" /f /v "SaferFlags" /t REG_DWORD /d "0"
        reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\%level%\Paths\%UUID%" /f /v "Description" /t REG_SZ /d ""

And works, but the %UUID% variable seems to be defined only the first
time, so only the *LAST* rule in file srp.dirs get inserted (or,
better, get all inserted but with the same UUID, so the latter modify
the former and only the last remain).

In script i see:

	Impossibile trovare l'unità specificata.

more or less:

	I cannot found the specified drive.

As usual, very helpful.

How i'm doing wrong? Thanks.

dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''                    http://www.sv.lnf.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

More information about the wpkg-users mailing list