La visibilit\u00e9 des extensions de fichiers est un facteur peu important mais significatif dans le maintien de la s\u00e9curit\u00e9 et de la facilit\u00e9 d’utilisation du syst\u00e8me. Lorsque l’explorateur Windows masque les extensions de fichiers par d\u00e9faut, les utilisateurs peuvent ex\u00e9cuter par inadvertance des fichiers malveillants dissimul\u00e9s sous des noms apparemment inoffensifs.<\/p>\n
Pour les professionnels de l’informatique et les fournisseurs de services g\u00e9r\u00e9s (MSP)<\/a>, l’automatisation de la configuration de ce param\u00e8tre est cruciale dans tous les environnements d’utilisateur. Cet article explique comment<\/strong> activer ou d\u00e9sactiver l’affichage des extensions de fichiers avec PowerShell<\/strong>, ce qui permet aux administrateurs de prendre le contr\u00f4le de ce param\u00e8tre avec pr\u00e9cision et efficacit\u00e9.<\/a><\/p>\n Par d\u00e9faut, Windows masque les extensions de fichiers pour les types de fichiers connus, ce qui peut entra\u00eener une certaine confusion, voire des risques pour la s\u00e9curit\u00e9. Par exemple, un fichier nomm\u00e9 report.pdf.exe peut appara\u00eetre sous la forme report.pdf, ce qui incite les utilisateurs \u00e0 ex\u00e9cuter une application nuisible. Microsoft maintient ce comportement depuis des ann\u00e9es, mais les entreprises pr\u00e9f\u00e8rent souvent avoir une visibilit\u00e9 sur tous les types de fichiers afin de r\u00e9duire les risques et de favoriser la transparence.<\/p>\n Ce script PowerShell<\/a> r\u00e9pond \u00e0 ce probl\u00e8me en modifiant une cl\u00e9 de registre sp\u00e9cifique (HideFileExt) pour tous les profils d’utilisateurs et tous les niveaux du syst\u00e8me. Il permet d’activer ou de d\u00e9sactiver l’affichage des extensions de fichiers en fonction d’un param\u00e8tre d’entr\u00e9e, automatisant ainsi ce qui serait autrement un processus de configuration manuel fastidieux et sujet aux erreurs.<\/p>\n <\/p>\n\n \u00c0 un niveau \u00e9lev\u00e9, ce script effectue les op\u00e9rations suivantes :<\/p>\n Suggestion d’aide visuelle<\/strong>: Un organigramme montrant :<\/p>\n Une entreprise MSP est en train d’effectuer l’onboarding d’un nouveau client avec plus de 100 terminaux. Pour respecter les bonnes pratiques de cybers\u00e9curit\u00e9<\/a>, ils veulent que les extensions de fichiers soient visibles par tous les utilisateurs. Plut\u00f4t que de se connecter manuellement \u00e0 chaque appareil, le technicien int\u00e8gre ce script dans une strat\u00e9gie NinjaOne d’automatisation<\/a>. Le script s’ex\u00e9cute sous le compte SYST\u00c8ME pendant les heures creuses et d\u00e9finit la valeur du registre pour tous les utilisateurs, qu’ils soient en ligne ou non, ce qui garantit l’uniformit\u00e9 et la conformit\u00e9 en moins d’une heure.<\/p>\n Les utilisateurs peuvent activer ce param\u00e8tre via l’interface utilisateur de l’explorateur Windows : Les GPO peuvent configurer ce param\u00e8tre, mais ils sont limit\u00e9s aux machines reli\u00e9es \u00e0 un domaine et n\u00e9cessitent une infrastructure Active Directory.<\/p>\n Les scripts alternatifs peuvent ne cibler que HKCU sans tenir compte des utilisateurs hors ligne, ce qui limite l’efficacit\u00e9 dans les environnements multi-utilisateurs ou partag\u00e9s.<\/p>\n La minutie avec laquelle ce script modifie HKLM et tous les profils HKU ainsi que le chargement de ntuser.dat, lui conf\u00e8re une fiabilit\u00e9 unique.<\/p>\n Oui. L’acc\u00e8s SYSTEM ou administrateur est n\u00e9cessaire pour \u00e9crire dans HKLM et charger les ruches (hive) utilisateur.<\/p>\n Absolument. Il fonctionne avec les utilisateurs locaux, de domaine et AzureAD.<\/p>\n Pas toujours. Le red\u00e9marrage d’explorer.exe ou la d\u00e9connexion permet d’obtenir un effet imm\u00e9diat.<\/p>\n Le script d\u00e9tecte les ruches charg\u00e9es et \u00e9vite de les recharger, ce qui r\u00e9duit les perturbations.<\/p>\n La visibilit\u00e9 des extensions de fichiers renforce la s\u00e9curit\u00e9 en aidant les utilisateurs \u00e0 \u00e9viter les fichiers trompeurs. La configuration \u00e0 grande \u00e9chelle, en particulier via l’automatisation, r\u00e9duit les frais administratifs et am\u00e9liore l’hygi\u00e8ne du syst\u00e8me. D’autre part, un d\u00e9ploiement trop agressif (par exemple, le red\u00e9marrage forc\u00e9 d’Explorer sans avertissement de l’utilisateur) peut frustrer les utilisateurs finaux. Une impl\u00e9mentation r\u00e9fl\u00e9chie est essentielle.<\/p>\n Le contr\u00f4le de la visibilit\u00e9 des extensions de fichiers est un \u00e9l\u00e9ment apparemment simple mais essentiel du renforcement de la s\u00e9curit\u00e9 de Windows. Ce script PowerShell apporte une configurabilit\u00e9 d’entreprise adapt\u00e9e aux environnements de toute taille, qu’ils soient locaux, hybrides ou sur le cloud. Lorsqu’il est int\u00e9gr\u00e9 au moteur d’automatisation de NinjaOne<\/a>, les professionnels de l’informatique peuvent d\u00e9ployer le changement sur des flottes d’appareils en toute confiance, en garantissant une application constante des strat\u00e9gies avec un minimum d’efforts manuels.<\/p>\n Pour les MSP comme pour les \u00e9quipes informatiques internes, l’automatisation de ces param\u00e8tres se traduit par un gain de temps, une r\u00e9duction des risques et une exp\u00e9rience utilisateur plus s\u00fbre. Qu’il s’agisse de d\u00e9ployer de nouveaux postes de travail ou de maintenir des syst\u00e8mes existants, ce script est un outil puissant dans votre arsenal de gestion de la configuration.<\/p>\n","protected":false},"author":35,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","_lmt_disableupdate":"no","_lmt_disable":""},"operating_system":[4212],"use_cases":[4281],"class_list":["post-531911","script_hub","type-script_hub","status-publish","hentry","script_hub_category-windows","use_cases-configuration-generale"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/script_hub\/531911","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/script_hub"}],"about":[{"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/types\/script_hub"}],"author":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/users\/35"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/comments?post=531911"}],"wp:attachment":[{"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/media?parent=531911"}],"wp:term":[{"taxonomy":"script_hub_category","embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/operating_system?post=531911"},{"taxonomy":"use_cases","embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/use_cases?post=531911"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Contexte<\/h2>\n
Le script<\/h2>\n
#Requires -Version 5.1\r\n\r\n<#\r\n.SYNOPSIS\r\n Enables or disables showing the file extensions in Windows Explorer.\r\n.DESCRIPTION\r\n Enables or disables showing the file extensions in Windows Explorer.\r\nBy using this script, you indicate your acceptance of the following legal terms as well as our Terms of Use at https:\/\/www.ninjaone.com\/terms-of-use.\r\n Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms. \r\n Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party. \r\n Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library or website belonging to or under the control of any other software provider. \r\n Warranty Disclaimer: The script is provided \u201cas is\u201d and \u201cas available\u201d, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations. \r\n Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks. \r\n Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script. \r\n EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).\r\n\r\nPARAMETER: -Action \"Enable\"\r\n Enables showing the file extensions in Windows Explorer.\r\n.EXAMPLE\r\n -Action \"Enable\"\r\n ## EXAMPLE OUTPUT WITH Action ##\r\n [Info] Enabling showing file extensions for user tuser\r\n [Info] Successfully enabled showing file extensions for user tuser\r\n\r\n.NOTES\r\n Minimum OS Architecture Supported: Windows 10, Windows Server 2016\r\n Release Notes: Initial Release\r\n#>\r\n\r\n[CmdletBinding()]\r\nparam (\r\n [Parameter()]\r\n [ValidateSet(\"Enable\", \"Disable\")]\r\n [String]$Action,\r\n [Parameter()]\r\n [Switch]$RestartExplorer = [System.Convert]::ToBoolean($env:restartExplorer)\r\n)\r\n\r\nbegin {\r\n function Test-IsElevated {\r\n $id = [System.Security.Principal.WindowsIdentity]::GetCurrent()\r\n $p = New-Object System.Security.Principal.WindowsPrincipal($id)\r\n $p.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator)\r\n }\r\n function Test-IsSystem {\r\n # Get the current Windows identity of the user running the script\r\n $id = [System.Security.Principal.WindowsIdentity]::GetCurrent()\r\n \r\n # Check if the current identity's name matches \"NT AUTHORITY*\"\r\n # or if the identity represents the SYSTEM account\r\n return $id.Name -like \"NT AUTHORITY*\" -or $id.IsSystem\r\n }\r\n function Get-UserHives {\r\n param (\r\n [Parameter()]\r\n [ValidateSet('AzureAD', 'DomainAndLocal', 'All')]\r\n [String]$Type = \"All\",\r\n [Parameter()]\r\n [String[]]$ExcludedUsers,\r\n [Parameter()]\r\n [switch]$IncludeDefault\r\n )\r\n \r\n # Define the SID patterns to match based on the selected user type\r\n $Patterns = switch ($Type) {\r\n \"AzureAD\" { \"S-1-12-1-(\\d+-?){4}$\" }\r\n \"DomainAndLocal\" { \"S-1-5-21-(\\d+-?){4}$\" }\r\n \"All\" { \"S-1-12-1-(\\d+-?){4}$\" ; \"S-1-5-21-(\\d+-?){4}$\" } \r\n }\r\n \r\n # Retrieve user profile information based on the defined patterns\r\n $UserProfiles = Foreach ($Pattern in $Patterns) { \r\n Get-ItemProperty \"HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList\\*\" |\r\n Where-Object { $_.PSChildName -match $Pattern } | \r\n Select-Object @{Name = \"SID\"; Expression = { $_.PSChildName } },\r\n @{Name = \"Username\"; Expression = { \"$($_.ProfileImagePath | Split-Path -Leaf)\" } }, \r\n @{Name = \"UserHive\"; Expression = { \"$($_.ProfileImagePath)\\NTuser.dat\" } }, \r\n @{Name = \"Path\"; Expression = { $_.ProfileImagePath } }\r\n }\r\n \r\n # If the IncludeDefault switch is set, add the Default profile to the results\r\n switch ($IncludeDefault) {\r\n $True {\r\n $DefaultProfile = \"\" | Select-Object Username, SID, UserHive, Path\r\n $DefaultProfile.Username = \"Default\"\r\n $DefaultProfile.SID = \"DefaultProfile\"\r\n $DefaultProfile.Userhive = \"$env:SystemDrive\\Users\\Default\\NTUSER.DAT\"\r\n $DefaultProfile.Path = \"C:\\Users\\Default\"\r\n \r\n # Exclude users specified in the ExcludedUsers list\r\n $DefaultProfile | Where-Object { $ExcludedUsers -notcontains $_.Username }\r\n }\r\n }\r\n \r\n # Return the list of user profiles, excluding any specified in the ExcludedUsers list\r\n $UserProfiles | Where-Object { $ExcludedUsers -notcontains $_.Username }\r\n }\r\n function Set-RegKey {\r\n param (\r\n $Path,\r\n $Name,\r\n $Value,\r\n [ValidateSet(\"DWord\", \"QWord\", \"String\", \"ExpandedString\", \"Binary\", \"MultiString\", \"Unknown\")]\r\n $PropertyType = \"DWord\"\r\n )\r\n \r\n # Check if the specified registry path exists\r\n if (!(Test-Path -Path $Path)) {\r\n try {\r\n # If the path does not exist, create it\r\n New-Item -Path $Path -Force -ErrorAction Stop | Out-Null\r\n }\r\n catch {\r\n # If there is an error creating the path, output an error message and exit\r\n Write-Host \"[Error] Unable to create the registry path $Path for $Name. Please see the error below!\"\r\n Write-Host \"[Error] $($_.Exception.Message)\"\r\n exit 1\r\n }\r\n }\r\n \r\n # Check if the registry key already exists at the specified path\r\n if (Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue) {\r\n # Retrieve the current value of the registry key\r\n $CurrentValue = (Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue).$Name\r\n if ($CurrentValue -eq $Value) {\r\n Write-Host \"$Path\\$Name is already the value '$Value'.\"\r\n }\r\n else {\r\n try {\r\n # Update the registry key with the new value\r\n Set-ItemProperty -Path $Path -Name $Name -Value $Value -Force -Confirm:$false -ErrorAction Stop | Out-Null\r\n }\r\n catch {\r\n # If there is an error setting the key, output an error message and exit\r\n Write-Host \"[Error] Unable to set registry key for $Name at $Path. Please see the error below!\"\r\n Write-Host \"[Error] $($_.Exception.Message)\"\r\n exit 1\r\n }\r\n # Output the change made to the registry key\r\n Write-Host \"$Path\\$Name changed from $CurrentValue to $((Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue).$Name)\"\r\n }\r\n }\r\n else {\r\n try {\r\n # If the registry key does not exist, create it with the specified value and property type\r\n New-ItemProperty -Path $Path -Name $Name -Value $Value -PropertyType $PropertyType -Force -Confirm:$false -ErrorAction Stop | Out-Null\r\n }\r\n catch {\r\n # If there is an error creating the key, output an error message and exit\r\n Write-Host \"[Error] Unable to set registry key for $Name at $Path. Please see the error below!\"\r\n Write-Host \"[Error] $($_.Exception.Message)\"\r\n exit 1\r\n }\r\n # Output the creation of the new registry key\r\n Write-Host \"Set $Path\\$Name to $((Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue).$Name)\"\r\n }\r\n }\r\n $ExitCode = 0\r\n}\r\nprocess {\r\n if ($env:action -and $env:action -notlike \"null\") { $Action = $env:action }\r\n if (-not $Action) {\r\n Write-Host -Object \"[Error] You must specify an action (Enable or Disable)\"\r\n exit 1\r\n }\r\n\r\n # Check if the action is valid\r\n if ($Action -ne \"Enable\" -and $Action -ne \"Disable\") {\r\n Write-Host -Object \"[Error] The action '$Action' is invalid. 'Enable' or 'Disable' are the only valid actions\"\r\n exit 1\r\n }\r\n\r\n if ((Test-IsSystem)) {\r\n # When running as a system account or elevated\r\n\r\n # Local Machine\r\n\r\n # Set the registry key if the action is Enable\r\n if ($Action -eq \"Enable\") {\r\n try {\r\n Write-Host -Object \"[Info] Enabling showing file extensions for local machine\"\r\n Set-RegKey -Path \"Registry::HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\" -Name \"HideFileExt\" -Value 0 -Force -ErrorAction Stop\r\n Write-Host -Object \"[Info] Successfully enabled showing file extensions for local machine\"\r\n }\r\n catch {\r\n Write-Host -Object \"[Error] Failed to enable showing file extensions for local machine\"\r\n }\r\n }\r\n\r\n # Set the registry key if the action is Disable\r\n if ($Action -eq \"Disable\") {\r\n try {\r\n Write-Host -Object \"[Info] Disabling showing file extensions for local machine\"\r\n Set-RegKey -Path \"Registry::HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\" -Name \"HideFileExt\" -Value 1 -Force -ErrorAction Stop\r\n Write-Host -Object \"[Info] Successfully disabled showing file extensions for local machine\"\r\n }\r\n catch {\r\n Write-Host -Object \"[Error] Failed to disable showing file extensions for local machine\"\r\n }\r\n }\r\n\r\n # User Profiles\r\n\r\n # Get all user profiles on the machine\r\n $UserProfiles = Get-UserHives -Type \"All\"\r\n $ProfileWasLoaded = New-Object System.Collections.Generic.List[object]\r\n\r\n # Loop through each profile on the machine\r\n ForEach ($UserProfile in $UserProfiles) {\r\n # Load User ntuser.dat if it's not already loaded\r\n If (!(Test-Path -Path Registry::HKEY_USERS\\$($UserProfile.SID) -ErrorAction SilentlyContinue)) {\r\n Start-Process -FilePath \"cmd.exe\" -ArgumentList \"\/C reg.exe LOAD HKU\\$($UserProfile.SID) `\"$($UserProfile.UserHive)`\"\" -Wait -WindowStyle Hidden\r\n $ProfileWasLoaded.Add($UserProfile)\r\n }\r\n # Set the registry key if the action is Enable\r\n if ($Action -eq \"Enable\") {\r\n try {\r\n Write-Host -Object \"[Info] Enabling showing file extensions for user $($UserProfile.UserName)\"\r\n Set-RegKey -Path \"Registry::HKEY_USERS\\$($UserProfile.SID)\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\" -Name \"HideFileExt\" -Value 0 -Force -ErrorAction Stop\r\n Write-Host -Object \"[Info] Successfully enabled showing file extensions for user $($UserProfile.UserName)\"\r\n }\r\n catch {\r\n Write-Host -Object \"[Error] Failed to enable showing file extensions for user $($UserProfile.UserName)\"\r\n }\r\n }\r\n\r\n # Set the registry key if the action is Disable\r\n if ($Action -eq \"Disable\") {\r\n try {\r\n Write-Host -Object \"[Info] Disabling showing file extensions for user $($UserProfile.UserName)\"\r\n Set-RegKey -Path \"Registry::HKEY_USERS\\$($UserProfile.SID)\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\" -Name \"HideFileExt\" -Value 1 -Force -ErrorAction Stop\r\n Write-Host -Object \"[Info] Successfully disabled showing file extensions for user $($UserProfile.UserName)\"\r\n }\r\n catch {\r\n Write-Host -Object \"[Error] Failed to disable showing file extensions for user $($UserProfile.UserName)\"\r\n }\r\n }\r\n }\r\n\r\n # If user profiles were loaded, unload the profiles\r\n if ($ProfileWasLoaded.Count -gt 0) {\r\n ForEach ($UserProfile in $ProfileWasLoaded) {\r\n # Unload NTuser.dat\r\n [gc]::Collect()\r\n Start-Sleep 1\r\n Start-Process -FilePath \"cmd.exe\" -ArgumentList \"\/C reg.exe UNLOAD HKU\\$($UserProfile.SID)\" -Wait -WindowStyle Hidden | Out-Null\r\n }\r\n }\r\n }\r\n else {\r\n # When running as a user account\r\n\r\n # Set the registry key if the action is Enable\r\n if ($Action -eq \"Enable\") {\r\n try {\r\n Write-Host -Object \"[Info] Enabling showing file extensions for user $($env:USERNAME)\"\r\n Set-RegKey -Path \"Registry::HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\" -Name \"HideFileExt\" -Value 0 -Force -ErrorAction Stop\r\n Write-Host -Object \"[Info] Successfully enabled showing file extensions for user $($env:USERNAME)\"\r\n }\r\n catch {\r\n Write-Host -Object \"[Error] Failed to enable showing file extensions for user $($env:USERNAME)\"\r\n }\r\n }\r\n\r\n # Set the registry key if the action is Disable\r\n if ($Action -eq \"Disable\") {\r\n try {\r\n Write-Host -Object \"[Info] Disabling showing file extensions for user $($env:USERNAME)\"\r\n Set-RegKey -Path \"Registry::HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\" -Name \"HideFileExt\" -Value 1 -Force -ErrorAction Stop\r\n Write-Host -Object \"[Info] Successfully disabled showing file extensions for user $($env:USERNAME)\"\r\n }\r\n catch {\r\n Write-Host -Object \"[Error] Failed to disable showing file extensions for user $($env:USERNAME)\"\r\n }\r\n }\r\n }\r\n\r\n # Check if the $RestartExplorer flag is set\r\n if ($RestartExplorer) {\r\n # Display a message indicating that Explorer.exe is being restarted\r\n Write-Host \"`nRestarting Explorer.exe as requested.\"\r\n\r\n try {\r\n # Stop all instances of Explorer\r\n if (Test-IsSystem) {\r\n Get-Process -Name \"explorer\" | Stop-Process -Force -ErrorAction Stop\r\n }\r\n else {\r\n Get-Process -Name \"explorer\" | Where-Object { $_.SI -eq (Get-Process -PID $PID).SessionId } | Stop-Process -Force -ErrorAction Stop\r\n }\r\n }\r\n catch {\r\n Write-Host -Object \"[Error] Failed to stop explorer.exe\"\r\n Write-Host -Object \"[Error] $($_.Exception.Message)\"\r\n $ExitCode = 1\r\n }\r\n \r\n # Pause for 1 second to ensure processes have fully stopped before restarting\r\n Start-Sleep -Seconds 1\r\n \r\n # If not running as the System account and Explorer.exe is not already running, start a new instance\r\n if (!(Test-IsSystem) -and !(Get-Process -Name \"explorer\" -ErrorAction SilentlyContinue)) {\r\n try {\r\n Start-Process -FilePath \"$env:SystemRoot\\explorer.exe\" -Wait -ErrorAction Stop\r\n }\r\n catch {\r\n Write-Host -Object \"[Error] Failed to start explorer.exe\"\r\n Write-Host -Object \"[Error] $($_.Exception.Message)\"\r\n $ExitCode = 1\r\n }\r\n }\r\n }\r\n else {\r\n # If $RestartExplorer is not set, warn the user that they may need to manually restart Explorer.exe\r\n Write-Host -Object \"\"\r\n Write-Warning -Message \"You may need to restart Explorer.exe for the script to take effect immediately.\"\r\n }\r\n\r\n # Exit the script with the predefined $ExitCode.\r\n exit $ExitCode\r\n}\r\nend {\r\n \r\n \r\n \r\n}<\/pre>\nDescription d\u00e9taill\u00e9e<\/h2>\n
\n
\n<\/strong>Il commence par accepter un param\u00e8tre -Action (Enable ou Disable) et \u00e9ventuellement un indicateur $RestartExplorer. Il confirme l’\u00e9l\u00e9vation du script et v\u00e9rifie s’il s’ex\u00e9cute dans un contexte utilisateur ou SYSTEM.<\/li>\n\n
\n<\/strong>En fonction du param\u00e8tre -Action :<\/p>\n\n
\n
\n<\/strong>Pour l’ex\u00e9cution au niveau SYST\u00c8ME, il charge ntuser.dat pour les profils hors ligne, \u00e9crit les param\u00e8tres et les d\u00e9charge apr\u00e8s l’op\u00e9ration.<\/li>\n
\n<\/strong>Si -RestartExplorer est transmis ou d\u00e9fini par une variable d’environnement, il arr\u00eate et red\u00e9marre explorer.exe pour s’assurer que les modifications sont prises en compte.<\/li>\n<\/ol>\n\n
Cas d’utilisation potentiels<\/h2>\n
\u00c9tude de cas\u00a0: D\u00e9ploiement de services informatiques g\u00e9r\u00e9s<\/h3>\n
Comparaisons<\/h2>\n
Approche manuelle<\/h3>\n
\nAffichage \u2192 Afficher \u2192 Extensions de nom de fichier<\/em>
\n<\/em>Cependant, cela n’a d’impact que sur la session de l’utilisateur en cours et n’est pas extensible.<\/p>\nStrat\u00e9gie de groupe (GPO)<\/h3>\n
Scripts PowerShell de configuration de GPO<\/h3>\n
Questions fr\u00e9quentes<\/h2>\n
Q\u00a0: Le script n\u00e9cessite-t-il des privil\u00e8ges d’administrateur\u00a0?<\/h3>\n
Q\u00a0: Peut-il fonctionner sur des machines ne faisant pas partie d’un domaine ?<\/h3>\n
Q\u00a0: Les changements s’appliqueront-ils instantan\u00e9ment ?<\/h3>\n
Q\u00a0: Que se passe-t-il si un profil est en cours d’utilisation ?<\/h3>\n
Implications<\/h2>\n
Recommandations<\/h2>\n
\n
Conclusion<\/h2>\n