Bypass Smart Card Logon using Remote Registry in PowerShell

3 minute read

This PowerShell script changes the value of scforceoption on the specified computer in order to immediately allow logon without a smart card.

The actual work is performed by only a few lines of code. Most of the script is for generating the Windows Forms GUI. This code was created using Sapien’s PrimalForms Community Edition.

I now have an updated version that works like a PowerShell cmdlet.

#Generated Form Function
function GenerateForm {
########################################################################
# Code Generated By: SAPIEN Technologies PrimalForms (Community Edition) v1.0.8.0
# Generated On: 6/25/2010 3:34 PM
# Generated By: Jason Hofferle
########################################################################

#region Import the Assemblies
[reflection.assembly]::loadwithpartialname("System.Drawing") | Out-Null
[reflection.assembly]::loadwithpartialname("System.Windows.Forms") | Out-Null
#endregion

#region Generated Form Objects
$frmMain = New-Object System.Windows.Forms.Form
$sBar = New-Object System.Windows.Forms.StatusBar
$btnDisable = New-Object System.Windows.Forms.Button
$btnEnable = New-Object System.Windows.Forms.Button
$btnStatus = New-Object System.Windows.Forms.Button
$txtComputer = New-Object System.Windows.Forms.TextBox
$lblWorkstationOrIP = New-Object System.Windows.Forms.Label
$lblRunningAs_DATA = New-Object System.Windows.Forms.Label
$lblRunningAs = New-Object System.Windows.Forms.Label
$InitialFormWindowState = New-Object System.Windows.Forms.FormWindowState
#endregion Generated Form Objects

#----------------------------------------------
# Functions
#----------------------------------------------
Function GetStatus
  {
    Param($computer)
    $reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $computer)
    $regKey = $reg.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\system" )
    If ($regKey.GetValue("scforceoption") -eq 1)
      {
        Return "Enabled"
      }
    Else
      {
        Return "Disabled"
      }
  }

#----------------------------------------------
#Generated Event Script Blocks
#----------------------------------------------
#Provide Custom Code for events specified in PrimalForms.
$handler_frmMain_Load=
{
  $lblRunningAs_DATA.Text = "$env:USERDOMAIN\$env:USERNAME"
  $txtComputer.Text = $env:COMPUTERNAME

}

$handler_btnStatus_Click=
{
  $sBar.Text = $txtComputer.Text + ": " + (GetStatus($txtComputer.Text))

}

$btnDisable_OnClick=
{
  $reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $txtComputer.Text)
  $regKey = $reg.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\system", $true)
  $regKey.SetValue("scforceoption", 0)

  $sBar.Text = $txtComputer.Text + ": " + (GetStatus($txtComputer.Text))

}

$btnEnable_OnClick=
{
  $reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $txtComputer.Text)
  $regKey = $reg.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\system", $true)
  $regKey.SetValue("scforceoption", 1)

  $sBar.Text = $txtComputer.Text + ": " + (GetStatus($txtComputer.Text))

}

$OnLoadForm_StateCorrection=
{#Correct the initial state of the form to prevent the .Net maximized form issue
        $frmMain.WindowState = $InitialFormWindowState
}

#----------------------------------------------
#region Generated Form Code
$frmMain.Font = New-Object System.Drawing.Font("Tahoma",12,0,3,1)
$frmMain.Text = "CAC Toggler"
$frmMain.Name = "frmMain"
$frmMain.DataBindings.DefaultDataSourceUpdateMode = 0
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 310
$System_Drawing_Size.Height = 170
$frmMain.ClientSize = $System_Drawing_Size
$frmMain.add_Load($handler_frmMain_Load)

$sBar.Name = "sBar"
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 310
$System_Drawing_Size.Height = 22
$sBar.Size = $System_Drawing_Size
$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 0
$System_Drawing_Point.Y = 148
$sBar.Location = $System_Drawing_Point
$sBar.DataBindings.DefaultDataSourceUpdateMode = 0
$sBar.TabIndex = 7

$frmMain.Controls.Add($sBar)

$btnDisable.TabIndex = 6
$btnDisable.Name = "btnDisable"
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 90
$System_Drawing_Size.Height = 35
$btnDisable.Size = $System_Drawing_Size
$btnDisable.UseVisualStyleBackColor = $True

$btnDisable.Text = "Disable"

$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 205
$System_Drawing_Point.Y = 95
$btnDisable.Location = $System_Drawing_Point
$btnDisable.DataBindings.DefaultDataSourceUpdateMode = 0
$btnDisable.add_Click($btnDisable_OnClick)

$frmMain.Controls.Add($btnDisable)

$btnEnable.TabIndex = 5
$btnEnable.Name = "btnEnable"
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 90
$System_Drawing_Size.Height = 35
$btnEnable.Size = $System_Drawing_Size
$btnEnable.UseVisualStyleBackColor = $True

$btnEnable.Text = "Enable"

$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 109
$System_Drawing_Point.Y = 95
$btnEnable.Location = $System_Drawing_Point
$btnEnable.DataBindings.DefaultDataSourceUpdateMode = 0
$btnEnable.add_Click($btnEnable_OnClick)

$frmMain.Controls.Add($btnEnable)

$btnStatus.TabIndex = 4
$btnStatus.Name = "btnStatus"
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 90
$System_Drawing_Size.Height = 35
$btnStatus.Size = $System_Drawing_Size
$btnStatus.UseVisualStyleBackColor = $True

$btnStatus.Text = "Status"

$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 13
$System_Drawing_Point.Y = 95
$btnStatus.Location = $System_Drawing_Point
$btnStatus.DataBindings.DefaultDataSourceUpdateMode = 0
$btnStatus.add_Click($handler_btnStatus_Click)

$frmMain.Controls.Add($btnStatus)

$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 282
$System_Drawing_Size.Height = 27
$txtComputer.Size = $System_Drawing_Size
$txtComputer.DataBindings.DefaultDataSourceUpdateMode = 0
$txtComputer.Name = "txtComputer"
$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 13
$System_Drawing_Point.Y = 62
$txtComputer.Location = $System_Drawing_Point
$txtComputer.TabIndex = 3

$frmMain.Controls.Add($txtComputer)

$lblWorkstationOrIP.TabIndex = 2
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 254
$System_Drawing_Size.Height = 23
$lblWorkstationOrIP.Size = $System_Drawing_Size
$lblWorkstationOrIP.Text = "Workstation Name or IP Address:"

$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 13
$System_Drawing_Point.Y = 36
$lblWorkstationOrIP.Location = $System_Drawing_Point
$lblWorkstationOrIP.DataBindings.DefaultDataSourceUpdateMode = 0
$lblWorkstationOrIP.Name = "lblWorkstationOrIP"

$frmMain.Controls.Add($lblWorkstationOrIP)

$lblRunningAs_DATA.TabIndex = 1
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 212
$System_Drawing_Size.Height = 23
$lblRunningAs_DATA.Size = $System_Drawing_Size
$lblRunningAs_DATA.Text = "lblRunningAs_DATA"

$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 119
$System_Drawing_Point.Y = 13
$lblRunningAs_DATA.Location = $System_Drawing_Point
$lblRunningAs_DATA.DataBindings.DefaultDataSourceUpdateMode = 0
$lblRunningAs_DATA.Name = "lblRunningAs_DATA"

$frmMain.Controls.Add($lblRunningAs_DATA)

$lblRunningAs.TabIndex = 0
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 100
$System_Drawing_Size.Height = 23
$lblRunningAs.Size = $System_Drawing_Size
$lblRunningAs.Text = "Running As:"

$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 13
$System_Drawing_Point.Y = 13
$lblRunningAs.Location = $System_Drawing_Point
$lblRunningAs.DataBindings.DefaultDataSourceUpdateMode = 0
$lblRunningAs.Name = "lblRunningAs"

$frmMain.Controls.Add($lblRunningAs)

#endregion Generated Form Code

#Save the initial state of the form
$InitialFormWindowState = $frmMain.WindowState
#Init the OnLoad event to correct the initial state of the form
$frmMain.add_Load($OnLoadForm_StateCorrection)
#Show the Form
$frmMain.ShowDialog()| Out-Null

} #End Function

#Call the Function
GenerateForm