tag:blogger.com,1999:blog-951505942238940814.post7648275186138586775..comments2022-04-10T06:15:10.316-05:00Comments on A PowerShell Adventure: Powershell, Remote Registry and You! Part 1 (Overview)B.S. (Brandon)http://www.blogger.com/profile/08020942677707423811noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-951505942238940814.post-53073860162349111802008-01-30T14:14:00.000-05:002008-01-30T14:14:00.000-05:00I'm new to scripting and this has been the best in...I'm new to scripting and this has been the best information I have been able to find regarding using PowerShell and Remote Registries. However, I'm having problems coming up with a way to change the ACL for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes and assigning an AD group Full Control. I've been given the task of creating a script to push to over 1500 machines and remove local administrative rights and this is the missing link. I need to have our users Full Control in order for some of our internal applications to function without the users having local administrator rights. Any help would be greatly appreciated as I have been searching for almost a month now and my deadline is quickly approaching. <BR/><BR/>Thanks.Unknownhttps://www.blogger.com/profile/17637962308032614709noreply@blogger.comtag:blogger.com,1999:blog-951505942238940814.post-49644030222853337342007-05-10T14:46:00.000-05:002007-05-10T14:46:00.000-05:00Does anybody know why this script is failing? I'v...Does anybody know why this script is failing? <BR/><BR/>I've tried to extend a script describing how to use PowerShell with the RegistryKey CLR class (inspired by http://mybsinfo.blogspot.com/2007/01/powershell-remote-registry-and-you-part.html, along with Jeffrey Snover's enhancements). I was able to reproduce the effects of that script, which enumerates subkey names and value names on a remote registry. I have tried to use a different method of the [Microsoft.Win32.RegistryKey] class to create a new Subkey. My script is below. Also is the debug output (obtained by first running the set-psdebug commandlet). <BR/><BR/>(Note: For security reasons I have changed the name of the server for this posting ($Srv = "someserver"). You should be able to change that value to a valid server name and reproduce the results. I have confirmed I do have sufficient permissions on this server (I can make this change using RegEdit) and my PoSH is running under the correct security context.)<BR/><BR/>The script<BR/>$Srv = "someserver"<BR/>$key = "SOFTWARE"<BR/>$type = [Microsoft.Win32.RegistryHive]::LocalMachine<BR/>$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($type, $Srv)<BR/>$regKey = $regKey.OpenSubKey($key)<BR/>$key += "\\My Software Test"<BR/>$regKey = $regKey.OpenSubKey($key)<BR/> $regKey.LocalMachine.CreateSubKey($key)<BR/><BR/>The result:<BR/>You cannot call a method on a null-valued expression.<BR/>At line:1 char:34<BR/>+ $regKey.LocalMachine.CreateSubKey( <<<< $key)<BR/><BR/><BR/>The DEBUG output<BR/><BR/>PS C:\> set-psdebug -trace 2<BR/>DEBUG: 1+ set-psdebug -trace 2<BR/>PS C:\> $Srv = "someserver"<BR/>DEBUG: 1+ $Srv = "someserver"<BR/>DEBUG: ! SET $Srv = 'someserver'.<BR/>PS C:\> $key = "SOFTWARE"<BR/>DEBUG: 1+ $key = "SOFTWARE"<BR/>DEBUG: ! SET $key = 'SOFTWARE'.<BR/>PS C:\> $type = [Microsoft.Win32.RegistryHive]::LocalMachine<BR/>DEBUG: 1+ $type = [Microsoft.Win32.RegistryHive]::LocalMachine<BR/>DEBUG: ! SET $type = 'LocalMachine'.<BR/>PS C:\> $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($type, $Srv)<BR/>DEBUG: 1+ $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($type, $Srv)<BR/>DEBUG: ! CALL method 'static Microsoft.Win32.RegistryKey OpenRemoteBaseKey(RegistryHive hKey, String machineName)'<BR/>DEBUG: ! SET $regKey = 'HKEY_LOCAL_MACHINE'.<BR/>PS C:\> $regKey = $regKey.OpenSubKey($key)<BR/>DEBUG: 1+ $regKey = $regKey.OpenSubKey($key)<BR/>DEBUG: ! CALL method 'Microsoft.Win32.RegistryKey OpenSubKey(String name)'<BR/>DEBUG: ! SET $regKey = 'HKEY_LOCAL_MACHINE\SOFTWARE'.<BR/>PS C:\> $key += "\\My Software Test"<BR/>DEBUG: 1+ $key += "\\My Software Test"<BR/>DEBUG: ! SET $key = 'SOFTWARE\\My Software Test'.<BR/>PS C:\> $regKey = $regKey.OpenSubKey($key)<BR/>DEBUG: 1+ $regKey = $regKey.OpenSubKey($key)<BR/>DEBUG: ! CALL method 'Microsoft.Win32.RegistryKey OpenSubKey(String name)'<BR/>DEBUG: ! SET $regKey = ''.<BR/>PS C:\> $regKey.LocalMachine.CreateSubKey($key)<BR/>DEBUG: 1+ $regKey.LocalMachine.CreateSubKey($key)<BR/>DEBUG: 2+ if ($ErrorView -ne "CategoryView") {<BR/>DEBUG: 3+ $myinv = $_.InvocationInfo<BR/>DEBUG: ! SET $myinv = 'System.Management.Automation.InvocationInfo'.<BR/>DEBUG: 4+ switch -regex ($myinv.MyCommand.CommandType)<BR/>DEBUG: 24+ if ($myinv.MyCommand.Name)<BR/>DEBUG: 2+ if ($_.InvocationInfo) {<BR/>DEBUG: 3+ $posmsg = $_.InvocationInfo.PositionMessage<BR/>DEBUG: ! SET $posmsg = '<BR/>At line:1 char:34<BR/>+ $regKey.LocalMachine.CreateSubKey...'.<BR/>DEBUG: 7+ if ($ErrorView -eq "CategoryView") {<BR/>DEBUG: 11+ $_.Exception.Message + $posmsg<BR/>You cannot call a method on a null-valued expression.<BR/>At line:1 char:34<BR/>+ $regKey.LocalMachine.CreateSubKey( <<<< $key)<BR/>PS C:\>rbarbourhttps://www.blogger.com/profile/10000850276322463171noreply@blogger.comtag:blogger.com,1999:blog-951505942238940814.post-58453063887429878372007-01-14T23:48:00.000-05:002007-01-14T23:48:00.000-05:00Thank you for your post. I was able to develop CMD...Thank you for your post. I was able to develop CMDLETS to gather IP of remote machine.PReetamZhttps://www.blogger.com/profile/14324593561554437897noreply@blogger.comtag:blogger.com,1999:blog-951505942238940814.post-61803085676070508462007-01-06T03:30:00.000-05:002007-01-06T03:30:00.000-05:00Nice work,
keep it up
Greetings /\/\o\/\/Nice work,<br /><br />keep it up<br /><br />Greetings /\/\o\/\//\/\o\/\/https://www.blogger.com/profile/03539433998729829679noreply@blogger.comtag:blogger.com,1999:blog-951505942238940814.post-49765086471084428632007-01-06T00:18:00.000-05:002007-01-06T00:18:00.000-05:00Cool stuff.
Have you tried out Here-Strings? I ...Cool stuff. <br /><br />Have you tried out Here-Strings? I think you'll like them. <br /><br />In your example, you do this:<br />Write-Host "Sub Keys"<br />Write-Host "--------"<br />Foreach($sub in $regKey.GetSubKeyNames()){$sub}<br />Write-Host<br />Write-Host "Values"<br />Write-Host "------"<br />Foreach($val in $regKey.GetValueNames()){$val}<br /><br /><br />Try this out and see if you like it (I just love Here-Strings because they make the code so much easier to write and read):<br /><br />@"<br />Sub Keys<br />--------<br />$($regkey.GetSubKeyNames() |out-String)<br /><br />Values<br />------<br />$($regkey.GetValuenames() |out-string)<br />"@<br /><br /><br />Jeffrey Snover [MSFT]<br />Windows PowerShell/MMC Architect<br />Visit the Windows PowerShell Team blog at: http://blogs.msdn.com/PowerShell<br />Visit the Windows PowerShell ScriptCenter at: http://www.microsoft.com/technet/scriptcenter/hubs/msh.mspxAnonymousnoreply@blogger.com