Powershell Microsoft.win32.registrykey Openremotebasekey Credentials

As an IT pro I frequently need to read and write to registry keys on remote computers, either ad-hoc or via script. Sure I could use Regedit, or RDP to the server in question, but that involves a lot of clicking, and to be honest, moving my right hand to my mouse seems like such hard work 🙂

Powershell Openbasekey
Registrykey
Registrykey Class
Openremotebasekey Powershell

I though I’d show you a number of ways of doing this, as well as their limitations, as well as my personal favourite.

Option 1 – Get-ItemProperty

The Powershell cmdlet Get-ItemProperty can be used in conjunction with Invoke-Command to execute a command on a remote computer.

Powershell Microsoft.win32.registrykey Openremotebasekey Credentials Rating: 4,4/5 641 reviews I'm trying to write an application that will get some registry values from a remote computer. The user can provide a hostname or IP in a string and should be getting a registry value displayed on their screen. PowerShell connects to remote systems using the Windows Remote Management (WinRM) service. This would need to be configured on the remote systems for this script to function correctly. In my environment we have a GPO that enables this on all of the servers. Openremotebasekey Credentials I'm trying to write an application that will get some registry values from a remote computer. The user can provide a hostname or IP in a string and should be getting a registry value displayed on their screen.

</div><img src='https://i2.wp.com/www.jaapbrasser.com/wp-content/uploads/2015/06/Compress.png' alt='Registrykey' title='Registrykey' /><h2 id='powershell-openbasekey'>Powershell Openbasekey</h2><table><tbody><tr><td><div>2</div></td><td><div><span>Invoke-Command</span><span>-scriptblock</span><span>{</span><span>Get-ItemProperty</span><span>-Path</span><span>'HKLM:SoftwareMicrosoftWindows NTCurrentVersion</span></div></td></tr></tbody></table><p>The nice thing about this command is you can also specify alternate credentials. However, it does require that <em><strong>WsMan</strong></em>is correctly configured for powershell remoting to work. Which, 9 times out of 10 in most environments it is not.</p><h3>Option 2 – The Microsoft.Win32.RegistryKey Class</h3><p>The <code>Microsoft.Win32.RegistryKey c</code>lass is another way of accessing registry settings remotely. An example using this method is as follows:</p><div><textarea wrap='soft' readonly='>$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', 'Server01') $subkey = $reg.OpenSubKey('SOFTWAREMicrosoftWindows NTCurrentVersion') $subkey.GetValue('ProductName')

2	$reg=[Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine','Server01') $subkey=$reg.OpenSubKey('SOFTWAREMicrosoftWindows NTCurrentVersion')

This is more likely to work as it is not reliant on WsMan being configured. However, it does require the RemoteRegistryservice to be running on the target computer. Which, by default is not. Also, there is no way to specify alternatecredentials, which can present a few problems depending on the computer you are talking to. e.g. non domain-joined machines mounted on the back of a 42″ LED TV mounted 5 meters off the floor… Quite a specific example there.

Option 3 (preferred) – WMI

My final and preferred option is using WMI. They beautiful thing about this method is WMI is typically available (I’m my experience) in most environments, also it accepts alternative credentials and is not reliant on the RemoteRegistry service.

Registrykey

</div><table><tbody><tr><td><div><div>2</div><div>4</div><div>6</div></div></td><td><div><div><span>$</span><span>reg</span><span>=</span><span>Get</span><span>-</span><span>WmiObject</span><span>-</span><span>List</span><span>-</span><span>Namespace</span><span>root</span><span></span><span>default</span><span>-</span><span>ComputerName </span><span>RemotePC</span><span>-</span><span>Credential</span><span>'Alt Credentials'</span><span>|</span><span>Where</span><span>-</span><span>Object</span><span>{</span><span>$</span><span>_</span><span>.</span><span>Name</span><span>-</span><span>eq</span><span>'StdRegProv'</span><span>}</span></div><div><span>#Get a Value</span></div><div><span>$</span><span>reg</span><span>.</span><span>GetStringValue</span><span>(</span><span>$</span><span>HKLM</span><span>,</span><span>'SOFTWAREMicrosoftWindows NTCurrentVersion'</span><span>,</span><span>'ProductName'</span><span>)</span><span>.</span><span>sValue</span></div></div></td></tr></tbody></table><p>You will be prompted for alternate credentials when running this script, if you wish these can be hardcoded, although I strongly discourage saving passwords as plain text.</p><div><textarea wrap='soft' readonly='>$user = 'Username' $pass = ConvertTo-SecureString 'Password' -AsPlainText -Force $cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $user,$pass

2	$pass=ConvertTo-SecureString'Password'-AsPlainText-Force $cred=New-Object-TypeName System.Management.Automation.PSCredential-ArgumentList$user,$pass

You can view all the required methods of the StdRegProv WMI class on MSDN here: https://msdn.microsoft.com/en-us/library/aa393664(v=vs.85).aspx

Registrykey Class

The only downside to this option was it took me a while to stumble across it!

Openremotebasekey Powershell

I hope this is of use , thanks for taking the time to read my blog!

Docshunter546