Solved

Add a value to a multi_sz key with powershell

Posted on 2011-09-06
11
3,271 Views
Last Modified: 2012-05-12
Hi everyone,

I'm trying to make a powershell script which adds a value to a multi_sz key in the registry but I can't get it to work correctly.

Here's the code:
$windowsversion = (Get-Item "HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion").GetValue("ProductName")
$value1 = "Security Packages"
$value2 = "SecurityProviders"
$NLAPath = "HKLM:\SYSTEM\CurrentControlSet\Control"

if ($windowsversion -like "Windows XP*") {
$SecurityPackagesNoNLA1 = (Get-ItemProperty $NLAPath\Lsa $value1).$value1
Set-ItemProperty $NLAPath\Lsa $value ($SecurityPackagesNoNLA1,"tspkg")
$SecurityPackagesNoNLA2 = (Get-ItemProperty $NLAPath\SecurityProviders $value2).$value2
Set-ItemProperty $NLAPath\SecurityProviders $value2 ($SecurityPackagesNoNLA2,"credssp.dll")
}

Open in new window


Problem is that $SecurityPackagesNoNLA1 is an array but when I do "Set-ItemProperty" it get's converted to a string, which is no good.

Would be great if someone could help me out here. :)

Cheers
0
Comment
Question by:HPatzen
  • 8
  • 3
11 Comments
 
LVL 35

Expert Comment

by:YZlat
ID: 36496388
you gotta specify MultiString type
0
 
LVL 35

Expert Comment

by:YZlat
ID: 36496409
Set-ItemProperty $NLAPath\Lsa -value $SecurityPackagesNoNLA1\ -propertyType multistring
0
 
LVL 35

Expert Comment

by:YZlat
ID: 36496439
or try

New-ItemProperty $NLAPath\Lsa -value $SecurityPackagesNoNLA1\ -propertyType multistring

if the property does not already exist
0
 
LVL 1

Author Comment

by:HPatzen
ID: 36496730
Thank you for your answer, but that isn't actually what i want.

What I want is to write the array into the registry (Multi_SZ property) as an array and not a string.

Btw. for "Set-ItemProperty" there's no parameter -propertyType just -Type but that didn't help.

Kind regards
0
 
LVL 35

Expert Comment

by:YZlat
ID: 36497722
MultiString will create an array entry in the registry

Example:

Set-itemProperty $NLAPath\Lsa   -value "value1", "value2", "value3" -type MultiString
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 35

Expert Comment

by:YZlat
ID: 36497984
this worked for me, just try it:

 
Set-itemProperty "Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" -name "tspkg" -value "value1", "value2", "value3" -type MultiString

Open in new window

0
 
LVL 1

Author Comment

by:HPatzen
ID: 36500930
Thank you.

My problem is not that it doesn't work.

If you look at the code:
$SecurityPackagesNoNLA1 = (Get-ItemProperty $NLAPath\Lsa $value1).$value1
Set-ItemProperty $NLAPath\Lsa $value ($SecurityPackagesNoNLA1,"tspkg")

Open in new window


The first line get's the current values of that property and saves it into $SecurityPackagesNoNLA1 as an array.
The second lines writes the value back and add's "tspkg". But $SecurityPackagesNoNLA1 gets written back as a string and not an array.

So in the end I have the value written as:
$SecurityPackagesNoNLA1
tspkg

and not as:
$SecurityPackagesNoNLA1[0]
$SecurityPackagesNoNLA1[1]
$SecurityPackagesNoNLA1[2]
$SecurityPackagesNoNLA1[3]
$SecurityPackagesNoNLA1[4]
$SecurityPackagesNoNLA1[n]
tspkg

Hope this clears this up.
0
 
LVL 35

Expert Comment

by:YZlat
ID: 36510000
But that's how an array is stored in the registry

tspkg    REG_MULTI_SZ "val1" "val2" "val3"
0
 
LVL 35

Expert Comment

by:YZlat
ID: 36510017

Wait, so tspkg is a value you want to ADD to your array?

I thought of tspkg as a name for the registry key you want to add
0
 
LVL 35

Accepted Solution

by:
YZlat earned 500 total points
ID: 36510038
if that's the case, try

 
$SecurityPackagesNoNLA1 = (Get-ItemProperty $NLAPath\Lsa $value1).$value1
$SecurityPackagesNoNLA1= $SecurityPackagesNoNLA1 + "tspkg"

Set-itemProperty "Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" -name "Lsa" -value $SecurityPackagesNoNLA1 -type MultiString

Open in new window

0
 
LVL 1

Author Comment

by:HPatzen
ID: 36510347
Thank you ! That's exactly what I needed! :)

Here's the full working code:
$windowsversion = (Get-Item "HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion").GetValue("ProductName")
$SecPack = "Security Packages"
$SecProv = "SecurityProviders"
$NLAPath = "HKLM:\SYSTEM\CurrentControlSet\Control"

if ($windowsversion -like "Windows XP*") {
    $SecPackNoNLA = (Get-ItemProperty $NLAPath\Lsa $SecPack).$SecPack
    $SecPackNoNLA = $SecPackNoNLA + "tspkg"
    Set-itemProperty $NLAPath\Lsa $SecPack -value $SecPackNoNLA -type MultiString
    
    $SecProvNotExist = Get-ItemProperty $NLAPath\SecurityProviders
    if ($SecProvNotExist) {
        $SecProvNoNLA = (Get-ItemProperty $NLAPath\SecurityProviders $SecProv).$SecProv
    } else {
        $SecProvNoNLA = $NULL
    }
            
    if (!$SecProvNoNLA) {
        Set-ItemProperty $NLAPath\SecurityProviders $SecProv ("credssp.dll")
    } else {
        Set-ItemProperty $NLAPath\SecurityProviders $SecProv ("$SecProvNoNLA,credssp.dll")
    }
}

Open in new window


If you're wondering what I use this code for here's the link: http://support.microsoft.com/kb/951608
I just put this into my logonscript and NLA is activated on all the XP machines. You just need to set the "ExecutionPolicy" to "RemoteSigned" with a reg import and your good to go.

Anyway thank you very much YZlat!

Maybe you could repost the code so I can give you full points for the solution? (Had to tweak the last line a little bit.)

Cheers


0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

This script checks a path to see if a folder exists. If the folder does exist you will get output "The folder has previously been created. No action taken" If not it will create the folder. Then adds one user modify permission to the folder. It …
Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
Learn the basics of modules and packages in Python. Every Python file is a module, ending in the suffix: .py: Modules are a collection of functions and variables.: Packages are a collection of modules.: Module functions and variables are accessed us…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now