Solved

Add a value to a multi_sz key with powershell

Posted on 2011-09-06
11
3,859 Views
Last Modified: 2012-05-12
Hi everyone,

I'm trying to make a powershell script which adds a value to a multi_sz key in the registry but I can't get it to work correctly.

Here's the code:
$windowsversion = (Get-Item "HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion").GetValue("ProductName")
$value1 = "Security Packages"
$value2 = "SecurityProviders"
$NLAPath = "HKLM:\SYSTEM\CurrentControlSet\Control"

if ($windowsversion -like "Windows XP*") {
$SecurityPackagesNoNLA1 = (Get-ItemProperty $NLAPath\Lsa $value1).$value1
Set-ItemProperty $NLAPath\Lsa $value ($SecurityPackagesNoNLA1,"tspkg")
$SecurityPackagesNoNLA2 = (Get-ItemProperty $NLAPath\SecurityProviders $value2).$value2
Set-ItemProperty $NLAPath\SecurityProviders $value2 ($SecurityPackagesNoNLA2,"credssp.dll")
}

Open in new window


Problem is that $SecurityPackagesNoNLA1 is an array but when I do "Set-ItemProperty" it get's converted to a string, which is no good.

Would be great if someone could help me out here. :)

Cheers
0
Comment
Question by:HPatzen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 3
11 Comments
 
LVL 35

Expert Comment

by:YZlat
ID: 36496388
you gotta specify MultiString type
0
 
LVL 35

Expert Comment

by:YZlat
ID: 36496409
Set-ItemProperty $NLAPath\Lsa -value $SecurityPackagesNoNLA1\ -propertyType multistring
0
 
LVL 35

Expert Comment

by:YZlat
ID: 36496439
or try

New-ItemProperty $NLAPath\Lsa -value $SecurityPackagesNoNLA1\ -propertyType multistring

if the property does not already exist
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:HPatzen
ID: 36496730
Thank you for your answer, but that isn't actually what i want.

What I want is to write the array into the registry (Multi_SZ property) as an array and not a string.

Btw. for "Set-ItemProperty" there's no parameter -propertyType just -Type but that didn't help.

Kind regards
0
 
LVL 35

Expert Comment

by:YZlat
ID: 36497722
MultiString will create an array entry in the registry

Example:

Set-itemProperty $NLAPath\Lsa   -value "value1", "value2", "value3" -type MultiString
0
 
LVL 35

Expert Comment

by:YZlat
ID: 36497984
this worked for me, just try it:

 
Set-itemProperty "Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" -name "tspkg" -value "value1", "value2", "value3" -type MultiString

Open in new window

0
 
LVL 1

Author Comment

by:HPatzen
ID: 36500930
Thank you.

My problem is not that it doesn't work.

If you look at the code:
$SecurityPackagesNoNLA1 = (Get-ItemProperty $NLAPath\Lsa $value1).$value1
Set-ItemProperty $NLAPath\Lsa $value ($SecurityPackagesNoNLA1,"tspkg")

Open in new window


The first line get's the current values of that property and saves it into $SecurityPackagesNoNLA1 as an array.
The second lines writes the value back and add's "tspkg". But $SecurityPackagesNoNLA1 gets written back as a string and not an array.

So in the end I have the value written as:
$SecurityPackagesNoNLA1
tspkg

and not as:
$SecurityPackagesNoNLA1[0]
$SecurityPackagesNoNLA1[1]
$SecurityPackagesNoNLA1[2]
$SecurityPackagesNoNLA1[3]
$SecurityPackagesNoNLA1[4]
$SecurityPackagesNoNLA1[n]
tspkg

Hope this clears this up.
0
 
LVL 35

Expert Comment

by:YZlat
ID: 36510000
But that's how an array is stored in the registry

tspkg    REG_MULTI_SZ "val1" "val2" "val3"
0
 
LVL 35

Expert Comment

by:YZlat
ID: 36510017

Wait, so tspkg is a value you want to ADD to your array?

I thought of tspkg as a name for the registry key you want to add
0
 
LVL 35

Accepted Solution

by:
YZlat earned 500 total points
ID: 36510038
if that's the case, try

 
$SecurityPackagesNoNLA1 = (Get-ItemProperty $NLAPath\Lsa $value1).$value1
$SecurityPackagesNoNLA1= $SecurityPackagesNoNLA1 + "tspkg"

Set-itemProperty "Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" -name "Lsa" -value $SecurityPackagesNoNLA1 -type MultiString

Open in new window

0
 
LVL 1

Author Comment

by:HPatzen
ID: 36510347
Thank you ! That's exactly what I needed! :)

Here's the full working code:
$windowsversion = (Get-Item "HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion").GetValue("ProductName")
$SecPack = "Security Packages"
$SecProv = "SecurityProviders"
$NLAPath = "HKLM:\SYSTEM\CurrentControlSet\Control"

if ($windowsversion -like "Windows XP*") {
    $SecPackNoNLA = (Get-ItemProperty $NLAPath\Lsa $SecPack).$SecPack
    $SecPackNoNLA = $SecPackNoNLA + "tspkg"
    Set-itemProperty $NLAPath\Lsa $SecPack -value $SecPackNoNLA -type MultiString
    
    $SecProvNotExist = Get-ItemProperty $NLAPath\SecurityProviders
    if ($SecProvNotExist) {
        $SecProvNoNLA = (Get-ItemProperty $NLAPath\SecurityProviders $SecProv).$SecProv
    } else {
        $SecProvNoNLA = $NULL
    }
            
    if (!$SecProvNoNLA) {
        Set-ItemProperty $NLAPath\SecurityProviders $SecProv ("credssp.dll")
    } else {
        Set-ItemProperty $NLAPath\SecurityProviders $SecProv ("$SecProvNoNLA,credssp.dll")
    }
}

Open in new window


If you're wondering what I use this code for here's the link: http://support.microsoft.com/kb/951608
I just put this into my logonscript and NLA is activated on all the XP machines. You just need to set the "ExecutionPolicy" to "RemoteSigned" with a reg import and your good to go.

Anyway thank you very much YZlat!

Maybe you could repost the code so I can give you full points for the solution? (Had to tweak the last line a little bit.)

Cheers


0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question