Solved

Powershell check registry entry

Posted on 2014-02-17
11
2,088 Views
Last Modified: 2014-02-20
Hi guys, im looking to check a registry entry and say true against a the following key below and false against against those that dont. I have the following code below which i think is almost there. Any ideas how i can proceed.

thanks

$servers =Get-Content "C:\Users\Downloads\exchange.txt"

foreach ( $servers1 in $servers ) {
"
$servers1
"

 if Get-ItemProperty -Path hklm:SYSTEM\CurrentControlSet\services\DNS\Parameters]"EnableGlobalQueryBlockList"=dword:00000000"GlobalQueryBlockList"=""

{

}
0
Comment
Question by:cwstad2
  • 5
  • 5
11 Comments
 
LVL 69

Expert Comment

by:Qlemo
ID: 39865756
That code is so buggy that I cannot get your goal here. I assume you want to remote check for registry entries in the DNS parameter set, and if both parameters are set, it is "true", else "false"?

If I'm correct: You cant check remote registry that simple. How to proceed on what you want to do - set some reg keys, log something, or ... ? Because if you want to execute something on that server, Remoting might be the better approach (i.e. running PowerShell tasks on another machine).
0
 
LVL 15

Author Comment

by:cwstad2
ID: 39865800
HI Qlemo, thats right, i realised i needed help at this point. What im looking to do is check the remote registry's from the server list in the text file. Is it easier to set the value on the server itself. I take it i will have to remote on to each server. Thanks
0
 
LVL 29

Expert Comment

by:becraig
ID: 39865820
Qlemo is perfectly correct here.

Several points.
1. In order to use PowerShell your best bet would be to leverage invoke-commad
2. You can probably use reg query to do this and parse the response with an if statement (problem here might be the ability to query some 64 bit registry entries)

Short answer:
$output = @()
$servers =Get-Content "C:\Users\Downloads\exchange.txt"
foreach ($server in $servers)
{
#You can validate what you need below
$regvalue = reg query \$server\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\dns\  /v keyyouneed
#Then use an if statement to validate the content of the query 
if ($regvalue -like "*your value*")
{$output +=  "Key found on $server"}
else {$output += "Key not found on $server}
}
$output | Select * | Export-Csv c:\reg-result.csv -NoTypeInformation

Open in new window

0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 69

Expert Comment

by:Qlemo
ID: 39865824
That's my point. You should use something like:
invoke-command -Computer (Get-Content "C:\Users\Downloads\exchange.txt") -ScriptBlock {
  if ((Get-ItemProperty HKLM:SYSTEM\CurrentControlSet\services\DNS\Parameters EnableGlobalQueryBlockList) -eq 0)
  {
    Set-ItemProperty HKLM:SYSTEM\CurrentControlSet\services\DNS\Parameters GlobalQueryBlockList ""
  }
}

Open in new window

and that's it.
0
 
LVL 15

Author Comment

by:cwstad2
ID: 39866795
Hi guys, i ran Qlemos script and got the following. By reading the script is it checking if the "Get-ItemProperty HKLM:SYSTEM\CurrentControlSet\services\DNS\Parameters EnableGlobalQueryBlockList" and if not will it add it? Also what has happened to the "=dword:00000000"GlobalQueryBlockList"=""


thanks

Cannot find path 'HKLM:\SYSTEM\CurrentControlSet\services\DNS\Parameters' because it does not exist.
    + CategoryInfo          : ObjectNotFound: (HKLM:\SYSTEM\Cu...\DNS\Parameters:String) [Get-ItemProperty], ItemNotFoundException
    + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetItemPropertyCommand
    + PSComputerName        : Server
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 39866815
Since your syntax is totally off, I cannot tell what you want to check for exactly. Could you make that clear? Else I'm not able to provide a solution.

Regarding the path, the error message appears if there is no such registry path ( ...\DNS\Parameters ).
There will be nothing created, only set.
0
 
LVL 15

Author Comment

by:cwstad2
ID: 39866827
Hi Qlemo, sorry for being vague. To start from the beginning i have a .reg file with entries in, for example the one below is what id like to check is present via powershell. Also id like to set that key if it isnt, The purpose of this is to run the script on many DC's over a low bandwidth connection. Does that make sense? ta



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DNS\Parameters]
"EnableGlobalQueryBlockList"=dword:00000000
"GlobalQueryBlockList"=""
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 39867633
Makes sense that way. But checking is unnecessary, it will not help reducing bandwidth usage or such, so we can "brute force" just change the settings.
invoke-command -Computer (Get-Content "C:\Users\Downloads\exchange.txt") -ScriptBlock {
    Set-ItemProperty HKLM:SYSTEM\CurrentControlSet\services\DNS\Parameters EnableGlobalQueryBlockList 0 -ea SilentlyContinue
    Set-ItemProperty HKLM:SYSTEM\CurrentControlSet\services\DNS\Parameters GlobalQueryBlockList "" -ea SilentlyContinue
}

Open in new window

There might be much more involved if you don't have a domain trust, because it gets more complicated if you have to provide credentials to connect to the remote machines.
0
 
LVL 15

Author Comment

by:cwstad2
ID: 39871373
Thanks Qlemo, what about the "=dword:00000000?
0
 
LVL 69

Accepted Solution

by:
Qlemo earned 500 total points
ID: 39871615
It's there. You just need to take a closer look ...
0
 
LVL 15

Author Comment

by:cwstad2
ID: 39874403
much appreciated
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
A quick Powershell script I wrote to find old program installations and check versions of a specific file across the network.
Learn the basics of modules and packages in Python. Every Python file is a module, ending in the suffix: .py: Modules are a collection of functions and variables.: Packages are a collection of modules.: Module functions and variables are accessed us…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question