Solved

Pulling trusted sites from users Registry

Posted on 2014-02-28
4
203 Views
Last Modified: 2015-01-14
Hello all

I need to pull the trusted sites from each users registry setting and wanted to know if anyone had or knew of a script or tool that could retrieve this information?

Ill be pulling it remotely so I need to pull it from the key below. As the key contains a unique identifier I cant see a way of automating this with a batch file or power shell command.

HKEY_USERS\S-1-5-21-1212121212-11111111-1111111111-354536\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains

Otherwise its drilling down manually through every users reg setting :(

Thanks in advance!
0
Comment
Question by:FreeSpiritF1
  • 2
  • 2
4 Comments
 
LVL 27

Accepted Solution

by:
serialband earned 250 total points
ID: 39896206
Is this what you're looking for?

reg export HKEY_USERS\S-1-5-21-1212121212-11111111-1111111111-354536\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains REG_KEY_FILE.reg

Open in new window

http://technet.microsoft.com/en-us/library/cc732643.aspx

Maybe you want to find the unique SID of each user to use in the script?
https://stackoverflow.com/questions/2919286/getting-the-username-from-the-hkey-users-values
0
 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 250 total points
ID: 39901545
Simply deploy this line to your domain logon script. It uses HKCU, no identifier (SID) needed!
reg export HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains REG_KEY_FILE.reg
0
 
LVL 27

Assisted Solution

by:serialband
serialband earned 250 total points
ID: 39901884
HKCU is just the Current logged in user, and that's fine if that's the only user on the system that you wish to look up.  If you're looking up other users, you'd have to load up each users SID.
0
 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 250 total points
ID: 39902434
Yup. And that would be simple using a simple for-loop using a startscript:
echo results for %computername% >\\server\share\zonetest\%computername%.txt
for /f %%a in ('reg query hku') do reg query "%%a\software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" >>\\server\share\zonetest\%computername%.txt

Open in new window


If no startscript should be used, the syntax will get more complicated in order to hit any machine. But of course reg query can run against remote machines:
reg query \\remotepc1\hku

would work.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Introduction: I have always been a big fan of Windows but my liking towards it is slowly being eroded by the variety of other Applications that I encounter, when I browse the Web. Most of the software available is free and maybe Open Source too. …
This is a little timesaver I have been using for setting up Microsoft Small Business Server (SBS) in the simplest possible way. It may not be appropriate for every customer. However, when you get a situation where the person who owns the server is i…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now