Finding remote registry entries with Remoting disabled…

I had run into a situation where I quickly needed to check registry entries for various machines, but PowerShell remoting had not properly been enabled for all of the machines [and was not allowed to be set up on short notice].

Since I needed to quickly obtain the information for various keys, I turned to Google for advice.

Local and Remote

Firstly I’ll define the registry keys I’d like to have information about:

So normally you can get the Local information using the following code:

If you want to obtain the information Remotely, try the following:

As you can see, I can’t just use the variables provided locally, but since I’m running an up-to-date version of PowerShell [v3+], I can using the Using scope modifier, as described here.

I’ve also quickly created a PSCustomObject to contain all the information I require, so I can output this in a clean way.

But what if Remoting is not enabled?

Have no fear, you can still use PowerShell to access the data you want, just through an alternative means.

In this situation, PowerShell can use the power of .NET to still get what it wants!
Do note that this does require the Remote Registry Service to be running on the machine.

Firstly, because of the way registry keys are interpreted through the .NET class, this means splitting up our $RegKey1 and $RegKey2 value into a $Hive [since both are in HKLM] and $Key values:

Using the Microsoft.Win32.RegistryKey class provided by .NET, you can open up a remote connection to a specific hive [LocalMachine, Users] on a remote machine  [you can see this method and other methods available to perform various tasks here].

Once you’ve defined the remote registry connection, you can start getting the information you require using the OpenSubKey and GetValue methods.

What does this look like as a final result:

Hopefuly this can help you in a situation where you just NEED to view remote registry entries, but PowerShell Remoting isn’t [fully] configured.

Happy scripting! 🙂

 

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Script Dumpster: Find duplicate entries over multiple reports

Another day at the office..

Thanks to our friends who wrote the NotPetya worm, I received an email from our monitoring vendor to run reports to see if our machines are up-to-date on their patching.

Unfortunately their reporting tool doesn’t properly distinguish between Windows Server 2008 and Windows 2008 R2, as well as Windows 2012 and Windows 2012 R2.

Long story short,  I had to create 4 separate reports, telling me if I had or had not installed the proper KB item on each machine.

Because of this flaw I also had to join the reports and check the “Highlight Duplicates” option in Excel to see whether or not servers had their respective Hotfix installed (if the server had a duplicate entry, it meant that it didn’t have either the standard or R2 patch installed, meaning vulnerable).

Each report also came with a 3 row header with random junk that needed to be removed, so a simple Ctrl + A , Ctrl + C, Ctrl + V wouldn’t suffice.

PowerShell to the rescue!

I looked at the email from the vendor and went “Hell no, I’m not going to do that…” and opened up PowerShell ISE.

Having dumped the reports in the folder c:\Temp\NotPetya , I came up with the following script:

While the coding took a little bit longer, the execution was swift and perfect.

Geeks and Automation

 

Happy scripting! 🙂

Facebooktwittergoogle_plusredditpinterestlinkedinmail

New assignment, new challenges!

New year, new chances!

First of all, I’d like to wish everyone visiting my page a happy 2017 🙂

I hope everyone had a blast and is eager to learn some more in the new year.

As for myself, just before the year had ended, so did my previous assignment.
Luckily a new assignment was already in the works and I literally went to job A on Tuesday and job B on Wednesday.
This means new workplace, new technologies, new people etc.

Since I’m used to various different customers and technologies, the biggest thing was trying to figure out what they used, how they use it and then try and figure out which part of the technology I don’t know yet and get familiar with it.

What does this mean?

To my great surprise I had arrived at my new assignment to find out that this environment is one of the most up-to-date and neatest environments I’ve worked on so far!

Besides that, I saw various PowerShell scripts being used and technologies I haven’t played with or didn’t have the time to properly play with through PowerShell.
After being here for about 3 weeks now, I’ve come to learn that not all scripts seem to work properly, or should perhaps do more.
Another thing is that there are various technologies used where they didn’t even know how to use through PowerShell, so there’s a lot of fun times up ahead!

Some of the technologies I’ve already been playing around with are:

  • VMware ESX 6+
  • Citrix XenDesktop
  • Microsoft MDT
  • Exchange/Office 365 hybrid solution
  • Microsoft Azure

Of course besides the usual suspects like AD and general Windows functionality.

Now what?

Well, as you might’ve already noticed I’ve posted 2 MDT scripts recently to help me automate processes I have run into.

I’ve also been asked by various people already if I can assist them with scripting solutions, either helping them with their personal code or creating a solution from scratch.  Perhaps I’ll even see if I can provide a small training on basics of PowerShell and tips & tricks.

All in all, I’m quite happy with where I am right now and I hope to be able to script more on a daily base and provide blog updates of my results along the way!

 

For now, happy scripting all! 🙂

 

Facebooktwittergoogle_plusredditpinterestlinkedinmail