Finding remote registry entries with Remoting disabled…
I had run into a situation where I quickly needed to check registry entries for various machines, but PowerShell remoting had not properly been enabled for all of the machines [and was not allowed to be set up on short notice].
Since I needed to quickly obtain the information for various keys, I turned to Google for advice.
Local and Remote
Firstly I’ll define the registry keys I’d like to have information about:
|
|
So normally you can get the Local information using the following code:
|
|
If you want to obtain the information Remotely, try the following:
|
|
As you can see, I can’t just use the variables provided locally, but since I’m running an up-to-date version of PowerShell [v3+], I can using the Using scope modifier, as described here.
I’ve also quickly created a PSCustomObject to contain all the information I require, so I can output this in a clean way.
But what if Remoting is not enabled?
Have no fear, you can still use PowerShell to access the data you want, just through an alternative means.
In this situation, PowerShell can use the power of .NET to still get what it wants! Do note that this does require the Remote Registry Service to be running on the machine.
Firstly, because of the way registry keys are interpreted through the .NET class, this means splitting up our $RegKey1 and $RegKey2 value into a $Hive [since both are in HKLM] and $Key values:
|
|
Using the Microsoft.Win32.RegistryKey class provided by .NET, you can open up a remote connection to a specific hive [LocalMachine, Users] on a remote machine [you can see this method and other methods available to perform various tasks here].
|
|
Once you’ve defined the remote registry connection, you can start getting the information you require using the OpenSubKey and GetValue methods.
|
|
What does this look like as a final result:
|
|
Hopefuly this can help you in a situation where you just NEED to view remote registry entries, but PowerShell Remoting isn’t [fully] configured.
Happy scripting! 🙂