I was tasked with writing a script to find a single registry key on all of the server for a domain that my team manages. So after getting the key that we need to know the value of, I put a script together. The script will first check to see if the server is online, and if it is then the scripts looks at the registry to find the key and records the value. Then generates a report of the keys that were found.
$reportReg = @() $Computers = Get-Content C:\scripts\logs\ServersToFindRegistryKeyOn.txt Foreach ($Computer in $computers){ If(Test-Connection -ComputerName $Computer -Count 1 -ErrorAction 0){ Try{ # This is were the registry key is looked for on the remote server $RegLine = "" | Select ComputerName, RegistryKey $objReg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $Computer) $objRegKey= $objReg.OpenSubKey("SYSTEM\\CurrentControlSet\\Control\\Lsa") $RegLine.ComputerName = $Computer $RegLine.Registrykey = $objRegkey.GetValue("lmcompatibilitylevel") $reportReg += $RegLine } Catch{ Write-Warning "Unable to reach $Computer, adding to bad list to look at later." $Computer | Add-Content C:\scripts\logs\Unreachable.txt Continue } } } $reportReg | Export-Csv C:\scripts\Logs\RegistryValue.csv
The beauty of this script, is that it to took about as much time to find the information on the first server as it did to write this script. So with needing to find this information on 40+ servers, it is well worth writing. The rule of thumb, if you have to do it more than twice, script it.
– Stuart
Hi Stuart,
For some reason this script is stating that it can’t reach systems that are clearly online. I can even connect to the remote registry of the systems via regedit. Any ideas as to why this would be happening?
Hi Joe,
PowerShell connects to remote systems using the Windows Remote Management (WinRM) service. This would need to be configured on the remote systems for this script to function correctly. In my environment we have a GPO that enables this on all of the servers. Here is a TechNet article describing the how and what about WinRM. https://technet.microsoft.com/en-us/magazine/ff700227.aspx. I hope this helps.
-Stuart
You rock, thanks Stuart!
Joe
I just double checked, it would appear WinRM is already turned on and Remote PS is enabled. Any other ideas? This is being run with a domain admin account in PS:Administrator mode.
Joe,
Sorry to hear that you are having so much trouble. You can run a test to verify that WinRM is running on the remote server. Test-WSMan -ComputerName ComputerNameHere is the command. The command syntax can be found at the following link https://technet.microsoft.com/en-us/library/hh849873.aspx. If the WinRM is configured correctly it should return 4 lines of text, and if not there will be an error message as seen in the image below.
-Stuart
It came back with 4 lines.
wsmid : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor : Microsoft Corporation
ProductVersion : OS: 0.0.0 SP: 0.0 Stack: 2.0
Joe,
What registry key are you looking for on the remote server? I’ll update the script on my side to see if I get the same issues.
-Stuart
It is on a remote server. Here’s the key:
System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server
the dword value is Enabled.
It works fine on the system I’m running the script on but the second it checks any other $Computers (Server2008/2012) it’s unable to reach them.
Here is the script, updated with the registry key that you are looking for:
Results of the script:
Any Idea how to add multiple registry TLS key for checking if its Enabled in the System.Tested the script however the registry key didnt return.
Thank you.
KS,
I would be happy to assist. Would you provide the registry keys you are looking for, and I’ll assist with the script.
– stuart
The script uses Test-Connection so ICMP will need to be enabled on the server firewall.
It is really helpful for me.Thanks