Get registry value; forest DCs

jeff-taylor · November 13, 2020, 9:39am

Having trouble getting this to run.

$DCs = [DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest() |
    Select-Object -ExpandProperty Sites |
        Select-Object -ExpandProperty Servers |
            Select-Object -ExpandProperty Name

foreach( $dc in $DCs ) {(Invoke-Command -ComputerName $dc {(Get-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Kdc -Name "PerformTicketSignature")}}

…as I can’t find out how to resolve the missing ‘)’

krzydoug · November 13, 2020, 10:50am

Why do you think it’s missing? I think you have an extra one that’s not needed. Properly format/indent and it would be easier to see where an extra/missing one is.

foreach( $dc in $DCs ){
    Invoke-Command -ComputerName $dc -ScriptBlock {
        (Get-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Kdc -Name "PerformTicketSignature")
    }
}

The parenthesis around your command is also unnecessary.

foreach( $dc in $DCs ){
    Invoke-Command -ComputerName $dc -ScriptBlock {
        Get-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Kdc -Name "PerformTicketSignature"
    }
}

jeff-taylor · November 16, 2020, 6:57am

Thank you Doug, it runs now.

I added some leaner output:

foreach( $dc in $DCs ) {
    Invoke-Command -ComputerName $dc {
        Get-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Kdc -Name "PerformTicketSignature" |
           Sort-Object -Property PSComputerName -Descending |  select PSCOMPUTERNAME,PerformTicketSignature |
                Export-Csv -Path C:\Temp\RegistryValue.csv -NoTypeInformation

    }
}

…but

I get a “RunspaceID” column that’s not particular useful. Any way to trim that?
Anyway to sort by Domain? As it is, it’s rather random looking…domains’ DCs mixed around each other (yet the first part of the name is not alphabetical either)
How do I capture in a csv, the output sorted on? I thought I would have at least the output (mangled as it was) in the requested csv.

ralphmwr · November 16, 2020, 7:37am

RunspaceID and PSComputerName properties are automatic when running Invoke-Command. There is a -HideComputerName switch which will get rid of the PSComputerName but not one just for RunspaceID. The best way to “select” the properties you want is to pipe the output to Select-Object and put the properties you want to see in the -Property parameter. Or you can use the -excludeProperty parameter for properties you want to exclude.

Get-Help Select-Object

Get-Help Invoke-Command

Pipe output to Sort-Object and pass the properties you want to sort on to the Property parameter

Get-Help Sort-Object

Pipe output to Export-CSV

Get-Help Export-CSV

jeff-taylor · November 16, 2020, 8:34am

I believe I’ve done already in the code I posted what you’ve suggested (separately, but you don’t really indicate what order might be tripping up the efficacy of the “sort” I’m looking for, in particular).

Your suggestions (with two separate examples of “Pipe Output to”) are in my code. The help files only account one of those situations (per cmdlet). I’m trying to get both to work together.

And even so, when I try your suggestions by changing up the names of the various Property’s, PS balks that “a positional parameter cannot be found that accepts argument” for all of the property’s I tried (and am I’m only interested in "PCCOmputerName and/or “PerformTicketSignature”

I’ll keep playing with it but thank you for the second set of eyes.

ralphmwr · November 16, 2020, 8:42am

Your pipes are inside the script block of the Invoke-Command cmdlet. That means they are running on the remote machine, not yours. Try it this way:

Invoke-Command -ComputerName $DCs {
    Get-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Kdc -Name "PerformTicketSignature" 
} | Sort-Object -Property PSComputerName -Descending |  
        Select-Object PSCOMPUTERNAME,PerformTicketSignature |
                Export-Csv -Path C:\Temp\RegistryValue.csv -NoTypeInformation

The foreach loop is unnecessary because Invoke-Command will take an array of strings in the ComputerName parameter.

jeff-taylor · November 16, 2020, 9:48am

Thanks Mike. Those two suggestions fixed both my sorting problem and formatting. Finished code:

$DCs = [DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest() |
    Select-Object -ExpandProperty Sites |
        Select-Object -ExpandProperty Servers |
            Select-Object -ExpandProperty Name


    Invoke-Command -ComputerName $DCs {
        Get-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Kdc -Name "PerformTicketSignature" } |
           Sort-Object -Property PSComputerName |  select PSCOMPUTERNAME,PerformTicketSignature  |
                Export-Csv -Path C:\Temp\RegistryValue.csv -NoTypeInformation

Your comment about “foreach unnecessary…because Invoke-Command will take an array of strings in the ComputerName parameter.” is because this portion of the Help file, correct?

Invoke-Command [[-ComputerName] <String[]>]

ralphmwr · November 16, 2020, 11:14am

Yep. If the documentation puts after the argument type that means it will accept an array of that type. Glad you got it working.

Topic		Replies	Views
My calculated Properties PowerShell Help	2	298	May 16, 2024
Get-ItemProperty of reg value in all DCs all Domains PowerShell Help	6	202	May 16, 2024
Run wmic across forest DC's > dump to csv PowerShell Help	5	199	May 16, 2024
Trying to get reg value PowerShell Help	5	184	May 16, 2024
Export-CSV forEach psitem? PowerShell Help	7	167	May 16, 2024

Get registry value; forest DCs

Related topics