How do I select a different PC when using HKEY_USERS?

I have this code snippet:

$string = (Get-ChildItem Registry::\HKEY_Users |                                                           
	Where-Object { $_.PSChildName -NotMatch ".DEFAULT|S-1-5-18|S-1-5-19|S-1-5-20|_Classes" } |
	Select-Object -ExpandProperty PSChildName |
	ForEach-Object { Get-ChildItem Registry::\HKEY_Users\$_\Printers\Connections -Recurse | Select-Object -ExpandProperty Name })

I was wondering if there’s a way to specify which network pc it has to check.

How about using


Whenever I try to use Invoke, it gives an error saying I can’t connect:

Connecting to remote server kdtict004 failed with the following error message : Unable to connect to the destination specified in the request. Check whether the service
ce is executed at the destination and whether applications are accepted. Read the logs and documentation for the WS-Management service running at the destination (usually is
this IIS or WinRM). If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: winrm quickconfig. For more i 
nformation, see the about_Remote_Troubleshooting Help topic.
    + CategoryInfo          : OpenError: (kdtict004:String) [], PSRemotingTransportException
    + FullyQualifiedErrorId : CannotConnect,PSSessionStateBroken

I can’t really individually go and configure every pc, as I have about 1000 to go through.

I’d expect you somehow configured other settings of these 1000 PCs to fit your requirements for your environment. How did you do that? :wink:

I’m not in charge of configuring the PCs on my network and the one in charge isn’t here.

As @Olaf says if you’re managing that many machines there’s probably infrastructure to support that.

Sounds like WinRM is not enabled. I’ve added a link to a previous thread with a somewhat similar premise:
Discussion about enabling WinRM with GPO

1 Like

OK. But since we’re both no magicians … how would you like to proceed? :man_shrugging:t4:

Isn’t there a way to use a ComputerName variable and pass it into the HKEY_USERS script?

For that you need to have access to the remote computers. Therefor you need to have a valid configuration.

The ComputerName is just an address. If you don’t have a key - in this case WinRM - you can go to the address, but you will not be able to do anything with what’s at the address.

It’s possible that some of the machines on your network have WinRM enabled. In the thread I linked above there’s a small script that pings machines and checks whether WinRM is enabled. You can perhaps use that as a starting point.

I just enabled WinRM on two devices, and I still can’t connect to them.

A number of questions:

  • Did you reboot the devices after enabling WinRM? (shouldn’t really be needed, but Windows tends to behave better after a reboot)
  • What version of Windows (and Powershell) on the devices?
  • Can you ping the devices?
  • In the thread I linked above I mentioned that enabling WinRM should open firewall ports in the built-in Windows firewall, but that it can fail. Have you verified that the ports are allowed in the firewall?
  • Is there a third party firewall installed on the devices?
  • Is there a Firewall GPO that affects the devices?
  • Are they on the same VLAN/Subnet as the calling machine?
  • If not on the same Subnet or VLAN is there an internal firewall blocking communication?

A number of answers:

  • Yes, still didn’t work.
  • Latest Windows 10 Version (20H2, OS: 19042, 1766)
  • Pinging Works
  • Firewall is good
  • I’m not certain, there probably is.
  • They’re on the same Subnet

I should be able to connect to other PCs on my network, since we have a remote control service that works perfectly fine.

When you say you cannot connect. Do you mean that you can’t run the Invoke-Command that you wished to run in the first place or do they not respond to the Test-WSMan command?

If you have a third party remote control service running on the devices, is it possible that it uses the same port(s) as WinRM?

A WinRm listener can listen two different ways; HTTP or HTTPS. The WinRM port for HTTP is 5985 while the WinRm port for HTTPS is 5986, by default.

  • HTTP – Port 5985
  • HTTPS – Port 5986

In that case you would need to tweak both the WinRM listener service and the firewall as well as call the remote commands specifying the non-standard ports. It’s really not recommended and quite a bit of work!
Default WinRm Ports and How to Change Them

I think it will be better to just find another way to run the script, then.

@Olaf, @laage, I managed to connect to another pc on the network, but when I run the script it gives the HKEY_USERS from the PC that initiated the script and not the remote PC. What do I do?

Please show the code you used.

#Getting the printer-data
function Get-Printers {
    param (
    $string = (Get-ChildItem Registry::\HKEY_Users |                                                           
	Where-Object { $_.PSChildName -NotMatch ".DEFAULT|S-1-5-18|S-1-5-19|S-1-5-20|_Classes" } |
	Select-Object -ExpandProperty PSChildName |
	ForEach-Object { Get-ChildItem Registry::\HKEY_Users\$_\Printers\Connections -Recurse | Select-Object -ExpandProperty Name })
    #Adding data to temporary file to easily edit
    Add-Content -Path $TempPath -Value $string

Invoke-Command -ComputerName $RemotePC -ScriptBlock(Get-Printers)

Try it this way …

Invoke-Command -ComputerName $RemotePC -ScriptBlock {
    Get-ChildItem Registry::\HKEY_Users |
    Where-Object { $_.PSChildName -NotMatch ".DEFAULT|S-1-5-18|S-1-5-19|S-1-5-20|_Classes" } |
    Select-Object -ExpandProperty PSChildName |
    ForEach-Object { Get-ChildItem Registry::\HKEY_Users\$_\Printers\Connections -Recurse | Select-Object -ExpandProperty Name }    

Doing that doesn’t give me any HKEY_USERS. I don’t know why.