Hello everyone. Brand new to this forum and this is my first post. I’m pretty new to powershell but not entirely new to script writing and wondering if the following request could be accomplished with powershell. Any assistance would be greatly appreciated. I need to be able to obtain the character length of the data contained in a registry entry on each computer in the company. The location would be HkeyLocalMachine\System\CurrentControlSet\Control\SessionManager\Environment. In that registry location will be a Path variable. I need to query the data of that Path variable. I would like to obtain the length of that string and not necessarily the actual values of that path. The data of the path variable might be far too long to store in a report. We need to find all of the computers that are holding excessively long paths to help preempt further issues that came about from a prior issue. I’d like to be able to output a simple list of the computer names sorted by the largest strings lengths. I would also not be apposed to only reporting on computers where that string exceeds a certain length thereby cutting down the report size as well a possibly the time to run the powershell script.
Thanks!
mjlongo,
Welcome to the forum. 
Short answer … Yes, that’s possible. 
But please keep in mind this forum is for scripting questions rather than script requests. We do not write customized and ready to use scripts or solutions on request.
What have you tried so far? We expect you to make an own attempt to get your task done or to solve your problem. If you have done so already please document here what exactly you have done and show your code. Then we probably might be able to help you step further.
Regardless of that - usually you’re not the very first one with a given task. Most common tasks have been accomplished several times before and even have been published to help others with the same or a similar task. So it’s pretty likely that you find code online you can adjust easily to your particular needs. Search for it. 
Here’s what I’ve done so far:
$Inventory = New-Object System.Collections.ArrayList
$AllComputersNames = Get-Content 'c:\stuff\powershell\machinelist_b.txt'
Foreach ($ComputerName in $AllComputersNames) {
$Connection = Test-Connection $ComputerName -Count 1 -Quiet
$ComputerInfo = New-Object System.Object
$ComputerInfo | Add-Member -MemberType NoteProperty -Name "Name" -Value "$ComputerName" -Force
if ($Connection -eq "True"){
$pathValue = Get-ItemPropertyValue -path 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\' -Name PATH
$ComputerInfo | Add-Member -MemberType NoteProperty -Name "Path" -Value "$pathValue" -Force
}
$Inventory.Add($ComputerInfo) | Out-Null
$ComputerName = ""
$pathValue = ""
}
$Inventory | Export-Csv C:\Stuff\script_output\PathValue.cs
Issues that I’m having are:
- The returned path string appears to be only returning the last entry of the PATH variable.
- As I mentioned in my first post, I’d like the total string length of the PATH variable but I have no idea how to do that.
Thanks!
I cannot test at the moment but something like this should work actually
$AllComputersNames = Get-Content 'c:\stuff\powershell\machinelist_b.txt'
$Inventory =
Foreach ($ComputerName in $AllComputersNames) {
if (Test-Connection $ComputerName -Count 1 -Quiet) {
$Result =
Invoke-Command -ComputerName $ComputerName -ScriptBlock {
Get-ItemPropertyValue -path 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\' -Name PATH
}
[PSCustomObject]@{
ComputerName = $ComputerName
PathLength = $Result.Length
}
}
Else {
[PSCustomObject]@{
ComputerName = $ComputerName
PathLength = 'n/a'
}
}
}
$Inventory
$Inventory |
Export-Csv -Path 'C:\Stuff\script_output\PathValue.csv' -NoTypeInformation
I’ll give that suggestion a try asap. Thx!!
On my Win10 system, that Key seems to be funky. Here is what I tried …
PS C:\> $str = Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\' -Name 'Path'
PS C:\> $str.Length
PS C:\> $str.Path.Length
804
PS C:\>
What do you mean with that? Expect of the fact that you used Get-ItemProperty while the OP uses Get-ItemPropertyValue I cannot see any issue. And the return value seems valid as well?! 
Yup … my error … sorry about that … its been a long day. I could have sworn I did a copy/paste.
The script that OLAF provided is working quite well. I modified it slightly by adding a line that obtains the user who is logged into the machine. It looks like this:
$users=Get-WmiObject -class Win32_ComputerSystem -ComputerName $ComputerName | select-object -ExpandProperty username
I do have a question about that script since as I mentioned in my first post, I’m pretty new to powershell. Can you explain why this section was moved under the “Invoke-command” block? Also, would it make sense for me to move the line I added under this block?
Invoke-Command -ComputerName $ComputerName -ScriptBlock {
Get-ItemPropertyValue -path 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\' -Name PATH
}
Finally, I am getting “WinRM cannot complete the operation” error messages that I am unsure of. I am running the script with a domain admin account so I do not think it is a rights issue. But to be honest, I’m not really worrying about these at this time as the data I am trying to capture is working probably better than 90%. But if anyone has some insight to this particular error, that would be great.
Thanks!
If you want to run some code on a remote computer you have to tell PowerShell to do so. And using Invoke-Command is one of the ways to do that. Otherwise you would query the local computer the scripts runs on again and again and again.
You may read more about here:
Yes. But you should not use Get-WmiObject anymore. Instead use
That can have a lot of reasons. On some of the computers you’re querying PowerShell remoting might not be activated.
That’s a very bad idea and will introduce a lot of security issues. Domain admin accounts should only be used to actually manage the domain - not domain members. For tasks like this the account used to run the script should be a member of an AD group havin administrative rights on the computers. WorkstationAdmins would be proper name for such a group.
Awesome. Thank you for the explanations.
Also, I need to clarify as I misspoke…I’m actually using my own admin account which is a member of the AD group with admin rights.
Thanks!