I am trying to use PS to find if a server has a particular GPO applied, and retrieve the display name and link values.
This is the root I am searching:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History\
Under History are a lot of keys in the format of {0ACAF40C-75BDC-47ba-BBC0-BF6DE7C7DA63}
Under each of these history keys are a key named 0 (zero)
So it looks like this:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History{0ACAF40C-75BDC-47ba-BBC0-BF6DE7C7DA63}\0
Under each of these 0 keys are values, I would like to get two values from each of these registry keys, DisplayName and Link in a neat table listing.
Every time I think I finally understand how to work with the registry in PS, something like this always comes up. Any ideas or suggestions are welcome. Thanks
What you have works, and that is important. I took a slightly different take, but it mostly does the same as what you are doing, but in the end, this produces a group of objects you could manipulate further if needed. It may not be useful, but I thought I would throw it out there.
This will get you somewhere. That other answer by Will Prather needs a space before -Path. You can use convert-path on PSPath to make it look more normal.
get-itemproperty 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History\*\0' displayname,link
DisplayName : Local Group Policy
Link : Local
PSPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\0
PSParentPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}
PSChildName : 0
PSDrive : HKLM
PSProvider : Microsoft.PowerShell.Core\Registry
For some reason, without -name, get-itemporperty errors with “Specified cast is not valid.”. Wow, the 1Param names all have invalid dword values. I can see it in regedit. I thought only Netbeans made those invalid dwords in the uninstall registry area. Get-itemproperty is not robust in this case. Any script scanning the properties in this area will have a terminating error for get-itemproperty.
Instead of doing the Format-Table after retrieving all of the values, try putting it inside your ForEach-Object statement like this:
$x | % {Get-ItemPropertyValue -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\History\$_\0" -name DisplayName, Link | Ft -AutoSize}
Each DisplayName and Link pair should be printed as its own table that way.
As far as improving the efficiency goes, it seems that having this functionality down to just two lines of code is pretty efficient already. What is it that you think needs improving? does it operate slowly?
I like this because it doesn’t rely on PSRemoting, it only requires that the Remote Registry service is running on the system whose registry you want to query. You can also use this technique to create or edit registry keys. I don’t know if it is actually any more efficient than using the PowerShell commandlets for registry handling.