################################################################################ # Registry (stand alone) functions library # Author: $cript Fanatic (Shay Levi) # Blog: http://scriptolog.blogspot.com # Description: Read,Write,Delete,Test registry keys/values from local/remote computer # # For all functions, values for registry hive can be one of the enum values for # [Microsoft.Win32.RegistryHive]. To get a list of possible values type: # [enum]::getnames([Microsoft.Win32.RegistryHive]) # # For all functions, values for registry value kind can be one of the enum values for # [Microsoft.Win32.RegistryValueKind]. To get a list of possible kind values type: # [enum]::getnames([Microsoft.Win32.RegistryValueKind]) # # NOTE: get/set the CurrentUser hive on a remote server is N/A # ################################################################################ # # Function: Get-RegString # Description: Get registry string value (REG_SZ) # Return Value: The string value or the value to return if name does not exist # usage: # # get the default home page url from the local computer: # Get-RegString . CurrentUser "Software\Microsoft\Internet Explorer\Main" "Start Page" # # get the product id from remote server # Get-RegString ServerName LocalMachine SOFTWARE\Microsoft\Windows\CurrentVersion ProductId function Get-RegString{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName, [object]$defaultValue="Your default value" ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName); if(!$subKey){ write-error "The specified registry key does not exist."; return; } $subKey.GetValue($valueName,$defaultValue); } ################################################################################ # Function: Set-RegString # Description: Create/Update the specified registry string value # Return Value: True/false respectively function Set-RegString{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName, [string]$value ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName,$true); if(!$subKey){ write-error "The specified registry key does not exist."; return; } $subKey.SetValue($valueName, $value, [Microsoft.Win32.RegistryValueKind]::String); if($?) {$true} else {$false} } ################################################################################ # Function: Get-RegMultipleString # Description: Gets an array strings (REG_MULTI_SZ) # Return Value: Array object function Get-RegMultipleString{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName, [object]$defaultValue="Your default value" ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName); if(!$subKey){ write-error "The specified registry key does not exist."; return; } $subKey.GetValue($valueName,$defaultValue); } ################################################################################ # Function: Set-RegMultipleString # Description: Create/Update the specified registry as strings array (REG_MULTI_SZ) # Return Value: True/false respectively function Set-RegMultipleString{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName, [String[]]$value ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName,$true); if(!$subKey){ write-error "The specified registry key does not exist."; return; } $subKey.SetValue($valueName, $value,[Microsoft.Win32.RegistryValueKind]::MultiString); if($?) {$true} else {$false} } ################################################################################ # Function: Get-RegBinary # Description: Gets the registry value (REG_BINARY) # Return Value: Array object function Get-RegBinary{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName, [object]$defaultValue="Your default value" ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName); $subKey.GetValue($valueName,$defaultValue); } ################################################################################ # Function: Set-RegBinary # Description: Create/Update the registry value (REG_BINARY) # Return Value: True/false respectively function Set-RegBinary{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName, [byte[]]$value ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName,$true); if(!$subKey){ write-error "The specified registry key does not exist."; return; } $subKey.SetValue($valueName, $value,[Microsoft.Win32.RegistryValueKind]::Binary); if($?) {$true} else {$false} } ################################################################################ # Function: Set-RegDWord # Description: Create/Update the registry value (REG_DWORD) # Return Value: True/false respectively function Set-RegDWord{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName, [double]$value ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName,$true); if(!$subKey){ write-error "The specified registry key does not exist."; return; } $subKey.SetValue($valueName, $value,[Microsoft.Win32.RegistryValueKind]::DWord); if($?) {$true} else {$false} } ################################################################################ # Function: Get-RegDWord # Description: Gets the registry value (REG_DWORD) # Return Value: registry dword value function Get-RegDWord{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName, [object]$defaultValue="Your default value" ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName); if(!$subKey){ write-error "The specified registry key does not exist."; return; } $subKey.GetValue($valueName,$defaultValue); } ################################################################################ # Function: Set-RegExpandString # Description: Create/Update the registry value (REG_EXPAND_SZ) # Return Value: True/false respectively function Set-RegExpandString{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName, [string]$value ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName,$true); if(!$subKey){ write-error "The specified registry key does not exist."; return; } $subKey.SetValue($valueName, $value,[Microsoft.Win32.RegistryValueKind]::ExpandString); if($?) {$true} else {$false} } ################################################################################ # Function: Set-RegExpandString # Description: Get the registry value (REG_EXPAND_SZ) # Return Value: registry value expanded or not based on -expand switch function Get-RegExpandString{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName, [object]$defaultValue="Your default value", [switch]$expand ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName); if(!$subKey){ write-error "The specified registry key does not exist."; return; } if($expand){ $subKey.GetValue($valueName,$defaultValue); } else { $subKey.GetValue($valueName,$defaultValue,[Microsoft.Win32.RegistryValueOptions]::DoNotExpandEnvironmentNames); } } ################################################################################ # Function: Get-RegQuadWord # Description: get the registry value (REG_QWORD) # Return Value: registry value function Get-RegQuadWord{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName, [object]$defaultValue="Your default value" ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName); if(!$subKey){ write-error "The specified registry key does not exist."; return; } $subKey.GetValue($valueName,$defaultValue); } ################################################################################ # Function: Set-RegExpandString # Description: Get the registry value (REG_QWORD) # Return Value: True/false respectively function Set-RegQuadWord{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName, [long]$value ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName,$true); if(!$subKey){ write-error "The specified registry key does not exist."; return; } $subKey.SetValue($valueName, $value,[Microsoft.Win32.RegistryValueKind]::QWord); if($?) {$true} else {$false} } ################################################################################ # Function: Get-RegDefault # Description: Get the registry default value # Return Value: registry default value function Get-RegDefault{ param( [string]$server = ".", [string]$hive, [string]$keyName ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName); if(!$subKey){ write-error "The specified registry key does not exist."; return; } $subKey.GetValue($null); } ################################################################################ # Function: Set-RegDefault # Description: Set the registry default value # Return Value: True/false respectively function Set-RegDefault{ param( [string]$server = ".", [string]$hive, [string]$keyName, $value ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName,$true); if(!$subKey){ write-error "The specified registry key does not exist."; return; } #$regKey.SetValue($null, $value,[Microsoft.Win32.RegistryValueKind]::String); $subKey.SetValue($null, $value,[Microsoft.Win32.RegistryValueKind]::String); if($?) {$true} else {$false} } ################################################################################ # Function: New-RegSubKey # Description: Create the registry key # Return Value: True/false respectively function New-RegSubKey{ param( [string]$server = ".", [string]$hive, [string]$keyName ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); [void]$regKey.CreateSubKey($keyName); if($?) {$true} else {$false} } ################################################################################ # Function: Remove-RegSubKey # Description: Delete the registry key # Return Value: Throws error in case the key doesnt exist function Remove-RegSubKey{ param( [string]$server = ".", [string]$hive, [string]$keyName ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $regKey.DeleteSubKey($keyName,$true); } ################################################################################ # Function: Remove-RegSubKeyTree # Description: Delete the registry key tree # Return Value: None function Remove-RegSubKeyTree{ param( [string]$server = ".", [string]$hive, [string]$keyName ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $regKey.DeleteSubKeyTree($keyName); } ################################################################################ # Function: Get-RegValueKind # Description: Get the registry value type (e.g, string,dword etc) # Return Value: None function Get-RegValueKind{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName); if(!$subKey){ write-error "The specified registry key does not exist."; return; } $regVal=$subKey.GetValueKind($valueName); if(!$regVal){ write-error "The specified registry value does not exist."; return; } else { $regVal; } } ################################################################################ # Function: Test-RegSubKey # Description: Test the existence of the registry key # Return Value: True/false respectively function Test-RegSubKey{ param( [string]$server = ".", [string]$hive, [string]$keyName ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName); if(!$subKey){$false} else {$true} } ################################################################################ # Function: Test-RegValue # Description: Test the existence of the registry value # Return Value: True/false respectively function Test-RegValue{ param( [string]$server = ".", [string]$hive, [string]$keyName, [string]$valueName ) $hives = [enum]::getnames([Microsoft.Win32.RegistryHive]) if($hives -notcontains $hive){ write-error "Invalid hive value"; return; } $regHive = [Microsoft.Win32.RegistryHive]$hive; $regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server); $subKey = $regKey.OpenSubKey($keyName); if(!$subKey){ write-error "The specified registry key does not exist."; return; } $regVal=$subKey.GetValue($valueName); if(!$regVal){$false} else {$true} }