668 lines
17 KiB
PowerShell
668 lines
17 KiB
PowerShell
################################################################################
|
|
# Registry (stand alone) functions library
|
|
# Author: $cript Fanatic (Shay Levi)
|
|
# Blog: http://scriptolog.blogspot.com
|
|
# Description: Read,Write,Delete,Test registry keys/values from local/remote computer
|
|
#
|
|
# For all functions, values for registry hive can be one of the enum values for
|
|
# [Microsoft.Win32.RegistryHive]. To get a list of possible values type:
|
|
# [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
#
|
|
# For all functions, values for registry value kind can be one of the enum values for
|
|
# [Microsoft.Win32.RegistryValueKind]. To get a list of possible kind values type:
|
|
# [enum]::getnames([Microsoft.Win32.RegistryValueKind])
|
|
#
|
|
# NOTE: get/set the CurrentUser hive on a remote server is N/A
|
|
#
|
|
################################################################################
|
|
#
|
|
# Function: Get-RegString
|
|
# Description: Get registry string value (REG_SZ)
|
|
# Return Value: The string value or the value to return if name does not exist
|
|
# usage:
|
|
#
|
|
# get the default home page url from the local computer:
|
|
# Get-RegString . CurrentUser "Software\Microsoft\Internet Explorer\Main" "Start Page"
|
|
#
|
|
# get the product id from remote server
|
|
# Get-RegString ServerName LocalMachine SOFTWARE\Microsoft\Windows\CurrentVersion ProductId
|
|
|
|
function Get-RegString{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName,
|
|
[object]$defaultValue="Your default value"
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
$subKey.GetValue($valueName,$defaultValue);
|
|
}
|
|
|
|
################################################################################
|
|
# Function: Set-RegString
|
|
# Description: Create/Update the specified registry string value
|
|
# Return Value: True/false respectively
|
|
|
|
function Set-RegString{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName,
|
|
[string]$value
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName,$true);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
$subKey.SetValue($valueName, $value, [Microsoft.Win32.RegistryValueKind]::String);
|
|
if($?) {$true} else {$false}
|
|
}
|
|
|
|
|
|
################################################################################
|
|
# Function: Get-RegMultipleString
|
|
# Description: Gets an array strings (REG_MULTI_SZ)
|
|
# Return Value: Array object
|
|
|
|
function Get-RegMultipleString{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName,
|
|
[object]$defaultValue="Your default value"
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
$subKey.GetValue($valueName,$defaultValue);
|
|
}
|
|
|
|
################################################################################
|
|
# Function: Set-RegMultipleString
|
|
# Description: Create/Update the specified registry as strings array (REG_MULTI_SZ)
|
|
# Return Value: True/false respectively
|
|
|
|
function Set-RegMultipleString{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName,
|
|
[String[]]$value
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName,$true);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
$subKey.SetValue($valueName, $value,[Microsoft.Win32.RegistryValueKind]::MultiString);
|
|
if($?) {$true} else {$false}
|
|
}
|
|
|
|
|
|
################################################################################
|
|
# Function: Get-RegBinary
|
|
# Description: Gets the registry value (REG_BINARY)
|
|
# Return Value: Array object
|
|
|
|
function Get-RegBinary{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName,
|
|
[object]$defaultValue="Your default value"
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName);
|
|
$subKey.GetValue($valueName,$defaultValue);
|
|
}
|
|
|
|
################################################################################
|
|
# Function: Set-RegBinary
|
|
# Description: Create/Update the registry value (REG_BINARY)
|
|
# Return Value: True/false respectively
|
|
|
|
function Set-RegBinary{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName,
|
|
[byte[]]$value
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName,$true);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
$subKey.SetValue($valueName, $value,[Microsoft.Win32.RegistryValueKind]::Binary);
|
|
if($?) {$true} else {$false}
|
|
|
|
}
|
|
|
|
################################################################################
|
|
# Function: Set-RegDWord
|
|
# Description: Create/Update the registry value (REG_DWORD)
|
|
# Return Value: True/false respectively
|
|
|
|
function Set-RegDWord{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName,
|
|
[double]$value
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName,$true);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
$subKey.SetValue($valueName, $value,[Microsoft.Win32.RegistryValueKind]::DWord);
|
|
if($?) {$true} else {$false}
|
|
}
|
|
|
|
################################################################################
|
|
# Function: Get-RegDWord
|
|
# Description: Gets the registry value (REG_DWORD)
|
|
# Return Value: registry dword value
|
|
|
|
function Get-RegDWord{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName,
|
|
[object]$defaultValue="Your default value"
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
$subKey.GetValue($valueName,$defaultValue);
|
|
}
|
|
|
|
################################################################################
|
|
# Function: Set-RegExpandString
|
|
# Description: Create/Update the registry value (REG_EXPAND_SZ)
|
|
# Return Value: True/false respectively
|
|
|
|
function Set-RegExpandString{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName,
|
|
[string]$value
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName,$true);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
$subKey.SetValue($valueName, $value,[Microsoft.Win32.RegistryValueKind]::ExpandString);
|
|
if($?) {$true} else {$false}
|
|
}
|
|
|
|
|
|
################################################################################
|
|
# Function: Set-RegExpandString
|
|
# Description: Get the registry value (REG_EXPAND_SZ)
|
|
# Return Value: registry value expanded or not based on -expand switch
|
|
|
|
function Get-RegExpandString{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName,
|
|
[object]$defaultValue="Your default value",
|
|
[switch]$expand
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
if($expand){
|
|
$subKey.GetValue($valueName,$defaultValue);
|
|
} else {
|
|
$subKey.GetValue($valueName,$defaultValue,[Microsoft.Win32.RegistryValueOptions]::DoNotExpandEnvironmentNames);
|
|
}
|
|
}
|
|
|
|
################################################################################
|
|
# Function: Get-RegQuadWord
|
|
# Description: get the registry value (REG_QWORD)
|
|
# Return Value: registry value
|
|
|
|
function Get-RegQuadWord{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName,
|
|
[object]$defaultValue="Your default value"
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
$subKey.GetValue($valueName,$defaultValue);
|
|
}
|
|
|
|
################################################################################
|
|
# Function: Set-RegExpandString
|
|
# Description: Get the registry value (REG_QWORD)
|
|
# Return Value: True/false respectively
|
|
|
|
function Set-RegQuadWord{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName,
|
|
[long]$value
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName,$true);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
$subKey.SetValue($valueName, $value,[Microsoft.Win32.RegistryValueKind]::QWord);
|
|
if($?) {$true} else {$false}
|
|
}
|
|
|
|
|
|
################################################################################
|
|
# Function: Get-RegDefault
|
|
# Description: Get the registry default value
|
|
# Return Value: registry default value
|
|
|
|
function Get-RegDefault{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
$subKey.GetValue($null);
|
|
}
|
|
|
|
|
|
################################################################################
|
|
# Function: Set-RegDefault
|
|
# Description: Set the registry default value
|
|
# Return Value: True/false respectively
|
|
|
|
function Set-RegDefault{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
$value
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName,$true);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
#$regKey.SetValue($null, $value,[Microsoft.Win32.RegistryValueKind]::String);
|
|
$subKey.SetValue($null, $value,[Microsoft.Win32.RegistryValueKind]::String);
|
|
|
|
if($?) {$true} else {$false}
|
|
}
|
|
|
|
################################################################################
|
|
# Function: New-RegSubKey
|
|
# Description: Create the registry key
|
|
# Return Value: True/false respectively
|
|
|
|
function New-RegSubKey{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
[void]$regKey.CreateSubKey($keyName);
|
|
|
|
if($?) {$true} else {$false}
|
|
}
|
|
|
|
################################################################################
|
|
# Function: Remove-RegSubKey
|
|
# Description: Delete the registry key
|
|
# Return Value: Throws error in case the key doesnt exist
|
|
|
|
function Remove-RegSubKey{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$regKey.DeleteSubKey($keyName,$true);
|
|
}
|
|
|
|
################################################################################
|
|
# Function: Remove-RegSubKeyTree
|
|
# Description: Delete the registry key tree
|
|
# Return Value: None
|
|
|
|
function Remove-RegSubKeyTree{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$regKey.DeleteSubKeyTree($keyName);
|
|
}
|
|
|
|
################################################################################
|
|
# Function: Get-RegValueKind
|
|
# Description: Get the registry value type (e.g, string,dword etc)
|
|
# Return Value: None
|
|
|
|
function Get-RegValueKind{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
$regVal=$subKey.GetValueKind($valueName);
|
|
|
|
if(!$regVal){
|
|
write-error "The specified registry value does not exist.";
|
|
return;
|
|
} else {
|
|
$regVal;
|
|
}
|
|
}
|
|
|
|
################################################################################
|
|
# Function: Test-RegSubKey
|
|
# Description: Test the existence of the registry key
|
|
# Return Value: True/false respectively
|
|
|
|
function Test-RegSubKey{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName);
|
|
|
|
if(!$subKey){$false} else {$true}
|
|
}
|
|
|
|
################################################################################
|
|
# Function: Test-RegValue
|
|
# Description: Test the existence of the registry value
|
|
# Return Value: True/false respectively
|
|
|
|
|
|
function Test-RegValue{
|
|
param(
|
|
[string]$server = ".",
|
|
[string]$hive,
|
|
[string]$keyName,
|
|
[string]$valueName
|
|
)
|
|
|
|
$hives = [enum]::getnames([Microsoft.Win32.RegistryHive])
|
|
|
|
if($hives -notcontains $hive){
|
|
write-error "Invalid hive value";
|
|
return;
|
|
}
|
|
|
|
$regHive = [Microsoft.Win32.RegistryHive]$hive;
|
|
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($regHive,$server);
|
|
$subKey = $regKey.OpenSubKey($keyName);
|
|
|
|
if(!$subKey){
|
|
write-error "The specified registry key does not exist.";
|
|
return;
|
|
}
|
|
|
|
$regVal=$subKey.GetValue($valueName);
|
|
if(!$regVal){$false} else {$true}
|
|
} |