Read Remote Registry Function

Hopefully you found my last entry valuable. But I always like to take things a step further, especially when it comes to scripting and automation. So I turned my last script into a function that returns the value of a specified registry key. Here’s a sample script ( ) that uses the function:

‘ NAME: ReadRegistryFunctionDemo.vbs
’ VERSION: 1.0 2/7/2008
’ AUTHOR: Jeffery Hicks jhicks@sapien.com
’ USAGE: cscript ReadRegistryFunctionDemo.vbs

’ DESCRIPTION: Use the WMI registry provider to read a remote
’ registry key value. This sample script parses an array of
’ server names and returns a CSV line of results. You could
’ easily revise this script to write the results to a text
’ file.

’*********************************************************************************
’* THIS PROGRAM IS OFFERED AS IS AND MAY BE FREELY MODIFIED OR ALTERED AS *
’* NECESSARY TO MEET YOUR NEEDS. THE AUTHOR MAKES NO GUARANTEES OR WARRANTIES, *
’* EXPRESS, IMPLIED OR OF ANY OTHER KIND TO THIS CODE OR ANY USER MODIFICATIONS. *
’* DO NOT USE IN A PRODUCTION ENVIRONMENT UNTIL YOU HAVE TESTED IN A SECURED LAB *
’* ENVIRONMENT. USE AT YOUR OWN RISK. *
’*********************************************************************************
On Error Resume Next
‘this script demo assumes the registry keys will not return multi-line values

‘the registry path to query
strKeyPath =”Software\Microsoft\Windows NT\CurrentVersion”

‘create an array of computers to query. You could just
‘as easily use the FileSystemObject to read a list of
‘computer names.
arrComputers=Array(“server01”,”server02”,”server03”,”server04”)

‘this is a comma separated list of registry values to read
‘under the registry path specified above
strNames=”RegisteredOwner,RegisteredOrganization,ProductName”

‘turn the list into an array
arrNames=Split(strNames,”,”)

WScript.Echo “Computer,” & strNames
For Each strComputer In arrComputers
strLine= UCase(strComputer)
‘get values for each registry key name
For Each strValueName In arrNames
‘build a result string separated by commas. I use
‘quotes “” around each returned value just in case
‘the value has a comma
strLine=strLine & “,” & Chr(34) &_
Trim(GetRegistryValue(strComputer,strKeyPath,strValueName)) &_
Chr(34)
Next
‘display the result
WScript.Echo strLine
Next

‘end main script

Function GetRegistryValue(strComputer,strKeyPath,strValueName)

On Error Resume Next

Const HKEY_LOCAL_MACHINE = &H80000002
Const REG_SZ = 1
Const REG_EXPAND_SZ = 2
Const REG_BINARY = 3
Const REG_DWORD = 4
Const REG_MULTI_SZ = 7

Set objReg=GetObject(“winmgmts:{impersonationLevel=impersonate}!\” &_
strComputer & “\root\default:StdRegProv”)
If Err.Number 0 Then
‘you can uncomment this section if you want to see the error message
‘ strMsg=”There was a problem connecting to ” &_
‘ strComputer & “\root\default:StdRegProv” & VbCrLf &_
‘ “Error ” & Err.Number & ” ” & Err.description
‘ WScript.echo strMsg
GetRegistryValue = “NotFound”
Exit function
End If

objReg.EnumValues HKEY_LOCAL_MACHINE, strKeyPath, arrValues, arrTypes
For x=0 To UBound(arrValues)-1
if Ucase(arrValues(x)) = UCase(strValueName) Then

Select Case arrTypes(x)
Case REG_SZ
objReg.GetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue
Case REG_EXPAND_SZ
objReg.GetExpandedStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue
Case REG_BINARY
objReg.GetBinaryValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue
Case REG_DWORD
objReg.GetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue
Wscript.Echo
Case REG_MULTI_SZ
objReg.GetMultiStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue
End Select
End If

Next

If VarType(strValue)=0 Then
strData=”NotFound”
Else
If IsArray (strValue) Then
For Each value In strValue
strData = strData & VbCrLf & value
Next
Else
strData = strValue
End If
End If

GetRegistryValue = strData

End Function

‘EOF

The demo script will parse an array of computer names and registry keys and return a comma separated value like this:

Computer,RegisteredOwner,RegisteredOrganization,ProductName
GODOT,”Jeffery Hicks”,”SAPIEN Technologies”,”Microsoft Windows XP”
PUCK,”Jeffery Hicks”,”SAPIEN Technologies”,”Windows Vista (TM) Ultimate”

I think you see where this is going. You could easily revise the script to send the output to a CSV text file using the FileSystemObject. Look through the rest of the script comments to understand what each section is doing.