Author Posts

March 1, 2016 at 11:05 am

I'm trying to write a script to check or compare a multi-string registry value against a desired value.

Example: Under HKLM:System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedExactPaths

subkey= Machine

The value is:
System\CurrentControlSet\Control\ProductOptions
System\CurrentControlSet\Control\Server Applications
Software\Microsoft\Windows NT\CurrentVersion

How do I ensure that is the value.

I've tried this, but haven't had any luck:

$key = 'HKLM:\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedExactPaths'
$Machine = @(
'System\CurrentControlSet\Control\ProductOptions',
'System\CurrentControlSet\Control\Server Applications',
'Software\Microsoft\Windows NT\CurrentVersion'
)

if (Test-Path $key)
{

# Set the location for checking
Set-Location $key

$item = Get-ItemProperty .

if($item.Machine -eq $Machine)
{
"Correct Settings" | Out-File -Append c:\temp\Checks.txt
}
else
{
"Open" | Out-File -Append c:\temp\Checks.txt
}
}
else
{
"Open – Key does not exist" | Out-File -Append c:\temp\Checks.txt
}

March 1, 2016 at 11:45 am

You can't directly compare two collections like you're trying to do. You need something like this
$Machine = @(
'System\CurrentControlSet\Control\ProductOptions',
'System\CurrentControlSet\Control\Server Applications',
'Software\Microsoft\Windows NT\CurrentVersion'
)

$p = Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedExactpaths' -Name Machine

if ( -not (Compare-Object $machine $p.machine)){'yay'}else('nay'}

March 1, 2016 at 12:00 pm

This will verify if any value in your array exist in the registry path. I added a few nonexistent values to your array as a test.

# Desired Array to Compare
$values = @"
System\CurrentControlSet\Control\ProductOptions
System\CurrentControlSet\Control\Server Applications
Software\Microsoft\Windows NT\CurrentVersion
Software\Microsoft\Windows NT\PlaceHolder1
Software\Microsoft\Windows NT\PlaceHolder2
"@ -split "`n"

# Check Registry Key
$regkey = 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowedExactPaths'
$keyobj = Get-ItemProperty -Path $regkey
$checks = 'c:\temp\Checks.txt'
switch ($values){
{$keyobj.Machine -contains $_}{"[$_] Is Correct" | Out-File  $checks -Append}
Default {"[$_] Does Not Exist" | Out-File  $checks -Append}
}

March 1, 2016 at 2:15 pm

@Richard Siddaway
That did it! Thanks!
@random comandline
I tried your method as well, but was getting the following when removing the nonexistent values :
[System\CurrentControlSet\Control\ProductOptions
] Does Not Exist
[System\CurrentControlSet\Control\Server Applications
] Does Not Exist
[Software\Microsoft\Windows NT\CurrentVersion] Is Correct

when removing the nonexistent values

March 1, 2016 at 8:44 pm

Yes, it compares the registry values with the values you have listed.
[Software\Microsoft\Windows NT\CurrentVersion] exists in registry, but the other two do not.
Is this not the comparison you were looking for? I am confused.