├── .gitattributes ├── .gitignore ├── Get-RegistryValueData.ps1 ├── Get-InstalledSoftwareInfo.ps1 ├── Get-RemoteRegistryInfo.ps1 ├── Remove-RegistryKeyValue.ps1 └── Write-RegistryValue.ps1 /.gitattributes: -------------------------------------------------------------------------------- 1 | # Auto detect text files and perform LF normalization 2 | * text=auto 3 | 4 | # Custom for Visual Studio 5 | *.cs diff=csharp 6 | 7 | # Standard to msysgit 8 | *.doc diff=astextplain 9 | *.DOC diff=astextplain 10 | *.docx diff=astextplain 11 | *.DOCX diff=astextplain 12 | *.dot diff=astextplain 13 | *.DOT diff=astextplain 14 | *.pdf diff=astextplain 15 | *.PDF diff=astextplain 16 | *.rtf diff=astextplain 17 | *.RTF diff=astextplain 18 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Windows image file caches 2 | Thumbs.db 3 | ehthumbs.db 4 | 5 | # Folder config file 6 | Desktop.ini 7 | 8 | # Recycle Bin used on file shares 9 | $RECYCLE.BIN/ 10 | 11 | # Windows Installer files 12 | *.cab 13 | *.msi 14 | *.msm 15 | *.msp 16 | 17 | # Windows shortcuts 18 | *.lnk 19 | 20 | # ========================= 21 | # Operating System Files 22 | # ========================= 23 | 24 | # OSX 25 | # ========================= 26 | 27 | .DS_Store 28 | .AppleDouble 29 | .LSOverride 30 | 31 | # Thumbnails 32 | ._* 33 | 34 | # Files that might appear in the root of a volume 35 | .DocumentRevisions-V100 36 | .fseventsd 37 | .Spotlight-V100 38 | .TemporaryItems 39 | .Trashes 40 | .VolumeIcon.icns 41 | 42 | # Directories potentially created on remote AFP share 43 | .AppleDB 44 | .AppleDesktop 45 | Network Trash Folder 46 | Temporary Items 47 | .apdisk 48 | -------------------------------------------------------------------------------- /Get-RegistryValueData.ps1: -------------------------------------------------------------------------------- 1 | function Get-RegistryValueData { 2 | [CmdletBinding(SupportsShouldProcess=$True, 3 | ConfirmImpact='Medium', 4 | HelpURI='http://vcloud-lab.com')] 5 | Param 6 | ( 7 | [parameter(Position=0, ValueFromPipeline=$True, ValueFromPipelineByPropertyName=$True)] 8 | [alias('C')] 9 | [String[]]$ComputerName = '.', 10 | [Parameter(Position=1, Mandatory=$True, ValueFromPipelineByPropertyName=$True)] 11 | [alias('Hive')] 12 | [ValidateSet('ClassesRoot', 'CurrentUser', 'LocalMachine', 'Users', 'CurrentConfig')] 13 | [String]$RegistryHive = 'LocalMachine', 14 | [Parameter(Position=2, Mandatory=$True, ValueFromPipelineByPropertyName=$True)] 15 | [alias('KeyPath')] 16 | [String]$RegistryKeyPath = 'SYSTEM\CurrentControlSet\Services\USBSTOR', 17 | [parameter(Position=3, Mandatory=$True, ValueFromPipelineByPropertyName=$true)] 18 | [alias('Value')] 19 | [String]$ValueName = 'Start' 20 | ) 21 | Begin { 22 | $RegistryRoot= "[{0}]::{1}" -f 'Microsoft.Win32.RegistryHive', $RegistryHive 23 | try { 24 | $RegistryHive = Invoke-Expression $RegistryRoot -ErrorAction Stop 25 | } 26 | catch { 27 | Write-Host "Incorrect Registry Hive mentioned, $RegistryHive does not exist" 28 | } 29 | } 30 | Process { 31 | Foreach ($Computer in $ComputerName) { 32 | if (Test-Connection $computer -Count 2 -Quiet) { 33 | $reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($RegistryHive, $Computer) 34 | $key = $reg.OpenSubKey($RegistryKeyPath) 35 | $Data = $key.GetValue($ValueName) 36 | $Obj = New-Object psobject 37 | $Obj | Add-Member -Name Computer -MemberType NoteProperty -Value $Computer 38 | $Obj | Add-Member -Name RegistryValueName -MemberType NoteProperty -Value "$RegistryKeyPath\$ValueName" 39 | $Obj | Add-Member -Name RegistryValueData -MemberType NoteProperty -Value $Data 40 | $Obj 41 | } 42 | else { 43 | Write-Host "$Computer not reachable" -BackgroundColor DarkRed 44 | } 45 | } 46 | } 47 | End { 48 | #[Microsoft.Win32.RegistryHive]::ClassesRoot 49 | #[Microsoft.Win32.RegistryHive]::CurrentUser 50 | #[Microsoft.Win32.RegistryHive]::LocalMachine 51 | #[Microsoft.Win32.RegistryHive]::Users 52 | #[Microsoft.Win32.RegistryHive]::CurrentConfig 53 | } 54 | } 55 | 56 | 57 | Get-RegistryValueData -ComputerName Server01, Member01, testcomp -RegistryHive LocalMachine -RegistryKeyPath SYSTEM\CurrentControlSet\Services\USBSTOR -ValueName 'Start' 58 | -------------------------------------------------------------------------------- /Get-InstalledSoftwareInfo.ps1: -------------------------------------------------------------------------------- 1 | function Get-InstalledSoftwareInfo { 2 | [CmdletBinding(SupportsShouldProcess=$True, 3 | ConfirmImpact='Medium', 4 | HelpURI='http://vcloud-lab.com')] 5 | Param ( 6 | [parameter(Position=0, ValueFromPipeline=$True, ValueFromPipelineByPropertyName=$True)] 7 | [alias('C')] 8 | [String[]]$ComputerName = '.' 9 | ) 10 | Begin { 11 | } 12 | Process { 13 | Foreach ($Computer in $ComputerName) { 14 | if (Test-Connection $Computer -Count 2 -Quiet) { 15 | $RegistryHive = 'LocalMachine' 16 | $RegistryKeyPath = $('SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall', 'SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall') 17 | $RegistryRoot= "[{0}]::{1}" -f 'Microsoft.Win32.RegistryHive', $RegistryHive 18 | $RegistryHive = Invoke-Expression $RegistryRoot -ErrorAction Stop 19 | foreach ($regpath in $RegistryKeyPath) { 20 | try { 21 | $reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($RegistryHive, $Computer) 22 | $key = $reg.OpenSubKey($regpath, $true) 23 | } 24 | catch { 25 | Write-Host "Check permissions on computer name $Computer, cannot connect registry" -BackgroundColor DarkRed 26 | Continue 27 | } 28 | foreach ($subkey in $key.GetSubKeyNames()) { 29 | $Childsubkey = $key.OpenSubKey($subkey) 30 | $SoftwareInfo = $Childsubkey.GetValueNames() 31 | $Displayname = $Childsubkey.GetValue('DisplayName') 32 | [Int]$rawsize = $Childsubkey.GetValue('EstimatedSize') 33 | $ConvertedSize = $rawsize / 1024 34 | $SoftwareSize = "{0:N2}MB" -f $ConvertedSize 35 | if ($Displayname -ne $null) { 36 | $SoftInfo = [PSCustomObject]@{ 37 | ComputerName = $Computer 38 | DisplayName = $Childsubkey.GetValue('DisplayName') 39 | DisplayVersion = $Childsubkey.GetValue('DisplayVersion') 40 | Publisher = $Childsubkey.GetValue('Publisher') 41 | InstallDate = $Childsubkey.GetValue('InstallDate') 42 | EstimatedSize = $SoftwareSize 43 | InstallLocation = $Childsubkey.GetValue('InstallLocation') 44 | InstallSource = $Childsubkey.GetValue('InstallSource') 45 | UninstallString = $Childsubkey.GetValue('UninstallString') 46 | RegistryLocation = $Childsubkey.Name 47 | } 48 | } 49 | $SoftInfo 50 | #break 51 | } 52 | } 53 | } 54 | else { 55 | Write-Host "Computer Name $Computer not reachable" -BackgroundColor DarkRed 56 | } 57 | } 58 | } 59 | End { 60 | #[Microsoft.Win32.RegistryHive]::ClassesRoot 61 | #[Microsoft.Win32.RegistryHive]::CurrentUser 62 | #[Microsoft.Win32.RegistryHive]::LocalMachine 63 | #[Microsoft.Win32.RegistryHive]::Users 64 | #[Microsoft.Win32.RegistryHive]::CurrentConfig 65 | } 66 | } 67 | #Get-InstalledSoftwareInfo -ComputerName Server01, Member01 -------------------------------------------------------------------------------- /Get-RemoteRegistryInfo.ps1: -------------------------------------------------------------------------------- 1 | function Get-RemoteRegistryInfo { 2 | [CmdletBinding(SupportsShouldProcess=$True, 3 | ConfirmImpact='Medium', 4 | HelpURI='http://vcloud-lab.com', 5 | DefaultParameterSetName='GetValue')] 6 | Param ( 7 | [parameter(Position=0, ValueFromPipeline=$True, ValueFromPipelineByPropertyName=$True)] 8 | [alias('C')] 9 | [String[]]$ComputerName = '.', 10 | 11 | [Parameter(Position=1, Mandatory=$True, ValueFromPipelineByPropertyName=$True)] 12 | [alias('Hive')] 13 | [ValidateSet('ClassesRoot', 'CurrentUser', 'LocalMachine', 'Users', 'CurrentConfig')] 14 | [String]$RegistryHive = 'LocalMachine', 15 | 16 | [Parameter(Position=2, Mandatory=$True, ValueFromPipelineByPropertyName=$True)] 17 | [alias('ParentKeypath')] 18 | [String]$RegistryKeyPath, 19 | 20 | [parameter(Position=3, Mandatory=$True, ValueFromPipelineByPropertyName=$true)] 21 | [ValidateSet('ChildKey', 'ValueData')] 22 | [String]$Type 23 | 24 | ) 25 | Begin { 26 | $RegistryRoot= "[{0}]::{1}" -f 'Microsoft.Win32.RegistryHive', $RegistryHive 27 | try { 28 | $RegistryHive = Invoke-Expression $RegistryRoot -ErrorAction Stop 29 | } 30 | catch { 31 | Write-Host "Incorrect Registry Hive mentioned, $RegistryHive does not exist" 32 | } 33 | } 34 | Process { 35 | Foreach ($Computer in $ComputerName) { 36 | if (Test-Connection $Computer -Count 2 -Quiet) { 37 | try { 38 | $reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($RegistryHive, $Computer) 39 | $key = $reg.OpenSubKey($RegistryKeyPath, $true) 40 | } 41 | catch { 42 | Write-Host "Check permissions on computer name $Computer, cannot connect registry" -BackgroundColor DarkRed 43 | Continue 44 | } 45 | if ($key.GetSubKeyNames() -eq $null -or $key.GetValueNames() -eq $null) { 46 | Write-Host "Incorrect registry path on $computer" -BackgroundColor DarkRed 47 | continue 48 | } 49 | switch ($Type) { 50 | 'ChildKey' { 51 | foreach ($ck in $key.GetSubKeyNames()) { 52 | $obj = New-Object psobject 53 | $obj | Add-Member -Name ComputerName -MemberType NoteProperty -Value $Computer 54 | $obj | Add-Member -Name RegistryKeyPath -MemberType NoteProperty -Value "$RegistryHive\$RegistryKeyPath" 55 | $obj | Add-Member -Name ChildKey -MemberType NoteProperty -Value $ck 56 | $obj 57 | } 58 | break 59 | } 60 | 'ValueData' { 61 | foreach ($vn in $key.GetValueNames()) { 62 | $obj = New-Object psobject 63 | $obj | Add-Member -Name ComputerName -MemberType NoteProperty -Value $Computer 64 | $obj | Add-Member -Name RegistryKeyPath -MemberType NoteProperty -Value "$RegistryHive\$RegistryKeyPath" 65 | $obj | Add-Member -Name ValueName -MemberType NoteProperty -Value $vn 66 | $obj | Add-Member -Name ValueData -MemberType NoteProperty -Value $key.GetValue($vn) 67 | $obj | Add-Member -Name ValueKind -MemberType NoteProperty -Value $key.GetValueKind($vn) 68 | $obj 69 | } 70 | break 71 | } 72 | } 73 | } 74 | else { 75 | Write-Host "Computer Name $Computer not reachable" -BackgroundColor DarkRed 76 | } 77 | } 78 | } 79 | End { 80 | #[Microsoft.Win32.RegistryHive]::ClassesRoot 81 | #[Microsoft.Win32.RegistryHive]::CurrentUser 82 | #[Microsoft.Win32.RegistryHive]::LocalMachine 83 | #[Microsoft.Win32.RegistryHive]::Users 84 | #[Microsoft.Win32.RegistryHive]::CurrentConfig 85 | } 86 | } 87 | 88 | #Get-RemoteRegistryInfo -ComputerName server01, member01 -RegistryHive Users -RegistryKeyPath S-1-5-18 -Type ChildKey 89 | #Get-RemoteRegistryInfo -ComputerName server01, member01 -RegistryHive Users -RegistryKeyPath S-1-5-18\Environment -Type ValueData -------------------------------------------------------------------------------- /Remove-RegistryKeyValue.ps1: -------------------------------------------------------------------------------- 1 | function Remove-RegistryKeyValue { 2 | [CmdletBinding(SupportsShouldProcess=$True, 3 | ConfirmImpact='Medium', 4 | HelpURI='http://vcloud-lab.com', 5 | DefaultParameterSetName='DelValue')] 6 | Param ( 7 | [parameter(ParameterSetName = 'DelValue', Position=0, ValueFromPipeline=$True, ValueFromPipelineByPropertyName=$True)] 8 | [parameter(ParameterSetName = 'DelKey', Position=0, ValueFromPipeline=$True, ValueFromPipelineByPropertyName=$True)] 9 | [alias('C')] 10 | [String[]]$ComputerName = '.', 11 | 12 | [Parameter(ParameterSetName = 'DelValue', Position=1, Mandatory=$True, ValueFromPipelineByPropertyName=$True)] 13 | [parameter(ParameterSetName = 'DelKey', Position=1, ValueFromPipelineByPropertyName=$True)] 14 | [alias('Hive')] 15 | [ValidateSet('ClassesRoot', 'CurrentUser', 'LocalMachine', 'Users', 'CurrentConfig')] 16 | [String]$RegistryHive = 'LocalMachine', 17 | 18 | [Parameter(ParameterSetName = 'DelValue', Position=2, Mandatory=$True, ValueFromPipelineByPropertyName=$True)] 19 | [parameter(ParameterSetName = 'DelKey', Position=2, ValueFromPipelineByPropertyName=$True)] 20 | [alias('ParentKeypath')] 21 | [String]$RegistryKeyPath, 22 | 23 | [parameter(ParameterSetName = 'DelKey',Position=3, Mandatory=$True, ValueFromPipelineByPropertyName=$true)] 24 | [String[]]$ChildKey, 25 | 26 | [parameter(ParameterSetName = 'DelValue',Position=5, Mandatory=$True, ValueFromPipelineByPropertyName=$true)] 27 | [String[]]$ValueName 28 | ) 29 | Begin { 30 | $RegistryRoot= "[{0}]::{1}" -f 'Microsoft.Win32.RegistryHive', $RegistryHive 31 | try { 32 | $RegistryHive = Invoke-Expression $RegistryRoot -ErrorAction Stop 33 | } 34 | catch { 35 | Write-Host "Incorrect Registry Hive mentioned, $RegistryHive does not exist" 36 | } 37 | } 38 | Process { 39 | Foreach ($Computer in $ComputerName) { 40 | if (Test-Connection $Computer -Count 2 -Quiet) { 41 | try { 42 | $reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($RegistryHive, $Computer) 43 | $key = $reg.OpenSubKey($RegistryKeyPath, $true) 44 | } 45 | catch { 46 | Write-Host "Check permissions on computer name $Computer, cannot connect registry" -BackgroundColor DarkRed 47 | Continue 48 | } 49 | switch ($PsCmdlet.ParameterSetName) { 50 | 'DelValue' { 51 | foreach ($regvalue in $ValueName) { 52 | if ($key.GetValueNames() -contains $regvalue) { 53 | [void]$key.DeleteValue($regvalue) 54 | } 55 | else { 56 | Write-Host "Registry value name $regvalue doesn't exist on Computer $Computer under path $RegistryKeyPath" -BackgroundColor DarkRed 57 | } 58 | } 59 | break 60 | } 61 | 'DelKey' { 62 | foreach ($regkey in $ChildKey) { 63 | if ($key.GetSubKeyNames() -contains $regkey) { 64 | [void]$Key.DeleteSubKey("$regkey") 65 | } 66 | else { 67 | Write-Host "Registry key $regKey doesn't exist on Computer $Computer under path $RegistryKeyPath" -BackgroundColor DarkRed 68 | } 69 | } 70 | break 71 | } 72 | } 73 | } 74 | else { 75 | Write-Host "Computer Name $Computer not reachable" -BackgroundColor DarkRed 76 | } 77 | } 78 | } 79 | End { 80 | #[Microsoft.Win32.RegistryHive]::ClassesRoot 81 | #[Microsoft.Win32.RegistryHive]::CurrentUser 82 | #[Microsoft.Win32.RegistryHive]::LocalMachine 83 | #[Microsoft.Win32.RegistryHive]::Users 84 | #[Microsoft.Win32.RegistryHive]::CurrentConfig 85 | } 86 | } 87 | 88 | #Remove-RegistryKeyValue -ComputerName server01, member01 -RegistryHive LocalMachine -RegistryKeyPath SYSTEM\DemoKey -ChildKey test1, test2 89 | #Remove-RegistryKeyValue -ComputerName server01, member01 -RegistryHive LocalMachine -RegistryKeyPath SYSTEM\DemoKey -ValueName start, exp -------------------------------------------------------------------------------- /Write-RegistryValue.ps1: -------------------------------------------------------------------------------- 1 | function Write-RegistryValue { 2 | [CmdletBinding(SupportsShouldProcess=$True, 3 | ConfirmImpact='Medium', 4 | HelpURI='http://vcloud-lab.com', 5 | DefaultParameterSetName='NewValue')] 6 | Param ( 7 | [parameter(ParameterSetName = 'NewValue', Position=0, ValueFromPipeline=$True, ValueFromPipelineByPropertyName=$True)] 8 | [parameter(ParameterSetName = 'NewKey', Position=0, ValueFromPipeline=$True, ValueFromPipelineByPropertyName=$True)] 9 | [alias('C')] 10 | [String[]]$ComputerName = '.', 11 | 12 | [Parameter(ParameterSetName = 'NewValue', Position=1, Mandatory=$True, ValueFromPipelineByPropertyName=$True)] 13 | [parameter(ParameterSetName = 'NewKey', Position=1, ValueFromPipelineByPropertyName=$True)] 14 | [alias('Hive')] 15 | [ValidateSet('ClassesRoot', 'CurrentUser', 'LocalMachine', 'Users', 'CurrentConfig')] 16 | [String]$RegistryHive = 'LocalMachine', 17 | 18 | [Parameter(ParameterSetName = 'NewValue', Position=2, Mandatory=$True, ValueFromPipelineByPropertyName=$True)] 19 | [parameter(ParameterSetName = 'NewKey', Position=2, ValueFromPipelineByPropertyName=$True)] 20 | [alias('ParentKeypath')] 21 | [String]$RegistryKeyPath = 'SYSTEM\CurrentControlSet\Software', 22 | 23 | [parameter(ParameterSetName = 'NewKey',Position=3, Mandatory=$True, ValueFromPipelineByPropertyName=$true)] 24 | [String]$ChildKey = 'TestKey', 25 | 26 | [parameter(ParameterSetName = 'NewValue',Position=4, Mandatory=$True, ValueFromPipelineByPropertyName=$true)] 27 | [alias('Type')] 28 | [ValidateSet('String', 'Binary', 'DWord', 'QWord', 'MultiString', 'ExpandString')] 29 | [String]$ValueType = 'DWORD', 30 | 31 | [parameter(ParameterSetName = 'NewValue',Position=5, Mandatory=$True, ValueFromPipelineByPropertyName=$true)] 32 | [String]$ValueName = 'ValueName', 33 | 34 | [parameter(ParameterSetName = 'NewValue',Position=6, Mandatory=$True, ValueFromPipelineByPropertyName=$true)] 35 | [String]$ValueData = 'ValueData' 36 | ) 37 | Begin { 38 | $RegistryRoot= "[{0}]::{1}" -f 'Microsoft.Win32.RegistryHive', $RegistryHive 39 | try { 40 | $RegistryHive = Invoke-Expression $RegistryRoot -ErrorAction Stop 41 | } 42 | catch { 43 | Write-Host "Incorrect Registry Hive mentioned, $RegistryHive does not exist" 44 | } 45 | } 46 | Process { 47 | Foreach ($Computer in $ComputerName) { 48 | if (Test-Connection $Computer -Count 2 -Quiet) { 49 | try { 50 | $reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($RegistryHive, $Computer) 51 | $key = $reg.OpenSubKey($RegistryKeyPath, $true) 52 | } 53 | catch { 54 | Write-Host "Check access on computer name $Computer, cannot connect registry" -BackgroundColor DarkRed 55 | Continue 56 | } 57 | switch ($PsCmdlet.ParameterSetName) { 58 | 'NewValue' { 59 | $ValueType = [Microsoft.Win32.RegistryValueKind]::$ValueType 60 | $key.SetValue($ValueName,$ValueData,$ValueType) 61 | $Data = $key.GetValue($ValueName) 62 | $Obj = New-Object psobject 63 | $Obj | Add-Member -Name Computer -MemberType NoteProperty -Value $Computer 64 | $Obj | Add-Member -Name RegistryPath -MemberType NoteProperty -Value "$RegistryKeyPath" 65 | $Obj | Add-Member -Name RegistryValueName -MemberType NoteProperty -Value $ValueName 66 | $Obj | Add-Member -Name RegistryValueData -MemberType NoteProperty -Value $ValueData 67 | $Obj 68 | break 69 | } 70 | 'NewKey' { 71 | try { 72 | if ($key.GetSubKeyNames() -contains $ChildKey) { 73 | $Obj = New-Object psobject 74 | $Obj | Add-Member -Name Computer -MemberType NoteProperty -Value $Computer 75 | $Obj | Add-Member -Name RegistryPath -MemberType NoteProperty -Value $RegistryKeyPath 76 | $Obj | Add-Member -Name RegistryChildKey -MemberType NoteProperty -Value $Childkey 77 | $Obj 78 | Continue 79 | } 80 | [void]$Key.CreateSubKey("$ChildKey") 81 | } 82 | catch { 83 | Write-Host "Not able to create $ChildKey on remote computer name $Computer" -BackgroundColor DarkRed 84 | Continue 85 | } 86 | break 87 | } 88 | } 89 | } 90 | else { 91 | Write-Host "Computer Name $Computer not reachable" -BackgroundColor DarkRed 92 | } 93 | } 94 | } 95 | End { 96 | #[Microsoft.Win32.RegistryHive]::ClassesRoot 97 | #[Microsoft.Win32.RegistryHive]::CurrentUser 98 | #[Microsoft.Win32.RegistryHive]::LocalMachine 99 | #[Microsoft.Win32.RegistryHive]::Users 100 | #[Microsoft.Win32.RegistryHive]::CurrentConfig 101 | } 102 | } 103 | 104 | #Write-RegistryValue -ComputerName server01, Member01, test, 192.168.33.11, 192.168.33.12, server01 -RegistryHive LocalMachine -RegistryKeyPath SYSTEM\DemoKey -ChildKey test 105 | #Write-RegistryValue -ComputerName server01, Member01, test -RegistryHive LocalMachine -RegistryKeyPath SYSTEM\DemoKey -ValueName 'Start' -ValueData 10 -ValueType DWord --------------------------------------------------------------------------------