Home » PowerShell » Get a remote computer’s registry info, as long as it’s running PowerShell 2.0. Here’s how.

Get a remote computer’s registry info, as long as it’s running PowerShell 2.0. Here’s how.


In PowerShell 1.0 there were no easy ways to manage remote registries. You could use WMI and the StdRegProv, but it’s very slow and cumbersome to deal with. Another approach is to use the .NET registry classes that support connecting to remote computers. Those methods will still work with PowerShell 2.0. But what about the registry PSProvider?

I’m sure you know that you can navigate your local registry as if it were a file system. For example, here’s a command to get the Windows Update server value from the local registry:

PS C:\> get-itemproperty hklm:\software\policies\Microsoft\Windows\WindowsUpdate\ -Name WUServer | Select WUServer

Unfortunately the registry provider doesn’t support mapping to remote computers. However, as long as the remote computer is running PowerShell 2.0 and is enabled for remoting, we can reach out and securely get this information.
The first step is to create script block that contains the command we want to execute:

PS C:\> $sb={get-itemproperty hklm:\software\policies\Microsoft\Windows\WindowsUpdate\ -Name WUServer | Select WUServer}

We can and should test it locally:

PS C:\scripts> &$sb

WUServer
——-
http://172.16.10.1

There are several ways we could run this remotely. And to be clear, I’m talking about running the command so that it is processed ON the remote computer. I’m going to demo querying a single remote computer, but it isn’t complicated to query multiple remote computers. We’re going to use the Invoke-Command cmdlet:

PS C:\> invoke-command -ComputerName Serenity -ScriptBlock $sb

The command in the script block to query the registry PSDrive is executed on the remote computer thus I can take advantage of the registry provider through a remote connection. The Invoke-Command cmdlet can be used several ways depending on your situation. In this case all I need is to specify the computername and the script block. The output that is returned includes the remote computername. This is useful when querying multiple machines:

PS C:\> invoke-command -ComputerName (get-content computers.txt) -ScriptBlock $sb | Sort PSComputername | format-table -autosize | out-file wsusreport.txt

For more information, be sure to look at full cmdlet help for Invoke-Command and read the help topic About_Remote.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: