Jewtus Posted October 21, 2016 Posted October 21, 2016 I've been looking at @UEZ code for reading remote machine info (I'm trying to test locally right now) but I'm not getting results from the sample code. I've tried messing around with it a bit, but I'm definitely in over my head with registry stuff (I inherited some responsibilities that came with a list of registry entries to check/modify). This is the code I have, and the domain check works, but I don't get a blank string on the registry value. I checked the registry and the path is correct, but I'm not getting any results expandcollapse popupGlobal Const $oErrorHandler = ObjEvent("AutoIt.Error", "ObjErrorHandler") Local $sUser,$sPass $sRegVal=WMI_GetRemoteRegVal(@ComputerName, "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion",$sUser,$sPass) $sDomain=WMI_GetDomainName(@ComputerName,$sUser,$sPass) MsgBox(0,"",$sRegVal) MsgBox(0,"",$sDomain) Func WMI_GetRemoteRegVal($sHost, $sRegPath, $sUser = "", $sPass = "") ;coded by UEZ build 2014-07-06 If $sHost = "." Then $sHost = "localhost" Local $iPing = Ping($sHost, 250) If @error Then Return SetError(1, 0, "") Local $objWMILocator = ObjCreate("WbemScripting.SWbemLocator") Local $objWMIService = $objWMILocator.ConnectServer($sHost, "\\.\root\default", $sUser, $sPass, "", "", 128) If @error Then Return SetError(2, @error, "") Local $objReg = $objWMIService.Get("StdRegProv") ;http://msdn.microsoft.com/en-us/library/aa393664(v=vs.85).aspx If @error Then Return SetError(3, @error, "") Local Const $wbemImpersonationLevelImpersonate = 3, $wbemAuthenticationLevelPktPrivacy = 6 $objReg.Security_.ImpersonationLevel = $wbemImpersonationLevelImpersonate $objReg.Security_.AuthenticationLevel = $wbemAuthenticationLevelPktPrivacy Local $nHKEY, $sPrefix = StringRegExpReplace($sRegPath, "(.+?)\\.*", "$1") Switch $sPrefix Case "HKEY_CLASSES_ROOT" Or "HKCR" $nHKEY = 0x80000000 Case "HKEY_CURRENT_USER" Or "HKCU" $nHKEY = 0x80000001 Case "HKEY_LOCAL_MACHINE" Or "HKLM" $nHKEY = 0x80000002 Case "HKEY_USERS" Or "HKU" $nHKEY = 0x80000003 Case "HKEY_CURRENT_CONFIG" Or "HKCC" $nHKEY = 0x80000005 ;~ Case "HKEY_DYN_DATA" Or "HKDD" ;Windows 95/98 only ;~ $nHKEY = 0x80000006 Case Else Return SetError(4, 0, "") EndSwitch Local $sRegKeyPath = StringRegExpReplace($sRegPath, "(?i)" & $sPrefix & "\\(.+)\\.*", "$1") If @error Or $sRegKeyPath = "" Then Return SetError(5, 0, "") Local $aSubKeys, $aTypes $objReg.EnumValues($nHKEY, $sRegKeyPath, $aSubKeys, $aTypes) If @error Then Return SetError(6, @error, "") Local Enum $iREG_SZ = 1, $iREG_EXPAND_SZ, $iREG_BINARY, $iREG_DWORD, $iREG_DWORD_BIG_ENDIAN, $iREG_LINK, $iREG_MULTI_SZ, $iREG_RESOURCE_LIST, $iREG_FULL_RESOURCE_DESCRIPTOR, $iREG_RESOURCE_REQUIREMENTS_LIST, $iREG_QWORD Local $i, $return, $sSearchValue = StringRegExpReplace($sRegPath, "(?i)" & $sPrefix & ".+\\(.+)", "$1") For $i = 0 To UBound($aSubKeys) - 1 If $aSubKeys[$i] = $sSearchValue Then Switch $aTypes[$i] Case $iREG_SZ $objReg.GetStringValue($nHKEY, $sRegKeyPath, $sSearchValue, $return) Return $return Case $iREG_EXPAND_SZ $objReg.GetExpandedStringValue($nHKEY, $sRegKeyPath, $sSearchValue, $return) Return $return Case $iREG_BINARY $objReg.GetBinaryValue($nHKEY, $sRegKeyPath, $sSearchValue, $return) Return $return Case $iREG_DWORD $objReg.GetDWORDValue($nHKEY, $sRegKeyPath, $sSearchValue, $return) Return $return Case $iREG_MULTI_SZ $objReg.GetMultiStringValue($nHKEY, $sRegKeyPath, $sSearchValue, $return) Return $return Case $iREG_QWORD $objReg.GetQWORDValue($nHKEY, $sRegKeyPath, $sSearchValue, $return) Return $return EndSwitch EndIf Next Return SetError(7, 0, "") EndFunc Func WMI_GetDomainName($sHost, $sUsr = "", $sPass = "") If $sHost = "." Then $sHost = @ComputerName Local $ping = Ping($sHost, 250) If @error Then Return SetError(1, 0, -1) Local $objWMILocator = ObjCreate("WbemScripting.SWbemLocator") Local $objWMIService = $objWMILocator.ConnectServer($sHost, "\root\cimv2", $sUsr, $sPass, "", "", 128) If @error Then Return SetError(2, 0, -1) Local $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_ComputerSystem", "WQL", 0x30) If IsObj($colItems) Then For $objItem In $colItems Return $objItem.Domain Next Else Return SetError(3, 0, -1) EndIf Return 0 EndFunc Func ObjErrorHandler() ConsoleWrite( "A COM Error has occured!" & @CRLF & @CRLF & _ "err.description is: " & @TAB & $oErrorHandler.description & @CRLF & _ "err.windescription:" & @TAB & $oErrorHandler & @CRLF & _ "err.number is: " & @TAB & Hex($oErrorHandler.number, 8) & @CRLF & _ "err.lastdllerror is: " & @TAB & $oErrorHandler.lastdllerror & @CRLF & _ "err.scriptline is: " & @TAB & $oErrorHandler.scriptline & @CRLF & _ "err.source is: " & @TAB & $oErrorHandler.source & @CRLF & _ "err.helpfile is: " & @TAB & $oErrorHandler.helpfile & @CRLF & _ "err.helpcontext is: " & @TAB & $oErrorHandler.helpcontext & @CRLF _ ) EndFunc This is the previous thread:
UEZ Posted October 21, 2016 Posted October 21, 2016 (edited) Well, it doesn't work for me either anymore using Win10. Which OS do you use? $objReg.EnumValues($nHKEY, $sRegKeyPath, $aSubKeys, $aTypes) Doesn't return an array -> $aSubKeys Edited October 21, 2016 by UEZ Please don't send me any personal message and ask for support! I will not reply! Selection of finest graphical examples at Codepen.io The own fart smells best! ✌Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!¯\_(ツ)_/¯ ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ
Jewtus Posted October 21, 2016 Author Posted October 21, 2016 (edited) 1 minute ago, UEZ said: Well, it doesn't work for me either anymore using Win10. Which OS do you use? Win 10... Most of my remote hosts are windows server though... Maybe I'll take a shot with one of those machines. (win server 2012 R2 might be an issue.. its a lot like win 10) Edited October 21, 2016 by Jewtus
Jewtus Posted October 21, 2016 Author Posted October 21, 2016 UPDATE: I tried it on a Windows Server 2012 R2 Datacenter machine and had no results. I then tried it on a Windows Server 2008 R2 Standard and still had no results. Could this be related to the version of Autoit? I'm running v3.3.15.0.
Jewtus Posted October 21, 2016 Author Posted October 21, 2016 This seems to work: Func WMI_GetRemoteRegVal($sHost, $sRegPath, $sUser = "", $sPass = "") Local $strKeyPath='',$arrValueNames, $arrValueTypes, $strValue, $aReturn[0][2] $aString=StringSplit($sRegPath,"\") $sStringBase=$aString[1] For $x=2 to UBound($aString)-1 If $strKeyPath='' then $strKeyPath=$aString[$x] Else $strKeyPath=$strKeyPath&'\'&$aString[$x] EndIf Next MsgBox(0,$sStringBase,$strKeyPath) If $sStringBase ="HKEY_CLASSES_ROOT" Or $sStringBase ="HKCR" Then $nHKEY = 0x80000000 If $sStringBase ="HKEY_CURRENT_USER" Or $sStringBase ="HKCU" Then $nHKEY = 0x80000001 If $sStringBase ="HKEY_LOCAL_MACHINE" Or $sStringBase ="HKLM" Then $nHKEY = 0x80000002 If $sStringBase ="HKEY_USERS" Or $sStringBase ="HKU" Then $nHKEY = 0x80000003 If $sStringBase ="HKEY_CURRENT_CONFIG" Or $sStringBase ="HKCC" Then $nHKEY = 0x80000005 $objRegistry = ObjGet("winmgmts:\\" & $sHost & "\root\default:StdRegProv") $objRegistry.EnumValues($nHKEY, $strKeyPath, $arrValueNames, $arrValueTypes) For $i = 0 To UBound($arrValueNames) - 1 $strValueName = $arrValueNames[$i] $objRegistry.GetStringValue($nHKEY, $strKeyPath, $strValueName, $strValue) _ArrayAdd($aReturn, $arrValueNames[$i] & "|" & $strValue) Next If UBound($aReturn) > 0 Then Return $aReturn Else Return -1 EndIf EndFunc
MattHiggs Posted October 21, 2016 Posted October 21, 2016 By the way, for client devices, the "remote registry" service is disabled by default. I would assume that to get this to work, you would need enable the service and ensure that it is running. Jewtus 1
Jewtus Posted October 21, 2016 Author Posted October 21, 2016 2 hours ago, MattHiggs said: By the way, for client devices, the "remote registry" service is disabled by default. I would assume that to get this to work, you would need enable the service and ensure that it is running. Anyway to push the command to do that to a remote machine Otherwise I will probably make a script.
MattHiggs Posted October 21, 2016 Posted October 21, 2016 (edited) run following two commands in command prompt: sc \\computername config remoteregistry start= auto sc \\computername start remoteregistry Edited October 21, 2016 by MattHiggs
UEZ Posted October 21, 2016 Posted October 21, 2016 (edited) Is it working now with enabled and started remote registry service (code from post#1)? Edited October 21, 2016 by UEZ Please don't send me any personal message and ask for support! I will not reply! Selection of finest graphical examples at Codepen.io The own fart smells best! ✌Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!¯\_(ツ)_/¯ ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ
Jewtus Posted October 24, 2016 Author Posted October 24, 2016 (edited) EDIT: Ok this seems to work with the service off.. Func WMI_GetRemoteRegVal($sHost, $sRegPath, $sUser = "", $sPass = "") Local $strKeyPath = '', $arrValueNames, $arrValueTypes, $strValue, $aReturn[0][2] $aString = StringSplit($sRegPath, "\") $sStringBase = $aString[1] For $x = 2 To UBound($aString) - 1 If $strKeyPath = '' Then $strKeyPath = $aString[$x] Else $strKeyPath = $strKeyPath & '\' & $aString[$x] EndIf Next If $sStringBase = "HKEY_CLASSES_ROOT" Or $sStringBase = "HKCR" Then $nHKEY = 0x80000000 If $sStringBase = "HKEY_CURRENT_USER" Or $sStringBase = "HKCU" Then $nHKEY = 0x80000001 If $sStringBase = "HKEY_LOCAL_MACHINE" Or $sStringBase = "HKLM" Then $nHKEY = 0x80000002 If $sStringBase = "HKEY_USERS" Or $sStringBase = "HKU" Then $nHKEY = 0x80000003 If $sStringBase = "HKEY_CURRENT_CONFIG" Or $sStringBase = "HKCC" Then $nHKEY = 0x80000005 $objSWbemLocator = ObjCreate("WbemScripting.SWbemLocator") If $sHost='locahost' Then $objSWbemServices = $objSWbemLocator.ConnectServer($sHost, "root\CIMV2") Else $objSWbemServices = $objSWbemLocator.ConnectServer($sHost, "root\CIMV2", $sUser, $sPass) EndIf $objRegistry = $objSWbemServices.Get("StdRegProv") $objRegistry.EnumValues($nHKEY, $strKeyPath, $arrValueNames, $arrValueTypes) For $i = 0 To UBound($arrValueNames) - 1 $strValueName = $arrValueNames[$i] $objRegistry.GetStringValue($nHKEY, $strKeyPath, $strValueName, $strValue) _ArrayAdd($aReturn, $arrValueNames[$i] & "|" & $strValue) Next If UBound($aReturn) > 0 Then Return $aReturn Else Return -1 EndIf EndFunc ;==>WMI_GetRemoteRegVal Edited October 24, 2016 by Jewtus
UEZ Posted October 25, 2016 Posted October 25, 2016 I found the bug in the function! The issue was within the switch/case statements -> Switch $sPrefix Case "HKEY_CLASSES_ROOT" Or "HKCR" $nHKEY = 0x80000000 Case "HKEY_CURRENT_USER" Or "HKCU" $nHKEY = 0x80000001 Case "HKEY_LOCAL_MACHINE" Or "HKLM" $nHKEY = 0x80000002 Case "HKEY_USERS" Or "HKU" $nHKEY = 0x80000003 Case "HKEY_CURRENT_CONFIG" Or "HKCC" $nHKEY = 0x80000005 ;~ Case "HKEY_DYN_DATA" Or "HKDD" ;Windows 95/98 only ;~ $nHKEY = 0x80000006 Case Else Return SetError(4, 0, "") EndSwitch It must be Switch $sPrefix Case "HKEY_CLASSES_ROOT", "HKCR" $nHKEY = 0x80000000 Case "HKEY_CURRENT_USER", "HKCU" $nHKEY = 0x80000001 Case "HKEY_LOCAL_MACHINE", "HKLM" $nHKEY = 0x80000002 Case "HKEY_USERS", "HKU" $nHKEY = 0x80000003 Case "HKEY_CURRENT_CONFIG", "HKCC" $nHKEY = 0x80000005 ;~ Case "HKEY_DYN_DATA", "HKDD" ;Windows 95/98 only ;~ $nHKEY = 0x80000006 Case Else Return SetError(4, 0, "") EndSwitch Case "HKEY_CLASSES_ROOT" Or "HKCR" is always true and thus wrong $nHKEY was set. Please don't send me any personal message and ask for support! I will not reply! Selection of finest graphical examples at Codepen.io The own fart smells best! ✌Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!¯\_(ツ)_/¯ ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now