Hey, Scripting Guy! Can I Change the Default Value of a Registry Key on Multiple Computers?

Hey, Scripting Guy! Can I Change the Default Value of a Registry Key on Multiple Computers?

  • Comments 1
  • Likes

Bookmark and Share

 

Hey, Scripting Guy! QuestionHey Scripting Guy! I have a problem. There is a registry key on several computers that has a default value of “default.” I need to be able to change that default value. I searched the Hey, Scripting Guy! blog and came up with an article written for VBScript. I know I can use WMI in Windows PowerShell 2.0, but the process looks complicated. Can you explain it to me? Is there an easier way?

-- CS

Hey, Scripting Guy! AnswerHello CS, Microsoft Scripting Guy Ed Wilson here. Right now I have my Zune HD cranked up all the way while listening to an old Rolling Stones recording of a song they sang with Buddy Guy. The cool thing about the Rolling Stones is they have recorded so much music. I have been listening to the Rolling Stones now for the last eight hours while I have been answering scripter@microsoft.com e-mail and talking to people on my personal Facebook page and on the Scripting Guys’ Twitter page. On Facebook, I have been talking to Brandon, a Microsoft MVP, about doing a couple of guest articles related to his bsonposh module. On Twitter, I have been talking to many people about this week’s series of Hey, Scripting Guy! articles.

Portions of today’s Hey, Scripting Guy! post appeared previously in the 2008 Microsoft Press book, Windows PowerShell Scripting Guide.

CS, the script from the post, “How Can I Change a Registry Value Named (Default)?”, uses the WMI class that is named StdRegProv. Things are confusing from the beginning. The name of the WMI class is StdRegProv? That looks like the name of a WMI provider, not the name of a WMI class. Most of the WMI classes we use begin with Win32, and the names are more easily understood. The second thing you will notice about the SetDefaultRegistryStringValue.vbs script is that the WMI class is located in the root\default WMI namespace. Interestingly enough, root\default is not the default WMI namespace. Root\cimv2 is the default WMI namespace on every Windows operating system made since Windows NT 4.0. Beginning with Windows Vista, the WMI team also placed a copy of the StdRegProv WMI class in root\cimv2. If all of your computers are Windows Vista and later, you can ignore the version of the StdRegProv in root\default and only use the one from the root\cimv2 WMI namespace.

The most confusing thing about the StdRegProv WMI class is that each data type in the registry requires a different method. These methods are documented on MSDN. In this script the SetStringValue method is used to assign a new value to a key. For information about using the StdRegProv WMI class from within Windows PowerShell, refer to How Can I Change My Internet Explorer Home Page. The complete SetDefaultRegistryStringValue.vbs script is shown here.

SetDefaultRegistryStringValue.vbs

Const HKEY_CURRENT_USER = &H80000001

strComputer = "."

Set objRegistry = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")

strKeyPath = "ScriptCenter"
strValueName = ""
strValue = "http://www.microsoft.com/technet/scriptcenter/default.mspx"

objRegistry.SetStringValue HKEY_CURRENT_USER, strKeyPath, strValueName, strValue

CS, an easier way to work with the registry by using Windows PowerShell is to use the registry provider. The registry provider provides a consistent and easy way to work with the registry from within Windows PowerShell. Using the registry provider, you can search the registry, create new registry keys, delete existing registry keys, and modify values and access control lists (ACLs) from within Windows PowerShell. Windows PowerShell creates two PSDrives by default. To identify the PSDrives supplied by the registry provider, you can use the Get-PSDrive cmdlet, and pipeline the resulting objects into the Where-Object cmdlet and filter on the provider property while supplying a value that is like the word “registry.” This command is seen here:

get-psDrive | where {$_.Provider -like "*registry*"}

The resulting list of PSDrives is seen here:

Name       Provider      Root                                   CurrentLocation
----       --------      ----                                   ---------------
HKCU       Registry      HKEY_CURRENT_USER
HKLM       Registry      HKEY_LOCAL_MACHINE

Now that you know which registry drives exist (you can add additional registry drives by using the Add-PSDrive cmdlet), you can use the Set-Item cmdlet to assign a value to the default registry key. Suppose you have the registry key, HKEY_CURRENT_USER\Software\ScriptingGuys, that has an empty default value as seen here:

Image of registry key with empty default value


To assign a value, you can write a script similar to SetDefaultRegistryStringValue.vbs in VBScript, or you can emulate that methodology in Windows PowerShell. But the easier way is to use the registry provider for Windows PowerShell. Using the HKCU drive in Windows PowerShell, you can use the same cmdlets you use to work with the filesystem. The Set-Item cmdlet writes information. To provide a value for the ScriptingGuys registry key, specify the path, the value, and the type of value you are assigning. To write the string “MyNewValue” to the registry key, use the following command:

Set-Item -Path HKCU:\Software\ScriptingGuys -Value "MyNewValue" -Type string

The revised registry key now has a value for (Default):

Image of resitry key with default value


CS you said you need to make the change on multiple computers. Using Windows PowerShell 1.0 I normally fell back to the StdRegProv WMI class to do that. But in Windows PowerShell 2.0 you can use the Invoke-Command cmdlet to execute a standard Windows PowerShell command on a remote computer. Because we need to assign a registry value to a key that is in the HKEY_CURRENT_USER\Software\ScriptingGuys hive things could get a bit confusing. This is because I am logged onto my workstation as Nwtraders\Ed. I want to target a computer that has Nwtraders\Administrator logged on. My current user hive on the remote machine is different than the current user that is logged on. To work around this, all we need to do is supply alternate credentials when we invoke the command. The command to do this is seen here (this command is one line)

PS C:\> Invoke-Command -computer Win7-Pc -script { Set-Item -Path HKCU:\Software\ScriptingGuys -Value "MyNewValue" –Type string } -Credential nwtraders\administrator

The credential dialog box appears and prompts you for the password:

Image of credential dialog box


After the command has run on the remote computer, we use Remote Desktop to browse the registry as the administrator. As seen in the following image, the registry key has been changed:

Image of changed registry key

 

CS, that is all there is to adding a value to a registry key with the name of (Default). Registry Week will continue tomorrow when we will talk about…wait a minute.

If you want to know exactly what we will be looking at tomorrow, follow us on Twitter or Facebook. If you have any questions, send e-mail to us at scripter@microsoft.com or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, peace.

 

Ed Wilson and Craig Liebendorfer, Scripting Guys

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • Would love to see how to read remote registry with alternate credentials.