Changing Registry Key values

I have the following function to modify values in a group of registry keys.  It is run with an account that has local admin rights on all the machines in my environment.  The script that calls the function is elevated to run with elevated permissions ('as administrator').  The issue I am having is that the first key never gets updated, while the other two do.  However if I go back to my trusty command prompt (using the same account 'as administrator') and do a REG ADD, that updates that key not being updated by the PowerShell script without a problem.  I tried two different methods to modify the key not updating as you will see in the code below.

Here is the function:

Function Update_Registry($ComputerName, $521) {
   $PingStatus = Gwmi Win32_PingStatus -Filter "Address = '$ComputerName'" | Select-Object StatusCode
   If ($PingStatus.StatusCode -eq 0){
      $reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32.RegistryHive]::LocalMachine, $ComputerName )
      $regkey = $null
      $regKey = $reg.OpenSubKey("SOFTWARE\\Company\\Tattoo",$true)
      $Values = $regKey.GetValueNames()
      ForEach ($Value in $Values) {
         If ($Value -eq "Owner") {
            $regKey.SetValue($Value, $521, [Microsoft.Win32.RegistryValueKind]::String) # Doesn't set the key
            Invoke-Command -Computername $ComputerName -ScriptBlock { Set-ItemProperty -Path 'HKLM:\SOFTWARE\Company\Tattoo' -Name $Value -Value $521 } # WinRM cannot complete the operation
         }
      }
      $regkey = $null
      $regKey = $reg.OpenSubKey("SOFTWARE\\Wow6432Node\\Company\\Tattoo",$true)
      $Values = $regKey.GetValueNames()
      ForEach ($Value in $Values) {
         If ($Value -eq "Owner") {
            $regKey.SetValue($Value, $521, [Microsoft.Win32.RegistryValueKind]::String) # Sets the key
         }
      }
      $regkey = $null
      $regKey = $reg.OpenSubKey("SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Environment",$true)
      $Values = $regKey.GetValueNames()
      ForEach ($Value in $Values) {
         If ($Value -eq "CoOwner") {
            $regKey.SetValue($Value, $521, [Microsoft.Win32.RegistryValueKind]::String) # Sets the key
         }
      }
   } Else {
      Write-Host "$ComputerName unreachable"
   }
}

  • jml02118 said:
    $PingStatus = Gwmi Win32_PingStatus -Filter "Address = '$ComputerName'" | Select-Object StatusCode
    If ($PingStatus.StatusCode -eq 0){

    Not related to the issue you're having, but why are you using PingStatus?  Replace those two lines with ...

    if (Test-Connection -ComputerName $ComputerName -Count 1 -Quiet) {

  • @Bob - thanks for the suggestion!  Always good to learn new things.  Now if somebody would be able to tackle this issue I'm having!

  • When I tested your code, the first $reg.SetValue() works fine on my test registry key. I am able to set the value fine.

    I'm not able to set the value correctly when I specify the incorrect path, there is no value named "Owner" or if I remove permissions to update the registry key. So I'm guessing it's one of those problems.

    Or possibly you are running the script from the ISE and there is some lingering variable that is set incorrectly. I would suggest testing this from a regular PowerShell prompt first if that is the case.

    The Invoke-Command uses PowerShell remoting, which is quite separate from remote registry access. You will need to set up PowerShell remoting first before that will work.

  • As mentioned, if I run the following from a command prompt, with the same credentials that I am running the PowerShell script (either through powershell.exe or powershell_ise.exe, the command runs and is successful (so it shouldn't be a permissions issue), so I would think that the $reg.SetValue() would work as well, as it does for the other two registry keys.  Here is the command prompt command I am using:

    REG ADD \\$ComputerName\HKLM\SOFTWARE\Company\Tattoo /v Owner /d Me /t REG_SZ /f (where $ComputerName is the name of the remote computer)

    The only other thing I can think of to try is calling that command prompt command through PowerShell, but I haven't figured out how to get that to work.

    I understand now about Invoke-Command and PowerShell remoting, but won't be able to enable that for security reasons.

  • Ouch, you've hit on one of my sore points.  I'll apologise in advance because i know its not really on topic of the main thread, but just out of interest what are the security reasons you mention? 

    WinRMs about the securest mechanism available for remote management of systems.

  • I agree!  The "security reasons" excuse is almost always a canard for people who just don't want to do it or don't want to apply the due diligence to investigate its security.  The same holds true to why a lot of people are still on v2.  Even if you don't allow WinRm across the enterprise, there should be a documented exception policy to allow it where it is needed and justified.

  • Unfortunately, it's beyond my sphere of influence to allow remote management using WinRM on our Windows 7 clients.  It's another group in another division that makes this decision.  I can only work within the framework I am given.

  • I resolved my issue using the following command:

    Invoke-WmiMethod -Name Create -Class Win32_Process -ArgumentList "Powershell Set-ItemProperty -Path HKLM:\SOFTWARE\Company\Tattoo -name $Value -value $521" -ComputerName $Computer.Name

  • I agree! You’ve helped make it clearer for me!

    hotmail sign in

  • Just let me know how we can accomplish this task. Let me go find hope for this life:  basketball games