Querying Any Registry Information on Remote Computers via Script

Comments 0

Share to social media

You can automate a number of manual tasks using scripts, a  command line operation is always faster than a GUI operation.

Windows Registry has functioned as a big repository for the Operating System to store its static and volatile information since Windows 3.1! Many Windows Applications rely on storing information in the Windows Registry and administrators still need to query something on the remote computers every day. There are several scripts available online to query Windows Registry information on remote computers but these scripts query a specific registry value and then generate a report which is static in nature. The scripts you see on various web sites are sometimes hard to modify or written in a language which you’re not familiar with e.g. VBScript.

If you need to query registry information on remote computers, you either end up searching for it on the internet or write your own (provided you know scripting) which may take a considerable amount of time. In this article, I’m going to demonstrate a technique you can use to query “any” Windows Registry values remotely and have a report ready in CSV format!

This script ships with the following files and can be downloaded here.

  • RegConfig.INI
  • DynamicRegQuery.CMD
  • RemoteComputers.TXT

Features

The script provides the following features:

  • It can run on Operating Systems ranging from XP to Windows Server 2012 and Window 8.
  • No modifications are required to the main script to query registry information of your choice.
  • No dependencies on any other Windows components as long as Remote Registry service is enabled on the remote computers.
  • The script can be used by an administrator who doesn’t know anything about scripting.
  • It shows status of each computer on the screen and the total number of computers to be processed.
  • Creates a CSV report file.
  • Creates a log file to easily troubleshoot the issues with remote computers.

Requirements

Before you run the script, please make sure the following conditions are true:

  • Remote Registry is enabled on the remote computers.
  • You know what you want to query in the registry. You should know the registry location and registry entry to query.
  • The remote computers are reachable from the scripting computer.
  • ICMP or Ping is enabled on the remote computer for Dynamic Script to check the availability of remote computer.
  • Must run from the Command Prompt and under the Local Administrator account.

How it works

The script (DynamicRegQuery.CMD) queries RegConfig.INI file as to see which registry entry you want to query from the remote computer. Once it identifies the registry entry, it checks the registry entry on each remote computer and collects the required information. The collected information then is reported in the report file you specify in the RegConfig.INI file.

RegConfig.INI File

RegConfig.INI is a text file and can easily be modified in the Notepad.exe. RegConfig.INI looks like below and is located under C:\DynamicQuery folder:

dynamic1.png

In the above screenshot, you can see RegConfig.INI is configured to query HKLM\Software\Microsoft\Windows NT\CurrentVersion registry key which is identified by “ThisREGKEY” keyword. The registry entry which we want to query remotely is ProductName as identified by “ThisREGEntry” keyword.

There are other two more sections “Report and Log Files” and “Computer File” which contain the location and name of the file. Script creates report file under C:\DynamicQuery\Report folder and log file under C:\DynamicQuery\LOG folder. You can modify the report and log file name.

Script queries RegConfig.INI to locate the computer file by querying “ComputerFile” keyword as shown in the above screenshot.

Running DynamicRegQuery.CMD

Before you run the DynamicRegQuery.CMD script, please make sure all the conditions highlighted in the “Requirements” section of this article is true and RegConfig.INI has been modified for the registry Key and registry entry you want to query on the remote computers.

  1. Unzip DynamicQueryScript.ZIP to C:\DynamicQuery folder on your computer from where all the computers mentioned in the RemoteComputers.TXT are reachable.
  2. Modify the RegConfig.INI file and double check the “ThisREGKey” and “ThisREGEntry” to make sure this is what you want to query on the remote computers.
  3. Edit RemoteComputers.TXT file and add the computer names in a format shown in the below screenshot:

    dynamic2.png

  4. Once RemoteComputers.TXT is modified, run the DynamicQuery.CMD script from the command prompt as shown below:

dynamic3.png

When you run the script, it checks to make sure RegConfig.INI can be found in the C:\DynamicQuery folder and all keywords in RegConfig.INI are available for script to process as shown in the above screenshot. The script will wait for you to confirm which you can do by typing “Y” (this is case sensitive, so make sure it’s a capital Y). Once you confirm, the script starts processing the computers from RemoteComputers.TXT and the result is displayed on the screen for all computers as shown below:

dynamic4.png

Report

To check the report, open the C:\DynamicQuery\Report folder and click on the MyReport.CSV file. The results are stored in a CSV file as shown below:

dynamic5.png

We can see that the script ran successfully for computer “Techcomp1” but failed to run for other computers. This is the case because the other computers are not reachable or remote registry is disabled. The script does not require any port to be opened on the remote computer but at a minimum Remote Registry must be enabled and the computer must be reachable.

Checking Logs

If script is not able to run for a compute properly, it stores the error information in the Processing.LOG file which is located under C:\DynamicQuery\LOG folder. A sample log is shown below:

dynamic6.png

Limitations

  • Currently, in this version of the script, it can query only one set of registry entry. In the coming version, I will modify it to query multiple registry entries on remote computers.

Load comments

About the author

Nirmal Sharma

See Profile

Nirmal Sharma is a MCSEx3, MCITP and Microsoft MVP in Directory Services. He specializes in directory services, Microsoft Azure, Failover clusters, Hyper-V, and System Center products and has been involved with Microsoft Technologies since 1994. In his spare time, he likes to help others and share some of his knowledge by writing tips and articles on various sites and contributing to Dynamic Packs for www.ITDynamicPacks.Net solutions. Nirmal can be reached at nirmal_sharma@mvps.org.

Nirmal Sharma's contributions