Previous Page
Next Page

Connecting to the Registry

To work with the registry, you need to connect to it first. You can use the WMI StdRegProv class to make a connection and to read or write information into it. Although reading from the registry is a safe process, writing to the registry could have disastrous consequences if you don't take normal safety precautions such as making a backup of the key you intend to change and testing the script in a lab on machines that would be easily recoverable.

At times, just being able to read a listing of keys is sufficient for your needs. For instance, when the hotfix installer is run, it creates an entry under HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix. Realizing this, if you read this key, you can see what hotfixes have been applied to a particular machine. The following script, ReadHotFixes.vbs, does this very thing. By using the EnumKey method of the WMI StdRegProv class, you can rather easily create a listing of subkeys.

ReadHotFixes.vbs

Option Explicit
On Error Resume Next
Dim strKeyPath
Dim strComputer
Dim objReg
Dim subKey
Dim arrSubKeys

Const HKCR = &H80000000 'HKEY_CLASSES_ROOT
Const HKCU = &H80000001 'HKEY_CURRENT_USER
Const HKLM = &H80000002 'HKEY_LOCAL_MACHINE
Const HKU = &H80000003 'HKEY_USERS
Const HKCC = &H80000005 'HKEY_CURRENT_CONFIG

strKeyPath  = "SOFTWARE\Microsoft\Windows NT" _
  & "\CurrentVersion\HotFix"
strComputer = "."

Set objReg=GetObject("winmgmts:\\" &_
  strComputer & "\root\default:StdRegProv")

objReg.EnumKey HKLM, strKeyPath, arrSubKeys

  WScript.Echo("Keys under " & strKeyPath)
For Each subKey In arrSubKeys
  WScript.Echo vbTab & subKey
Next

Header Information

The Header information section of ReadHotFixes.vbs consists of the Option Explicit and On Error Resume Next commands, as well as the declarations for five variables. The five variables are described in Table 17-1.

Table 17-1. Variables Used in ReadHotFixes.vbs

Variable

Use

strKeyPath

The main registry that defines the entry point for the script

strComputer

Holds the name of the computer that is targeted by WMI

objReg

Holds the SWbemObjectEx object that comes back from the WMI StdRegProv class

subKey

Holds the name of the registry key to be enumerated

arrSubKeys

Holds an array of registry keys found under the subKey


Reference Information

The Reference information section of the script is used to define constants and variables used in the operation of the script. Several tree values are defined in winreg.h that you can use to define constants and to shorten the length of your scripts. The default tree is HKEY_LOCAL_MACHINE, so in reality, specifying the tree is unnecessary. However, for clarity, and to ensure you hit the correct portion of the registry, I do not advocate relying on the default registry tree. All the hexadecimal (hex) numbers that represent the registry trees are listed in the Reference information section of this script. I normally include them in all registry scripts so that I don't have to look them up later. They don't take up too much space, and you can use them to form the basis of a nice registry script template.

The variable strKeyPath contains the registry key you want to look at. In this instance, because you're using the EnumKey method, you'll get back only a listing of key names that reside below strKeyPath. This is a useful method to use when you don't know what you'll find below a particular registry key.

You make your connection to the standard registry provider by using GetObject to make a connection into winmgmts. By default, StdRegProv resides in the root\default namespaceit is important to note, however, that software makers can compile the Regevent.mof file used to define the StdRegProv class into a different namespace for use in their applications. If you're working with such an application, you should connect to a different namespace.

Const HKCR = &H80000000 'HKEY_CLASSES_ROOT
Const HKCU = &H80000001 'HKEY_CURRENT_USER
Const HKLM = &H80000002 'HKEY_LOCAL_MACHINE
Const HKU = &H80000003 'HKEY_USERS
Const HKCC = &H80000005 'HKEY_CURRENT_CONFIG
strKeyPath = "SOFTWARE\Microsoft\Windows NT" _
  & "\CurrentVersion\HotFix"
strComputer = "."

Set objReg=GetObject("winmgmts:\\" &_
  strComputer & "\root\default:StdRegProv")

Worker and Output Information

The Worker and Output information section of the script is where you use the SWbem ServicesEx object provided by StdRegProv to perform some work. In the ReadHotFixes.vbs file, you use the EnumKey method of the StdRegProv WMI class to read a listing of subkeys. Because the hotfix installer documents hotfixes under the hotfix registry key, this is a useful application of the EnumKey method. Normally, however, you would use the EnumKey method to find out what subkeys existed prior to performing some other action on the registry. For instance, you could use EnumKey to find out whether a subkey existed, which in turn would enable you to determine whether a particular application had been installed on a computer. It would also be useful in finding certain types of viruses.

The objReg.EnumKey command uses the HKLM constant you defined in the Reference information section of the script as well as the strKeyPath variable. The information is written to a variable called arrSubKeys.

The subkeys are stored in an array, so you use a For Each...Next construction to iterate through each element in the array. You assign each new element to a variable called subKey. You use WScript.Echo to write the information, and you use the function vbTab to indent the results under the heading that was echoed out before entering the For Each...Next loop. The Worker and Output section of this script is listed below:

objReg.EnumKey HKLM, strKeyPath, arrSubKeys

WScript.Echo("Keys under " & strKeyPath)
For Each subKey In arrSubKeys
  WScript.Echo vbTab & subKey
Next


Previous Page
Next Page