Access 64bit registry values from 32bit powershell

When using the a 32bit powershell to access the registry on a 64bit machine it will fail to access certain registry keys because of registry redirection to the Wow6432Node location.

 
 
 
 
 
5 Star
(8)
Add to favorites
Operating System
9/10/2009
E-mail Twitter del.icio.us Digg Facebook
  • Only REG_SZ values work
    2 Posts | Last post June 30, 2015
    • This only seems to work if the specified registry value is a string (REG_SZ).  Any plans to expand this to also work with the other registry value types (REG_DWORD, REG_BINARY, REG_QWORD, REG_MULTI_SZ, REG_EXPAND_SZ)?
    • I just had the same problem, here the function for read DWord :
      Function GetDWordValueFromRegistryThruWMI([string]$computername, $regkey, $value)   
      {   
          #constant for the HLKM   
          $HKLM = "&h80000002"  
        
          #creates an SwbemNamedValueSet object 
          $objNamedValueSet = New-Object -COM "WbemScripting.SWbemNamedValueSet"  
        
          #adds the actual value that will requests the target to provide 64bit-registry info 
          $objNamedValueSet.Add("__ProviderArchitecture", 64) | Out-Null  
        
          #back to all the other usual COM objects for WMI that you have used a zillion times in VBScript 
          $objLocator = New-Object -COM "Wbemscripting.SWbemLocator"  
          $objServices = $objLocator.ConnectServer($computername,"root\default","","","","","",$objNamedValueSet)   
          $objStdRegProv = $objServices.Get("StdRegProv")   
        
          # Obtain an InParameters object specific to the method.   
          $Inparams = ($objStdRegProv.Methods_ | where {$_.name -eq "GetDWORDValue"}).InParameters.SpawnInstance_()   
         
          # Add the input parameters   
          ($Inparams.Properties_ | where {$_.name -eq "Hdefkey"}).Value = $HKLM  
          ($Inparams.Properties_ | where {$_.name -eq "Ssubkeyname"}).Value = $regkey  
          ($Inparams.Properties_ | where {$_.name -eq "Svaluename"}).Value = $value  
        
          #Execute the method   
          $Outparams = $objStdRegProv.ExecMethod_("GetDWORDValue", $Inparams, "", $objNamedValueSet)   
        
          #shows the return value   
          ($Outparams.Properties_ | where {$_.name -eq "ReturnValue"}).Value   
        
          if (($Outparams.Properties_ | where {$_.name -eq "ReturnValue"}).Value -eq 0)   
          {   
             write-host "it worked"  
             $result = ($Outparams.Properties_ | where {$_.name -eq "uValue"}).Value   
             write-host "Result: $result"  
             return $result  
          }   
          else  
          {   
              write-host "nope"  
          }   
      }   
      
      
  • Error on Windows 2003
    3 Posts | Last post October 28, 2012
    • When I run the script for accessing 64 bit registry values from a 32 bit powershell interface as would the case would be when a script is being run from the 32 bit SCCM 2007 client on a Windows 2003 32 bit server I get the following error "Exception calling "ConnectServer" with "8" argument(s): "Invalid parameter ""  This error is not returned on any other OS I have tested it on.  The script is being run through PSEXEC using the "-s" switch so that it runs as the local system account, just as the SCCM client runs.  The script is local to the workstation.  Any help will be greatly appreciated.  This error does not appear when a user with administrative rights runs the script on the server.
    • Keith, unfortunately I do not have a machine with Windows Server 2003 32bit machine anywhere anymore... and I have never tried to run this thru PSEXEC as SYSTEM. I know (and you confirm) that from a user account with administrative privileges this works. It is probably something related to the way WMI impersonation works and/or DCOM permissions... 
    • If you look at http://msdn.microsoft.com/en-us/library/windows/desktop/aa393720(v=vs.85).aspx you see which parameters the ConnectServer method accepts... you can try forcing a specific user identity and password in there and see what happens?