(04) GetBinaryValue
返回键值类型为REG_BINARY的指定键值名称的键值数值。
uint32 GetBinaryValue(
[in, optional] uint32 hDefKey = 2147483650,
[in] string sSubKeyName,
[in] string sValueName,
[out] uint8 uValue[]
);
例1:显示SOFTWARE\Microsoft\Windows NT\CurrentVersion下键值名称为“DigitalProductId”的键值数值。这是一个数组,存放类型为REG_BINARY的二进制数据。此例采用ExecMethod_()方法调用GetBinaryValue。
Const HKEY_CLASSES_ROOT = &H80000000
Const HKEY_CURRENT_USER = &H80000001
Const HKEY_LOCAL_MACHINE = &H80000002
Const HKEY_USERS = &H80000003
Const HKEY_CURRENT_CONFIG = &H80000005
sComputer = "."
sMethod = "GetBinaryValue"
hTree = HKEY_LOCAL_MACHINE
sKey = "SOFTWARE\Microsoft\Windows NT\CurrentVersion"
sValue = "DigitalProductId"
Set oRegistry = GetObject("winmgmts:{impersonationLevel=impersonate}//" & _
sComputer & "/root/default:StdRegProv")
Set oMethod = oRegistry.Methods_(sMethod)
Set oInParam = oMethod.inParameters.SpawnInstance_()
oInParam.hDefKey = hTree
oInParam.sSubKeyName = sKey
oInParam.sValueName = sValue
Set oOutParam = oRegistry.ExecMethod_(sMethod, oInParam)
For iCount = 0 To UBound(oOutParam.Properties_("uValue"))
WScript.Echo oOutParam.Properties_("uValue")(iCount)
Next
例2:直接调用GetBinaryValue。
Const HKEY_LOCAL_MACHINE = &H80000002
sComputer = "."
hDefKey = HKEY_LOCAL_MACHINE
sSubKeyName = "SOFTWARE\Microsoft\Windows NT\CurrentVersion"
sValueName = "DigitalProductId"
Set oRegistry = GetObject("winmgmts:{impersonationLevel=impersonate}//" & _
sComputer & "/root/default:StdRegProv")
oOutParam = oRegistry.GetBinaryValue(hDefKey, sSubKeyName, sValueName, uValue)
WScript.Echo "Return code: " & oOutParam
OutValues = ""
For i = 0 To UBound(uValue)
OutValues = OutValues & Hex(uValue(i)) & " "
Next
WScript.Echo "Key Value of " & sValueName & " is : " & OutValues
例3:相应的PS程序,本例直接调用GetBinaryValue。由于输出显示是10进制,所以使用Tostring("x")将其转换成16进制。
$computer = "."
$namespace = "root\DEFAULT"
$hDefKey = "&H80000002"
$sSubKeyName = "SOFTWARE\Microsoft\Windows NT\CurrentVersion"
$sValueName = "DigitalProductId"
$oRegistry = get-wmiobject -list -namespace $namespace -ComputerName $computer | where-object { $_.name -eq "StdRegProv" }
$oOutParams = $oRegistry.GetBinaryValue($hDefKey, $sSubKeyName, $sValueName)
$ValueString = ""
Foreach($oOutParam in $oOutParams)
{
$Counts = $oOutParam.uValue.count
For ($i=0; $i -lt $Counts; $i++)
{
$ValueString = $ValueString + $oOutParam.uValue[$i].Tostring("x") + " "
}
}
"Key Value " + $sValueName + " is: "
$ValueString
(05) GetDWORDValue
返回键值类型为REG_DWORD的指定键值名称的键值数值。
uint32 GetDWORDValue(
[in, optional] uint32 hDefKey = 2147483650,
[in] string sSubKeyName,
[in] string sValueName,
[out] uint32 uValue
);
例1:获取SYSTEM\CurrentControlSet\Control\CrashControl下键值名为AutoReboot的键值数值,它的类型是REG_DWORD。此例直接调用GetDWORDValue。
Const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
Set oReg=GetObject( "winmgmts:{impersonationLevel=impersonate}!\\" &_
strComputer & "\root\default:StdRegProv")
strKeyPath = "SYSTEM\CurrentControlSet\Control\CrashControl"
strValueName = "AutoReboot"
oReg.GetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
WScript.Echo "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl\AutoReboot" _
& " = " & dwValue
例2:此例使用ExecMethod_()调用GetDWORDValue。
Const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
sMethod = "GetDWORDValue"
Set oRegistry = GetObject("winmgmts:{impersonationLevel=impersonate}//" & _
strComputer & "/root/default:StdRegProv")
Set oMethod = oRegistry.Methods_(sMethod)
Set oInParam = oMethod.inParameters.SpawnInstance_()
oInParam.hDefKey = HKEY_LOCAL_MACHINE
oInParam.sSubKeyName = "SYSTEM\CurrentControlSet\Control\CrashControl"
oInParam.sValueName = "AutoReboot"
Set oOutParam = oRegistry.ExecMethod_(sMethod, oInParam)
WScript.Echo "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl\AutoReboot" _
& " = " & oOutParam.Properties_("uValue")
例3:相应的PS程序。
$computer = "."
$namespace = "root\DEFAULT"
$hDefKey = "&H80000002"
$strKeyPath = "SYSTEM\CurrentControlSet\Control\CrashControl"
$strValueName = "AutoReboot"
$oRegistry = get-wmiobject -list -namespace $namespace -ComputerName $computer | where-object { $_.name -eq "StdRegProv" }
$oOutParams = $oRegistry.GetDWORDValue($hDefKey, $strKeyPath, $strValueName)
Foreach($oOutParam in $oOutParams)
{
$oOutParam.uValue
}
(06) GetExpandedStringValue
返回键值类型为REG_EXPAND_SZ的指定键值名称的键值数值
uint32 GetExpandedStringValue(
[in, optional] uint32 hDefKey = 2147483650,
[in] string sSubKeyName,
[in] string sValueName,
[out] string sValue
);
例1:读取HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon路径下键值名为UIHost的键值数值,这个数值是REG_EXPAND_SZ类型的。本例直接调用GetExpandedStringValue。
Const HKEY_LOCAL_MACHINE = &H80000002
Const HKEY_CLASSES_ROOT = &H80000000
Const HKEY_CURRENT_USER = &H80000001
Const HKEY_USERS = &H80000003
Const HKEY_CURRENT_CONFIG = &H80000005
strComputer = "."
Set objReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\"&_
strComputer & "\root\default:StdRegProv")
strKeyPath = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon"
strValueName = "UIHost"
Return = objReg.GetExpandedStringValue(HKEY_LOCAL_MACHINE,_
strKeyPath,strValueName,strValue)
If (Return = 0) And (Err.Number = 0) Then
WScript.Echo "The Windows logon UI host is: " & strValue
Else
Wscript.Echo _
"GetExpandedStringValue failed. Error = " & Err.Number
End If
例2:使用ExecMethod_()调用GetExpandedStringValue。
Const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
sMethod = "GetExpandedStringValue"
Set oRegistry = GetObject("winmgmts:{impersonationLevel=impersonate}//" & _
strComputer & "/root/default:StdRegProv")
Set oMethod = oRegistry.Methods_(sMethod)
Set oInParam = oMethod.inParameters.SpawnInstance_()
oInParam.hDefKey = HKEY_LOCAL_MACHINE
oInParam.sSubKeyName = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon"
oInParam.sValueName = "UIHost"
Set oOutParam = oRegistry.ExecMethod_(sMethod, oInParam)
If (oOutParam.ReturnValue = 0) And (Err.Number = 0) Then
WScript.Echo "The Windows logon UI host is: " & oOutParam.Properties_("sValue")
Else
Wscript.Echo "GetExpandedStringValue failed. Error = " & Err.Number
End If
例3:相应的PS程序
$computer = "."
$namespace = "root\default"
$hDefKey = "&H80000002"
$strKeyPath = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon"
$strValueName = "UIHost"
$oRegistry = get-wmiobject -list -namespace $namespace -ComputerName $computer | where-object { $_.name -eq "StdRegProv" }
$oOutParams = $oRegistry.GetExpandedStringValue($hDefKey, $strKeyPath, $strValueName)
If ($oOutParams.returnvalue -eq 0)
{
Foreach($oOutParam in $oOutParams)
{
"The Windows logon UI host is: " + $oOutParam.sValue
}
}
Else
{
"GetExpandedStringValue failed."
}