[英]Remotely delete multiple registry keys in a wildcard folder using powershell?
我正在處理一個腳本,該腳本將刪除存儲在注冊表中的App-V密鑰。 用戶打開應用程序時,它將在以下位置創建一個密鑰:
HKLM\SOFTWARE\Microsoft\AppV\MAV\Configuration\Packages\**PackageID**\UserConfigEx\**SID**
PackageID
和SID
每次都是唯一的,我希望能夠刪除每個PackageID
項中的SID
子項。
用戶將輸入SID,然后我想使用通配符(如果可能)導航到存在的每個Package ID。
到目前為止,我有以下內容:
#Take user input
$SID = Read-Host "Please enter users SID"
$computer = Read-Host "Please enter computer name"
#Test connection
Write-Host "Connecting to $computer"
if (Test-Connection -ComputerName $computer -Quiet -BufferSize 16 -Count 1) {
#Connect to registry and delete key
try
{
$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey(‘LocalMachine’, $computer)
$regKey = $reg.OpenSubKey(“HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\AppV\\MAV\\Configuration\\Packages\\*\\UserConfigEx\\$SID”,$true )
if ($regkey.GetValue(“$SID”))
{
$regKey.DeleteValue(“$SID”)
Write-Host
Write-Host "$SID key deleted successfully" -ForegroundColor Green
}
else
{
Write-Host
Write-Host "No keys with this SID exist." -ForegroundColor Red
}
} catch {
$ErrorMessage = $_.Exception.Message
Write-Host "Unable to connect to $computer. Error: $($ErrorMessage)." -ForegroundColor Red
}
} else
{
Write-Host "Unable to connect to $computer. Please ensure correct computer name / IP address has been entered correctly." -ForegroundColor Red
}
如果運行此命令,則會收到:
You cannot call a method on a null-valued expression.
At line:51 char:9
+ if ($regkey.GetValue(“$SID”))
+ ~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
我正在使用一些我在這里獲得幫助的腳本來遠程連接到計算機。
.NET注冊表API在關鍵路徑中不支持通配符( *
) 。
$regKey.GetValue()
失敗,因為$regKey = $reg.OpenSubKey(...)
由於找不到鍵而返回$null
,並且在$null
上調用方法總是導致引用錯誤消息在這個問題上。 相比之下,PowerShell的注冊表提供程序通過*-Item*
cmdlet可以,但是您需要PowerShell遠程處理才能遠程使用它。
Windows Server 2012及更高版本上默認啟用PowerShell遠程處理; 在較舊的OS版本上,您可以通過在目標計算機上運行Enable-PSRemoting
來啟用它(需要PSv3 +)。
啟用PowerShell遠程處理后,您需要將代碼包裝在Invoke-Command -ComputerName <name> { ... }
調用中(您可能也必須將憑據傳遞到該調用)。
如果不是啟用PowerShell遠程處理,則必須基於.GetSubkeyNames()
結果的每個元素的通配符匹配,通過嵌套循環 模擬基於通配符的匹配。
順便說一句:您無需在PowerShell字符串中以\\\\
來轉義\\
; PowerShell使用`
因為里面的轉義字符"..."
,所以你需要躲避唯一字符有`
本身, ``
基於PowerShell遠程處理的解決方案:
請注意, 必須從提升的會話 (以Run As Administrator
Invoke-Command -ComputerName ...
Run As Administrator
)中Invoke-Command -ComputerName ...
:
try {
Invoke-Command -ErrorAction Stop -ComputerName $computer {
# Define wildcard-based path.
$keyPath = "registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\MAV\Configuration\Packages\*\UserConfigEx\$SID"
# See if it matches any keys.
if (Test-Path $keyPath) {
# Note: I'm assuming you want to remove the entire *key*.
# To only remove a key's *value*, use Remove-ItemProperty.
Remove-Item -Path $keyPath
} else {
Write-Warning "No keys with SID $SID exist."
}
}
} catch [System.Management.Automation.Remoting.PSRemotingTransportException] {
# Note: Depending on the specifics of your Invoke-Command call, the reason may
# be permissions-related; when in doubt, examine $_
Write-Warning "Unable to connect to $computer. Please ensure correct computer name / IP address has been entered correctly:`n$_"
} catch {
# Other, unexpected failure.
Throw
}
看起來像是ASCII與Unicode引號問題:
你有:
$regkey.GetValue(“$SID”)
應替換為:
$regkey.GetValue("$SID")
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.