Get-UserRegistryValue
Description
Obtain specific registry values for all users.
Requirements
Just the parameters required by the script.
Usage
- Find all user profiles' usernames, SIDs, and locations of
ntuser.datfiles. - Query against the hive for SIDs.
- Loop through the hive, loading the hive and reading the registry value at the path specified for the key specified.
- Add the key information to a system object.
- If not excluded, load the default user hive and add that to the system object.
- Return the system object.
- Write the system object to the log.
.\Get-UserRegistryValue.ps1 -Path "Somepath\somemorepath\etc" -KeyName "SomeKey" -ExcludeDefault
Parameters
| Parameter | Alias | Required | Default | Type | Description |
|---|---|---|---|---|---|
Path | True | String | Holds the path following the SID and to the specified KEY. | ||
KeyName | True | String | Holds the name of the specific key. | ||
ExcludeDefault | False | Switch | Excludes the default account when querying values. |
Output
Location of output for log, result, and error files.
.\Get-UserRegistryValue-log.txt