locked
Read DWORD via microsoft.management.infrastructure (WMI) on a remote PC RRS feed

  • Question

  • Since a few days I'm trying to find a solution to read the "UBR" REG_DWORD from the registry.


    Registry PATH: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion

    With System.management assembly this works great.
     See CODE:

    ManagementClass ObjManagementClassRegistry = new ManagementClass(_objPublicManagementScope, new ManagementPath("StdRegProv"), null);
                    ManagementBaseObject inParams = ObjManagementClassRegistry.GetMethodParameters("GetStringValue");
                    inParams["hDefKey"] = 0x80000002;// HKEY_LOCAL_MACHINE;
                    inParams["sSubKeyName"] = @"SOFTWARE\Microsoft\Windows NT\CurrentVersion";
                    inParams["sValueName"] = "UBR";

                    ManagementBaseObject ObjOutParams = ObjManagementClassRegistry.InvokeMethod("GetDWORDValue", inParams, null);

                    if (Convert.ToUInt32(ObjOutParams["ReturnValue"]) == 0)
                    {
                        var ddd = ObjOutParams["uValue"];
                    }

    Now System.Management will be replaced by Microsoft.Management.Infrastructure Assembly

    Now I try to write it under Microsoft.Management.Infrastructure, but I can't get it to work.

    I would need a sample code in cSharp. I know that there is something like that with PowerShell, but I don't understand the script :-(

    I want to thank you in advance for your help

    Greetings Brauschi

    Wednesday, May 13, 2020 10:54 AM

Answers

  • A simple solution with expansion potential :-)

    Thanks for your help.

    string strComputer = "ComputerName";
    string strUser = "UserName";
    string strPassword = "UserPassword";
    string strDomain = "DomainName";


    SecureString securepassword = new SecureString();
    foreach (char c in strPassword)
    {
    securepassword.AppendChar(c);
    }

    CimCredential Credentials = new CimCredential(PasswordAuthenticationMechanism.Kerberos, strDomain, strUser, securepassword);
    WSManSessionOptions SessionOptions = new WSManSessionOptions() { DestinationPort = 5985 };
    SessionOptions.AddDestinationCredentials(Credentials);
    CimSession SystemSession = CimSession.Create(strComputer, SessionOptions);
    bool Connected = SystemSession.TestConnection(out CimInstance TmpInstance, out CimException TmpExeption);



    // CLASSES_ROOT = 2147483648;
    // CURRENT_USER = 2147483649;            
    // LOCAL_MACHINE = 2147483650;
    // USERS = 2147483651;
    // CURRENT_CONFIG = 2147483653;

    UInt32 RegRoot = 2147483650;

    CimMethodParametersCollection CimParams = new CimMethodParametersCollection();
    CimParams.Add(CimMethodParameter.Create("hDefKey", RegRoot, CimFlags.In));
    CimParams.Add(CimMethodParameter.Create("sSubKeyName", @"SOFTWARE\Microsoft\Windows NT\CurrentVersion", CimFlags.In));
    CimParams.Add(CimMethodParameter.Create("sValueName", "UBR", CimFlags.In));


    // GetStringValue = sValue
    // GetMultiStringValue = sValue
    // GetExpandedStringValue = sValue

    // GetDWORDValue = uValue
    // GetQWORDValue = uValue
    // GetBinaryValue = uValue

    CimMethodResult NameResults = SystemSession.InvokeMethod(new CimInstance("StdRegProv", @"root\default"), "GetDWORDValue", CimParams);

    string strUBR_RegistryValue = NameResults.OutParameters["uValue"].Value.ToString();

    • Marked as answer by D.Brausch Wednesday, May 13, 2020 7:52 PM
    • Edited by D.Brausch Wednesday, May 13, 2020 7:58 PM
    Wednesday, May 13, 2020 7:52 PM

All replies

  • Have you tested with RegistryKey.OpenRemoteBaseKey ?
    Wednesday, May 13, 2020 11:43 AM
  • Sorry, I forgot to write. Remote Registry and Remote PowerShell is not allowed on the network :-(
    Wednesday, May 13, 2020 11:56 AM
  • There are some samples from Google, but a bit complex just to read registry :

    Microsoft.Management.Infrastructure CimSession

    Wednesday, May 13, 2020 1:04 PM
  • I'm sorry, but I can't get him to point out the one thing he's worth.


    Wednesday, May 13, 2020 4:41 PM
  • A simple solution with expansion potential :-)

    Thanks for your help.

    string strComputer = "ComputerName";
    string strUser = "UserName";
    string strPassword = "UserPassword";
    string strDomain = "DomainName";


    SecureString securepassword = new SecureString();
    foreach (char c in strPassword)
    {
    securepassword.AppendChar(c);
    }

    CimCredential Credentials = new CimCredential(PasswordAuthenticationMechanism.Kerberos, strDomain, strUser, securepassword);
    WSManSessionOptions SessionOptions = new WSManSessionOptions() { DestinationPort = 5985 };
    SessionOptions.AddDestinationCredentials(Credentials);
    CimSession SystemSession = CimSession.Create(strComputer, SessionOptions);
    bool Connected = SystemSession.TestConnection(out CimInstance TmpInstance, out CimException TmpExeption);



    // CLASSES_ROOT = 2147483648;
    // CURRENT_USER = 2147483649;            
    // LOCAL_MACHINE = 2147483650;
    // USERS = 2147483651;
    // CURRENT_CONFIG = 2147483653;

    UInt32 RegRoot = 2147483650;

    CimMethodParametersCollection CimParams = new CimMethodParametersCollection();
    CimParams.Add(CimMethodParameter.Create("hDefKey", RegRoot, CimFlags.In));
    CimParams.Add(CimMethodParameter.Create("sSubKeyName", @"SOFTWARE\Microsoft\Windows NT\CurrentVersion", CimFlags.In));
    CimParams.Add(CimMethodParameter.Create("sValueName", "UBR", CimFlags.In));


    // GetStringValue = sValue
    // GetMultiStringValue = sValue
    // GetExpandedStringValue = sValue

    // GetDWORDValue = uValue
    // GetQWORDValue = uValue
    // GetBinaryValue = uValue

    CimMethodResult NameResults = SystemSession.InvokeMethod(new CimInstance("StdRegProv", @"root\default"), "GetDWORDValue", CimParams);

    string strUBR_RegistryValue = NameResults.OutParameters["uValue"].Value.ToString();

    • Marked as answer by D.Brausch Wednesday, May 13, 2020 7:52 PM
    • Edited by D.Brausch Wednesday, May 13, 2020 7:58 PM
    Wednesday, May 13, 2020 7:52 PM