Working with the Windows Registry in WSH - The WMI Way
(Page 3 of 4 )
So you’re probably wondering about now why we would bother learning another method for working with the registry if WSH provides us with one natively. Well, to put it simply, WMI is much more powerful. You can easily process more than one value at a time, for one, and WMI also let’s us do things that WSH won’t. For instance, try to create a key name “C:\mykey” using the WSH method. You can’t because the WSH method won’t allow you to use the forward slash (\) in a key name. WMI will.
To begin we’ll create an instance of the WMI object and then we will query it. We’ll need to return to WSH’s CreateObject() method in order to do that. You’ll notice the use of underscores (_) throughout this code. VBscript allows us to span single lines of code along multiple lines by ending each section with an underscore. I’ve done it here mostly to keep the code neat. You may do the same or leave the entire line intact.
You should also note that WMI values are returned in different ways depending on the value type. In order to be thorough, I will be demonstrating each of these to you so I’ll be jumping around a bit with our example project. Just bear with me and you’ll have no problem following along.
Const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
We begin our code by assigning a few constants. We assign the HKEY_LOCAL_MACHINE variable with its WMI hex equivalent. The table below shows those values. We’ve also assigned the variable strComputer to point to the local machine. Just as in DOS, Windows lets us use the period (.) to point to local objects. Any valid computer name would allow this script to run on any remote machine in your network.
Table 2: Hex Codes for Registry Roots in WMI
Hex Value Registry Root
&H80000000 HKEY_CLASSES_ROOT
&H80000001 HKEY_CURRENT_USER
&H80000002 HKEY_LOCAL_MACHINE
&H80000003 HKEY_USERS
&H80000005 HKEY_CURRENT_CONFIG
In WMI, each of the registry roots are named using a predefined hex value. You can see the complete list of hex values in Table 2.
Set objReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" _
& strComputer & "\root\default:StdRegProv")
This next piece of code creates an object to reference our WMI connection. This time we use Wscript’s GetOject() method to connect to WMI. In order to do this we have to construct a query. The first piece of our query statement points to Windows Management and set the impersonation level. This is beyond the scope of this article and will be the same in nearly every script you write. The second part of our query states the machine that we wish to send our query to. In our case, strComputer points to the local machine. The final piece of our query tells WMI what information to return. It has two parts separated by a colon (:). The first part is the WMI Root and the second is the WMI Provider.
strKeyPath = "Software\Microsoft\Windows\CurrentVersion"
strValue = "ProductID"
objReg.GetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValue,strPID
Wscript.Echo strPID
The final section of code is simple. The strKeyPath and strValue variables are assigned the registry path and value names that we want to find respectively. Then we use the GetStringValue method to return our WMI query. We finish by using the Echo method to display our results as we did in our first example. The syntax for the GetStringValue method is quite simple.
object.GetStringValue Root, Path, Value, Variable
Root is a variable that contains the hex value for our registry hive. Path is a string value that refers to the registry path where the registry value is located. Value is a string variable that names the value in question. And variable is a string value to which the results will be assigned.
objReg.DeleteValue HKEY_LOCAL_MACHINE,strKeyPath,strValue
Wscript.Echo “The registry value has been deleted.”
In order to delete the value, we use the DeleteValue method. Then we use the Echo method to notify the user that the value has been deleted. The DeleteValue method syntax is very similar to the GetStringValue method.
object.DeleteValue Root, Path, Value
Root again refers to the root registry hive. Path refers to the key’s path, and Value refers to the value to be deleted. To delete an entire key we would use the DeleteKey method.
object.DeleteKey Root, Path
object.CreateKey Root, Path
The only required attributes for the DeleteKey method are the Root and Path. The same syntax is used for the CreateKey method which is used to create new keys in the registry. Next, we’ll learn how to write our value back to the registry.
objReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValue,strPID
Wscript.Echo “The registry value has been written back.”
To write the value back we use the SetStringValue method. We finish this piece of code by using the Echo method to notify the user that the value has been written back.
object.SetStringValue Root, Path, Value, Variable
The syntax for the SetStringValue is identical to the syntax for the GetStringValue method. You now have all to tools you need for working with String values in WMI. We’ll take a look and our complete code example before learning how to deal with other registry value types.
Const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
Set objReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" _
& strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion"
strValue = "ProductID"
objReg.GetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValue,strPID
Wscript.Echo strPID
objReg.DeleteValue HKEY_LOCAL_MACHINE,strKeyPath,strValue
Wscript.Echo "The registry value has been deleted."
objReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValue,strPID
Wscript.Echo "The registry value has been written back."
Next: Other Value Types >>
More Windows Scripting Articles
More By Nilpo
