Managing Registry with PowerShell

Managing Registry with PowerShell

Managing registry with PowerShell: Registry keys are items on Windows PowerShell drives, working with them is very similar to working with files and folders. Registry entries are properties of keys and, as such, cannot be directly browsed, we need to take a slightly different approach when working with them.

Playing with Windows Registry is dangerous and sometimes may cause system damage. Only proceed if you know what you are doing. First try on test servers with proper registry backup.

Get list of available providers: Get-PSDrive

PS C:\> Get-PSDrive

Name           Used (GB)     Free (GB) Provider      Root                                               CurrentLocation
----           ---------     --------- --------      ----                                               ---------------
Alias                                  Alias
C                 239.38        713.88 FileSystem    C:\
Cert                                   Certificate   \
Env                                    Environment
Function                               Function
HKCU                                   Registry      HKEY_CURRENT_USER
HKLM                                   Registry      HKEY_LOCAL_MACHINE
Variable                               Variable
WSMan                                  WSMan

Listing All Subkeys of a Registry Key:

PS C:\> Get-ChildItem -Path hkcu:\ | Select-Object Name

Name
----
HKEY_CURRENT_USER\AppEvents
HKEY_CURRENT_USER\Console
HKEY_CURRENT_USER\Control Panel
HKEY_CURRENT_USER\Environment
HKEY_CURRENT_USER\EUDC
HKEY_CURRENT_USER\Keyboard Layout
HKEY_CURRENT_USER\Network
HKEY_CURRENT_USER\Printers
HKEY_CURRENT_USER\SOFTWARE
HKEY_CURRENT_USER\System
HKEY_CURRENT_USER\Uninstall
HKEY_CURRENT_USER\Volatile Environment

If you use Get-ChildItem -Path hkcu:\ , this will display Name and Property.

The following command will copy all Keys and properties in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion1

PS C:\> Copy-Item -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion' -Destination 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion1'

PS C:\>


Creating Keys

Creating new keys in the registry is simpler than creating a new item in a file system. Because all registry keys are containers, you do not need to specify the item type; you simply supply an explicit path, such as:

PS C:\> New-Item -Path hkcu:\NewItem_DeleteMe

Hive: HKEY_CURRENT_USER

Name             Property
----             --------
NewItem_DeleteMe


Deleting Keys

Deleting items is essentially the same for all providers. The following commands will silently remove items:
Delete-Item -Path hkcu:\NewItem_DeleteMe

PS C:\> Remove-Item -Path hkcu:\NewItem_DeleteMe
PS C:\>
Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on reddit
Share on skype
Share on telegram
Share on whatsapp
Share on email
Share on print

Leave a Reply

Your email address will not be published. Required fields are marked *

Post comment