Custom Search

---

---

Guy recommends:
Free network monitor

Solarwinds' free monitor makes it easy to check the performance and health of a router or firewall.

Download your free Network Device Monitor

---

---

Guy's Review of
Computer Utilities

 1) FreePing
 2) Engineer's Toolset
 3) Xobni
 4) PuTTY
 5) WMI Monitor
 6) BgInfo
 7) Net-SNMP
 8) IP Address Tracker
 9) DNS Stuff
10) WinDiff Compare

---

PowerShell Compare-Object Registry

PowerShell Compare-Object Registry

The mission of this page is to employ PowerShell's compare-Object to find differences in registry settings, in other words, to discover where changes to settings are stored in the registry.

Topics for Compare-Object

• Mission to Generate a List of Differences
• Example 1: To Compare Two Files, and List Differences
• Example 2: To Compare Two Files, with -Parameters
• Example 3: How to Research Windows Services
• Summary of Compare-Object

 ♣

Breakdown of Our Compare-Object Registry Task

• You should be comfortable using regedit.  In particular to be able to export All the registry, or better still, just a branch of the registry.
• Take the time to understand how PowerShell's Get-Content and compare-Object work together, trace how they open the two .reg files then display differences.
• Tune-in to the arrow logic.  Specifically, to workout whether => refers to an entry in the first file, or the second one.
• Hopefully the results will show that a) At least one setting in the registry has changed.  b) You have a name for the value.  However, to complete your real-life mission you need to employ regedit's 'Find' to locate the name of the full path to the registry setting that changed.

Build Your Confidence with a 'Known' Example

Let us start by cheating.  Cheating in the sense that before we start we already know the answer to where the setting resides in the registry.  The value that I have selected is for our experiment is RegisteredOwner.

1. Launch Regedit
2. Navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
3. Note a Reg_SZ called RegisteredOwner
4. Click on Regedit's File Menu, Export
   The crucial decision will always be to export All, or just Selected branch.  All is safer and will collect all the data, Selected branch will speed up the search operation, its your decision.
5. Give the file a meaningful name, and make a note of the path as you will need it in the PowerShell script.
6. Key point: Change the value for RegisteredOwner.
7. Repeat the Export, but naturally, give second file a different name.
8. Result: you have two files, one before the change, and one after.

Set PowerShell's Compare-Object on Registry Files

Preliminary Step - Edit My Variables

$Pre = "C:\PShell\RegOwner.reg"
$After = "C:\PShell\NewOwn.reg"

Note 1:  Observe how PowerShell uses another cmdlet called Get-Content to read each .reg file.  Indeed, use this in troubleshooting.  If the experiment does not produce the expect result try:

Get-Content $Pre

Sample Result

Note 2:  If you don't like the logic, then you could swap $Pre and $After.

SideIndicator

=> Means the InputObject is present in the difference (second) file, but not in the first file.  In this scenario it means the value "Second Owner".

<= Present in reference (first) file, but not in the second file.  In my example this the value before we made a change.

Guy Recommends: WMI Monitor and It's Free!

Windows Management Instrumentation (WMI) is one of the hidden treasures of Microsoft operating systems.  Fortunately, Solarwinds have created a Free WMI Monitor so that you can discover these gems of performance information, and thus improve your PowerShell scripts.  Take the guess work out of which WMI counters to use when scripting the operating system, Active Directory or Exchange Server.

Download your free copy of WMI Monitor

Further Research: Use PowerShell's Built-in Help

This script is a useful reminder to see compare-Object's parameters.

Note 3:  With compare-Object, there are two required parameters -referenceObject and -differenceObject.  For most examples -referenceObject controls the master content, the file which holds ALL the information, while -differenceObject has the secondary or 'after the event' file.   Also note what help says about these parameters, what we learn is that that the position of these parameters is important, reference list first, difference list second.

Note 4:   Should you see == it means present in both files.  If you add the -includeEqual parameter, then you will see this double-equals underneath 'SideIndicator' in the output.  However, you may have to wait ages for the script to complete.

Summary of Compare-Object

If you have a scenario where you want to find registry settings then master compare-Object and its complimentary cmdlet Get-Content.  Take the time to break-down your project into stages.

See more Microsoft PowerShell Examples of Real Life Tasks

• PowerShell Examples   • Com  • Shell Application  • Invoke-Expression  • Invoke-Command

• Test-Connection  • Measure-Object  • PowerShell Registry  • Compare-Object Registry

 • Exchange   • Windows PowerShell

Please email me if you have a better example script. Also please report any factual mistakes, grammatical errors or broken links, I will be happy to correct the fault.

 *

Custom Search

Guy Recommends: WMI Monitor and It's Free! Windows Management Instrumentation (WMI) is one of the hidden treasures of Microsoft operating systems. Fortunately, Solarwinds have created the Free WMI Monitor so that you can actually see and understand these gems of performance information.  Take the guess work out of which WMI counters to use for applications like Microsoft Active Directory, SQL or Exchange Server. Download your free copy of WMI Monitor

Home Copyright © 1999-2012 Computer Performance LTD All rights reserved Please report a broken link, or an error.