Home
PowerShell Compare-Object Registry

PowerShell Compare-Object Registry

November 21, 2003 No Comments Powershell

PowerShell Compare-Object Registry

The mission of this page is to employ PowerShell’s Compare-Object to find differences in registry settings, in other words, to discover where changes to settings are stored in the registry.

Topics for Compare-Object

 ♣

Breakdown of Our Compare-Object Registry Task

  • You should be comfortable using regedit.  In particular to be happy exporting 'All' the registry, or better still, just a branch of the registry.
  • Take the time to understand how PowerShell’s Get-Content and Compare-Object work together, trace how they open the two .reg files then display differences.
  • Tune-In to the arrow logic.  Specifically, to workout whether => refers to an entry in the first file, or the second one.
  • Hopefully the results will show that:
    a) At least one setting in the registry has changed. 
    b) You have a name for the value.  However, to complete your real-life mission you need to employ regedit’s ‘Find’ to locate the name of the full path to the registry setting that changed.

Build Your Confidence with a ‘Known’ Example

Let us start by cheating.  Cheating in the sense that before we start we already know the answer to the question: 'Where does the setting reside in the registry?'  The value that I selected for our experiment is RegisteredOwner.

  1. Launch Regedit
  2. Navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
  3. Note a Reg_SZ called RegisteredOwnerCompare-Object Registry
  4. Click on Regedit’s File Menu, Export
    The crucial decision will always be to export 'All', or just 'Selected branch'.  All is safer and will collect every bit of data, Selected branch will speed up the search operation, it's your decision.
  5. Give the file a meaningful name, and make a note of the path as you will need it in the PowerShell script.
  6. Key point: Change the value for RegisteredOwner.
  7. Repeat the Export, but naturally, give second file a different name.
  8. Result: you have two files, one before the change, and one after.

Set PowerShell’s Compare-Object on Registry Files

Preliminary Step – Edit My Variables

$Pre = "C:\PShell\RegOwner.reg"
$After = "C:\PShell\NewOwn.reg"

# PowerShell Compare-Object Registry Settings
$Pre = "C:\PShell\RegOwner.reg"
$After = "C:\PShell\NewOwn.reg"

Compare-Object $(Get-Content $Pre) $(Get-Content $After)

Note 1: Observe how PowerShell uses another cmdlet called Get-Content to read each .reg file.  Indeed, I use this method in troubleshooting.  If the experiment does not produce the expect result try:

Get-Content $Pre

Sample Result

InputObject                               SideIndicator
———–                               ————-
"RegisteredOwner"="Second Owner"       =>
"RegisteredOwner"="Original "               <=

Note 2: If you don’t like the logic, then you could swap $Pre and $After.

SideIndicator

=> Means the InputObject is present in the difference (second) file, but not in the first file.  In this scenario it means the value "Second Owner".

<= Present in reference (first) file, but not in the second file.  In my example this is the value before we made a change.

Guy Recommends:  A Free Trial of the Network Performance Monitor (NPM)Review of Orion NPM v11.5 v11.5

SolarWinds’ Network Performance Monitor will help you discover what’s happening on your network.  This utility will also guide you through troubleshooting; the dashboard will indicate whether the root cause is a broken link, faulty equipment or resource overload.

What I like best is the way NPM suggests solutions to network problems.  Its also has the ability to monitor the health of individual VMware virtual machines.  If you are interested in troubleshooting, and creating network maps, then I recommend that you try NPM now.

Download a free trial of Solarwinds’ Network Performance Monitor

Further Research: Use PowerShell’s Built-In Help

This script is a useful reminder to see Compare-Object’s parameters.

# Microsoft PowerShell script to research Compare-Object
# Author: Guy Thomas
# Version 1.2 May 2010 tested on PowerShell v 2.0

Get-Help Compare-Object -full

Note 3: With Compare-Object, there are two required parameters -referenceObject and -differenceObject.  For most examples -referenceObject controls the master content, the file which holds ALL the information, while -differenceObject has the secondary or ‘after the event’ file.  Also note what help says about these parameters; in particular that the position of these parameters is important, reference list first, difference list second.

Note 4: Should you see == it means present in both files.  If you add the -IncludeEqual parameter, then you will see this double= =equals underneath ‘SideIndicator’ in the output.  However, you may have to wait ages for the script to complete.

See another PowerShell's registry script MaintainServerList ยป

Summary of Compare-Object

If you have a scenario where you want to find registry settings, then master Compare-Object and its complimentary cmdlet Get-Content.  Take the time to break-down your project into stages.

If you like this page then please share it with your friends

 

See more Microsoft PowerShell Examples of Real Life Tasks

PowerShell Real-life Examples   • Test-Connection   • Invoke-Expression   • Invoke-Command

Com   • Shell Application   • Measure-Object   • PowerShell Registry   • Compare-Object Registry

PowerShell and Exchange   • PowerShell and SQL   • Restore-Computer   • Engineers Toolset

Please email me if you have a better example script. Also please report any factual mistakes, grammatical errors or broken links, I will be happy to correct the fault.

 

About The Author

Guy Thomas

Related Posts