read a remote registry key with alternate credentials in powershell

Question

I am using the following function to read remote registry keys in powershell but I now need to pass alternate credentials. How do I do that?

I already have my credentials stored in $cred using the get-credential command.

Param($computer)
$HKEY_Local_Machine = 2147483650 
$reg = [WMIClass]"\\$computer\ROOT\DEFAULT:StdRegProv"
$Key = "SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\CurrentVersion\SharedDefs"
$ValueName = "DEFWATCH_10"
$results = $reg.GetStringValue($HKEY_LOCAL_MACHINE, $Key, $ValueName)
write $results.sValue

Answer 1

If you can use psremoting i would suggest using Invoke-Command in conjunction with Get-Item as an alternative.

$value = Invoke-Command -Scriptblock {Get-Item "HKLM:\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\CurrentVersion\SharedDefs\DEFWATCH_10"} -Credentials $cred -Computername $computer

If you have to use WMI you could try something like this:

$wmi = Get-Wmiobject -list "StdRegProv" -namespace root\default -Computername $computer -Credential $cred
$value = $wmi.GetStringValue($HKEY_Local_Machine,$key,$valuename).svalue

Answer 2

This worked for me, I wanted to look for pending reboot needed on a system:

$HKLM = [UInt32] "0x80000002"
$WMI_Reg = Get-Wmiobject -list "StdRegProv" -namespace root\default -Computername $computer -Credential $Cred
$RegSubKeysCBS = $WMI_Reg.EnumKey($HKLM,"SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\") 
$CBSRebootPend = $RegSubKeysCBS.sNames -contains "RebootPending"