AlwaysQuestioning
Reputation: 1484
Get-ChildItem through Invoke-WMIMethod or WMI in general
Is there a way to run Get-ChildItem on a remote computer using Invoke-WMIMethod or something similar? My use case is that I need to find every SID that exists in the HKEY_USERS hive.
The HKEY_USERS hive contains a list of SIDS like so:
I want to be get a list of these through WMI on a remote computer, without knowing the SIDs ahead of time. Is this possible?
Upvotes: 0
Views: 646
Answers (2)
BenH
Reputation: 10044
This is likely an easier way to get what you are looking for:
Get-WMIObject Win32_UserProfile -Filter "SID like 'S-1-5-21-*'" -ComputerName ExampleComputer | select SID
Upvotes: 0
Mathias R. Jessen
Reputation: 174505
Use the StdRegProv registry provider WMI class:
$RemoteComputer = 'computer1.hostname.goes.here'
$RegProv = [wmiclass]"\\$RemoteComputer\ROOT\DEFAULT:StdRegProv"
# Magic number identifying the HKEY_USERS hive
$HKU = 2147483651
# Enumerate values under the root key, sNames property will hold key names
$Keys = $RegProv.EnumKey($HKU,'') |Select-Object -ExpandProperty sNames
And here, using the Invoke-WmiMethod cmdlet:
$RemoteComputer = 'computer1.hostname.goes.here'
$ClassPath = "\\$RemoteComputer\ROOT\DEFAULT:StdRegProv"
$HKU = 2147483651
$Keys = Invoke-WmiMethod -Path $ClassPath -Name EnumKey -ArgumentList 2147483651,'' |Select-Object -ExpandProperty sNames
Upvotes: 1
Related Questions
- How to run Get-ChildItem command on a remote machine
- Powershell Get-Childitem in ISE
- Powershell Get-Item / Get-ChildItem
- Get-ChildItem equivalent of DIR /X
- Get-ChildItem file/folder
- Why does Get-WmiObject fail when run remotely via Invoke-Command?
- How exploit Get-ChildItem result?
- Powershell Get-ChildItem
- PowerShell Get-ChildItem invoke in C#
- PowerShell Scripting - Get-ChildItem