$strIPAddrTmp = "172.28.27.200"
$strKeyIEConnections = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\"
$strRegType = [Microsoft.Win32.RegistryHive]::CurrentUser
$strRegKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($strRegType, $strIPAddrTmp)
$strRegKey = $strRegKey.OpenSubKey($strKeyIEConnections)
I used the PS script above to try to read the contents of:
HKCU::Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
I was just trying to check the IE proxy settings of a target remote machine.
I found out that the script always returns the contents from HKEY_USERS instead of HKEY_CURRENT_USERS.
What did I did wrong?
This should be the answer!
1) Find out the SID of the user logged onto the machine.
$strSID = (Get-WmiObject -Class Win32_UserAccount -Filter "Domain = '$domain' AND Name = '$name'").SID
2) Use the SID to find out the info in HKEY_USER:
$strKeyIEConnections = "$strSID\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\"
$strRegType = [Microsoft.Win32.RegistryHive]::Users
$strRegKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($strRegType, $strIPAddrTmp)
$strRegKey = $strRegKey.OpenSubKey($strKeyIEConnections)