I am using the following function to read remote registry keys in powershell but I now need to pass alternate credentials. How do I do that?
I already have my credentials stored in $cred using the get-credential command.
Param($computer)
$HKEY_Local_Machine = 2147483650
$reg = [WMIClass]"\\$computer\ROOT\DEFAULT:StdRegProv"
$Key = "SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\CurrentVersion\SharedDefs"
$ValueName = "DEFWATCH_10"
$results = $reg.GetStringValue($HKEY_LOCAL_MACHINE, $Key, $ValueName)
write $results.sValue
If you can use psremoting i would suggest using Invoke-Command in conjunction with Get-Item as an alternative.
$value = Invoke-Command -Scriptblock {Get-Item "HKLM:\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\CurrentVersion\SharedDefs\DEFWATCH_10"} -Credentials $cred -Computername $computer
If you have to use WMI you could try something like this:
$wmi = Get-Wmiobject -list "StdRegProv" -namespace root\default -Computername $computer -Credential $cred
$value = $wmi.GetStringValue($HKEY_Local_Machine,$key,$valuename).svalue