Search code examples
windowspowershellregistry

How can i remove a colon from NoteProperty output?

I'm writing a script in PowerShell to automate our security baseline scans across our Windows Server environment and output it to a text file in a specific format needed for our ticketing system (ServiceNow). I have it almost perfect, but when I output the values of the PSObject's NoteProperty, it inputs a colon between the data that I need gone. I don't want to remove colons from the text file, since there are timestamps and colons used elsewhere that are necessary for the formatting. Is it possible to remove the colon from the text output of a NoteProperty?

Below is the script I've written:

$OutputFile = "C:\Temp\outputfile.txt"
Remove-Item -Path $OutputFile -Force
$ServerList = Get-Content "C:\Temp\test.txt"
$ScriptName = $MyInvocation.MyCommand.Name
$Date = Get-Date
$Preamble = @"
---
Generated: $Date
Script: $ScriptName
---


Systems in scope
----------------
$($ServerList | Out-String)

Reports per server
------------------

"@ | Out-File $OutputFile

foreach ($Server in $ServerList)
{
  $reg1 = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey("LocalMachine", $Server)
  $key1 = "SYSTEM\CurrentControlSet\services\eventlog"
  $key2 = "SYSTEM\CurrentControlSet\services\SamSs"
  $key3 = "SYSTEM\CurrentControlSet\services\MpsSvc"
  $key4 = "SYSTEM\CurrentControlSet\services\W32Time"
  $key5 = "Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole"
  $key6 = "System\CurrentControlSet\Control\Lsa\MSV1_0"
  $key7 = "Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
  $key8 = "Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole"
  $key9 = "System\CurrentControlSet\Control\Lsa"
  $key10 = "Software\Microsoft\Windows\CurrentVersion\Policies\System"
  $regkey1 = $reg1.opensubkey($key1)
  $regkey2 = $reg1.opensubkey($key2)
  $regkey3 = $reg1.opensubkey($key3)
  $regkey4 = $reg1.opensubkey($key4)
  $regkey5 = $reg1.opensubkey($key5)
  $regkey6 = $reg1.opensubkey($key6)
  $regkey7 = $reg1.opensubkey($key7)
  $regkey8 = $reg1.opensubkey($key8)
  $regkey9 = $reg1.opensubkey($key9)
  $regkey10 = $reg1.opensubkey($key10)
  $keyValue1 = $regKey1.GetValue('Start')
  $keyValue2 = $regKey2.GetValue('Start')
  $keyValue3 = $regKey3.GetValue('Start')
  $keyValue4 = $regKey4.GetValue('Start')
  $keyValue5 = $regKey5.GetValue('setcommand')
  $keyValue6 = $regKey6.GetValue('allownullsessionfallback')
  $keyValue7 = $regKey7.GetValue('AllocateDASD')
  $keyValue8 = $regKey8.GetValue('securitylevel')
  $keyValue9 = $regKey9.GetValue('TurnOffAnonymousBlock')
  $keyValue10 = $regKey10.GetValue('DontDisplayLockedUserId')

  if ($keyvalue1 -ne 2) {$keyvalue1 = "NOK"} else {$keyvalue1 = "OK"} 

  Write-Output "Server Name : $Server" | Out-File $OutputFile -Append
  Write-Output "Date Generated : $Date"  | Out-File $OutputFile -Append

  $TXT = New-Object PSObject
  $TXT | Add-Member NoteProperty "5.1 - Set Windows Event Log to 'Automatic'" "$keyvalue1"
  $TXT | Add-Member NoteProperty "5.2 - Set Security Accounts Manager to 'Automatic'" $keyvalue2
  $TXT | Add-Member NoteProperty "5.3 - Set Windows Firewall to 'Disabled'" $keyvalue3
  $TXT | Add-Member NoteProperty "5.4 - Set Windows time to Automatic" $keyvalue4
  $TXT | Add-Member NoteProperty "6.1 - Set 'Recovery Console: Allow Floppy Copy and Access to All Drivers and All Folders' to 'Disabled'" $keyvalue5
  $TXT | Add-Member NoteProperty "6.2 - Set 'Network Security: Allow LocalSystem NULL Session Fallback' to 'Disabled'" $keyvalue6
  $TXT | Add-Member NoteProperty "6.3 - Set 'Devices: Allowed to Format and Eject Removable Media' to 'Administrators'" $keyvalue7
  $TXT | Add-Member NoteProperty "6.4 - Set 'Recovery Console: Allow Automatic Administrative Logon' to 'Disabled'" $keyvalue8
  $TXT | Add-Member NoteProperty "6.5 - Set 'Network Access: Allow Anonymous SID/Name Translation' to 'Disabled'" $keyvalue9
  $TXT | Add-Member NoteProperty "6.6 - Configure 'Interactive Logon: Display User Information When the Session is Locked'" $keyvalue10
  $TXT | Out-File $OutputFile -Append
}

Which then creates the following Text file output:

---
Generated: 10/04/2016 11:16:09
Script: Baseline Check - Notepad Version.ps1
---


Systems in scope
----------------
TestServer


Reports per server
------------------

Server Name : TestServer
Date Generated : 10/04/2016 11:16:09


5.1 - Set Windows Event Log to 'Automatic'                                                              : OK
5.2 - Set Security Accounts Manager to 'Automatic'                                                      : 2
5.3 - Set Windows Firewall to 'Disabled'                                                                : 2
5.4 - Set Windows time to Automatic                                                                     : 3
6.1 - Set 'Recovery Console: Allow Floppy Copy and Access to All Drivers and All Folders' to 'Disabled' : 0
6.2 - Set 'Network Security: Allow LocalSystem NULL Session Fallback' to 'Disabled'                     :
6.3 - Set 'Devices: Allowed to Format and Eject Removable Media' to 'Administrators'                    :
6.4 - Set 'Recovery Console: Allow Automatic Administrative Logon' to 'Disabled'                        : 0
6.5 - Set 'Network Access: Allow Anonymous SID/Name Translation' to 'Disabled'                          :
6.6 - Configure 'Interactive Logon: Display User Information When the Session is Locked'                :

I just need the colons between the registry check and the status (OK) gone. The script isn't complete yet, as all values will either read OK or NOK by the time I'm done. Just wanted to tackle this before proceeding.

Solution

  • The colons are inserted because you create an object with more than 4 properties and output that object. PowerShell automatically displays this in list format (same as if you'd do $TXT | Format-List).

    If you just want to append formatted text to a file, don't bother creating an object. Use this instead:

    @"
5.1 - Set Windows Event Log to 'Automatic'                                                              $keyvalue1
5.2 - Set Security Accounts Manager to 'Automatic'                                                      $keyvalue2
5.3 - Set Windows Firewall to 'Disabled'                                                                $keyvalue3
5.4 - Set Windows time to Automatic                                                                     $keyvalue4
6.1 - Set 'Recovery Console: Allow Floppy Copy and Access to All Drivers and All Folders' to 'Disabled' $keyvalue5
6.2 - Set 'Network Security: Allow LocalSystem NULL Session Fallback' to 'Disabled'                     $keyvalue6
6.3 - Set 'Devices: Allowed to Format and Eject Removable Media' to 'Administrators'                    $keyvalue7
6.4 - Set 'Recovery Console: Allow Automatic Administrative Logon' to 'Disabled'                        $keyvalue8
6.5 - Set 'Network Access: Allow Anonymous SID/Name Translation' to 'Disabled'                          $keyvalue9
6.6 - Configure 'Interactive Logon: Display User Information When the Session is Locked'                $keyvalue10
"@ | Out-File $OutputFile -Append

    If you require more fine-grained control over the output format consider using the format operator (-f).