I’m at a bit of a loss. I’m trying to search for multiple versions of websphere installed in multiple ways. One of the ways is looking in the registry. What I’m playing with currently is getting the version of the software, but there are several different values with the word version in them with different numbers. I want to return all of them, but to organize it I also want the name of the value. In my ingorance, I can only seem to get one or the other, but not both in the same relevance statement. here is what I’m looking at. Any help would be appreciated. Thanks.:
q: values whose (name of it as lowercase contains “version”) of keys of keys whose (name of it as lowercase contains “websphere”) of keys of key “hklm\software” of registry
A: 6
A: 6
A: 0
A: 0
A: 0
A: 6
q: (name of it) of values whose (name of it as lowercase contains “version”) of keys of keys whose (name of it as lowercase contains “websphere”) of keys of key “hklm\software” of registry
I’m trying to do a registry search of the CURRENT_USER to locate a registry key that may or may not exist in “Software\Microsoft\Office\11.0\Outlook\Resiliency\DisabledItems” I need to return the values of any keys that exist under \DisabledItems" search their values for a keyword, then return the name of that key and delete it. At the moment I’m doing this as an Analysis but will change it to a task for the deletion. My relevance is to check if the “\DisabledItems” key exists:
exists key "Software\Microsoft\Office\11.0\Outlook\Resiliency\DisabledItems" of current user keys (logged on users) of registry OR exists key "Software\Microsoft\Office\12.0\Outlook\Resiliency\DisabledItems" of current user keys (logged on users) of registry
I’m having difficulty with the name return and deletion. I’ve been able to convert the value of the key somewhat to a string but missing the next step to delete the key.
hexadecimal string ( concatenation of firsts 2 of following texts of positions whose ( it mod 4 = 0 ) of (Values of key "Software\Microsoft\Office\11.0\Outlook\Resiliency\DisabledItems" of current user keys (logged on users) of registry as string))
Any ideas on how to handle the search and delete? The logic would be
But my issue is that the key I need to delete (shown here as “1A71871”) is a randomly generated key name by Microsoft Outlook. The key’s data is the same (a long binary value) however. How would I change the hard coded key name to a relevance expression that would return the value of the key name based on a matching binary code? I tried plugging in the code below but the action failed to remove the key.
(name of it) of values whose (it as string as lowercase contains
"010000005a0000005a00000063003a005c00700072006f006700720061006d002000660069006c00650073005c007a0061006e00740061007a005c00650061007300200063006c00690065006e0074005c007a006f006c00650078002e0064006c006c00000063003a005c00700072006f006700720061006d002000660069006c00650073005c007a0061006e00740061007a005c00650061007300200063006c00690065006e0074005c007a006f006c00650078002e0064006c006c000000") of it of key
"Software\Microsoft\Office\11.0\Outlook\Resiliency\DisabledItems" of current user keys (logged on users) of registry
Also, if the user is running Outlook 2007 the path becomes Office\12.0\Outlook. Is it possible to do an if then else if statement in the action script?
When running it in QnA returns “Singular expression refers to nonexistent object”. But I’d imagine that’s because it’s running as a user. Should the “of current user keys” work in QnA?
I’ve got the code working to remove a key and I’ve got the code working to return the necessary key name (as posted previous) I’m just having trouble plugging the key name code into the delete regkey code.
My issue is that I need to repace “1A71871” with a search that returns the name of the key that contains a given binary value as the value is the same for each user but the key name is different. (randomly created by outlook)
I’m using the search for the key value as my relevance. Code is below:
(exists it of values whose (it as string as lowercase contains
"010000005a0000005a00000...........") of it of key
"Software\Microsoft\Office\11.0\Outlook\Resiliency\DisabledItems" of current user keys (logged on users) of registry
I’m unable to figure out how it include the search that will return the key name into may action. Is there a way I could do the search, return the key name to a variable and then use the variable in the reg key delete?
If I put in the entire long value it errors out saying “This expression has a very long string” If I remove half of the string and only use half of the long value the result is “Singular expression refers to nonexistent object”
For the second one:
Using the entire string returns the same error “THis expression has a very long sting”. Removing half of it returns the answer “False”
Is is possible to assign the output of the code that finds the name of key of the disabled item and assign it to a ‘variable’ to be used in the script to remove it from the registry?
E.g.
‘Var1’=(name of it) of values whose (it as string as lowercase contains “010000005a0000005a00000063003a005c00700072006f006700720061006d002000660069006c00650073005c007a0061006e00740061007a005c00650061007300200063006c00690065006e0074005c007a006f006c00650078002e0064006c006c00000063003a005c00700072006f006700720061006d002000660069006c00650073005c007a0061006e00740061007a005c00650061007300200063006c00690065006e0074005c007a006f006c00650078002e0064006c006c000000”) of it of key “Software\Microsoft\Office\11.0\Outlook\Resiliency\DisabledItems” of current user keys (logged on users) of registry
I’m looking at a random string in my Registry, trying to figure out a way to deal with the “long string” issue. One ugly way to deal with long strings is this:
q: (value
"ModemProfile" of key
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000" of registry as string) = concatenation of (
"00b500000001000000010000000000000000000000000000000000000000000000000000803e0000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" &
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" &
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" &
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" &
"0000000000000000000000000000000000002b0d0a080332022d0e37328a000030462849a246000a0a000007000203286b0101071b1f5f072f022300021eff00001e0000000005000a0a0600810f0f00002b0d0a080332022d0e37328a000030462849a246000a0a000007000203286b0101071b1f5f072f022300021eff00001e0000000005000a0a0600810f0f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" &
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" &
"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000072cc0000924f0000") A: True
“{(name of it) of values whose (it as string as lowercase contains “010000005a0000005a00000063003a005c00700072006f006700720061006d002000660069006c00650073005c007a0061006e00740061007a005c00650061007300200063006c00690065006e0074005c007a006f006c00650078002e0064006c006c00000063003a005c00700072006f006700720061006d002000660069006c00650073005c007a0061006e00740061007a005c00650061007300200063006c00690065006e0074005c007a006f006c00650078002e0064006c006c000000”) of it of key “Software\Microsoft\Office\11.0\Outlook\Resiliency\DisabledItems” of current user keys (logged on users) of registry}”=-