Reg Key Question

system · May 11, 2010, 12:44am

(imported topic written by russwm91)

I ran this on my local WinXP PC through Relevance Debugger and it displayed the value correctly. When I run this on the BES console through an Analysis it gives me “error”.

if (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\Tickets” whose (exists value “Default DevMode” of it) of registry) then ((value “Default DevMode” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\Tickets” of registry as string)) else “None”

The below is the value which is large my first though is this is a limitation on the size field and that’s why it doesn’t work in the BES console.

5400690063006b00650074007300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001040006dc00040343ef810501000100ea0a6f08640001000f00f00001000100d800020001004c00650074007400650072000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000010000000200000001000000ffffffff0000000000000000000000000000000044494e552200c800040300004ec20a0a00000000000000000000000000000000000000000000000000000000060000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000c8000000534d544a000000001000b8004f006b006900640061007400610020004d004c0020003300320030002d00490042004d000000496e70757442696e00464f524d534f5552434500524553444c4c00556e69726573444c4c004f7269656e746174696f6e00504f525452414954005265736f6c7574696f6e004f7074696f6e3300506170657253697a65004c45545445520048616c66746f6e650048545f50415453495a455f4155544f00000000000000000000000000000000000000000000000000000000

This was a weird request we need to change 2 binary digits in here and management wanted a way to review afterward to see if the change took place. I noticed that the lines above were truncated after first post. The above is suppose to be about 22 line of binary code

Thanks Russ

BenKus · May 11, 2010, 1:05pm

(imported comment written by BenKus)

Hmmm… if you double-click on the computer, what are the details of the error?

Also, why not just create another Fixlet / property that does the check for you and returns true/false?

Ben

system · May 12, 2010, 12:19am

(imported comment written by jessewk)

Hi Russ,

There is a 1k limit on individual property values which is almost certainly why you get the error.

I suggest you modify the relevance to just return the particular 2 digits you are interested in.

Jesse

system · May 12, 2010, 11:09pm

(imported comment written by russwm91)

Thanks Jessewk,

I though that might be the issue. Now how in the world would you have BES look at a reg value that is binary code of 22 lines of numbers and parse out the two digits that need to be changed to be equal to a true or false statement. This seems extremely complex for a novelist to do in Bigfix.

Thanks,

Russ

system · May 13, 2010, 12:04am

(imported comment written by jessewk)

Hi Russ,

The digits will always be in the same position right? If so you can modify this example query:

(character 1 of it = “3” and character 2 of it = “2”) of (it as string) of value “ComputerId” of key “HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\GlobalOptions” of registry

Jesse

system · May 14, 2010, 2:52am

(imported comment written by russwm91)

OK I see this seems straight forward for a signal line of binary. So how would you do this when you have to look at 22 lines code string data.

Example:

100002200330044

002255006600444

333333334560000

233300000001200

999999999999001

123456000008833

So say the above data is the correct string after the reg key has been applied. The last line has 33 at the end which was 25 so the relevancy needs to look through all the lines and see that a certain line has 33 in the binary string.

(character 14 of it =“3” and character 15 of it = “3”) of (it as string) of value “ComputerId” of key “HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\GlobalOptions” of registry

(character 1 of it = “3” and character 2 of it = “2”) of (it as string) of value “ComputerId” of key “HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\GlobalOptions” of registry

system · May 14, 2010, 4:29am

(imported comment written by jessewk)

Do you get multiple results for the query? If so, try concatenating the results together before checking the characters at the specific position.