I have created a task to check the registry for “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168” and if not found then create it and also set the Dword to 00000000. What I have found out is that “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168” sometimes is there but the Dword is set to something else.
I am very new to the action scripts and checking for relevance. I have not been able to figure out the check to see if the key exists and the value of the Dword is not 00000000. I need to see if the key exists and if it does also check the Dword. If it is anything else besides 00000000 then change the Dword to 00000000.
My current relevance is:
((name of it = “Win2008” or (name of it = “WinVista” and product type of it != nt workstation product type)) of operating system OR name of operating system = “Win2008R2” OR name of operating system = “Win2012” OR name of operating system = “Win2012R2” OR name of operating system = “Win2016” OR name of operating system = “Win2019”) AND (NOT exists value “Enabled” of keys “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168” of native registry)
The current action is:
action uses wow64 redirection false
delete __createfile
delete wizardedit.reg
createfile until @end_create_reg_file
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168]
“Enabled”=dword:00000000
@end_create_reg_file
move __createfile wizardedit.reg
waithidden regedit /s “wizardedit.reg”
