Attempting to get a value from the registry, however I believe the fact that it’s a DWORD is tripping me up.
I tried using the examples from this thread,“If-then-else reg_dword” however I keep getting “singular expressions refers to non existent object”
I first tried this
value “BOH_Service” of key “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList” of registry
However since the value is DWORD I changed it up to
exist value “BOH_Service” whose (it = hexadecimal integer(“1”)) of key > “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList” of registry
exist value “BOH_Service” whose (it as integer = 0) of key “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList” of registry
Bother of these failed with a “singular expression refers to non existent object”
Never mind… someone at my work already made something for this.
exists key whose (name of it = “UserList” AND value “BOH_Service” of it as string as version = “1”) of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts” of native registry
The BigFix Client is a 32-bit application, and by default it’s subject to the Wow6432 redirection (HKLM\Software -> HKLM\Software\Wow6432Node, \Windows\System32 -> \Windows\SysWOW64, and \Program Files -> \Program Files (x86))
If you look for a property “of registry”, by default that uses the 32-bit redirected path; so when you query for key "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts" of registry, it actually gets redirected to “HKLM\Software\ Wow3264Node \Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts”
Change the query to “of native registry” tells the client to bypass the 32-bit redirection and look at the real registry path.
Likewise, there are objects for “native system folder”, “x32 system folder”, and “x64 system folder” to specify whether to look at the “real” \Windows\System32 folder vs the redirected \Windows\SysWOW64, and “native program files folder”, “x32 program files folder” and “x64 program files folder” to do the same for C:\Program Files vs C:\Program Files (x86).
In Action Script, you should use the directive action uses wow64 redirection false
when you need to run the native 64-bit executables for things like “cmd.exe”, “cscript.exe”, “powershell.exe”, etc.