Having trouble setting relevance for != two possible settings in same registry key.
How can I properly script this so it will determine a machine is relevant if a specific key does not have value1 or value2 set?
Here’s what I tried, but does not work:
((value “2” of key “HKLM\SYSTEM\CurrentControlSet\services\SNMP\Parameters\PermittedManagers” of registry as string != “abc1”) or (value “2” of key “HKLM\SYSTEM\CurrentControlSet\services\SNMP\Parameters\PermittedManagers” of registry as string != “abc2”))
I want it to show relevant if that specific key does not have either of those two entires.
Basically the registry setting can have two options, will the ‘and’ statement satisfy that? Regardless, the registry key will only have one of the two settings, not both. Seems to me both statements would have to hold true to apply, or am I missing something?
Boolean OR does not always mean the same thing as English “or”. Also, testing true/false with negatives can hurt the brain.
Let’s use the true/false operators in the Fixlet debugger to remind ourselves how “OR” works.
Q: false or true
A: True
You want your final result to be True (relevant) only if the registry value is not in the set of abc1 or abc2. Note that I used the word “or” there… incorrectly, from a Boolean logic standpoint but (mostly) correct in a normal English.
Let’s say the value comes back equal to abc1. You will get the logic equivalent of (false or true) which, as we see above, returns True. But you don’t want a True (relevant) result in that case, you only want it if both parts come back True (true and true). Now lets look at (false and true):
Q: false and true
A: False
So, Cidermark was correct, use AND. Also, you may want to use this format:
(it != “abc1” and it != “abc2”) of (value “2” of key “HKLM\SYSTEM\CurrentControlSet\services\SNMP\Parameters\PermittedManagers” of registry as string)
Another way of thinking of applying English to this logic is: I only want my Relevance statement to come back as “Relevant (true)” if the returned registry value does not match anything in my set. It must not match abc1 AND it must not match abc2.
Here is a way to simplify your query if you are going to sue the full name, rather than just the first part of the name.
Q: (value “DefaultUserName” of key “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” of registry as string)
A: Noah Salzman
Q: set of (“abc1”; “abc2”; “abc3”) does not contain (value “DefaultUserName” of key “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” of registry as string)
A: True
Q: set of (“abc1”; “abc2”; “Noah Salzman”) does not contain (value “DefaultUserName” of key “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” of registry as string)
A: False
Now, if you need to use “starts with” this should work:
Q: (value “DefaultUserName” of key “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” of registry as string)
A: Noah Salzman
Q: (value “DefaultUserName” of key “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” of registry as string) does not start with “Noah”
A: False
Q: (value “DefaultUserName” of key “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” of registry as string) does not start with “abc”
A: True
Syntax note: the opposite of “does not start with” is “starts with” and the opposite of “does not contain” is “contains”
((it does not start with “abc” and it does not start with “def” and it does not start with “ghi” and it does not start with “jkl”) of (value “DefaultUserName” of key “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” of registry as string))
Additional () used as it was part of a series of queries for relevance.