How Can I Tell Whether a Value Exists in the Registry?
Hey, Scripting Guy! How can I tell whether a value exists in the registry on a remote computer?
Hey, AL. Full disclosure time: even though we go by the name The Scripting Guys, we don’t claim to know everything there is to know about scripting. This question is a good example of that. When we first read it we thought, “Well, obviously there’s some kind of If Exists method in WMI that can do this.” Imagine our surprise when we found out there wasn’t; in fact, we couldn’t find any way to see whether or not a registry value exists. We even – gasp! – resorted to reading the documentation, thinking maybe we had missed something. No such luck.
After failing to find an If Exists method, we thought, “OK, we’ll just try to read the value. Surely trying to read a non-existent value will trigger an error. We can then trap the error, and determine that the value exists.”
As it turns out, if you use WSH’s RegRead method to read a value that doesn’t exist, an error will be triggered. Bu the RegRead method only works on the local computer; you can’t use it to read the registry on a remote computer. For that you need to use WMI. And guess what: if you use WMI to try and read a value that doesn’t exist, no error is generated. Instead, WMI keeps plugging along as if nothing had gone wrong. Crazy.
But then we noticed something. When you use WMI to read from the registry, the value is returned as an “out parameter.” When we checked the actual value of that out parameter, we discovered that any time you try to read a non-existent value, you get back a Null. That means that all we have to do is check for a Null value, and we’ll know whether or not the registry value exists.
Got all that? Here’s a sample script that looks for the registry value HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Test Value:
Const HKEY_LOCAL_MACHINE = &H80000002
strComputer = “.” Set objRegistry = GetObject(“winmgmts:\\” & _ strComputer & “\root\default:StdRegProv”)
strKeyPath = “SOFTWARE\Microsoft\Windows NT\CurrentVersion” strValueName = “Test Value” objRegistry.GetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue
If IsNull(strValue) Then Wscript.Echo “The registry key does not exist.” Else Wscript.Echo “The registry key exists.” End If
As you can see, we begin by setting the constant HKEY_LOCAL_MACHINE to &H80000002; we’ll use this value to connect to the HKEY_LOCAL_MACHINE portion of the registry. We then connect to the WMI service, and to the StdRegProv class (which, as you can see, is in the root\default namespace).
After stashing the registry path and the registry value in a pair of variables, we then call the GetStringValue method. Note the four parameters for this method: our constant HKEY_LOCAL_MACHINE; the variable strPath (representing the registry path); the variable strValueName (representing the registry value we’re trying to read); and strValue. strValue is our out-parameter: the actual string value recorded in the registry will be stored in strValue and returned to us.
And that’s how we can tell if registry value exists: if strValue is Null, then the value could not be found. We tried this on a number of registry values, and it seemed to work each time. It also worked on REG_DWORD values, although – of course – you have to use the GetDWORDValue method to read one of those values. (For detailed information about how to work with the registry using WMI, check out the Registry chapter in the Microsoft Windows 2000 Scripting.)
Now, we know what you’re thinking: you’re thinking, “Ok, but what if I create a registry value and then just leave it blank? Won’t the out parameter come back as Null even though the registry value actually exists?” Believe it or not, that doesn’t appear to be the case. Instead, a blank registry value is returned as “empty;” that is, the value is equal to an empty strong (“”). And while we recognize that this can be confusing, in this case nothing (an empty string) is not the same as, well, nothing (a Null value). Empty means that the registry value exists, but is blank; Null means that the registry value doesn’t exist.
Like we said, we tried this out on a random assortment of registry values, and it seemed to work each time. If you run into situations where it doesn’t work, please let us know.