0

I'm currently looking to find out all SSL and TLS Registry value information on the system. I need help writing a script for powershell to look at a list of hosts that are on a csv/txt file then execute the following command saving the result in a csv/XLSX format having the computer name, SSL and TLS registry entry.

#Get computers from text file. 1 compute per line
Clear-Host
$myComputerList = 'ABC' #Get-Content C:\Servers.txt

#Loop Through Array
ForEach ($computer in $myComputerList) {
    #Execute a command on the computer
    Invoke-Command -ComputerName $computer -ScriptBlock {
        #This is the command to execute
        #Grab the registry value you want and hold it in a variable
Get-ChildItem -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\'
Get-ChildItem -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\'
} #| Out-File -FilePath C:\Output.csv -Append
}

The above code is working as expected, but when i export that to the CSV/XLSX format the formation is not in a good way, it is something like below:

enter image description here

Output :

Hive: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\SSL 2.0

Name Property PSComputerName

Client DisabledByDefault : 0 ABC
Enabled : 0
Server DisabledByDefault : 0 ABC
Enabled : 0

Hive: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
\SCHANNEL\Protocols\TLS 1.0

Name Property PSComputerName

Client DisabledByDefault : 1 ABC
Enabled :
4294967295
Server DisabledByDefault : 0 ABC
Enabled :
4294967295

From the above output i don't want the entire Hive path, just need the SSL or the TLS in in the output.

Please help me to get the code as expected

Thanks In Advance

Looking for the below Output enter image description here

Improve this question
4
  • Can you give an example of what the output should look like?
    – ExcelEverything
    Commented Mar 19, 2021 at 7:23
  • Looking for the output as attached in the question at the end.
    – chandu
    Commented Mar 19, 2021 at 10:47
  • Make sure that you import the CSV in the correct way i.e. in terms of delimiters (tabs or spaces) or fixed width spacing. If you do this right, everything should at least be in it own cell. I suspect you aren
    – ExcelEverything
    Commented Mar 19, 2021 at 14:11
  • ...I suspect you aren't actually exporting csv (comma separated values) but simply text. If that's the case, use consecutive spaces as delimiters. This way everything should at least be in its own cell, although spread all over the place. You can then code a "clean up" macro in VBA.
    – ExcelEverything
    Commented Mar 19, 2021 at 14:17

3 Answers 3

Reset to default
0
  1. Open file from within Excel
  2. Use the text import wizard to split the text into columns (treat consecutive spaces and/or tabs treated as one)
  3. If the wizard doesn't pop up, and imports everything into one column, select column, then click data > Text to columns
  4. OR Data > From Text (opens the data as a data source, ie. linked to csv file remains in tact, can be refreshed on schedule, on open or manually)
  5. On a new sheet, extract and reformat the data as you'd like, using either Excel formulas or VBA code (VBA could reformat the data in-place on the same sheet, deleting the unnecessary rows and cells etc. Using the Excel formula option together with the data source import could provide a flexible and easy way to summarise the data, especially if the data changes often

If you are lucky there is a fixed pattern in the imported data, say every 10th row contains a computer name in column G, then in the new sheet you can cherry pick the computer names from the rows, starting in sheet2 cell G1 and dragging this formula down:

=INDEX(sheet1!$G:$G,(ROW()-1)*10+1
Improve this answer
0

The issue you're having is that Microsoft.Win32.RegistryKey objects returned by Get-ChildItem use custom formatting to appear more readable in the console (This formatting is defined in $PSHome\Registry.format.ps1xml).

Copy some of the formatting commands and output it into a real CSV:

ForEach ($computer in $myComputerList) {
    #Execute a command on the computer
    Invoke-Command $computer {
        Get-ChildItem 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\' |
            Select PSParentPath,PSChildName,@{l='Properties';e={
                (Get-ItemProperty -LiteralPath $_.PSPath |
                    Select * -Exclude PSPath,PSParentPath,PSChildName,PSDrive,PsProvider |
                    Format-List | Out-String | Sort).Trim()
            }}
    } | select PSComputerName,@{l='Name';e={$_.PSParentPath  -split '\\' | select -Last 1}},PSChildName,Properties | export-csv C:\temp\test.csv -NoTypeInformation -Append
}

Here's the output in excel (I had to expand the cells):

enter image description here

You'll have to copy the Get-ChildItem block for each protocol name

Improve this answer
5
  • Wow. I had no idea PS was this powerful. I'm used to DOS style batch scripts lol. You lost me at @{l='Properties'...
    – ExcelEverything
    Commented Mar 23, 2021 at 0:56
  • If possible can you please help me with the the script for the TLS 1.0 and TLS 1.1 as well please
    – chandu
    Commented Mar 23, 2021 at 12:31
  • I got the output as expected thanks for the help
    – chandu
    Commented Mar 23, 2021 at 12:35
  • Can i get the output in two line as for SSL i need the Disabled and Enabled values in two line instead of in one line
    – chandu
    Commented Mar 23, 2021 at 12:36
  • @chandu do you need it in separate rows? It should already be in two-line format like in the screenshot. Also, if you got the output you needed, consider marking the question as answered
    – Cpt.Whale
    Commented Mar 24, 2021 at 14:12
-1

You could also try and extract individual properties from the registry like this:

Get-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client' -name DisabledByDefault  | select-object -ExpandProperty DisabledByDefault

I don't have those registry entries in my registry, so can't verify if it will work 100%.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .