System Center Configuration Manager TechCenter >
System Center Configuration Manager Forums
>
Configuration Manager Desired Configuration Management
>
Check if Registry Value Exists?
Check if Registry Value Exists?
- I just want to simply validate if a registry value exists. For example, everyone has the key HKLM\Software\Symantec\ABC\XYZ, but they should also have a string value in XYZ called "XXX". If that value does not exist (not blank, but NOT EXIST) then they are non-compliant. I have tried to created this CI but it does not work.
Will this be an object or a setting?
If setting, how should it be configured?
Thanks!
xtiyu32n
Answers
- That would be a Registry Setting (Registry Object is for registry Key/folders only).
All you will need is to use an instance count (Existential) rule for the setting. By default this is already enabled when you create a Registry Setting.
Go to the Validation tab, and notice the checkbox in the bottom half of the dialog that states "Report a non-compliance event when this instance count fails."
Make sure it is selected (it is by default), and leave the default of "Greater than" and "0".
This will cause the CI to be Non-compliant if there are 0 instances of the registry value specified in the setting.
Kevin
This posting is provided "AS IS", provides no warranties, and confers no rights. -- Kevin- Proposed As Answer byKevinM [MSFT]MSFT, ModeratorTuesday, September 29, 2009 5:01 PM
- Marked As Answer byxtiyu32n Tuesday, October 06, 2009 2:50 PM
- You should not need to add any rules. Just make sure the checkbox is selected that states "Report a non-compliance event when this instance count fails", and in the same dialog area below it, specify operator "Greater than" and value: "0".
This tells the client that for this setting to be compliant, there must be 'greater than 0 instances' (or >=1) of this registry setting.
If after doing that it still doesn't work, then there must be something else wrong in your environment.
Adding a rule to the listview above is only if you wish to define compliance based not on the fact that there is something present, but rather that the value is what you expect it to be (whether an exact value or a range of values). From what you described above, however, this is not what you need.
This posting is provided "AS IS", provides no warranties, and confers no rights. -- Kevin- Marked As Answer byxtiyu32n Tuesday, October 06, 2009 6:33 PM
All Replies
- That would be a Registry Setting (Registry Object is for registry Key/folders only).
All you will need is to use an instance count (Existential) rule for the setting. By default this is already enabled when you create a Registry Setting.
Go to the Validation tab, and notice the checkbox in the bottom half of the dialog that states "Report a non-compliance event when this instance count fails."
Make sure it is selected (it is by default), and leave the default of "Greater than" and "0".
This will cause the CI to be Non-compliant if there are 0 instances of the registry value specified in the setting.
Kevin
This posting is provided "AS IS", provides no warranties, and confers no rights. -- Kevin- Proposed As Answer byKevinM [MSFT]MSFT, ModeratorTuesday, September 29, 2009 5:01 PM
- Marked As Answer byxtiyu32n Tuesday, October 06, 2009 2:50 PM
- Ok, so I think it's still not working....
What settings do I need under "Configure Validation"? Currently I have:
Setting/Property: SETTING NAME
Operator: Equals
Value: 0
Is this correct?
Thanks.
xtiyu32n - You should not need to add any rules. Just make sure the checkbox is selected that states "Report a non-compliance event when this instance count fails", and in the same dialog area below it, specify operator "Greater than" and value: "0".
This tells the client that for this setting to be compliant, there must be 'greater than 0 instances' (or >=1) of this registry setting.
If after doing that it still doesn't work, then there must be something else wrong in your environment.
Adding a rule to the listview above is only if you wish to define compliance based not on the fact that there is something present, but rather that the value is what you expect it to be (whether an exact value or a range of values). From what you described above, however, this is not what you need.
This posting is provided "AS IS", provides no warranties, and confers no rights. -- Kevin- Marked As Answer byxtiyu32n Tuesday, October 06, 2009 6:33 PM
- Ah ha! That was it! It seems to be working now. Thanks Kevin!
xtiyu32n
