Read the Registry with PowerShell

Discuss this Article

In this blog post, learn how to read the registry with PowerShell.

Registry Provider

The registry provider makes reading from the registry similar to accessing a file system.

Open a Registry Hive

Registry hives are drives within the registry provider. You can list the hives by using Get-PSDrive.

Get-PSDrive -PSProvider Registry

Navigate to a particular drive with Set-Location or the cd alias.

Set-Location HKCU:\

List Subkeys

You can list subkeys with the Get-ChildItem or dir alias.

cd HKCU:\
Get-ChildItem 

Open a Subkey

You can also use the Set-Location or the cd alias to open subkeys.

Set-Location HCKU:\Console

Get Values within a Key

You can get values for a key by using Get-ItemProperty.

Get-ItemProperty HKCU:\Console

You can also list the current path’s values by using Get-ItemProperty without a path.

Set-Location HKCU:\Console
Get-ItemProperty

.NET Registry Class

You can also use the .NET Registry class directly. While it’s not quite as user friendly as the Registry Provider, it does provide more options.

Open a Registry Hive

The Registry class has several static fields for accessing hives.

[Microsoft.Win32.Registry]::ClassesRoot
[Microsoft.Win32.Registry]::CurrentUser
[Microsoft.Win32.Registry]::LocalMachine
[Microsoft.Win32.Registry]::PerformanceData

List Subkeys

To list subkeys, use the GetSubKeyNames() method.

[Microsoft.Win32.Registry]::CurrentUser.GetSubKeyNames()

Open a Subkey

To open a subkey, use the OpenSubKey() method. You will need to ensure that you call Dispose() when you are done using it.

$Subkey = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Console")
$Subkey.Dispose()

Get Values within a Key

You can get the values within a key using GetValue() and GetValueNames() methods.

$Subkey = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Console")
$Subkey.GetValueNames()
$Subkey.GetValue("LineWrap")
$Subkey.Dispose()