Client Management Suite

Hello everyone,

It's been some time since I've posted something the forums and could use your wide range of expertise on this. I have written a vbscript to gather information from "HKLM/System/CurrentControlSet/Control/Terminal Server/WinStations/RDP-Tcp", specifically I want to check for the existence of "SSLCertificateSHA1Hash". My script, I think is sound, but fails to run. I know the key I'm looking for exists on the endpoint. However, if I enter logic to skip my string if the value is NULL then I can output the results to an XML file but nothing is gathered. Could someone take a look at my script and then posit a reason why this isn't working. I'm very grateful for any help. Thank you.

Option Explicit
Const HKEY_LOCAL_MACHINE = &H80000002
Dim strComputer
Dim objRegistry
Dim strSubKeyPath
Dim strSSLCert

strComputer = "."
Set objRegistry = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")

''' Altiris Stuff
'Create instance of Altiris NSE component
dim nse
set nse = WScript.CreateObject ("Altiris.AeXNSEvent")

' Set the header data of the NSE
' Please don't modify this GUID
nse.To = "{1592B913-72F3-4C36-91D2-D4EDA21D2F96}"
nse.Priority = 1

'Create Inventory data block. The following data class with below guid is already configured on server.
'Brackets are required around the dataclass guid.
dim objDCInstance
set objDCInstance = nse.AddDataClass ("{0b82166e-0193-4772-a574-4ffa17884646}")

dim objDataClass
set objDataClass = nse.AddDataBlock (objDCInstance)
''' End of Altiris Stuff

 strSubKeyPath = "System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"
    objRegistry.GetStringValue HKEY_LOCAL_MACHINE, strSubKeyPath, "SSLCertificateSHA1Hash", strSSLCert

   
 
    'Add a new row
 dim objDataRow
 set objDataRow = objDataClass.AddRow
 'Set columns
 objDataRow.SetField 0, strSSLCert

 Wscript.echo nse.Xml
 'Wscript.echo "SSLCertificateSHA1Hash: " & strSSLCert

''' Altiris Stuff
' Send the NSE data to the NS server
'nse.SendQueued
''' End of Altiris Stuff
''' End of vbscript main logic

Does it work if you remove all of the Altiris stuff, as that will tell us which area is failing?

Also, what security context are you running the run script under, and if you change that does it still fail?

Also what is the type of the class attribute with the index of 0?

you should also set the "impersonationLevel":

Set objRegistry = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")

You should also try adding/defining the class without the brackets or by name

set objDCInstance = nse.AddDataClass ("0b82166e-0193-4772-a574-4ffa17884646")

set objDCInstance = nse.AddDataClass ("MyCustomDataClass")

According to this Microsoft article (http://support.microsoft.com/kb/2001849) the key that you are reading is REG_BINARY.

I tried making a key like in the Microsoft article, and replaced objRegistry.GetStringValue with objRegistry.GetBinaryValue.

That gave me an array of the binary data. The script could read the data, but would then fail on the line saying: objDataRow.SetField 0, strSLLCert

It probably fails because the SetField wants a String, and it is getting a Binary array, so either convert the binary array to a string, or maybe the SetField can understand a binary array.

Then I would use something like

objRegistry.GetBinaryValue HKEY_LOCAL_MACHINE, strSubKeyPath, "SSLCertificateSHA1Hash", aBytes
strSSLCert = ""
For Each uByte in aBytes
	hValue = Hex(uByte)
	If (Len(hValue) = 1) Then hValue = "0" & hValue
	strSSLCert = strSSLCert & hValue & " "
Next