Powershell

二進制系統資料庫項的 DSC 語法

  • September 14, 2021

應該是一個簡單的系統資料庫 DSC 配置已經變成了一個有點令人沮喪的猜測。我正在嘗試設置二進制系統資料庫項。我發現無法找到正確的值數據格式以正確設置密鑰。我正在嘗試將此系統資料庫文件轉換為 DSC:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\DefaultSecurity]
"SrvsvcShareAdminConnect"=hex:01,00,04,80,64,00,00,00,70,00,00,00,00,00,00,00,\
 14,00,00,00,02,00,50,00,03,00,00,00,00,00,18,00,03,00,0f,00,01,02,00,00,00,\
 00,00,05,20,00,00,00,20,02,00,00,00,00,18,00,03,00,0f,00,01,02,00,00,00,00,\
 00,05,20,00,00,00,25,02,00,00,00,00,18,00,03,00,0f,00,01,02,00,00,00,00,00,\
 05,20,00,00,00,27,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,\
 00,00,00,05,12,00,00,00

我已經嘗試過使用系統資料庫和 xregistry 資源並遇到相同的格式錯誤(我真的不介意我使用哪個)。我嘗試將數據提供為單個字元串、字元串數組、附加 0x 以顯示它是十六進制的字元串數組等。我也嘗試了這裡的建議。

我得到的最接近的是下面的配置,這似乎有效:

  Registry disableAdminShare {
           Ensure      = "Present"
           Key         = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\DefaultSecurity"
           Force       = $true
           ValueName   = "SrvsvcShareAdminConnect"
           ValueData   = @("010004806400000070000000000000001400000002005000030000000000180003000f00010200000000000520000000200200000000180003000f00010200000000000520000000250200000000180003000f0001020000000000052000000027020000010100000000000512000000010100000000000512000000")
           ValueType   = "Binary"
       }

但是在應用的時候看日誌,好像是把值轉換成Decimal,導致輸入無效:

'HKLM:\SYSTEM\CurrentControlSet\Services\lanmanserver\DefaultSecurity\SrvsvcSha
reAdminConnect' to '(1, 0, 4, 128, 100, 0, 0, 0, 112, 0, 0, 0, 0, 0, 0, 0, 20,
0, 0, 0, 2, 0, 80, 0, 3, 0, 0, 0, 0, 0, 24, 0, 3, 0, 15, 0, 1, 2, 0, 0, 0, 0,
0, 5, 32, 0, 0, 0, 32, 2, 0, 0, 0, 0, 24, 0, 3, 0, 15, 0, 1, 2, 0, 0, 0, 0, 0,
5, 32, 0, 0, 0, 37, 2, 0, 0, 0, 0, 24, 0, 3, 0, 15, 0, 1, 2, 0, 0, 0, 0, 0, 5,
32, 0, 0, 0, 39, 2, 0, 0, 1, 1, 0, 0, 0, 0, 0, 5, 18, 0, 0, 0, 1, 1, 0, 0, 0,
0, 0, 5, 18, 0, 0, 0)' of type 'Binary'
VERBOSE: [SCDEV-RD-02]: LCM:  [ End    Set      ]

我確信對此有一個簡單的答案,但我在文件中找不到任何內容。

DSCMSFT_Registry二進制類型的格式ValueData是具有連續字節值對的字元串,帶有可選的前導“0x”

訣竅是來自 $env:windir\Windows\System32\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\MSFT_Registry.psm1 中資源的這段程式碼。

它解析值:

   $binaryVal = $null
   $val = $Data[0].TrimStart("0x")
   if ($val.Length % 2 -ne 0)
   {
       $val = $val.PadLeft($val.Length+1, "0")
   }

   try
   {
       $byteArray = [Byte[]]@()

       for ($i = 0 ; $i -lt ($val.Length-1) ; $i = $i+2)
       {
           $byteArray += [Byte]::Parse($val.Substring($i, 2), "HexNumber")                                    
       }

       $ReturnValue.Value = [Byte[]]$byteArray
   }

例子

對輸入數據稍作改動:

$reg = "01,00,04,80,64,00,00,00,70,00,00,00,00,00,00,00,
 14,00,00,00,02,00,50,00,03,00,00,00,00,00,18,00,03,00,0f,00,01,02,00,00,00,
 00,00,05,20,00,00,00,20,02,00,00,00,00,18,00,03,00,0f,00,01,02,00,00,00,00,
 00,05,20,00,00,00,25,02,00,00,00,00,18,00,03,00,0f,00,01,02,00,00,00,00,00,
 05,20,00,00,00,27,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,
 00,00,00,05,12,00,00,00"

您可以使用以下命令創建格式正確的字元串:

$val = [String]::Join("",$reg.Split(",").Trim())

在 MOF 中,您會看到:

ValueData = {
   "010004806400000070000000000000001400000002005000030000000000180003000f00010200000000000520000000200200000000180003000f00010200000000000520000000250200000000180003000f0001020000000000052000000027020000010100000000000512000000010100000000000512000000"
};

這是一個完整的測試樣本來證明這一點:

  $reg = "01,00,04,80,64,00,00,00,70,00,00,00,00,00,00,00,
 14,00,00,00,02,00,50,00,03,00,00,00,00,00,18,00,03,00,0f,00,01,02,00,00,00,
 00,00,05,20,00,00,00,20,02,00,00,00,00,18,00,03,00,0f,00,01,02,00,00,00,00,
 00,05,20,00,00,00,25,02,00,00,00,00,18,00,03,00,0f,00,01,02,00,00,00,00,00,
 05,20,00,00,00,27,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,
 00,00,00,05,12,00,00,00"

$val = [String]::Join("",$reg.Split(",").Trim())

Configuration RegistryTest
{
   param([string] $Path, [string] $Name, [string] $BinaryValue)

   Import-DscResource -ModuleName PSDesiredStateConfiguration    
   Registry test
   {
       Key = $Path
       ValueName = $Name
       ValueData = $val
       ValueType = "Binary"
   }
}

$args = @{ 
   Path = "HKLM:\SOFTWARE\StackOverflow"
   Name = "BinaryTest"
}

Remove-ItemProperty @args
Get-ItemProperty @args -ErrorAction Continue # Nothing up my sleeve!
$o = RegistryTest @args -BinaryValue $val -outputpath $env:temp
Start-DscConfiguration ($o | split-path) -Wait -Verbose -force
Get-ItemProperty @args

這導致以下輸出:

Get-ItemProperty : Property BinaryTest does not exist at path 
HKEY_LOCAL_MACHINE\SOFTWARE\StackOverflow.
At C:\scratch\test.ps1:30 char:1
+ Get-ItemProperty @args -ErrorAction Continue # Nothing up my sleeve!
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   + CategoryInfo          : InvalidArgument: (BinaryTest:String) [Get-ItemProperty], PSArgu 
  mentException
   + FullyQualifiedErrorId : System.Management.Automation.PSArgumentException,Microsoft.Powe 
  rShell.Commands.GetItemPropertyCommand

VERBOSE: Perform operation 'Invoke CimMethod' with following parameters, ''methodName' = SendCo
nfigurationApply,'className' = MSFT_DSCLocalConfigurationManager,'namespaceName' = root/Microso
ft/Windows/DesiredStateConfiguration'.
VERBOSE: An LCM method call arrived from computer STACKOVERFLOW with user sid S-...
VERBOSE: [STACKOVERFLOW]: LCM:  [ Start  Set      ]
VERBOSE: [STACKOVERFLOW]: LCM:  [ Start  Resource ]  [[Registry]test]
VERBOSE: [STACKOVERFLOW]: LCM:  [ Start  Test     ]  [[Registry]test]
VERBOSE: [STACKOVERFLOW]:                            [[Registry]test] Registry key value 'HKLM:\SOFTW
ARE\StackOverflow\BinaryTest' does not exist
VERBOSE: [STACKOVERFLOW]: LCM:  [ End    Test     ]  [[Registry]test]  in 0.2130 seconds.
VERBOSE: [STACKOVERFLOW]: LCM:  [ Start  Set      ]  [[Registry]test]
VERBOSE: [STACKOVERFLOW]:                            [[Registry]test] (SET) Set registry key value 'H
KLM:\SOFTWARE\StackOverflow\BinaryTest' to '(1, 0, 4, 128, 100, 0, 0, 0, 112, 0, 0, 0, 0, 0, 0,
0, 20, 0, 0, 0, 2, 0, 80, 0, 3, 0, 0, 0, 0, 0, 24, 0, 3, 0, 15, 0, 1, 2, 0, 0, 0, 0, 0, 5, 32,
0, 0, 0, 32, 2, 0, 0, 0, 0, 24, 0, 3, 0, 15, 0, 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 37, 2, 0,
0, 0, 0, 24, 0, 3, 0, 15, 0, 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 39, 2, 0, 0, 1, 1, 0, 0, 0, 
0, 0, 5, 18, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 5, 18, 0, 0, 0)' of type 'Binary'
VERBOSE: [STACKOVERFLOW]: LCM:  [ End    Set      ]  [[Registry]test]  in 0.1390 seconds.
VERBOSE: [STACKOVERFLOW]: LCM:  [ End    Resource ]  [[Registry]test]
VERBOSE: [STACKOVERFLOW]: LCM:  [ End    Set      ]
VERBOSE: [STACKOVERFLOW]: LCM:  [ End    Set      ]    in  0.7010 seconds.
VERBOSE: Operation 'Invoke CimMethod' complete.
VERBOSE: Time taken for configuration job to complete is 0.799 seconds


BinaryTest   : {1, 0, 4, 128...}
PSPath       : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE\StackOverflow
PSParentPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE
PSChildName  : StackOverflow
PSDrive      : HKLM
PSProvider   : Microsoft.PowerShell.Core\Registry

查看我執行它的 Server 2016 和 Windows 10 機器,系統資料庫看起來正確。

demo的系統資料庫二進制值

引用自:https://serverfault.com/questions/865450

相關問答

Powershell

在 Server 2012 上安裝 Windows Management Framework 4.0 (Powershell 4.0) 失敗

  • August 28, 2021
檢視問答
Powershell

DSC 不拉配置

  • July 16, 2019
檢視問答
Powershell

導出系統資料庫的單個條目

  • July 5, 2019
檢視問答
Windows

刪除特定於使用者並包含在使用者配置單元中的系統資料庫值

  • May 14, 2019
檢視問答
Powershell

DSC-Resource:如何刪除系統資料庫項(不是值)?

  • February 13, 2019
檢視問答
Powershell

如果需要,僅在 PowerShell DSC 中包含 CertReq

  • January 29, 2019
檢視問答