Powershell Script not pulling Registry Hive info

We are trying to implement a powershell script in KACE that will delete the Intune registration from certain PCs (trying to correct an enrollment issue that happened in one of our offices).  The script works fine when run manually on PCs, but running it from KACE produces multiple errors.  I've been able to track down the issue to this command:

$locatekeyname = Get-ChildItem -path HKLM:\SOFTWARE\Microsoft\Enrollments\ -recurse -ErrorAction SilentlyContinue | Where-Object {$_.PSChildName -contains "DeviceEnroller"} | Out-String

When we run that script, we are expecting to get an output similar to this stored in $locatekeyname:

    Hive: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments\2A776205-D75A-405E-BC49-A60137F9CB80

Name                           Property                                                                                                                                                       
----                           --------                                                                                                                                                       
DeviceEnroller                 FirstScheduleTimestamp : {229, 7, 10, 0...}                                                                                                                    
                               FirstSessionTimestamp  : {73, 118, 105, 133...} 

However, when we run it via KACE via local system, the variable is blank, which cascades into causing the rest of the script to fail.  I've tried adjusting the script to look at HKLM64, tried running Powershell.exe from sysnative instead of the dependency directory, and also tried running as a specific admin user.  But no matter what we try, it still fails.  We could really use some help on this to figure out why the hive info is not populating into the variable.  Does anyone have any ideas on how to get it to pull that data?

0 Comments   [ + ] Show comments

Answers (1)

Posted by: Nioky 2 months ago
Yellow Belt

Hi FreedanZero,

I use to face issues like that in the past but can't exactly remember what was the solution. After browsing my scripts, I can see that I always write it like that since this time :

$registryPath = "Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments"

$registryKeys = Get-ChildItem $registryPath -recurse

So in your exemple, 

$locatekeyname = Get-ChildItem -path "Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments" -recurse -ErrorAction SilentlyContinue | Where-Object {$_.PSChildName -contains "DeviceEnroller"} | Out-String

Let us know,Nioky
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ