I’m attempting to write a simple Bash script that will help me verify some Windows registry settings. All the data is within folders (which is the computer’s hostname), and at the path stated in the script. The end goal is to verify the hosts that have the value incorrectly set, based on registry key value at the end of the line.
For reference of the script, parameter one is the registry key I would like to look for, parameter two is the value it should be. If $control matches what is on the end of $value‘s string then it should output the machine name which is the variable $FOLDER
list=$(ls)
regkey=$1
control=$2
for FOLDER in $list
do
value=$($FOLDER/policies/Effective-Security-policy.txt | grep "$regkey")
if [[ "$value" =~ $control ]] ;
then
echo $FOLDER
else
continue
fi
done
However, I can’t get it to do a strict compare, because there is also a registry key named RestrictAnonymousSAM and it will list out values that are incorrect.
Here are some of the lines from within the text file, I need to be able to differentiate between the two, so the returned values are for that particular registry key:
MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=4,0
MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM=4,1
If I understand correctly what you’re trying to do, I think you should write:
grep -qsearches the file for lines matching the pattern, but does not print them out. This makes it well-suited to use inif-tests, sincegrepreturns0(success/true) if it finds a match and1(error/false) if it does not.(Important note: the above assumes that
$regkeyand$controlcan’t contain any metacharacters thatgrepmight treat specially. If they can, then this becomes trickier.)