GetBinaryValue method of the StdRegProv class

The GetBinaryValue method returns the data value for a named value whose data type is REG_BINARY.

This topic uses Managed Object Format (MOF) syntax. For more information about using this method, see Calling a Method.

Syntax

uint32 GetBinaryValue(
  [in]  uint32 hDefKey = HKEY_LOCAL_MACHINE,
  [in]  string sSubKeyName,
  [in]  string sValueName,
  [out] uint8  uValue[]
);

Parameters

hDefKey [in]

A registry tree, also known as a hive, that contains the sSubKeyName path. The default value is HKEY_LOCAL_MACHINE.

The following trees are defined in WinReg.h.

HKEY_CLASSES_ROOT (2147483648)

HKEY_CURRENT_USER (2147483649)

HKEY_LOCAL_MACHINE (2147483650)

HKEY_USERS (2147483651)

HKEY_CURRENT_CONFIG (2147483653)

Return value

In C++, the method returns a uint32 value that is 0 (zero) if successful. If the function fails, the return value is a nonzero error code that is defined in WinError.h. In C++, use the FormatMessage function with the FORMAT_MESSAGE_FROM_SYSTEM flag to get a generic description of the error. You can also look up return values under the WMI Error Constants.

In scripting or Visual Basic, the method returns an integer value that is 0 (zero) if successful. If the function fails, the return value is a nonzero error code that you can look up in WbemErrorEnum.

Remarks

Binary registry values are very cryptic, and difficult for humans to make sense of. However, there is useful information in the registry that is stored in binary format. As an advanced system administrator, you might find yourself interested in understanding, and possibly even editing, certain binary entries. For example, services are organized in groups. The GroupOrderList subkey stores information about the order in which groups of services are loaded when Windows boots. This information looks similar to the following:

17 0 0 0 14 0 0 0 1 0 0 0 2 0 0 0 3 0 0 0 4 0 0 0 5 0 0 0 6 0 0 0 7 0 0 0 8 0 0 0 9 0 0 0 10 0 0 0 11 0 0 0 12 0 0 0 13 0 0 0 15 0 0 0 16 0 0 0 17 0 0 0

Although this type of information is rarely useful to a system administrator, it can be important to support personnel troubleshooting computer problems. If support personnel need to know the value of a binary registry entry, you can use scripts to retrieve this information.

The caution about manipulating registry entries directly is even more relevant with binary entry values. For one thing, they are cryptic, with no obvious meaning. Along the same lines, they are difficult to remember in case you need to restore their original values. Although there is no harm in reading one of these values, be very careful about modifying the value in any way.

The Registry Provider includes the GetBinaryValue method to enable you to work with binary entry values. The method takes, as one of its parameters, a variable that is used to store the retrieved value. The value is returned as an array of bytes. Therefore, to extract the value, you need to loop through the array, extracting a single byte with each pass.

Examples

For an example of how to use GetBinaryValue, see the example in the GetDWORDValue topic.

The Multithreaded Remote Registry Gathering with Powershell sample gathers specific subkey values or an entire registry key s subkey values with PowerShell and multithreading.

The following code sample uses WMI to read a binary registry value.

Const HKEY_LOCAL_MACHINE = &H80000002

strComputer = "."
Set StdOut = WScript.StdOut
 
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _ 
    strComputer & "\root\default:StdRegProv")
 
strKeyPath = "SOFTWARE\Microsoft\Windows NT\CurrentVersion"
strValueName = "LicenseInfo"
oReg.GetBinaryValue HKEY_LOCAL_MACHINE,strKeyPath, _
    strValueName,strValue
 
 
For i = lBound(strValue) to uBound(strValue)
    StdOut.WriteLine  strValue(i)
Next

Requirements

See also

StdRegProv

Modifying the System Registry

WMI Tasks: Registry