Creating Custom Registry Value Checks

 

Within VMware vCenter Protect - Configuration Management, you can define a custom check that looks for a specific registry value on all scanned machines. For example, you may wish to create a check that verifies that all of your machines contain a certain registry key for an in-house application or for an organization-specific security requirement.

 

The custom check type discussed in this section is designed to be used with 32-bit operating systems. It will also work within the 32-bit (Wow6432Node) registry key locations on 64-bit systems. To create a custom check for 64-bit operating systems, see Creating Custom Registry Value x64 Checks.

Note: To see a demonstration of the following process, go to: http://www.shavlik.com/prodtrain-configure.aspx

  1. To create a new custom Registry Value check from scratch, from the Custom Check Wizard click Create New Custom Check.

The following dialog is displayed:

CustomCheckWizardOS.gif

  1. Select the desired operating system levels and then click Next.

The General Properties dialog is displayed.

CustomCheckRegValue.gif

  1. Type a unique name for the custom check and description.

  2. In the Type box select Registry Value and then click Next.

Note: For registry values on 64-bit machines you should select Registry Value (x64), as it is designed to work specifically with 64-bit machines.

The Specific Properties dialog is displayed. For example:

CustomCheckWizardSpecificProperties.gif

  1. Use the available boxes to define the exact registry value for which you want to create a policy check.

You must provide the root, path, name, and type information. For example:

Note: If a value name is not specified the (Default) value name will be used.

CustomCheckWizardPropertiesPopulated.gif

Hint: For tips on using the Windows Registry Editor program (regedit) to locate these values and easily populate the fields on this dialog, see Using Regedit.

  1. After defining the specific properties of the check, click Test Check.

This test is performed on the console registry and has two purposes. It validates that the check is properly defined by using the information provided to locate the check, and it displays the current registry value. If the test comes back unable to locate the registry value, it either means the check is not properly defined or it does not exist on the console (although it may on the target systems).

  1. Click Next.

The Operator and Value dialog is displayed.

CustomCheckWizardOperatorValue.gif

  1. Select an operator, type an expected value, and then click Next.

The Operator can be any of the following:

The Expected Value can be any alphanumeric value.

  1. Click Next.

The following dialog is displayed.

CustomCheckWizardFinish.gif

 

  1. (Optional) If you want to export this custom check to an XML file to use it as the starting point for other custom checks, click Export to File.

For more information, see Exporting Custom Checks.

  1. Click Finish.

The custom check is displayed within the policy. For example:

CustomCheckinPolicy.gif