Creating Custom Registry Value x64 Checks

 

Within VMware vCenter Protect - Configuration Management, you can define a custom check that looks to see if a specific 64-bit registry value exists on a scanned machine. For example, you may wish to create a check that verifies that all of your 64-bit machines contain a certain registry key for an in-house application or for an organization-specific security requirement.

 

Note: 64-bit machines support both 32- and 64-bit programs. In order to support the coexistence of programs, Windows is designed to present 32-bit programs with a tree in the registry that is different from the 64-bit tree. The custom check described in this section is designed to work with the 64-bit portion of the registry. If you want to create a custom check for the 32-bit portion of the registry, see Creating Custom Registry Value Checks.

  1. To create a new custom Registry Value x64 check from scratch, from the Custom Check Wizard click Create New Custom Check.

The following dialog is displayed:

CustomCheckWizardOS.gif

  1. Select the desired 64-bit operating system levels and then click Next.

The General Properties dialog is displayed.

CustomCheckx64.gif

  1. Type a unique name for the custom check and description.

  2. In the Type box select Registry Value (x64) and then click Next.

The Specific Properties dialog is displayed. For example:

CustomCheckWizardSpecificProperties.gif

  1. Use the available boxes to define the exact registry value for which you want to create a policy check.

You must provide the root, path, value name, and value type information. For example:

CustomCheckWizardPropertiesPopulatedx64.gif

 

Hint: For tips on using the Windows Registry Editor program (regedit) to locate these values and easily populate the fields on this dialog, see Using Regedit.

  1. After defining the specific properties of the check, click Test Check.

This test is performed on the console registry and has two purposes. It validates that the check is properly defined by using the information provided to locate the check, and it displays the current registry value. If the test comes back unable to locate the registry value, it either means the check is not properly defined or it does not exist on the console (although it may on the target systems). If the check does not exist on the console it may be because the console is not installed on a 64-bit operating system.

  1. Click Next.

The Operator and Value dialog is displayed.

CustomCheckWizardOperatorValue.gif

  1. Select an operator, type an expected value, and then click Next.

The Operator can be any of the following:

The Expected Value can be any alphanumeric value.

  1. Click Next.

The following dialog is displayed.

CustomCheckWizardFinish.gif

 

  1. (Optional) If you want to export this custom check to an XML file to use it as the starting point for other custom checks, click Export to File.

For more information, see Exporting Custom Checks.

  1. Click Finish.

The custom check is displayed within the policy. For example:

CustomCheckinPolicyx64.gif