Manual Chapter : Fetching the value of a Windows Registry key from a client
Applies To:Show Versions
- 15.0.1, 15.0.0
Fetching the value of a Windows Registry key from a client
Before this access policy can run successfully, clients must be configured to allow trusted BIG-IP systems to fetch specific Windows Registry key values.
You can use a Windows Registry action to fetch values from the Windows Registry on the client.
- On the Main tab, click.The Access Profiles (Per-Session Policies) screen opens.
- In the Per-Session Policy column, click theEditlink for the access profile you want to configure.The visual policy editor opens the access policy in a separate screen.
- On a policy branch, click the(+)icon to add an item to the policy.A popup screen displays actions on tabs, such as General Purpose and Authentication, and provides a search field.
- Click the Endpoint Security (Client-Side) tab.
- SelectWindows Registryand clickAdd Item.A popup properties screen opens.
- In theExpressionfield, type an expression that includes these items: the name of a Windows Registry key value, the >> operator, and a name for use as a variable.The Windows Registry key value used in the expression must match a registry key value that the client allows a trusted server to fetch.Here is an example expression:"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters"."Domain" >> "variable_name"whereHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parametersis the registry key,Domainis the name of the value to fetch and>>is the GET operator. If GET is successful, thenvariable_nameis used to store the value in a session variable formatted like this:session.windows_check_registry.last.data.variable_name.
- ClickFinished.The popup screen closes.
- ClickSave.The properties screen closes and the policy displays.
You added an action to fetch a registry key value from the Windows Registry on the client. This is not a complete access policy.
Apply Access Policylink to apply and activate your changes to this access policy.
To ensure that logging is configured to meet your requirements, verify the log settings for the access profile.