Monitor Registry Key via Powershell for Remote Computers (Monitor SSLv3)

Scenario:  You have a registry key you want to monitor and to alert you if the value changes.  We noticed after the install of Exchange 2013 CU11, it enabled SSLv3 which was manually disabled before.


#Define Server Collection
$Servers = Get-ExchangeServer | Where AdminDisplayVersion -like "Version 15*" 

#Loop for SSLv3
$sslv3_svr = @()   #Create Array Variable
$Servers | %{
              $Reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $
              $RegKey= $Reg.OpenSubKey("SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server")
              $SSLv3 = $RegKey.GetValue("Enabled")
              If($SSLV3 -ne 0){
                     $sslv3_svr += $
#Email it
$body =""
$smtp = ""
[string[]]$to = "",""
$from = ""
$subject = "SSLv3 monitor" 
$body += "<b><Font color=#0404B4>SSLv3 is enabled on the following server and needs to be turned off: </b></font><br><br>"
$body += "<Font color=red>$sslv3_svr</font><br><br><br>" 
send-MailMessage -SmtpServer $smtp -To $to -From $from -Subject $subject -Body $body -BodyAsHtml -Priority high

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: