It seems as though this might be an intended design. If it's a String Value I can check for a number in hex format, or the value can be a text string. Both seem to work.
But this only seems to work if the registry key is a DWORD (REG_DWORD) value, which BSA calls "Data Value." But if the registry key is a String Value (REG_SZ) I can't seem to get a compliance Rule to recognize it.
Here is an example:
Path: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL\explorer.exe
String Value: 1
Data Type: REG_SZ
Here is my Compliance Rule:
"Registry Value:HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL\explorer.exe" exists AND
"Registry Value:HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL\explorer.exe"."String Value (Windows)" = "1"
Neither of these conditions pass. Changing the second condition value to hex (0x00000001) doesn't work, and changing the "String Value (Windows)" to "Integer Value (Windows)" doesn't work either.
I found the problem. I'm creating hundreds of Rules so in order to speed up the process I was copying the registry key information from the live browsed object, pasting it into Notepad, editing it, and pasting it into my Rule.
For example I would copy:
Path HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\DisableEPMCompat
From the browsed object, paste it into Notepad and edit it to:
"Registry value:HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\DisableEPMCompat"
Then I would copy this and paste it into the Compliance Rule. This worked for 125 Rules, but failed for 24 of them.
The workaround was to go back into the Rules that were failing, and instead of copying/pasting the registry key in, I browsed and selected the registry key from the pull down menu instead. For some reason this worked, even though the text strings were identical. I'm wondering if Notepad was including a hidden character that was causing BSA to not recognize it.