WinXPe: Making User Registry Changes logged in as Admin

  • This topic is empty.
Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • September 14, 2007 at 3:49 pm #602
    Joe
    Member
    • Total Post: 96
    • Back Stage Pass
    • ★★★★

    Many times, as admins, we find ourselves needing to make changes to the users registry for various reasons. I like to automate everything, and logging out of the administrator account to do some changes as a users isn’t always an option.

    It’s very much possible to make user registry changes while still logged into the client as an Administrator. Doing this requires a basic understanding of the registry and where the files are stored.

    In a default setup, the XPe logs in with the account ‘user’. The users registry files are stored in C:Documents and SettingsUserNTUser.dat. Now, you can’t edit this file directly, but we can use a multi step process to make the changes.

    1: Mount the registry
    2: Make the changes
    3: Unmount the registry

    First, we need to mount the registry. It’s easy to do this in Registry Editor, but we want to automate it so we’ll need some scripting commands to do it. A simple command line will do this for us.


    
REG Load

    So, to load our users key while logged in as administrator, we would issue the following command:


    
REG Load HKUChangeMe "C:Documents and SettingsUserNTUser.dat"

    This command will create a branch under HKey_Users called ChangeMe. Changes made to this key will be stored in the users registry file. We can updated this by whatever method works best for us, be it VBScript, Batch files, or even importing a registry file.

    Once we have finished making changes to the registry, we need to unmount it. To do that, we use the REG command again, but this time we use the unload parameter.


    
REG UNLOAD

    For our example, we would use


    
REG UNLOAD HKUChangeMe

    How about a practical example? Lets say we have been tasked with changing the default web page for internet explorer to our companies web site.

    We will make a simple batch file to do this, and call it SetHomepage.cmd.


    
:Initialze
    
@Echo Off
    
Cls
    

    
:Main
    
Echo Setting Internet Explorer Homepage
    
Reg Load HKUChangeMe "C:Documents and SettingsUserNTUser.dat"
    
Reg Add "HKUChangeMeMicrosoftInternet ExplorerMain" /v "Start Page" /t "REG_SZ" /d "http://www.OurCompaniesSite.com" /f
    
Reg Unload HKUChangeMe

    This is just an example of what you can do with scripting the installation and configuration of your terminals. If you find this useful, please let us know in this post how you used it!

    September 16, 2007 at 2:00 am #10220
    thinkthin
    Member
    • Total Post: 1649
    • Jacked into The Matrix
    • ★★★★★★

    Nice one Joe!

    You can use a program like regshot to compare registry’s from target units and then use your reg tool to deploy.

    This could be done via WDM, or script it with the ewf -commit from any script or management tool.

    Brilliant stuff, thanks for sharing!

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.