edit the ntuser.dat

Posted on 1998-02-16
Last Modified: 2013-12-28
is there any way to edit the ntuser.dat from a user without he is to be logged in? we have the problem to edit some entries in the HKEY_CURRENT_USER tree of about 1.500 users. there profiles all are saved on one server. is there any tool what can read and write this file without the other registry trees??? need help!!!
Question by:pman
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Accepted Solution

biyiadeniran earned 100 total points
ID: 1790516
The info below should help do you have the RESkit?

Windows NT® Resource Kits
Command-line syntax
Creating a Regini script file
Script file syntax
Line formatting
Registry Key names
Key name syntax
Kernel and User key names
Value entries
Sample script files
Storing a user name for automatic administrative logon
Adding a value for the current user in the Exchange client subkey
Setting the default user name
Complex sample
Regini is a command-line utility that you can use to edit the Windows NT Registry. Regini runs the scripts you write that add and modify Registry subkeys and value entries.
When you want to edit the Registry directly, use a Registry editor.

Changing the Registry by using a Registry editor can have unforeseen effects that can prevent you from starting your computer. Whenever possible, use programs such as Control Panel or System Policy Editor to configure Windows NT.
You can use Regini for batch implementation of corporate standards, including display, sound, and security settings. When you install new device drivers or hardware, however, use the Setup program provided for that purpose.

Command-line Syntax
To run Regini, at the command prompt, type:
regini ScriptFile [ScriptFile...]
where ScriptFile is the filename (and optionally the full path) of a script file used to modify the Windows NT Registry.
For example:
regini \\myserver\public\myfolder\srv.ini
runs Regini, and directs it to run a script file named Srv.ini from the shared folder \\Myserver\Public\Myfolder.
Creating a Regini Script File
Script File Syntax
In a Regini script file specifying Registry changes, you must locate the subkey containing the value entry to be added or changed on the first line, followed by the intended value of that value entry on the second line, using the following format:
\Registry\Key [ACL]ValueEntryName = DataType Value
Key      is the name of the key or subkey containing the value entry you
      wish to add or change
ValueEntryName      is the name of the value entry whose value is to be modified
DataType      is the data type used by the value entry
Value      is the intended result
ACL      is an access control list you can choose to include.

The elements of this syntax are explained in more detail below.
If a line contains an equal sign (=), then Regini interprets that line as specifying the value of a Registry value entry.
If a line does not contain an equal sign (=), Regini interprets that line as specifying the name of a Registry key or subkey.

Make sure the text editor you use to create the script file inserts a carriage return at the end of each line. Missing carriage returns can cause unpredictable results.

For example, a Regini script file named Srv.ini, in the shared directory \\Myserver\Public\Myfolder, contains the following text:
      \ParametersDiskSpaceThreshhold = REG_DWORD 0x00000000

The following, typed at the command prompt, adds the DiskSpaceThreshhold value entry to the Registry or changes the value that is already there:
regini \\myserver\public\myfolder\srv.ini

Script files can have any extension. They must be saved in ANSI format, but are converted to Unicode when read from the disk. Currently, there is no way to specify a Unicode text file as the script file.

Line Formatting
The format of the script file is line-based. If you are unable to fit all the information for a Registry subkey name or value entry on one line, use the backslash character (\) as a line-continuation character.
For example:
1234 \
is treated as single line containing:
1234561234 12

Registry Key Names
Key Name Syntax
If a line does not contain an equal sign (=), then the line specifies the name of a Registry key or subkey. In a Regini script file, the subkey name consists of all text from the first non-blank character to the end of the line, including spaces, on any line that does not contain an equal sign.
Leading spaces are significant. If there are no leading spaces, then the named subkey is an absolute path in the Registry.
For example:
- or -
USER:Control Panel
In the second example, USER: is replaced by the full path to the root of the currently logged-on user's profile (for example, \Registry\Users\S-x-x-xxxx...).
If a line in the script file does not contain an equal sign, and there are one or more spaces at the beginning of that line, then the subkey name on that line is defined in relation to the subkey preceding it in the Registry hierarchy. If the number of leading spaces is the same as in the preceding subkey, then Regini locates the subkey at the same level. If the number of leading spaces is lower, Regini locates the subkey one level higher; if the number is higher, Regini locates the subkey one level lower.
For example:
Kernel and User Key Names
Note that Regini works with Kernel Registry strings. When you access the Registry in User mode to modify the HKEY_LOCAL_MACHINE, HKEY_CURRENT_USER, or HKEY_CURRENT_USER keys, the string is converted to the following in Kernel mode:
·      HKEY_LOCAL_MACHINE is converted to \Registry\Machine.
·      HKEY_USERS is converted to \Registry\User.
·      HKEY_CURRENT_USER is converted to \Registry\User\User_SID, where User_SID is the current user's security identifier (SID).

After the subkey name, you can optionally specify an access control list (ACL). The ACL is a list of decimal numbers separated by spaces within square brackets. The decimal numbers represent the following user rights:
      1.      Administrator Full
      2.      Administrator R
      3.      Administrator RW
      4.      Administrator RWD
      5.      Creator Full
      6.      Creator RW
      7.      World Full
      8.      World R
      9.      World RW
      10.      World RWD
      11.      Power Users Full
      12.      Power Users RW
      13.      Power Users RWD
      14.      System OpFull
      15.      System OpRW
      16.      System OpRWD
      17.      System Full
      18.      System RW
      19.      System R
      20.      Administrator RWX

Value Entries
If a line in a script file contains an equal sign (=), then that line specifies a value for a Registry value entry. The text to the left of the equal sign, if any, is the name of the value entry. The text to the right of the equal sign specifies the data type and value of the value entry. Syntax for specifying a value is as follows:
ValueEntryName = DataType Value
ValueEntryName      is the name of the value entry.
DataType      is the data type.
Value      is the value of the entry.

The value entry name consists of all characters from the first non-blank character on the line to the last non-blank character before the equal sign. The value consists of the first non-blank character after the data type to the end of the line.
Eight data type keywords are supported by Regini. If none is specified, the default data type, REG_SZ, is used. The data types and the format of the values for each are:
            Sets the Registry
Data Type      Value Data      data type to      Notes
REG_SZ      A string      REG_SZ      REG_SZ is the defaut
                  data type.
REG_EXPAND_SZ      A string      REG_EXPAND_SZ
REG_MULTI_SZ      One or more      REG_MULTI_SZ
      strings, each
      within quotes
REG_MULTISZFILE      A path to a file      REG_MULTI_SZ      The file is opened and
                  each quoted string is
                  added to the value.
REG_DWORD      A decimal      REG_DWORD      Use 0x to specify a
      number            hexadecimal value, 0o
                  to specify an octal
                  value, and 0b to
                  specify a binary value.
                  You can use the
                  strings On, Yes, or
                  True, which are
                  converted to
                  0x00000001, and the
                  strings Off, No, or
                  False, which are
                  converted to
REG_BINARY      Two or more      REG_BINARY      The first decimal
      decimal numbers            number must be the
                  number of bytes of
                  data that follow. The
                  remaining numbers are
                  converted into 32-bit
                  numbers. The value
                  length is always a
                  multiple of 4 bytes.
REG_BINARYFILE      A path to a file      REG_BINARY      The named file is
                  opened and its
                  contents stored in the
                  Registry as the value.
                  The length of the value
                  is the length of the                   file.
DELETE      [No value data]      [No data type]      If this keyword is
                  specified as the data
                  type, the value entry
                  name is deleted.

Sample Script Files
The sample Regini script files included in this section show how to:
·      Store a user name to use for automatic logon
·      Add a value for the current user in the Exchange client subkey
·      Modify several Registry keys at the same time

Storing a user name for automatic administrative logon
This example shows how to use a Regini script to set a user name for an administrative account that can log on automatically to Windows NT.
Start the computer, and press CTRL+ALT+DEL to log on to Windows NT. In the Logon Information dialog box, type a user name and password. The user name you type is stored in the DefaultUserName value entry in the Winlogon subkey of the Registry.
To ensure that the value of DefaultUserName never changes, create a script file containing the following text:
                  Windows NT
                                    DefaultUserName = REG_SZ USERNAME

where DefaultUserName is the value name, REG_SZ is the data type and USERNAME is the desired result or value.

To log on automatically to Windows NT, you must supply the password associated with the user name. The password is stored in the DefaultPassword value entry in the Winlogon subkey of the Registry. If no password was entered in the Logon Information dialog box, you do not need to supply a password in the script file.

To reference the script file, create a batch file containing the following command:
c:\reskit\regini c:\username.ini
where the name of the script file saved is Username.ini.
To ensure that the DefaultUserName will not change, however many users log on, place this batch file in the Systemroot\Profiles\All Users\Start Menu\Programs\Startup directory.
Adding a value for the current user in the Exchange client subkey
These examples show how to add a value entry for the current user in the Exchange subkey.
You can change the value of Exchange client options in either HKEY_USERS or HKEY_CURRENT_USER.
The following two sample scripts show how to use this information with Regini when you want to add or modify multiple Registry keys.
Example 1
    DictionaryLangId = REG_SZ 1033
    PickLogonProfile = REG_SZ 0

Example 2
    DictionaryLangId = REG_SZ 1033
    PickLogonProfile = REG_SZ 0

Setting the default user name
This example shows how to use Regini to set the default user name in the Logon Information dialog box. This script modifies HKEY_LOCAL_MACHINE.
                  Windows NT
                                    DefaultUserName = REG_SZ bmiller

Complex sample
The following scripts were obtained by running the Regdmp utility.
        AudioCD [10 1 17 5]
            EditFlags = REG_BINARY 0x00000004 0x00000002
                = REG_EXPAND_SZ %SystemRoot%\system32\shell32.dll,40
                = play
                    = &Play
                        = REG_EXPAND_SZ %SystemRoot%\system32\cdplayer.exe \
                                        /play %1

            DCOM Protocols = REG_MULTI_SZ  "ncadg_ip_udp" \
                                           "ncadg_ipx"    \
                                           "ncacn_ip_tcp" \
                                           "ncacn_spx" \
                                           "ncacn_nb_nb" \

        NetDDE [17 1]
            DDE Shares
                SerialNumber = REG_BINARY 8 0x09000005 0x01000000
                    fuCmdShow = REG_DWORD 0x7
                    ItemList = REG_MULTI_SZ
                    NewStyleLink = REG_SZ
                    NumItems = REG_DWORD 0x0
                    OldStyleLink = REG_SZ
                    Revision = REG_DWORD 0x1
                    SecurityDescriptor = REG_BINARY 0x6C \
                        0x80040001 \
                        0x0000004C \
                        0x0000005C \
                        0x00000000 \
                        0x00000014 \
                        0x00380002 \
                        0x00000002 \
                        0x00180200 \
                        0x000F03FF \
                        0x00000201 \
                        0x05000000 \
                        0x00000020 \
                        0x00000220 \
                        0x00180200 \
                        0x000002BD \
                        0x00000101 \
                        0x01000000 \
                        0x00000000 \
                        0x00000220 \
                        0x00000201 \
                        0x05000000 \
                        0x00000020 \
                        0x00000220 \
                        0x00000201 \
                        0x05000000 \
                        0x00000020 \
                    SerialNumber = REG_BINARY 8 0x09000005 0x01000000
                    Service = REG_DWORD 0x1
                    SharedFlag = REG_DWORD 0x1
                    ShareName = REG_SZ CLPBK$
                    ShareType = REG_DWORD 0x4
                    StartAppFlag = REG_DWORD 0x0
                    StaticDataLink = REG_SZ ClipSrv|System


Author Comment

ID: 1790517
But therefore (using regini.exe) the users must be logged in. and my problem is to edit the ntuser.dat. is there no utility???

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
"The app didn't start" 8 32
Hide shared folder for some users 2 32
Program files permissions 1 21
Desktop loading is delayed 38 53
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question