NT Admin access from a User context

Posted on 1998-11-13
Last Modified: 2010-04-30
I am trying to create a VB prog which will read and write to the NT registry that the system or administrators only have access to.  The program must be launched from the basic User context security level.

If I was doing the task in a batch routine I would us the resource kit utility SU to switch from the user account to an admin just for that script/program.

Is there any alternative or API function call that I can use in VB to solve this issue ?
Question by:mdtt94
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
LVL 14

Expert Comment

ID: 1444709
I know how to change the perimissions of files, but not how to take the context of other users.

Author Comment

ID: 1444710
Thanks but I need to access registry keys that the users are not permitted to use.
LVL 13

Expert Comment

ID: 1444711
It has do with impersination levels and stuff like that. It was hard to program in C++ so it will be even harder in VB.
BTW: Your solution needs the administrator password, am I right?
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Expert Comment

ID: 1444712
What exactly are you trying to do? I've spent alot of time buried in the registry and could help with what you are trying to do. You could possibly do a service and have a regular user start that service (which runs under the admin account) and that service could access the registry. Give me some more info and I'll check into it.

Author Comment

ID: 1444713
It's really a simple front end program that takes some users details and distrubutes the information to various keys in the registry (to set up mulitiple applications which use user information or profiles - Like Netscape, Office etc).  The program also needs to read and write parts of the registry that normal users don't have access to (Computer Name, Logon Name and maybe more).  This information only comes through if you have admin permissions on the workstation.

Expert Comment

ID: 1444714
The only way that I can think of is to write a service that runs under the admin account and have your app start it up and get the information from that. If all the keys you need are in the HKEY_LOCAL_MACHINE you can read that. Most info is kept there and all users should have access to them. I went the services route and found that is was very easy to code and get the info I needed. There is a guy who wrote an article on how to write services and I think he has something regarding the registry also. his http is

John Cantley
LVL 13

Accepted Solution

Mirkwood earned 100 total points
ID: 1444715
It would be a security breach if what you want could be done. Therefor it cannot be done.

Author Comment

ID: 1444716
I have found out how to use the API calls to get the information on the computername and user rather than look them up in the registry from the secure keys.  Thanks for your help anyway.  It would indeed be a security problem if a user could access these keys.



Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many ways to remove duplicate entries in an SQL or Access database. Most make you temporarily insert an ID field, make a temp table and copy data back and forth, and/or are slow. Here is an easy way in VB6 using ADO to remove duplicate row…
Since upgrading to Office 2013 or higher installing the Smart Indenter addin will fail. This article will explain how to install it so it will work regardless of the Office version installed.
Get people started with the process of using Access VBA to control Excel using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Excel. Using automation, an Access application can laun…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question