• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 156
  • Last Modified:

Delete Registry Keys/Values on Windows ME/2000

I need help writing a procedure or function that would be able to do the following on Windows ME/2000:

- programatically secure the appropriate 'Privileges', no matter what level of user is logged on, and then delete any given registry key (or just it's values), and optionally all subkeys
- reset the 'Privileges' back to where they were (if necessary) afterwards
0
camou
Asked:
camou
  • 2
  • 2
1 Solution
 
gemartiCommented:
Here is a taste of what you are looking for; I created an app for work that controls how the user interacts with Windows.

This is not the full code!!!!!!


var
 i,j : integer;
begin
  reg := TRegistry.Create;
  with reg do
    try
     //Set the RootKey to be evaluated
     RootKey := HKEY_LOCAL_MACHINE;
     //Need to review this key so open it up and get the network information
     OpenKey('\System\CurrentControlSet\Services\VxD\VNETSUP',True);
     CN := ReadString('ComputerName');
     WG := ReadString('WorkGroup');
     CD := ReadString('Comment');
     //Got what is needed so let's close it up.
     CloseKey;
     //Now let's see if the user is required to log on
     //if the value is 0 then logging on is required.
     //if the value is 1 then logging on is not required.
     OpenKey('\Network\Logon',true);
     val := TStringList.Create;
     try
      GetValueNames(val);
      //There may not be any data under this key so we need to create a Value Name and data
      if val.Count = 0 then
        begin
          WriteInteger('MustBeValidated',0);
          //These are the updatable fields
          cbMustBeValidated.Checked := false;
          EMustBeValidated.Text := IntToStr(mbv);
          EMustBeValidated.Hint := 'Validation is not required';
          //These are the current settings fields. Don't use these for
          //anything but for showing the user the current settings of the
          //machine.
          ECurrentmbv.Text := IntToStr(mbv);
          ECurrentmbv.Hint := 'Validation is not required';
        end;
      for I:=0 to Val.Count-1 do
        begin
          if Val.Strings[I] = 'MustBeValidated' then
            mbv := ReadInteger('MustBeValidated');
        end;

       if mbv = 0 then
         begin
           //These are the updatable fields
           cbMustBeValidated.Checked := false;
           EMustBeValidated.Text := IntToStr(mbv);
           EMustBeValidated.Hint := 'Validation is not required!';
           //These are the current settings fields. Don't use these for
           //anything but for showing the user the current settings of the
           //machine.
           ECurrentMBV.Text := IntToStr(mbv);
           ECurrentMBV.Hint := 'Validation is not required!';
         end
       else
         begin
           //These are the updatable fields
           cbMustbeValidated.Checked := true;
           //WriteInteger('MustBeValidated',mbv);
           EMustBeValidated.Text := IntToStr(mbv);
           EMustBeValidated.Hint := 'Validation is required!';
           //These are the current settings fields. Don't use these for
           //anything but for showing the user the current settings of the
           //machine.
           ECurrentMBV.Text := IntToStr(mbv);
           ECurrentMBV.Hint := 'Validation is required!';
         end;
     CloseKey;
     finally;
       Val.Free;
     end;
   finally;
     reg.free; //Free TRegistry
   end;//try

  //Recreate TRegistry component
  reg := TRegistry.Create;
  with reg do
    try
     //Set the RootKey to be evaluated
     RootKey := HKEY_USERS;
     //Need to review this key so open it up and get the network information
     OpenKey('\.Default\Software\Microsoft\Windows\CurrentVersion\Policies\Network',True);
     val := TStringList.Create;
     try
      GetValueNames(val);

      //There may not be any data under this key so we need to create a Value Name and data
      if val.Count = 0 then
        begin
          WriteInteger('NoNetSetup',1);
          //These are the updatable fields
          cbNoNetSetup.Checked := true;
          ENoNetSetup.Text := IntToStr(nns);
          ENoNetSetup.Hint := 'The network properties cannot be displayed or modified!';
          //These are the current settings fields. Don't use these for
          //anything but for showing the user the current settings of the
          //machine.
          ECurrentNNS.Text := IntToStr(nns);
          ECurrentNNS.Hint := 'The network properties cannot be displayed or modified!';
        end;


      //If Val.Count is greater than zero then there must be a value name and data under the key so lets get that
      //information and display it on the screen.
      for I:=0 to Val.Count-1 do
        begin
          if Val.Strings[I] = 'NoNetSetup' then
            nns := ReadInteger('NoNetSetup');
          if nns = 0 then
           begin
             //These are the updatable fields
             cbNoNetSetup.Checked := false;
             ENoNetSetup.Text := IntToStr(nns);
             ENoNetSetup.Hint := 'The network properties can be displayed and modified!';
             cbNoNetSetup.Hint := ENoNetSetup.Hint;
             // These are the current settings fields. Don't use these for
             //anything but for showing the user the current settings of the
             //machine.
             ECurrentNNS.Text := IntToStr(nns);
             ECurrentNNS.Hint := 'The network properties can be displayed and modified!';
           end
         else
           begin
             //These are the updatable fields
             cbNoNetSetup.Checked := true;
             ENoNetSetup.Text := IntToStr(nns);
             ENoNetSetup.Hint := 'The network properties cannot be displayed or modified!';
             cbNoNetSetup.Hint := ENoNetSetup.Hint;
             //These are the current settings fields. Don't use these for
             //anything but for showing the user the current settings of the
             //machine.
             ECurrentNNS.Text := IntToStr(nns);
             ECurrentNNS.Hint := 'The network properties cannot be displayed or modified!';
           end;
         end;
     CloseKey;
     finally;
       Val.Free;
     end;
   finally;
     reg.free; //Free TRegistry
   end;//try

   // Determine if the registry editor is enabled or disabled. if it is enabled then 0 else 1
  //Recreate TRegistry component
  reg := TRegistry.Create;
  with reg do
    try
     //Set the RootKey to be evaluated
     RootKey := HKEY_USERS;
     //Need to review this key so open it up and get the network information
     OpenKey('\.Default\Software\Microsoft\Windows\CurrentVersion\Policies\System',True);
     val := TStringList.Create;
     try
      GetValueNames(val);
      //There may not be any data under this key so we need to create a Value Name and data
      if val.Count = 0 then
        begin
          WriteInteger('DisableRegistryTools',0);
          //These are the updatable fields
          cbDisableRegistryTools.Checked := false;
          EDisableRegistryTools.Text := IntToStr(drt);
          EDisableRegistryTools.Hint := 'The registry editing tools can be displayed and modified!';
          cbDisableRegistryTools.Hint := EDisableRegistryTools.Hint;
          //These are the current settings fields. Don't use these for
          //anything but for showing the user the current settings of the
          //machine.
          ECurrentDRT.Text := IntToStr(drt);
          ECurrentDRT.Hint := EDisableRegistryTools.Hint;
        end;
0
 
MadshiCommented:
Basically you just need to call RegDeleteKey. Unfortunately you have to do it recursively in winNT/2000/XP, because only 9x based systems delete the subkeys automatically for you.
About privileges: Here is a function which simply enables all privileges the current user has. You don't need to undo that. If the user does not even *have* the necessary privileges (regardless of whether they're enabled or not) to delete the specified registry key, you can forgot it. You can't give yourself more privileges than you have. That's NT system security.

procedure EnableAllPrivileges;
var c1, c2 : dword;
    ptp    : PTokenPrivileges;
    i1     : integer;
begin
  if OpenProcessToken(windows.GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, c1) then
    try
      c2 := 0;
      GetTokenInformation(c1, TokenPrivileges, nil, 0, c2);
      if c2 <> 0 then begin
        ptp := AllocMem(c2);
        if GetTokenInformation(c1, TokenPrivileges, ptp, c2, c2) then begin
          for i1 := 0 to integer(ptp^.PrivilegeCount) - 1 do
            ptp^.Privileges[i1].Attributes := ptp^.Privileges[i1].Attributes or SE_PRIVILEGE_ENABLED;
          AdjustTokenPrivileges(c1, false, ptp^, c2, PTokenPrivileges(nil)^, cardinal(pointer(nil)^));
        end;
        FreeMem(ptp);
      end;
    finally CloseHandle(c1) end;
end;

Regards, Madshi.
0
 
gemartiCommented:
Madshi: this gets privelages from the Network Authentication?

Wasn't the question how to control the local machine?  What if the privelages are not set up on the network to a level that you control what the user can or cannot do on an idividual machine? I'm just curious. I'm going to take a closer look at your code for my own personal interest....There is defintely a use for it in my job.
0
 
MadshiCommented:
In winNT each user (regardless whether it is a local or a network user) has a specific collection of privileges. Furthermore some of them are enabled, some are not. My function does nothing but enabling all available privileges. That's it. You can't give yourself more privileges than your user has, you can only enable all what you have.

Regards, Madshi.
0
 
camouAuthor Commented:
Madshi gets the points -- his comments and code really helped me understand how to get the most (privileges) out of NT. :)
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now