How to delete HKCU entries from logged on users in an automated fashion?

Think so, you have a listing of all the computer names?

Yes

Use reg delete:

REG DELETE KeyName [/v ValueName | /ve | /va] [/f]

  KeyName    [\\Machine\]FullKey
    Machine  Name of remote machine - omitting defaults to the current machine.
             Only HKLM and HKU are available on remote machines.
    FullKey  ROOTKEY\SubKey
    ROOTKEY  [ HKLM | HKCU | HKCR | HKU | HKCC ]
    SubKey   The full name of a registry key under the selected ROOTKEY.

  ValueName  The value name, under the selected Key, to delete.
             When omitted, all subkeys and values under the Key are deleted.

  /ve        delete the value of empty value name (Default).

  /va        delete all values under this key.

  /f         Forces the deletion without prompt.

Examples:

  REG DELETE HKLM\Software\MyCo\MyApp\Timeout
    Deletes the registry key Timeout and its all subkeys and values

  REG DELETE \\ZODIAC\HKLM\Software\MyCo /v MTU
    Deletes the registry value MTU under MyCo on ZODIAC


If you like put it in a for loop (assuming you have  a plain text file with one computer per line)

for /f %a in (computer.txt) do reg delete \\%a\HKCU\your\key\goes\here /v Value /f

Use with caution!!!
Of course some error handling would be nice here....

Ok, what is the EXACT registry entry/hive you need to delete. I have a solution for you. =)

Have a solution WITH error checking to make sure the entry exists and can log the computers it successfully deletes the entry from.

simple error handling:

for /f %a in (computer.txt) do reg delete \\%a\HKCU\your\key\goes\here /v Value /f || echo %a>>computer_with_problem.txt

There you go have a solution.

mpfister:  Very close, but no cigar.  When I tried reg delete with HKCU, I get the error: "A remote machine was specified, the root key must be HKLM or HKU."

campbelc: What's your solution?

Mine is a little more complex. What is the actual key or hive you want to delete?

I see, since its not local to the machine it doesn't know whats the current user.
Its tricky to get the currently logged on users SID and if you have users logging on to many machines you need to run the script all the time.

Do you run a login script? Then just put the reg delete (without specifying the computer) into the logon script...

campbelc: The key is HKCU\Software\XSG Technology\AutoUpdate

mpfister: We already use Scriptlogic to delete a registry entry in the login script, but many of our users do not log out for days or weeks and so we need something we can run from a workstation to modify the computers out there that already have a user logged in.

Do all these workstations have access to a centralized location where you can put an EXE and run it?

Yes, but if you are suggesting that we have the users run something to delete the entries, this is not a good solution for us.  We need an automated solution.  We have a way to launch a program on a remote computer, but not with the logged in user credentials.

Understand. I have a script that will allow you to execute a program from a users computer as if the user executed it with THEIR credentials running on their local PC. Just need to run it from a remote location because you don't want to install the file on each PC.

Just stay with me for a second on this. What you're asking for is a little extreme because we also have to know who the current user is. This is a different approach to this.

Testing it now..

campbelc: How's it going?

Does anyone else have any ideas how to do this?

SheharyaarSaahil?  sramesh2k? LeeTutor? CrazyOne?  sunray_2003?  war1?   Fatal_Exception?

Where are you folks?  500 points hanging out here....

Very quick and dirty:
----------------------------
@echo off
for /f %%a in (computer.txt) do @call :DelReg %%a
goto :EOF
:DelReg
Set Computer=%1
For /f "skip=6" %%b in ('reg query \\%Computer%\HKU') do @call :Sub %%b
Goto :EOF
:Sub
Set RegKey=%1
rem Skip lines with _Classes
echo %RegKey% | findstr "_Classes" && Goto :EOF
reg delete "\\%Computer%\%RegKey%\Software\XSG Technology\AutoUpdate" /f
Goto :EOF
----------------------------
It will go through (nearly) all keys under HKEY_USERS and tries to delete your desired key from every loaded user hive... error handling not easily possible, since it will fail on some of the keys anyway.

Hope it helps,

Michael

Looks great!!  Only thing is that it will modify all users of that machine, not just the logged on user.  I assume that you can change the code to modify just the logged on user.  My belief is the subkey "Software\Volatile Environment" only exists for the logged on user.  I don't have any real evidence from anyone else regarding this, I just beleive it because that's what I've seen in my experience.  Anyway, true or not, if you can change the code to only modify the registry hive with that subkey in it, then it will be exactly what I want, and I'll give it an A.  If not, I can still use it, and I'll give it a B.

> Looks great!!  Only thing is that it will modify all users of that machine, ...

No, since the others users registry hives are normally not loaded, except service accounts.
Personally I wouldn't care to delete this specific reg key for any account on my clients, esp. service accounts.

I see that it will not necessarily modify all users of that machine, only hives that are loaded at the current time.

But I don't want to delete anything in Volatile Environment - I just want to delete XSG Technology if Volatile Environment exists, otherwise skip the hive....do you understand?  This way it modifies only the logged on user.

Excellent!  Thanks very much!