?
Solved

registry change on all client computers using group policy

Posted on 2007-03-28
7
Medium Priority
?
4,607 Views
Last Modified: 2011-08-18
Hello,

I must make a registry change on all xp computers (about 1600) in the domain. We do not have sms nor are we planning to purchase it due to budger contraints. I would like to know how i can make this registry change using a Group Policy. We have 2003 Windows servers with AD.

Thanks,
Tacobell2000
0
Comment
Question by:Tacobell2000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 30

Assisted Solution

by:LauraEHunterMVP
LauraEHunterMVP earned 800 total points
ID: 18809990
You will need to create a custom ADM template.  Instructions/tutorials for doing so can be found here:

http://thelazyadmin.com/index.php?/archives/125-Creating-Custom-ADM-Templates.html
http://support.microsoft.com/kb/225087
http://support.microsoft.com/kb/323639

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 1200 total points
ID: 18812670
Hey Laura!  Nice to see you here.

While a Custom ADM will work, it's generally a lot of work for something like that.

You can add it to a logon or startup script (in a GPO) using a .reg file and either regedit /s or reg /add.

Where is this key?  Under HKLM or HKCU?

0
 

Author Comment

by:Tacobell2000
ID: 18816137
It is under HKLM.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18816230
If it is a key that the end-user has write access to, you can add it via a logon script (use the "reg add" command or vbscript, your preference.

If it is a critical key that normal users can't write to, you can deploy it as a computer startup script, since this will run under the LocalSystem account and will be able to update any key you need.
0
 

Author Comment

by:Tacobell2000
ID: 18816909
Thank you. I`ll make a computer startup script.
How do i make a startup script that will tell these computers to modify the registry? Is it
REG ADD  [HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Deployment\Policy]
"EnableSecureStaticVersioning"=dword:00000000 ?


Many thanks,
Tacobell2000
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18816976
Full syntax for the reg command is here, if you're using a .bat or .cmd file: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/reg.mspx?mfr=true

Examples:

reg add \hklm\software\myco /v data /t reg_binary /d fe340ead
reg add "hkcu\software\microsoft\winmine" /v Name3 /t reg_sz /d Anonymous
reg add "hkcu\software\microsoft\winmine" /v Time3 /t reg_dword /d 5

VBScript samples for modifying registry keys can be found here: http://www.microsoft.com/technet/scriptcenter/scripts/default.mspx?mfr=true

Example:

Const HKEY_LOCAL_MACHINE = &H80000002

strComputer = "."
 
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _
    strComputer & "\root\default:StdRegProv")
 
strKeyPath = "SOFTWARE\System Admin Scripting Guide"
strValueName = "String Value Name"
strValue = "string value"
oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue
 
strValueName = "DWORD Value Name"
dwValue = 82
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue

0
 

Author Comment

by:Tacobell2000
ID: 18817187
Thank you!
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Let's recap what we learned from yesterday's Skyport Systems webinar.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question