Solved

Importing Registry Settings through Script, Specifiying User Account

Posted on 2007-04-05
5
335 Views
Last Modified: 2010-03-05
I've searched a few of the older posts and have not come up with a solid answer on this one.

We have several Windows 2000 and XP machine scattered on various networks. And we have login scripts in place to map drives, printers, etc.

We want to be able to import registry settings, hopefully using the same process.

Not all workstations have local admin rights though.

So simply using "regedit.exe /S regfile.reg" won't work without generating an error.

I need a way to specify a user account for installation. The administrators account is password protected, so RunAs will not work either without prompting the users for the admin password.


I did come across this solution:

I came across this program here:
http://www.softtreetech.com/24x7/archive/53.htm
And in order to insure that admin passwords were properly setup, this program seemed appropriate:
http://www.microsoft.com/technet/sysinternals/utilities/pspasswd.mspx

So in theory I could execute pspasswd, and then the 3rd party RunAs.
I don't like the idea of being dependent on a third party app though.


Does anyone know how this can be done with the applications Microsoft provides?
All workstations are on a Windows 2000 or Windows 2003 domain, if that information helps.
Admin tools packs can be downloaded and installed if needed.
0
Comment
Question by:ITD_Technician
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 250 total points
ID: 18859010
If you're using AD & Group Policy, create a startup script (not a login script) that runs the regedit command you need.

Startup scripts run in the security context of LocalSystem, and should be able to update whatever registry keys you need - this is how I did the DST registry edits for the remaining 2K machines in my environment.

Otherwise you're embedding an administrative username/password as clear text into a login script, which I don't have to tell you is not the best idea in the world.  :-)

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking
0
 

Author Comment

by:ITD_Technician
ID: 18859195
I didn't like the idea either, which is why I created this post.

Can you be more specific on how this would be done?
Our script that I mentioned is distributed through GP (User Config, Windows Settings, Scripts), but runs as the user logs in.
I haven't worked with scripts that run before login. I am guessing they would have to be deployed through GP in some way?

Perhaps your DST code would help me. It sounds like it may have worked better then how we did it.
0
 

Author Comment

by:ITD_Technician
ID: 18859212
Or did you mean executing the script from GP under Computer Configuration --> Windows Settings --> Scripts --> Startup?
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18859234
Bingo (the path under Computer Configuration, that is).  A computer startup script will run in the context of LocalSystem, and will be able to update keys in HKLM that a normal user account can't modify.

For DST I actually just used the syntax that was listed in the KB article for 2000, and then deployed it using this Startup Script.
0
 

Author Comment

by:ITD_Technician
ID: 18859257
Thank you. I didn't realize that it executed under LocalSystem.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Determining the an SCCM package name from the Package ID
Ever visit a website where you spotted a really cool looking Font, yet couldn't figure out which font family it belonged to, or how to get a copy of it for your own use? This article explains the process of doing exactly that, as well as showing how…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question