vedprakashchoudhary
asked on
How to add registry key for windows xp machines through group policy ( windows 2003 group policy)
I am trying to deploye one additional registry key for my entire desktops through computer based group policy.
The registry key which i want to add on computer policy is follow:-
HKEY_CURRENT_USER\Software \Adobe\Acr obat Reader\7.0\TrustManager\cD efaultLaun chURLPerms
Can anyboddy please advise me how do i add this registry key in GP for all my computers.
The registry key which i want to add on computer policy is follow:-
HKEY_CURRENT_USER\Software
Can anyboddy please advise me how do i add this registry key in GP for all my computers.
gp isnt the best way to do it on its own, personall i would have a batch file called as part of the log on script that added teh key, but this site tells you of a console plug in that lets you adminsitrate registry keys through gpo directly
ASKER
Link which you have given me is not ok for me as it asking for install a free toll, Trust we are not suppose to install any free toll in our orginzation.
I m looking some more helpful link from your side and apart from that how can i do that through script. Please let me know the same also with full details. This is urgent for me please help!!
Thanks in advance.
I m looking some more helpful link from your side and apart from that how can i do that through script. Please let me know the same also with full details. This is urgent for me please help!!
Thanks in advance.
i think you could easily modify the example on the site below to siut your needs
http://blogs.technet.com/grouppolicy/archive/2007/09/21/setting-default-registry-key-values-using-custom-adm-files-part-1-of-2.aspx
http://blogs.technet.com/grouppolicy/archive/2007/09/21/setting-default-registry-key-values-using-custom-adm-files-part-1-of-2.aspx
ASKER
Can you please help to create ADM file for my requirement. Please find the attached screen shot for one of my client machine where these registry key already excists.
I want to add below registry key on every client machine for Adobe trust version.
HKEY_CURRENT_USER\Software \Adobe\Acr obat Reader\7.0\TrustManager\cD efaultLaun chURLPerms
Adobe.JPG
I want to add below registry key on every client machine for Adobe trust version.
HKEY_CURRENT_USER\Software
Adobe.JPG
ok add the key manually first time and then export the key to a .reg file ( or create it manually ill show you how in a second)
Create a log on script for the users you want this applied to within gpo and add teh following line to it
regedit.exe /s path of .reg file
where the .reg file is stored on an accessible location for all users
Create a log on script for the users you want this applied to within gpo and add teh following line to it
regedit.exe /s path of .reg file
where the .reg file is stored on an accessible location for all users
to create the .ref file manually
open notepad and copy and paste the following replacing the data typen and value variables, if unsure though just export the key direct from a regiostry you have added it to
RegistryEditorVersion
Blank line
[HKEY_CURRENT_USER\Softwar e\Adobe\Ac robat Reader\7.0\TrustManager\]
"cDefaultLaunchURLPerms"=" DataType1: DataValue1 "
save this as .reg file
open notepad and copy and paste the following replacing the data typen and value variables, if unsure though just export the key direct from a regiostry you have added it to
RegistryEditorVersion
Blank line
[HKEY_CURRENT_USER\Softwar
"cDefaultLaunchURLPerms"="
save this as .reg file
ASKER
This is ok for me that i will export the registry key for my pc where i have already these registry.
But how do i create a ADM file. Mean to say i would like to know the steps to configure ADM files.
the above step i can't able to understand.
Can you suggest what do you mean by these lines which you updated on your last update:
Create a log on script for the users you want this applied to within gpo and add teh following line to it
regedit.exe /s path of .reg file
where the .reg file is stored on an accessible location for all users.
please advise me describe step about how to create ADM file for above screen shot registry. Please help me its urgent for me. Trust i m really thankful for you guys
But how do i create a ADM file. Mean to say i would like to know the steps to configure ADM files.
the above step i can't able to understand.
Can you suggest what do you mean by these lines which you updated on your last update:
Create a log on script for the users you want this applied to within gpo and add teh following line to it
regedit.exe /s path of .reg file
where the .reg file is stored on an accessible location for all users.
please advise me describe step about how to create ADM file for above screen shot registry. Please help me its urgent for me. Trust i m really thankful for you guys
unsure myself how to create an ADM file its not the way i would do it I would add the key via a log on script
Open notepad
copy regedit.exe /s path of .reg file
and replace path of .reg file with the path to the .reg file you have.
Save the notepad file and then right click it change the file extension from .txt to .vbs
then assign the logon script to the group or users you want to assign it to.
if you dont know how to assign a logon script to a user let me know
Open notepad
copy regedit.exe /s path of .reg file
and replace path of .reg file with the path to the .reg file you have.
Save the notepad file and then right click it change the file extension from .txt to .vbs
then assign the logon script to the group or users you want to assign it to.
if you dont know how to assign a logon script to a user let me know
I am sorry but i cant read the values on your screenshot.
I found another two links that might be helpful
MS Tech with various examples of .adm files
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/management/gp/admtgp.mspx
An answered question on exaclty this topic
https://www.experts-exchange.com/questions/22744954/Deploy-registry-key-using-adm-file.html
the .adm file should look something like this... i havent tested and the you will have to set the values according to your needs (s.a)
CLASS USER
CATEGORY "Software"
POLICY "***YOUR PROCESS***"
KEYNAME "Software\Adobe\Acrobat Reader\7.0\TrustManager\"
VALUENAME "cDefaultLaunchURLPerms"
VALUEON "yes" VALUEOFF "no"
END POLICY
END CATEGORY
hope this was helpful
I found another two links that might be helpful
MS Tech with various examples of .adm files
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/management/gp/admtgp.mspx
An answered question on exaclty this topic
https://www.experts-exchange.com/questions/22744954/Deploy-registry-key-using-adm-file.html
the .adm file should look something like this... i havent tested and the you will have to set the values according to your needs (s.a)
CLASS USER
CATEGORY "Software"
POLICY "***YOUR PROCESS***"
KEYNAME "Software\Adobe\Acrobat Reader\7.0\TrustManager\"
VALUENAME "cDefaultLaunchURLPerms"
VALUEON "yes" VALUEOFF "no"
END POLICY
END CATEGORY
hope this was helpful
ASKER
ok i have created Vbs file by following
regedit.exe /s HKEY_CURRENT_USER\Software \Adobe\Acr obat Reader\7.0\TrustManager\cD efaultLaun chURLPerms
and save it as a VBS extation.
Howver when i m trying to open it by double click its giving me attached screen shot error
VB-error.JPG
regedit.exe /s HKEY_CURRENT_USER\Software
and save it as a VBS extation.
Howver when i m trying to open it by double click its giving me attached screen shot error
VB-error.JPG
NOOOOOOOO sorry think yuou have mis understood
when you export the key out of the reirty it will create a.reg file wherever you choose to save it. put the path to that .reg file in the VBS script
for example
regedit.exe /s c:\yourexportedfile.reg
when you export the key out of the reirty it will create a.reg file wherever you choose to save it. put the path to that .reg file in the VBS script
for example
regedit.exe /s c:\yourexportedfile.reg
ASKER
This is not working for me please and not possible for me to do this through scripts on users profile. I want to know some alternative way.
Some one guide me what exactly needs to be done for adding above registry key through group policy.
Some one guide me what exactly needs to be done for adding above registry key through group policy.
why cant you do the script method it is a standard everyday process of creating a log on script performed by sys amins everyday?.
the alternative is the free plug in tool as decribed earlier or teh adm file solution. if you read all that post it tells you how to do it although im not convinced it will be successful.
log on script is the way to do it
the alternative is the free plug in tool as decribed earlier or teh adm file solution. if you read all that post it tells you how to do it although im not convinced it will be successful.
log on script is the way to do it
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Please find the attached registry key which i want to deploye through group policy.
Below is the current registry path installed on all clients.
HKEY_CURRENT_USER\Software \Adobe\Acr obat Reader\7.0
We need to deploye additional TrustManger throug GP, It should be look like
HKEY_CURRENT_USER\Software \Adobe\Acr obat Reader\7.0\TrustManager\cD efaultLaun chURLPerms
I think we can achieve this through ADM file. Please request you to please let me know the described procedure for this.
Below is the current registry path installed on all clients.
HKEY_CURRENT_USER\Software
We need to deploye additional TrustManger throug GP, It should be look like
HKEY_CURRENT_USER\Software
I think we can achieve this through ADM file. Please request you to please let me know the described procedure for this.
I am sorry but i cant download or see the attached registry file.
I really really recommend you to use the "regToAdm" Program included in the NUTS toolkit (download link in my last post).
Given an exported registry entry it will automatically generate an appropriate adm file
I really really recommend you to use the "regToAdm" Program included in the NUTS toolkit (download link in my last post).
Given an exported registry entry it will automatically generate an appropriate adm file
for example if given:
[HKEY_CURRENT_USER\Softwar e\Adobe\Ac robat Reader\7.0\AdobeViewer]
"TrustedMode"=dword:000000 00
it will generate
CLASS USER
CATEGORY "Software\Adobe\Acrobat Reader\7.0\AdobeViewer"
KEYNAME "Software\Adobe\Acrobat Reader\7.0\AdobeViewer"
POLICY "TrustedMode"
PART "TrustedMode"
NUMERIC
VALUENAME "TrustedMode"
END PART
END POLICY
END CATEGORY
You might have to change the policy name but thats all....
[HKEY_CURRENT_USER\Softwar
"TrustedMode"=dword:000000
it will generate
CLASS USER
CATEGORY "Software\Adobe\Acrobat Reader\7.0\AdobeViewer"
KEYNAME "Software\Adobe\Acrobat Reader\7.0\AdobeViewer"
POLICY "TrustedMode"
PART "TrustedMode"
NUMERIC
VALUENAME "TrustedMode"
END PART
END POLICY
END CATEGORY
You might have to change the policy name but thats all....
ASKER
HengTime:-
Thanks, now i have ADM file with me with the help of nuts. Can you please guide how do i apply this with GP.
Thanks, now i have ADM file with me with the help of nuts. Can you please guide how do i apply this with GP.
ASKER
Please find attached adm file and now i want to add this ADM with GP.
these are the points which i have already followed:-
1. On domain controller.
2. Open Test GP
3. On computer configureation
4. Under computer configuration\administrati ve templates
5. Under Administrative templates i have add this Shostperms.adm file.
6. close the GP
7.However GP console not showing any additonal settings on Test gp.
Can you please guide is their any point which i m missing
these are the points which i have already followed:-
1. On domain controller.
2. Open Test GP
3. On computer configureation
4. Under computer configuration\administrati
5. Under Administrative templates i have add this Shostperms.adm file.
6. close the GP
7.However GP console not showing any additonal settings on Test gp.
Can you please guide is their any point which i m missing
Have you tried disabling the GPO Settings Filtering?
If not ...
1. browse to the newly added Administrative Template section.
2. Right-click an empty spot in the right pane and select View > Filtering.
3. In the Filtering window click to un-mark the "Only show policy settings that can be fully managed" option. Then click Ok.
4. Notice how the available options are now displayed in the right pane.
(Copied from the guide...)
If not ...
1. browse to the newly added Administrative Template section.
2. Right-click an empty spot in the right pane and select View > Filtering.
3. In the Filtering window click to un-mark the "Only show policy settings that can be fully managed" option. Then click Ok.
4. Notice how the available options are now displayed in the right pane.
(Copied from the guide...)
ASKER
Hengtime:- Thanks for your advise, But i already did this, Unfornetely i missed out to mension this point on my last note.
ASKER
Any other comments on this please..
Log on script.........
oh i still got an idea...
since you wanted to add a reg key to USER the adm file probalby has CLASS USER written in it and is hence (should be) added under the "user configuration" section in GP Console. Try looking there.. if you havent already done so..
since you wanted to add a reg key to USER the adm file probalby has CLASS USER written in it and is hence (should be) added under the "user configuration" section in GP Console. Try looking there.. if you havent already done so..
ASKER
Slam i only want to achieve this through ADM only.. As log on script could be possible but no match to my expection as their is lotus of difficult to apply script.
Please advise more if you could do this through ADM.
Although i have already created ADM with Nuts tool, and also tried to apply with above steps, but no luck!!
Please advise more if you could do this through ADM.
Although i have already created ADM with Nuts tool, and also tried to apply with above steps, but no luck!!
and yupp... logon script are quite useful :)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I feel this question has been answered fully in a couple of diffrent ways at least a PAQ no refund the solutions offered by both myself and the other expert are completely valid for how to resolve the question as it was originally posted, in honesty a split would be the fairest option
I fully agree with slam69
i think 21770280 contains all the information/references needed.
http://searchwincomputing.techtarget.com/tip/0,289483,sid68_gci1104389,00.html#