Logon Script to set registry key.

Posted on 2008-06-25
Last Modified: 2008-11-11
Windows 2000 Domain
1500 Windows 2000 desktops

What I need to do is change the following registry keys on all PCs on the network. When i run the .reg file the correct settings are applied no problem so I know they are correct.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"LegalNoticeCaption"="XXXXXX Data Network"
"LegalNoticeText"="A criminal offence may be commited by accessing this computer or modifying any data in this computer without authorisation and persons doing so may be liable to prosecution"
"LogonPrompt"="XXXXXX authorised staff may enter a user name and password"

I have tried to create a .ADM file but it says there is an error in line 16. When i import other ADM files the atributes appear but have no settings underneath them.

To do this I used an app called ADM2REG.exe which converts .reg files into .ADM. I have now given up on this as i am aware that our AD is a bit sketchy some of the time and don't have any previous experience to know if this is correct behaviour or not. (Can't wait until we upgrade to 2003).
Here is the ADM file if anyone wants to comment. Fails to import on line 16 whic is the END POLICY line? Unfortunately I don't have a test domain just now so can't try to import it on another domain to see if it functions.
CATEGORY "SOFTWARE\Microsoft\Windows NT\CurrentVersion"
  POLICY Winlogon
  KEYNAME "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"
    PART LegalNoticeCaption EDITTEXT
    VALUENAME "LegalNoticeCaption"
    PART LegalNoticeText EDITTEXT
    VALUENAME "LegalNoticeText"
    PART LogonPrompt EDITTEXT
    VALUENAME "LogonPrompt"
    PART DontDisplayLastUserName EDITTEXT


I would now like to make these changes using the Startup script but am unsure of what syntax to add in. The security would be ok as it would run as system.
Have spent some time trying to find good articles but they all mention .ADM files or reg.ini.

My scripting is pretty limited hence I am asking here.

Thanks in advance for your help.
Question by:AWGMorrison
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 38

Expert Comment

ID: 21868534
Just place the .reg file in the script directory and use the command REGEDIT /S filename.reg.

Author Comment

ID: 21868580
I tried that and without the /S it asks the user to accept. I found the /S and it doesn't seem to work?

I assumed it was because the users don't have permission to modify the registry? Is that not correct. As I said before we do have some issues with AD here and there so wouldn't be a total shock if it wasn't working as expected.
LVL 38

Accepted Solution

Shift-3 earned 400 total points
ID: 21869045
If you're using it in a startup script (under Computer Configuration\Windows Settings\Scripts\Startup) rather than a logon script then it should run under the computer's SYSTEM account.  By default this account has full control of HKEY_LOCAL_MACHINE, so permissions shouldn't be a problem.

Author Comment

ID: 21870486
What is the syntax for setting a regsitry key in the Startup script?

Apologies but I can't find a guide to this anywhere.

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question