[Webinar] Learn how to a build a cloud-first strategyRegister Now


How do I modify a Register Key Permissions

Posted on 2009-04-20
Medium Priority
Last Modified: 2013-12-04
I developed a windows (desktop) application using VB.NET 2003. The application has to be deployed in a network environment on windows XP or Vista. The first time that the application runs, it creates some register keys which have to be updated each the application is opened. At the installation time there is no problem with the keys because an administration account is being used. The problem comes when a regular user log in, runs the application and try to update the register keys. A popup denied modification permission appears. I need to set the permission on theses register keys to allow to normal or regular users modify and update the keys. Besides this procedure has to work for windows XP or Vista.

Thanks a lot for your response
Question by:afak
  • 5
  • 3
LVL 12

Expert Comment

ID: 24186994
Think you can use the RegistryPermission class from .net. somthing like the following.
Dim f As New RegistryPermission( RegistryPermissionAccess.Read, "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0")
f.AddPathList( RegistryPermissionAccess.Write Or RegistryPermissionAccess.Read, "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\FloatingPointProcessor\0")

Open in new window


Author Comment

ID: 24188974
I was trying your suggestion using RegistryPermissionAccess but it did not work. Maybe I am missing something. I am attaching the small function I created to try your method. I tried the write, and AllAccess but any of then work. After, I call this function I verify the register key using register editor (regedit) but the permissions in the users account don't change.

Thanks a lot for your help
Public Function SetRegisterKey() As Boolean
        Dim KeyPath As String = "HKEY_LOCAL_MACHINE\SOFTWARE\CGIclient\Data"
        Dim RegPermission As RegistryPermission
            RegPermission = New RegistryPermission(RegistryPermissionAccess.AllAccess, KeyPath)
        Catch ex As Exception
            MsgBox("Exception Type: " & ex.GetType.FullName & vbCrLf & "Error: " & ex.Message, MsgBoxStyle.Critical, _
                    "Procedure: " & ex.TargetSite.GetCurrentMethod.Name)
            Return False
        End Try
        Return True
    End Function

Open in new window

LVL 12

Expert Comment

ID: 24190437
Hmm, after a bit more research it turns out since the key was created under and admin account, the normal user wont be able to access it still using the .NET classes.  I did find a shell script that can set what you need. I am thinking you can spawn it  as a post install step or the first time the app is run by the user.

Example at:

Definition of the integers at the end of the script

Example of using ProcessStartInfo here

Save this line into a text file called RegIniSettings.txt
Then run
regini C:\Path\To\File\RegIniSettings.txt
This will add SYSTEM as Full Control, and EVERYONE as Full Control

Open in new window

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.


Author Comment

ID: 24194143
I have tried regini.exe before, it works in windows XP but not in VISTA. One of the reason I became member experts-exchange was hopping to get a solution for Vista ans XP.

Thanks for your help!
LVL 12

Expert Comment

ID: 24194995
Really? regini is included with vista, so i assumed it would work without problems. I'll run a test on my machine in a bit to try it out. All I can think of is regini wouldnt work maybe from the application itself because it would be running as the user who doesnt have access already.  I imagine the regini would have to be run during the install process (as the admin user) or perhaps you can combine the shell process using a runas command.  I'll try regini on my machine in a bit and let you know how it goes.
LVL 12

Expert Comment

ID: 24195529
I just tried the regini test on my Vista system. As a standard user I was not able to modify the permissions. When I logged in as the Administrator account, I was able to run and set the permissions using regini.  As such is it possible to modify the installer to execute regini post install or is the existing install base to large for that to be feasible?

Author Comment

ID: 24195788
As I mentioned in my original question, the keys are created the 1st time the application is running using the installer account (Administrator). Then, actually I was looking for a method to set the permissions at this moment, when the application run the first time, then, there is no problem when your suggestion.
What is rare for me is that I was doing some trials with regini using an administrator account on windows VISTA and didn't have success, I tried directly on the command line using cmd.exe. What version of VISTA do you try and what was the complete command you used?
I tried on Windows Vista Business to modify the permissions of the account USERS to full.
What do you did?
LVL 12

Accepted Solution

wht1986 earned 2000 total points
ID: 24196427
I'm using Vista 64 Ultimate.  I tried on the following key and permission set to:
executed via a cmd shell

This set the permissions for the above key to full control for EVERYONE and SYSTEM

Im not aware of setting just the Users. Only option I know of is for Power Users as defined by the available integers:
Administrator Full 1
Administrator R 2
Administrator RW 3
Administrator RWD 4
Creator Full 5
Creator RW 6
World Full 7
World R 8
World RW 9
World RWD 10
Power Users Full 11
Power Users RW 12
Power Users RWD 13
System Op Full 14
System Op RW 15
System Op RWD 16
System Full 17
System RW 18
System R 19
Administrator RWX 20

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
OfficeMate Freezes on login or does not load after login credentials are input.
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…
Suggested Courses
Course of the Month20 days, 14 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question