Mandatory Profile registry permissions
Hello,
I am working with mandatory profiles and have an application that requires registry settings for each user that logs on. I have added these settings to the mandatory profile, however I am experiencing an issue with permissions on a registry key that is created for each individual user after they log onto the system. When a user logs onto the system two new keys are created in My Computer\HKEY_USERS. All of the keys start with S-1-5-21-775529393-4178567
My question is, Where are these settings coming from? I have loaded the mandatory profile hive into the registry and modify the registry permissions for the entire profile to be "Authenticated Users" Full control. I would like to be able to set the permissions once and know that they will be correct for every user that logs on.
I am investigating the use of psgetside.exe in a custom script to pipe the user SID into another command to set the permissions but that seems to be a bit complicated for what may be a simple fix. Thanks for any assistance you can provide.
I am working with mandatory profiles and have an application that requires registry settings for each user that logs on. I have added these settings to the mandatory profile, however I am experiencing an issue with permissions on a registry key that is created for each individual user after they log onto the system. When a user logs onto the system two new keys are created in My Computer\HKEY_USERS. All of the keys start with S-1-5-21-775529393-4178567
My question is, Where are these settings coming from? I have loaded the mandatory profile hive into the registry and modify the registry permissions for the entire profile to be "Authenticated Users" Full control. I would like to be able to set the permissions once and know that they will be correct for every user that logs on.
I am investigating the use of psgetside.exe in a custom script to pipe the user SID into another command to set the permissions but that seems to be a bit complicated for what may be a simple fix. Thanks for any assistance you can provide.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the quick response and the great explanation. Your explanation lead me down the correct path. I had to recreate my mandatory profile with my temp user account, except this time I went into the registry while creating the profile and set "authenticated users" on the HKCU\Software\Classes key and all subkeys and now all is working. Thank you very much for the assistance.