Deploy registry key via GPO

Experts,

I thought this was easy but somehow I am messing this up. I need to push out the following new registry key value.

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Word\Options]
"SQLSecurityCheck"=dword:00000000

I followed the steps here to do it the "easier way"

http://blogs.technet.com/askds/archive/2007/08/14/deploying-custom-registry-changes-through-group-policy.aspx

Am a missing something here? I wanted to try to d othis through custom ADM file but I am not sure how to modify the example to match my needs.

Thanks in advance for any help!

Raymo12Asked:
Who is Participating?
 
mlongohConnect With a Mentor Commented:
OK, try this.  Create a batch file (SQLREG.CMD) that looks like this:

@ECHO OFF
REGEDIT /s SQLREG.REG

And put it in the same folder as the .REG file (replace SQLREG.REG with whatever the name of your reg file is).

Then manually copy it to your test workstation, logon as test users and run SQLREG.CMD and see if the registry gets created.

If it does then you know that the problem is in your GPO, if not then you know that it's in the attempt to run regedit.

Also, I think that you have to have the parent registry keys created as well. For example, the key that's being created is in HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Word\Options, and I think that you need to have HKEY_CURRENT_USER\Software\Microsoft\Office\12.0 and HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Word and HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Word\Options created before the "SQLSecurityCheck" can be created.
0
 
mlongohCommented:
The easier way relies upon the .reg file being in the appropriate location.  Edit the GPO, User Configuration, Windows Settings, Scripts(Logon/Logoff) and double-click Logon to open Logon properties.

Select the existing entry that you created and click Show Files to open the GPO's logon script folder.  Copy the .reg file into that location and click OK and save changes to your GPO.

It's also necessary that the users that are logging on have rights to run regedit.exe.
0
 
Raymo12Author Commented:
I did place the reg file in that location. I did not think about users having rights to run regedit though..
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
mlongohCommented:
Are you also verifying that the users are processing the GPO?  The Group Policies Results Wizard in Group Policy Management Console will allow you to check if the workstation being checked is at least Windows XP.
0
 
Raymo12Author Commented:
On my test box the admin account shows it processed but the registry change did not apply. On my test account nothing processed but that me be because of that test account permissions.
0
 
Raymo12Author Commented:
it must be my GPO because the batch file test worked with my test account.

Also those parent keys do exist already.

I wonder what is up with my GPO then?
0
 
mlongohCommented:
Change the GPO to run the CMD file (make sure the CMD file is in the same folder as the .REG file).
0
 
Raymo12Author Commented:
Would I just change that at user config > windows settings > scripts > logon > and just point it to the bat file or do I need a parameter too?
0
 
mlongohCommented:
Open the properties of the GPO, and open the Logon script properties, click the Show Files, copy the batch file to the folder that opens.  Then select the existing entry (Regedit) and click Remove and then click Add and add the batch file in with no parameters.  Save changes and test after about 5 minutes.
0
 
Raymo12Author Commented:
Looks like it worked. Thank you very much for all your help!
0
 
Raymo12Author Commented:
Really appreciate the help!
0
 
Glenn BiloccaCommented:
Hi All,

Unfortunately i can't make this work. I am trying to do this on Office 2013 but it doesn't seems to work for me ?

Is there any other solution for this?
0
All Courses

From novice to tech pro — start learning today.