Regedit Tool

Hi all,

Can anyone suggest a resonable way to bake into my Production environment a regedit file? The registry edit file consist of a lot of keys & values, so I can't just use GPO, under user config - preferences - windows settings - registry and create all the registry keys & values. Its messy when you have a lot of keys/values.

Again using GPO, using the registry wizard, I browse to all the keys/values required in HKLM\Software\Wow6432Node\Citrix\ICA Client\Client Selective Trust and select them. The wizard picks up all the keys, but misses out values even though they are selected. Very buggy.

I've tried rolling in via a login script (GPO again) running a batch file:

regedit /s %logonserver%\netlogon\KN-Test\SsonRegUpx64.reg

Windows 7 seems to have issues with UAC when calling a reg edit file. My environment is all Windows 7 FAT clients. Anyone any ideas?

Thanks
mce-man-itAsked:
Who is Participating?
 
oBdACommented:
Sorry, my error; %logonserver% doesn't exist as a System environment variable.
Use "\\your.domain.local\netlogon\KN-Test\SsonRegUpx64.reg" instead.
0
 
oBdACommented:
You can't implement changes to HKLM in a logon script, unless your users are (local) administrators on their machines; write access to HKLM requires administrative permissions.
In other words: you need to implement this as a computer startup script applied to the machines in question.
Then don't use the GUI tool regedit.exe, but the command line tool reg.exe:
reg.exe import "%logonserver%\netlogon\KN-Test\SsonRegUpx64.reg"

Open in new window

0
 
mce-man-itAuthor Commented:
So as a startup script the user doesn't need to be a local administrator for this to work on a Windows 7 client?
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
oBdACommented:
Nope; the startup script runs with local System privileges (access to network resources is based on the AD computer account!)
Note that you can NOT change anything under HKCU this way; this will need to be done in a logon script (but reg.exe doesn't require administrative permissions).
0
 
mce-man-itAuthor Commented:
Ok, so running as a startup script will work?

Attempting to run:

reg.exe import "%logonserver%\netlogon\KN-Test\SsonRegUpx64.reg

Logged in as a non-administrative user does not work.
0
 
oBdACommented:
If the Sson settings contain changes to HKCU, then yes, this will not work as a regular user. As a startup script, it should apply once the machine is rebooted.
0
 
mce-man-itAuthor Commented:
Ah ok, Sson makes changes to HKLM, not HCKU. Any suggestions?
0
 
mce-man-itAuthor Commented:
Runas perhaps?
0
 
oBdACommented:
Sorry, typo above; the HKCU in 38325319 should of course have been HKLM.
So if your reg file only contains changes to HKLM, just use a startup script.
If it contains changes to both HKLM and HKCU, you need to split it and deploy the HKLM using a startup script, the HKCU part using a logon script.
0
 
mce-man-itAuthor Commented:
Ok thanks. I have setup a GPO and linked to a test OU. Moved a computer account into that OU that I'm testing with.

GPO is set to run:

Tessregadd.bat as a startup script. Testregadd.bat contains:

reg.exe import "%logonserver%\netlogon\KN-Test\SsonRegUpx64.reg"

Rebooting the desktop in the Test OUT, and I don't get keys & values in SsonRegUpx64.reg added to [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\ICA Client\Client Selective Trust]
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.