[Last Call] Learn how to a build a cloud-first strategyRegister Now


Modify HKEY_CURRENT_USER - without admin rights?

Posted on 2012-09-07
Medium Priority
Last Modified: 2012-09-10
Do not admin users have write access to HKEY_CURRENT_USER?

I need to push out a registry patch to a string that lives in that Hive...  Users cannot run regedit, denied by GPO, and they do not have admin rights either, as stated above...

What is the best way to write to their hive?

I could temporarily disable the no regedit policy, however I would plan on using a script with regwrite, so that may not be required?
Question by:cschmidt5
  • 3
  • 2
  • 2
LVL 50

Expert Comment

ID: 38378201

Author Comment

ID: 38378207
I need to re-post this question, bad typo in the begining.

it should have read "Do non-admin users have write access to HKEY_CURRENT_USER, which is a Hive in the windows registry.  Your answer does not really apply to this.
LVL 50

Assisted Solution

jcimarron earned 150 total points
ID: 38378264
cschmidt5--I assume you are presently unable to write to HKEY_CURRENT_USER .  Taking ownership and then assigning permission is one way be able to write.
I do not understand why you are negative about my suggestion.  Have you tried it?  You right click on HKEY_CURRENT_USER or any of the keys beneath it and you will be offered "Permissions".  Click on that and you will see the Security tab of the New Folder Properties window in the link I gave you earlier.
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 31

Accepted Solution

serialband earned 600 total points
ID: 38378819
The simple answer is yes.

HKEY_CURRENT_USER is loaded from the user profile in "C:\Documents and Settings\ACCOUNT_NAME\NTUSER.DAT" or C:\Users\ACCOUNT_NAME\NTUSER.DAT depending on which version of Windows you run.


Author Comment

ID: 38382939
I understand what you mean now jcimarron.  However, Our users are not allowed to run regedit due to a group policy in effect - I stated earlier I could temporarily remove that policy, but I plan on implementing the registry patch in a vbscript, and I am just wondering if the script is called with a user based policy, will it have permission to write to HKEY_CURRENT_USER for the logged in user...?   I need to edit the "Current User" hive for users other than myself - the only way I can really do that is by doing what serialband suggested, ntuser.dat.  Or, if a user based GPO will allow the logged in user to write to that hive without running regedit..?

Author Closing Comment

ID: 38382946
Yes, two potential solutions have been offered, but has led me to another ? -<br /><br />I want to patch the HKEY_CURRENT_USER hive for the logging in user, and I want to use a script called by a user-based GPO  will that script have permission to write to the CURRENT USER hive?
LVL 31

Expert Comment

ID: 38384253
Is the reg command also denied?  If it's not, you could always add or delete key that way.  Most users wouldn't know how to use the command line, so a lot of admins deny only regedit, but not reg.

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

First some basics on Windows 7 Backup.  It has 2 components one is a file based backup which is stored in .zip files each zip is split at around 200 Megabytes and there is the Image Backup which is as the name implies a total image of the partition …
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This Micro Tutorial will teach you the basics of configuring your computer to improve its speed. It will also teach you how to disable programs that are running in the background simultaneously. This will be demonstrated using Windows 7 operating…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses
Course of the Month18 days, 12 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question