?
Solved

GetValue & RegSet commands not working as expected

Posted on 2013-05-19
5
Medium Priority
?
473 Views
Last Modified: 2013-06-22
Hello Experts.

I've stumbled on an annoying issue when using the GetValue & RegSet commands. I have a small app which is supposed to open up the current users registry, traverse a certain location and then modify any found name/value pairs according to some settings in the app config. The purpose of this app is to find a reference to an old exchange server and replace it so that when the user logs onto a new Windows 7 machine they can open their outlook without error.

here is my code.

using Microsoft.Win32;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Configuration;

namespace RegistryFixer
{
    class Program
    {
        static void Main(string[] args)
        {
            String[] v_locations;
            String[] v_subKeys;
            String[] v_entryNames;
            String v_NewServer = ConfigurationManager.AppSettings["ServerNew"];
            RegistryKey v_rootKey;
            
            v_entryNames = ConfigurationManager.AppSettings["SubKeys"].Split(',');
            v_locations = ConfigurationManager.AppSettings["Locations"].Split(',');
            
            foreach (String v_location in v_locations)
            {
                v_rootKey = Registry.CurrentUser.OpenSubKey(v_location, true);
                v_subKeys = v_rootKey.GetSubKeyNames();

                foreach (string v_curSubKey in v_subKeys)
                {
                    foreach (string v_entryName in v_entryNames)
                    {
                        RegistryKey v_subKey = v_rootKey.OpenSubKey(v_curSubKey, true);
                        object v_Attribute = v_subKey.GetValue(v_entryName);
                        if (v_Attribute != null)
                        {
                            Console.WriteLine(String.Format("FOUND: {0} in {1}", v_entryName, v_subKey.ToString()));
                            foreach (String regSubKey in v_subKey.GetSubKeyNames())
                            {
                                Console.WriteLine(String.Format("FOUND Subkeys: {0}", regSubKey));
                            }
                            
                            if (v_Attribute.ToString() != v_NewServer)
                            {
                                Console.WriteLine(String.Format("Existing Value of: {0}{4}From Key: {1}{4}With EntryName: {2}{4}Has been overwritten with new value of: {3}{4}{4}", Registry.GetValue(v_subKey.ToString(), v_entryName, "No value found.").ToString(), v_subKey.ToString(), v_entryName, v_NewServer, System.Environment.NewLine));
                                //Registry.SetValue(v_subKey.ToString(), v_entryName, v_NewServer);
                                v_subKey.SetValue(v_entryName, v_NewServer);
                                v_subKey.Close();
                            }
                        }
                    }
                }
                v_rootKey.Close();
            }
            Console.WriteLine("Complete!");
            Console.ReadKey();
        }
    }
}

Open in new window


Some info:
The value of "locations" in the appconfig is "Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Default Outlook Profile"
The value of SubKeys in the appconfig is "001e6602,001e6608"
The value of ServerNew in the appconfig is POPEX01.
The Exchange server is 2010.
Our Windows 7 machines are all x86.

Looking at the registry before running the app you can see this subkey with two REG_SZ entries referencing an old server 'MCEX03'. I want to replace those entries.

As you can see the subkey name ends with 72b4
This is what happens when I run this application on a PC of an affected user. Please note the command prompt has run with elevated privileges.

Now you can see my app believes it has run successfully.
But after I run the app, I recheck the registry using regedit and the values have not changed. If you notice in the above screenshot the app finds the subkey ending with a5fc.

This is the users registry as exported and viewed in notepad.
You should notice the subkey we were expecting as a5fc (as found by the reg tools in the app) is actually the reg key ending in 72b4.

So where is subkey ending a5fc? Why does the opensubkey command find it as ending a5fc and not 72b4? Why then does the regset command not work with the mystery subkey ending in a5fc?

I did some research into x64 registry being different than x86. But our client systems are all x86 so I don't know how this could affect the app. Can anyone help me here? IO'm obviously missing something.

Nick
0
Comment
Question by:HobartSmelter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 35

Accepted Solution

by:
Robert Schutt earned 2000 total points
ID: 39184700
I suspect that, because you're running your tool in an elevated command prompt, HKEY_CURRENT_USER points to a different part of the registry, not the same one showing in your regedit.

If that's the case I guess there would be 2 solutions:

1) run your app normally as logged on user and use code to acquire admin permission to the registry (assuming that's needed) I found this link on another forum but haven't tried it: http://msdn.microsoft.com/en-us/library/bb756929.aspx 

2) maybe easier: determine the SID for the currently logged in user and use registry key HKEY_USERS\THAT_SID\... instead of HKEY_CURRENT_USER, this should help: http://pcsupport.about.com/od/registry/ht/find-user-security-identifier.htm
0
 
LVL 35

Expert Comment

by:Robert Schutt
ID: 39185075
By the way, I haven't been able to reproduce this so maybe I'm completely off the mark with that "different user" assumption. Well actually I did say "if that's the case", but just thought I'd let you know that my own tests have not come up with a possible positive answer to that "if" (yet). It does still look of course to be the case (since you're seeing different subkeys) that the 2 are not looking at the same key somehow. So attacking this from the other direction could be the next advice: make sure you run regedit as administrator as well.
0
 

Author Comment

by:HobartSmelter
ID: 39198272
Ah, that's a smart notion that for some silly reason I didn't even consider. I will modify the code to utilise the right SID and post the results, will get back to you shortly :).
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
By default the complete memory dump option is disabled in windows . If we want to enable the complete memory dump for a diagnostic purpose, we have a solution for it. here we are using the registry method to enable this.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question