Solved

Deploy .reg files via group policy

Posted on 2014-11-27
11
811 Views
Last Modified: 2014-11-28
Hello Experts,

I need to deploy a .reg file via group policy. I've deployed many .msi files before but never .reg Help!!!
0
Comment
Question by:CNBELGIN
  • 4
  • 3
  • 2
  • +2
11 Comments
 
LVL 23

Expert Comment

by:NVIT
ID: 40469312
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 40469332
you can use logon scripts or you can drill down into the preferences\windows settings
http://blog.unidesk.com/gpos-set-custom-registry-entries-virtual-desktops-disabling-machine-password.
0
 

Author Comment

by:CNBELGIN
ID: 40469341
I'm running Active directory 2003 with a mix of XP and Win7 computers.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 40469707
If you want to deploy user settings (HKCU in regedit), use either a logon script or GPPs in the user policy section.
For all other registry hives, use startup scripts or GPPs in the computer policy section.
0
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 250 total points
ID: 40469875
In that case it might be easier to just use a batch file and have it run as a logon script using Group Policy.

Group Policy Preferences would be the most ideal method but you'll need to do a number of things to set it up for your environment beforehand (i.e. install RSAT on a Windows 7 machine for Group Policy Management and then ensure the Group Policy Client Side Extensions update is installed on all your XP machines)

Create your .reg file and store it on a share on your DC, e.g. \\server\netlogon\reg_file.reg
Open Notepad then type in regedit /s \\server\netlogon\reg_file.reg > File > Save As > in the Save As Type dropdown select All files (*.*) > name your logon script, i.e. addreg.bat > Save the file to the netlogon share on one of your DCs.

Then follow the steps here to add the above addreg.bat file as a logon script using Group Policy: http://technet.microsoft.com/en-us/library/cc781361%28v=ws.10%29.aspx
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 250 total points
ID: 40470111
@vb its
regedit.exe is not suitable for logon scripts as it requires elevation. reg.exe however does not.
0
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 250 total points
ID: 40470258
Yep good point McKnife. It'll work fine for XP but Windows 7 will require elevation so reg.exe is the way to go.

@CNBELGIN, please see this Microsoft article for the syntax for the reg.exe command: http://technet.microsoft.com/en-au/library/cc742162.aspx
0
 

Author Comment

by:CNBELGIN
ID: 40470384
Hello Guys,

Thanks for all your help.

In the example below, how would i utilize  reg.exe for win7?  Would i simply replace regedit.exe  /s with reg.exe /s ?

@echo off

Regedit.exe /s \\DC01\install\fix.reg

exit
0
 
LVL 53

Accepted Solution

by:
McKnife earned 250 total points
ID: 40470386
reg import \\DC01\install\fix.reg
0
 

Author Comment

by:CNBELGIN
ID: 40470388
Will this work for XP as well as win7?

reg import \\DC01\install\fix.reg
0
 
LVL 53

Expert Comment

by:McKnife
ID: 40470392
For both.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Microsoft has released remote PowerShell capabilities to all commercial Office 365 customers. So you can be controlled via PowerShell and not from the Office 365 admin center Download Windows PowerShell Module for Lync Online http://www.micros…
In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now