Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Deploy .reg files via group policy

Posted on 2014-11-27
11
Medium Priority
?
4,133 Views
Last Modified: 2014-11-28
Hello Experts,

I need to deploy a .reg file via group policy. I've deployed many .msi files before but never .reg Help!!!
0
Comment
Question by:CNBELGIN
  • 4
  • 3
  • 2
  • +2
11 Comments
 
LVL 25

Expert Comment

by:NVIT
ID: 40469312
0
 
LVL 84

Expert Comment

by:David Johnson, CD, MVP
ID: 40469332
you can use logon scripts or you can drill down into the preferences\windows settings
http://blog.unidesk.com/gpos-set-custom-registry-entries-virtual-desktops-disabling-machine-password.
0
 

Author Comment

by:CNBELGIN
ID: 40469341
I'm running Active directory 2003 with a mix of XP and Win7 computers.
0
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

 
LVL 57

Expert Comment

by:McKnife
ID: 40469707
If you want to deploy user settings (HKCU in regedit), use either a logon script or GPPs in the user policy section.
For all other registry hives, use startup scripts or GPPs in the computer policy section.
0
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 1000 total points
ID: 40469875
In that case it might be easier to just use a batch file and have it run as a logon script using Group Policy.

Group Policy Preferences would be the most ideal method but you'll need to do a number of things to set it up for your environment beforehand (i.e. install RSAT on a Windows 7 machine for Group Policy Management and then ensure the Group Policy Client Side Extensions update is installed on all your XP machines)

Create your .reg file and store it on a share on your DC, e.g. \\server\netlogon\reg_file.reg
Open Notepad then type in regedit /s \\server\netlogon\reg_file.reg > File > Save As > in the Save As Type dropdown select All files (*.*) > name your logon script, i.e. addreg.bat > Save the file to the netlogon share on one of your DCs.

Then follow the steps here to add the above addreg.bat file as a logon script using Group Policy: http://technet.microsoft.com/en-us/library/cc781361%28v=ws.10%29.aspx
0
 
LVL 57

Assisted Solution

by:McKnife
McKnife earned 1000 total points
ID: 40470111
@vb its
regedit.exe is not suitable for logon scripts as it requires elevation. reg.exe however does not.
0
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 1000 total points
ID: 40470258
Yep good point McKnife. It'll work fine for XP but Windows 7 will require elevation so reg.exe is the way to go.

@CNBELGIN, please see this Microsoft article for the syntax for the reg.exe command: http://technet.microsoft.com/en-au/library/cc742162.aspx
0
 

Author Comment

by:CNBELGIN
ID: 40470384
Hello Guys,

Thanks for all your help.

In the example below, how would i utilize  reg.exe for win7?  Would i simply replace regedit.exe  /s with reg.exe /s ?

@echo off

Regedit.exe /s \\DC01\install\fix.reg

exit
0
 
LVL 57

Accepted Solution

by:
McKnife earned 1000 total points
ID: 40470386
reg import \\DC01\install\fix.reg
0
 

Author Comment

by:CNBELGIN
ID: 40470388
Will this work for XP as well as win7?

reg import \\DC01\install\fix.reg
0
 
LVL 57

Expert Comment

by:McKnife
ID: 40470392
For both.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question