Adding Entries to HKCU for all users - windows

I am trying to run a registry file for each users when they first log in. I was looking at different options to add HKEY_CURRENT_USER but couldn't get a definitive answer. Need someone to direct me to the right direction.
So I have the following commands
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\foo.reg" /v "Version" /d "1" /t REG_SZ /f
add HKEY_CURRENT_USER\C:\mykit\foo.reg /v "EnableRPCEncryption" /d "1" /t REG_DWORD /f" /f
Ican execute them and but the reg_key doesn't run when I first login as a new user.
I am running windows 2012 server

Add the appropriate registry settings within HKU.Default using the same relative paths. Log in with a new user and check to see that the settings are present.
You can also create a Group Policy Object (GPO) that runs for all users and checks to see if the HKCU registry key is present and adds if necesary.
If you are not keen on GPO, you can write a batch file and place it in within the startup folder of the All Users Start Menu.

Related

How can i change values in Windows registy without admin permissions

i want to automate something, but it only works if i manually accept the uac window, so i tried to change the registry value with this commads:
c:\Windows\System32\cmd.exe /k c:\Windows\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
But it only works if i run the cmd as administrator. So again i need to accept the uac window to deactivate the uac windows...
Is there a good way to make this with a script ore something like that, or is there a bypass solution? (for automation puroses)
If you want to modify a registry hive without administrative privileges, you have to do it offline1.
To do so, you can boot into WinRE and then use regedit to modify your hives offline. You can also remove your hard disk and put it into another computer where you have administrative privileges and modify it there.
You can find an example here.
1 Offline in this case means, the hives are not mounted. Or in other words, the Windows installation is not running.

Batch scripting - adding a new path via registry command (reg add) does not add it to path

I am currently working on a batch script and would like to add new paths to the system environment variables via registry command. Here is my current code:
set newPath=%path%;%NODE_MODULES_DIR%;%NODE_MODULES_DIR%\electron\dist
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Sessions Manager\Environment" /v Path /t REG_EXPAND_SZ /d "%newPath%" /f
call logoff
I do a reg add with new paths. And as I understand, since changes will not take effect until after a logout/restart, I added call logoff to force user to log out.
Problem is when I log back in, I still can't see my new paths under system environment variables.
I do not want to use the setx command because of the 1024 limitation.
Can someone help? Thanks!!
Found what's wrong already.
Turns out that the HKEY_LOCAL_MACHINE path is incorrect.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Sessions Manager\Environment
should be
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
(Session Manager instead of Sessions Manager)
And should've used REG_SZ instead of REG_EXPAND_SZ

How do I automatically launch a non-Surface application in Windows Embedded 8?

How do I automatically launch a non-Surface application in Windows Embedded 8?
I want to automatically launch a GUI application on startup in Windows Embedded 8, but I can't figure out how to do it. I've been reading Sean Liming's Professional's Guide to Windows Embedded 8 Standard, and in chapter 8 he describes how to modify the device experience. He names how there is a Windows 8 Application launcher, but for Surface apps only. He also describes a Shell Launcher module, but my app is not a shell. He also mentions a shell he wrote here, but reading through its documentation, it doesn't describe how to automatically launch a program within that shell.
As far as I can tell, he doesn't describe how to automatically launch a non-Surface application anywhere, and Google and Stack Exchange get me no results (it doesn't help that most results come back as merely Windows 8, and not Windows Embedded 8). Or am I mistaken? Is Shell Launcher sufficient to launch a non-shell app? Does the app launched become the "shell", in effect?
Side note: It's probably worth mentioning that the app I want to launch is a Java app. I will be including the module-based Java JRE installer as mentioned in the book, but if there are any other provisos to launching a Java app in WE8S, please comment.
Thanks for your time and feedback!
This works for both Windows Embedded Standard 7 and Windows Embedded 8 Standard:
I normally install Windows Embedded Standard with the standard shell. In WE8S this would be the Metro UI. Once installation and configuration is complete, and your application runs successfully, I use registry entries to modify the application launched on startup.
Custom user-specific shell
As an example, to launch VLC media player as the shell, and play media files in a folder on the d:\ e.g d:\media in a continuous loop, I use the below in a .bat file, running as administrator.
This must be run while logged into the user that will launch the custom shell
Create a new .bat file:
in Windows Explorer, Select "File" -> "New" -> "Text Document"
Rename "New Text Document.txt" to custom_shell.bat
Paste the below into the file
Save the file
Right click the file -> "Run as Administrator"
c:\Windows\system32\reg.exe DELETE "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /f
c:\Windows\system32\reg.exe ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /t REG_SZ /d explorer.exe
c:\Windows\system32\reg.exe ADD "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /t REG_SZ /d "c:\program files\vlc\vlc.exe -f --loop ""d:\media"""
c:\Windows\system32\reg.exe DELETE "HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\boot" /v Shell /f
c:\Windows\system32\reg.exe ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\boot" /v Shell /t REG_SZ /d "USR:Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
pause
This modifies the shell for the !Current User! (i.e. the logged on user) to launch VLC.exe on logon. (I use reg.exe because some slimmed down installations might not have regedit.exe included)
This means that you can still access the full user interface when logging on as the administrator user (via safe mode if Administrator profile is normally disabled), since the shell for all other users is still the explorer shell.
Launching the explorer shell from within the custom shell
You can still launch the explorer shell with the metro UI when the user with the custom shell is logged on. To launch the explorer shell from the user running the VLC (custom) shell:
Start the task manager (CTRL+SHIFT+ESC)
Click on the "Advanced" button at the bottom of the task manager
Select "File" -> "New Task (Run...)" from the menu bar
Enter "Explorer.exe" (This start the explorer service)
Repeat the above steps again (This will lauch an instance of Windows Explorer)
The Metro UI should be usable then
Java application as a shell
More to the point, in order to run your java app, change the below entry in the above .bat
from:
c:\Windows\system32\reg.exe ADD "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /t REG_SZ /d "c:\program files\vlc\vlc.exe -f --loop ""d:\media"""
to
c:\Windows\system32\reg.exe ADD "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /t REG_SZ /d "java [any other JVM options you need to give it] -jar "path\jar-file-name.jar""
If your java app does not include a manifest the above will not work!
Try this (I have not tested this):
java -cp jar-file-name.jar full.package.name.ClassName
Revert to the Explorer (default shell) i.e. Undo user-specific shell
To undo the shell changes for the user i.e. revert back to original settings:
!This must be run while logged into the user with the custom shell!
Create a new .bat file:
in Windows Explorer, Select "File" -> "New" -> "Text Document"
Rename "New Text Document.txt" to default_shell.bat
Paste the below into the file
Save the file
Right click the file -> "Run as Administrator"
c:\Windows\system32\reg.exe DELETE "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /f
c:\Windows\system32\reg.exe ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /t REG_SZ /d explorer.exe
c:\Windows\system32\reg.exe DELETE "HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\boot" /v Shell /f
c:\Windows\system32\reg.exe ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\boot" /v Shell /t REG_SZ /d "SYS:Microsoft\Windows NT\CurrentVersion\Winlogon"
c:\Windows\system32\reg.exe DELETE "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /f
pause
User Auto Logon:
You can configure Windows to automatically log onto a specific user profile.
Start > Search > netplwiz
OR [Windows Key + R] > netplwiz
A ‘User Account’ window will open. Highlight the account you want to automatically load when Windows starts.
Uncheck the box above it titled “Users must enter a user name and password to use this computer.”
Click OK.
You will be prompted to confirm the operation by entering your password.
Enter your password to complete the change.
The next time you start up Windows, the user account you selected will automatically be loaded
Things to consider
Play around, but use a test environment if possible
If you can launch the shell, so can someone else. Use the keyboard filter to filter out known key combinations, and create one only you, and perhaps the service technicians will know.
Remove admin rights for the user with the custom shell
Use the Unified Write Filter (or Enhanced Wright Filter/File Based Write Filter). Un-protect only when making changes.
A big THANK YOU to Sean Liming and the work that does - he inspired this.
Mark Böhmer
Windows Embedded Specialist
South Africa

Insert an entry into HKCU for each user account on a PC

I'm an admin charged with installing software to a small LAN of PCs. The software had to be installed in separate stages (three different executable setup packages).
The sales muppets supplied the stages in the wrong order, and since they were installed in the wrong order, registry keys weren't correctly generated.
So I need to make an HKCU entry in the registry for each existing user on each PC.
The registry key I need to install is
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\AcmeSoft\AcmeApp]
"InstallLocation"="C:\\Program Files (x86)\\AcmeApp"
#=""
I'd like to write a script (language is unimportant, I'm familiar with C++ and python though) that I can run once per PC to deploy this new registry key to the HKCU\Software\AcmeSoft\AcmeApp hive.
Regedit shows a hive called HKEY_USERS, which I suspect may contain entries for all users on the PC.
Can I somehow iterate HKEY_USERS and check for the aforementioned key and install it if its missing?
Thanks.
If you're not against using a simple batch script, you can use this:
You can even add a computername before HKU (like so: \Computer\HKU) if you like so you can run it remotely. You have to run it as admin (elevated)
for /F "delims=\ tokens=1,*" %%t in ('reg query HKU') do reg add HKU\%%u\Software\AcmeSoft\AcmeApp /ve
for /F "delims=\ tokens=1,*" %%t in ('reg query HKU') do reg add HKU\%%u\Software\AcmeSoft\AcmeApp /v InstallLocation /d C:\\Program Files (x86)\\AcmeApp
I found a couple of simple syntax errors in the supplied answer. Here's the correct syntax for those who may need it.
for /F "delims=\ tokens=2,*" %t in ('reg query HKU') do
reg add HKU\%t\Software\AcmeSoft\AcmeApp /ve
for /F "delims=\ tokens=2,*" %t in ('reg query HKU') do
reg add HKU\%t\Software\AcmeSoft\AcmeApp /v InstallLocation /d C:\\Program Files (x86)\\AcmeApp
But this isn't quite right. Here's a list of entries in HKU:
The only one that appears to be a valid account in the system is:
S-1-5-21-856089149-4157031032-549160387-500
However, there are a lot of users that sign into this machine.
So I need an alternative. If I get it, I'll post it here.
Update
I found a command that lists all users, but this appears to query the domain controller for the information, which returns all accounts on the system (including admins, templates, inactive e.g. disabled accounts etc.)
wmic useraccount get name,sid
Useful to know, but overkill for my purposes.

How to associate a file extension to a program without making it the default program

I'm deploying a small conversion tool on some systems, and want the users to be able to run it from the right click Open with menu. But I don't want to change the default program users have associated to this file type.
It is easy to associate a file extension/type to a program, but how to do it (programatically of course) without changing the default program?
Setting the following keys worked for me:
key HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/App Paths/<progname>: "" = <appPath>
key HKCR/Applications/<progname>/SupportedTypes: <fileExt> = ""
key HKCR/<fileExt>: "" = <progID>
key HKCR/<progID>/OpenWithList/<progName>
key HKCR/<fileExt>/OpenWithList/<progName>
key HKCR/SystemFileAssociations/<fileExt>/OpenWithList/<progName>
delete key and subkey at HKCU/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/fileExts/<fileExt>
You can add scripts to the context menu (below Open with) by adding it in the windows registry:
Open regedit
Goto HKEY_CLASSES_ROOT\your_class\Shell
Add a new key and give it a name
Edit the (Default) value of this key and insert the text you want to show in the context menu
Add a new key named Command under your newly created key
Edit the (Default) value of this key and insert the command you want to execute
Enjoy!
In the "File Types" Windows Dialog you can click "Advanced" on your file type and there create a custom action tied to your application.
Possibly you can also find a way to do this in a programmatic manner, or at least create a .REG file with the equivalent registry options.
I have achieved the correct FILE ASSOCIATION using these cmd commands.
(just an example):
REG ADD "HKEY_CLASSES_ROOT\Applications\notepad++.exe\shell\open\command" /v # /t REG_SZ /d "\"C:\\Program Files\\Noteepad++\\notepad++.exe\" \"%1\"" /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt" /v "Application" /t REG_SZ /d "notepad++.exe" /f
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithList" /v "g" /t REG_SZ /d "notepad++.exe" /f
assoc .txt=MyCustomType
ftype MyCustomType="C:\Program Files\Noteepad++\notepad++.exe" "%1"
(it's better to put them in .bat file)
here's a worked example for XP adding a command prompt option to folders. Create a .reg file
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\Directory\shell\Command Prompt]
[HKEY_CLASSES_ROOT\Directory\shell\Command Prompt\command]
#="cmd.exe /k cd \"%1\""

Resources