/build/static/layout/Breadcrumb_cap_w.png

Blog Posts tagged with Registry

Ask a question

AppDeploy - HKEY_CURRENT_USER - Pushing User Profile Settings

Home > Articles > HKCU - Pushing User Profile Settings

HKCU - Pushing User Profile Settings

HKCU (HKEY_CURRENT_USER) settings introduce a different set of problems in deployment. These registry settings are stored in each individual user profile and that makes getting them to everyone a bigger problem than simply installing files and registry settings to a machine. Most well written applications that use HKCU to store user preferences will detect the hive and default values don’t exist when first run. The application should then create and populate its HKCU information with defaults automatically. However, some applications that are not written so well may need to have its desired settings present in order to function properly. More often pushing HKCU settings becomes a task for those wishing to deploy a nonstandard set of default user settings with an application. There are two basic ways to complete this task, through a logon script or through system policy settings.

Most networks use a logon script of some kind. If not, a script can still be used in the same way by adding it to the “All Users” startup group. Either way you do it, you will be sure to want the script to run only once for each user. To do this, the script should first check for a footprint left behind by its initial execution before running, this will prevent it from running over and over again. The footprint can be any change performed by the script that can then be checked for to show the script has been run before. It is a good idea to keep these footprints located in a central area so that they may be checked for later with greater ease. An example:

$FOOTPRINTS = "HKEY_CURRENT_USER\Software\UserPackages"
If $FOOTPRINTS\Change1 = "Complete" Then Goto "End" EndIf
Shell "REGEDIT CHANGE1.REG"
If Exist "$FOOTPRINTS" <> 0 AddKey "$FOOTPRINTS" EndIf
SetValue ("$FOOTPRINTS", "Change1", "Complete", "REG_SZ")
:End
Exit

In the above example the script will only run once for each user. The footprint area in the registry will be created if it doesn’t exist. The example is written in KixTart, but can be just as easily written as a simple batch file, in Perl or in any other scripting language. Here the Windows NT “REG” command is used to implement some previously defined registry entries.

The second way to implement user settings, and in some cases the better way, is to use system policies. System policies force registry entries and can do so to all users, or members of specified NT groups. Remember that this method forces settings, so anything set here will always overwrite any settings made by users.

Most think of system policies as what is presented in the default templates provided by Windows NT. However additional settings can be used as well by creating a custom template. For example:

CLASS USER 

CATEGORY !!MicrosoftIE
           
CATEGORY !!ConnectionTab 
                       
KEYNAME "Software\Policies\Microsoft\Internet Explorer\Control Panel" 
                       
POLICY !!ProxyEnable
                        
            KEYNAME "Software\Microsoft\Windows\CurrentVersion\Internet Settings"
                        
            VALUENAME "ProxyEnable"
                        
            VALUEON NUMERIC 1
                        
            VALUEOFF NUMERIC 0
                       
END POLICY
           
END CATEGORY 
END CATEGORY

A good source of detailed information on creating a custom policy template can be found at: http://msdn.microsoft.com/library/winresource/dnwin95/s646d.htm. An excellent overview of system policies can be found at: http://www.microsoft.com/SYSPRO/win98/Reskit/Part2/wrkc08.asp.

By default system policies are always implemented if present, this can be controlled by the following registry entry:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Update

UpdateMode is a REG_DWORD with the data values:  
0 - A policy file is not downloaded from a server and is not applied.
1 - NTconfig.pol is downloaded (if present) from the NetLogon share of the %LogonServer% and applied.
2 - The UNC path of the policy file is read from NetworkPath and if present, downloaded and applied.

NetworkPath is a REG_SZ value that contains the full UNC path to the policy file. It is only used if UpdateMode is a 2. Example: \\ServerName\ShareName\Policy.pol

The System Policy Editor is not included in the floppy disk version of Windows 95. You can download Policy.exe that contains Poledit.exe. Please see the following article in the Microsoft Knowledge Base for information about downloading Policy.exe: Q135315 

One additional thing to keep in mind is what settings are present in the default user profile. Unless these scripts or policies are to remain in place to cover any new users, which is perfectly acceptable, the default user profile should be modified to incorporate any desired changes. Remember there are two default profiles to update, both the local and network default profiles.

The time will come when pushing user settings becomes necessary. If each machine is used by just one user, and packages are pushed in a way that the user actually performs the installation- HKCU settings can be pushed with the installation package itself. This is rarely the case though, and it is only a matter of time before a particular HKCU setting must be implemented.

Bob Kelly 1/23/00

Be the first to comment

Microsoft User Profile Hive Clean Up

URL: http://www.microsoft.com/downloads/details.aspx?FamilyID=1b286e6d-8912-4e18-b570-42470e2f3582&displaylang=en

Blurb from MS:

The User Profile Hive Cleanup service helps to ensure user sessions are completely terminated when a user logs off. System processes and applications occasionally maintain connections to registry keys in the user profile after a user logs off. In those cases the user session is prevented from completely ending. This can result in problems when using Roaming User Profiles in a server environment or when using locked profiles as implemented through the Shared Computer Toolkit for Windows XP.

On Windows 2000 you can benefit from this service if the application event log shows event id 1000 where the message text indicates that the profile is not unloading and that the error is "Access is denied". On Windows XP and Windows Server 2003 either event ids 1517 and 1524 indicate the same profile unload problem.

To accomplish this the service monitors for logged off users that still have registry hives loaded. When that happens the service determines which application have handles opened to the hives and releases them. It logs the application name and what registry keys were left open. After this the system finishes unloading the profile.

Be the first to comment

Right-Click and Install Your MSI/MST with Verbose Log Without Using BAT or CMD

I have come to realize after reading from another blog, http://www.itninja.com/blog/view/easy-way-to-refer-to-an-msi-and-its-mst-via-bat-or-cmd-file and share this little REG file of mine which I have been using for quiet sometime.

Worth trying if you dont want to type everytime you need to install or uninstall with your MSI and MST. It can also create a verbose log on the same folder. Enjoy!

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\Msi.Package\shell]
@="Open,Repair,Uninstall,Install_With_Verbose_Log,Uninstall_With_Verbose_Log,Install_With_Transforms"

[HKEY_CLASSES_ROOT\Msi.Package\shell\Install_With_Transforms]
@="Install with &TRANSFORMS (MSIName.MST)"

[HKEY_CLASSES_ROOT\Msi.Package\shell\Install_With_Transforms\command]
@="\"C:\\WINDOWS\\System32\\msiexec.exe\" /i \"%1\" TRANSFORMS=\"%1.MST\" /l*v \"%1Install.log\" /qb+"

[HKEY_CLASSES_ROOT\Msi.Package\shell\Install_With_Verbose_Log]
@="Install with &Verbose Log"

[HKEY_CLASSES_ROOT\Msi.Package\shell\Install_With_Verbose_Log\command]
@="\"C:\\WINDOWS\\System32\\msiexec.exe\" /i \"%1\" /l*v \"%1Install.log\" /qb+"

[HKEY_CLASSES_ROOT\Msi.Package\shell\Uninstall_With_Verbose_Log]
@="Uninstall with Verbose Log"

[HKEY_CLASSES_ROOT\Msi.Package\shell\Uninstall_With_Verbose_Log\command]
@="\"C:\\WINDOWS\\System32\\msiexec.exe\" /x \"%1\" /l*v \"%1Uninstall.log\" /qb+"

View comments (10)

How to make changes to the default users hive as a post deployment task

We have had to make a change to default user's registry to about 15 images to save recapturing them.  Office 2012 was trying to re-register itself for every user on the deployed images.  This is the task I created to do this

start /wait reg load HKU\temphive c:\users\default\ntuser.dat

start /wait reg add "HKU\temphive\Software\MicroSoft\Office\14.0\Excel\Options" /v NoReReg /t REG_DWORD /d 1 /f

start /wait reg add "HKU\temphive\Software\MicroSoft\Office\14.0\Word\Options" /v NoReReg /t REG_DWORD /d 1 /f

start /wait reg unload HKU\temphive

View comments (2)

The Fly in the Room

     We’ve all heard of the phrase “An elephant in the room”, when there’s a glaring issue staring everyone in the face that no one wants to address.  We’re faced with these elephants fairly often, in any job, in any place of employment, even at home or with friends. It’s not uncommon that we experience the exasperation at the prominent pachyderm on a regular basis. But even more common than trying to find a polite way to address the elephant, we find ourselves challenged by “A Fly in the Room.” It’s small issue, something that doesn’t always draw attention, but during times can be a source of unequaled annoyance.  As you might imagine it’s much easier to get a fly in the room than an elephant, which might explain why we deal with them quite so often.

      For me, I had a particularly maddening fly not long ago. In programming everything counts. There’s not much room for error and you often find yourself staring at code for hours trying to find the semi-colon or comma out of place. There’s no way around it. It will happen to you, it will drive you mad, and you will feel an unbridled joy upon finding the issue and resolving it. Even after hours of starting at a flickering screen. I had the pleasure of experiencing an issue with a small registry script I was creating. The effort was to optimize some virtual clients that would be running over the network. There was a guide and lucky me, they had even prepared an entire list of code that you could theoretically copy and paste and be done with.  I thought it was too good to be true, turns out? It was.

        While some small changes needed to take place, the code looked completely usable. I quickly went about turning it into a registry script and running it on a test machine.  After a cheery message informing me that it completed successfully, I gave it a restart and was looking forward to seeing the new and improved virtual machine. Low and behold upon logging back in I noticed that none of the effects had taken place. I spent the next few hours making small tweaks to the file, trying it different ways and fighting up and down to get it to co-operate to no avail. Finally in frustration I sent the file to a co-worker and explained my issues. After talking for a short bit he spent around ten minutes and found the problem.

      The problem was that the quotation marks weren’t the same quotation marks that notepad would have used on its own. quotation marks(Blown up, the quotation marks on the left were the ones brought over from the document, the ones on the right were quotation marks as Notepad wanted). It saw them as quotation marks, but not quotation marks at the same time. Meaning while everything looked correct and said it succeeded, it did nothing of the sort. After my co-worker began to manually type the code in he happened to notice the discrepancy in the format. Sure enough a few quick changes later and the file ran without a hitch.

      So what did I learn? I learned that you can’t trust snippets of code to magically work; I learned that a program like Notepad++ or Crimson Editor can help save hours of heartache and frustration. I learned that most programmers go through a problem like that or very similar to that which teaches them these lessons. And most of all I learned that no matter how annoying, you’ve got to make sure that you squish that “Fly in the Room”.

View comments (3)
Showing 1 - 5 of 11 results

Top Contributors

Talk About K1000 Monitoring