Re: Tough question - get your thinking caps on
- From: "Doug Knox - [MS-MVP]" <dknoxNO@xxxxxxxxxxxx>
- Date: Sun, 25 Mar 2007 22:32:57 -0400
Assuming that you are already able to run code as administrator while the user is logged in, all you should need to do is access the key in question via HKEY_USERS instead of via HKEY_CURRENT_USER. The latter won't work because the process isn't running in the user account you want to manipulate.
HKEY_USERS will only show the user hives that are currently loaded/logged on. And since they're in use, they're locked and unavailable to the Load Hive function of Regedit, or the Windows API's.
--
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart Display\Security
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
"Harry Johnston" <harry@xxxxxxxxxxxxxxxxxx> wrote in message news:OHT0pz0bHHA.2188@xxxxxxxxxxxxxxxxxxxxxxx
NW_DE wrote:
I need to remotely edit the HKCU\Software\Policies\Microsoft key, in order to add the Security subkey and the CheckAdminSettings dword value required for use with Outlook Security Templates.
Unfortunately, this is a "restricted" key, and only the Administrators have full access.
Hmmm. Depends a lot on context - the user's hive won't be loaded unless the user is logged in, but you need to use administrator privilege to make the change. Based on what you've said I suspect this isn't a problem in your circumstances.
Assuming that you are already able to run code as administrator while the user is logged in, all you should need to do is access the key in question via HKEY_USERS instead of via HKEY_CURRENT_USER. The latter won't work because the process isn't running in the user account you want to manipulate.
HKEY_CURRENT_USER is a shortcut to HKEY_USER\{sid} where {sid} is the SID of the user account. I'm not sure offhand of the best way of finding that out (again, it depends on the context) but failing all else you could enumerate the subkeys of HKEY_USER and look in Software\Microsoft\Windows\CurrentVersion\Explorer for the "Logon User Name" value.
Harry.
.
- Follow-Ups:
- Re: Tough question - get your thinking caps on
- From: Harry Johnston
- Re: Tough question - get your thinking caps on
- References:
- Re: Tough question - get your thinking caps on
- From: Harry Johnston
- Re: Tough question - get your thinking caps on
- Prev by Date: Re: Tough question - get your thinking caps on
- Next by Date: Re: Tough question - get your thinking caps on
- Previous by thread: Re: Tough question - get your thinking caps on
- Next by thread: Re: Tough question - get your thinking caps on
- Index(es):
Relevant Pages
|
