Read or Update a registry key for ALL users on a system
Have you ever needed to read or update a registry key that is stored in each user’s HKEY_CURRENT_USER or HKEY_CLASSES_ROOT hive? Have you also ever needed to read or update it for ALL users on the system, as well as make it the default setting when a new user profile is created?
That can be a bit of a daunting task. One solution is to add the registry key update to the user’s logon script.
UPDATE: As a commenter pointed out, an alternative solution is to use the built-in “Active Setup” functionality which can run a script the next time each user logs in, under that user’s context. In most scenarios, I believe this will be the best method for updating registry settings on a per-user basis.
What is Active-Setup? http://sccmpackager.blogspot.com/2013/07/active-setup-what-is-active-setup.html
However, the technique described in this post is very useful for when you need to read from each user’s registry settings (or write to) immediately and cannot wait for the next time a user logs onto the system.
Fortunately, there is another way that will immediately update all profiles (including the DEFAULT profile) and I wrote a vbscript to make it easier.
The source code (vbscript) is available here: https://github.com/MicksMix/RegUpdateAllUsers
- Nov 15, 2013 – Able to update NTUSER.DAT and/or USRCLASS.DAT (HKCU and/or HKCR)
- Aug 25, 2013 – Added ability to delete keys
- Apr 23, 2013 – Added ability to write REG_BINARY values
- Apr 11, 2013 – Fixed bug where it wouldn’t work when run by SYSTEM account
- Mar 28, 2013 – Huge code cleanup and bug fixes
- Jan 13, 2012 – Initial release
The script can set REG_BINARY keys as long as they are in the format used by a regedit.exe export. For example:
[HKEY_CURRENT_USER\Software\_Test\MyTestBinarySubkey] "My Test Binary Value"=hex:23,00,41,00,43,00,42,00,6c,00
To set this binary value using the script, you would modify line 82 to be:
SetBinaryRegKeys sRegistryRootToUse, strRegPathParent03, “My Test Binary Value”,“hex:23,00,41,00,43,00,42,00,6c,00”
The script works correctly even when run under the SYSTEM account.
The general way this script works:
- Update the currently logged on user’s HKCU (that’s easy enough)
- Then you must enumerate every profile on the system
- Find their ntuser.dat file (ntuser.dat contains the contents of the user’s HKCU hive)
- Find their usrclass.dat file (usrclass.dat contains the user’s HKCR hive)
- Load ntuser.dat and/or usrclass.dat into a temporary key in the HKLM hive (programmatically or using reg.exe)
- I use ‘HKLM\TempHive’ as the temporary key
- Then when you write to “HKLM\TempHive”you are actually editing that user’s HKCU hive.
- If you load ntuser.dat/usrclass.dat for the “Default” user, the settings will take effect for any NEW user profile created on the system
- If more than 1 user is currently logged on, you can edit their HKCU/HKCR hive by looking the user up by their SID under HKEY_USERS and writing to it at that location.
It’s a bit of a tedious job, so I wrote a VBScript that takes care of all of the steps listed above. This script has been tested on Windows XP and Windows 7 (x64), but should work on Windows 2000 and newer. It relies on “reg.exe” which ships with all versions of Windows.