reg.exe question

Follow
Dan Sadler

I'm trying to deploy out a reg.exe to change an IE setting. It sets the Trusted Site Zones to "Automatic logon with current user name and password".  Below is the command I have written. When I deploy it says successful but never updates the key value.  If I copy from the reg.exe on and put that in my cmd box it works with no problem on changing the key.  Am I missing something?

%SystemRoot%\System32\REG.exe ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1A00 /t REG_DWORD /d 0 /f

0

Comments

12 comments

Date Votes
  • Stephen Valdinger

    I'm unfamiliar with the syntax here. Can I make some assumptions?

    You are setting a new DWORD Value with a name of 1A00 to a Data Value of 0

    If that assumption is correct, try creating a powershell script containing the following:

    New-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" -Name 1A00 -Value 0 -Type Dword

     

    0
    Comment actions Permalink
  • Dan Sadler

    The DWORD value 1A00 is already in the Registry.  I am trying to change the Value of it from 20000 to 0. 

    0
    Comment actions Permalink
  • Stephen Valdinger

    Roger that. Then I would ammend my script as follows:

     

    #Delete existing 1A00 key

    Remove-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" -Name 1A00

    #Re-add key with desired values

    New-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" -Name 1A00 -Value 0 -Type Dword

     

    0
    Comment actions Permalink
  • Dan Sadler

    Thanks for this.  I'll write it up real quick and test. 

    0
    Comment actions Permalink
  • Stephen Valdinger

    You're welcome. When testing it make sure you are setting your execution policy to bypass (Set-executionpolicy Bypass in the powershell window.)

     

    When you have your script tested and create a package for it just make sure the command line is something like powershell.exe -executionpolicy bypass -file $pdqrepo (sub this for whatever the path is)

    0
    Comment actions Permalink
  • Bouma, Colby

    You are deploying to HKCU, which means this will only affect your deployment user. If you want it to be system wide you need to find the matching key in HKLM.

    0
    Comment actions Permalink
  • Stephen Valdinger

    While this is exactly right, I was going with the assumption that he meant to deploy it to HKCU. It will also depend wildly on how he is deploying it. 

     

    Dan: Test it with HKCU and HKLM and see which works out for you. My money is going to be on HKLM.

    0
    Comment actions Permalink
  • Dan Sadler

    I should have clarified more as well.  Each employee has their own PC, so either HKCU or HKLM should be fine.  I'm trying to accomplish this without a log off and back on.  I think that is where my problem lies.  I've tried the command to force without the reboot but it didn't go, so i'm guessing a log off and on will be required. 

    0
    Comment actions Permalink
  • Stephen Valdinger

    HKCU would be fine if the deployment is run as the logged on user. If you're using a service account for deployments (as you should be!), HKCU would run against the service account user context. 

    There used to be a way to reload the registry without a logoff/logon.....but that appears to have gone away in Win7+

    Run the deployment outside business hours and when they log in in the morning, the setting will be there.

     

    0
    Comment actions Permalink
  • Dan Sadler

    Thanks Stephen and Colby! 

    0
    Comment actions Permalink
  • Stephen Valdinger

    You're very welcome. Let us know if that works so we can bump it to be ANSWERED.

    0
    Comment actions Permalink
  • Michael Muni
    Have you tried setting the package to run under the logged on user?
    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post