Problem writing to the registry


Recommended Posts

Hi everyone

My system is XP Pro SP2 on a laptop behind a router.

I have two accounts set up, one with Admin rights (for "special" occasions) and the other with Limited rights (that I use normally). I can access the registry editor with either account and need to change something in HKCU that affects only the Limited account but it won't let me. I can make changes to some values/keys (within HKCU) whilst logged in with the Limited account. What's going on and why the inconsistency?

I logged on with Limited rights, tried Start>Run>cmd then "runas /user:<name of Admin account> regedit" which did allow me to change the value in HKCU that I need to, but when I closed the registry editor and opened it normally (as Limited user), that value hadn't been changed for the Limited user!

How do I change the HKCU value that I need for the Limited user?

I hope that one of the gurus here will have an answer for me!

Thank you.

Link to comment
https://www.neowin.net/forum/topic/399022-problem-writing-to-the-registry/
Share on other sites

I need to set a REG_DWORD "DontShowSuperHidden" in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer. By setting this to 0 or 1, I can make the dialogue "Hide protected operating system files (Recommended)" in Windows Explorer's Tools>Folder Options>View visible or not, hence denying the Limited user from showing hidden system files. I know that they can be shown again by changing the registry, but the user may not know that trick, or I could specifically deny their access to change this setting. I don't know if HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer DontShowSuperHidden is available in GPE.

login with the admin account

start, run, regedit

expand a hive (click the plus sign to the left of one of the hives)

file menu, load hive...

load the user hive for the limited user (C:\documents and settings\limitedusername\ntuser.dat)

you will be asked to provide a temporary name for the hive for editing, just choose something unique

make your edits

click the folder/hive name that you created

file menu, unload hive

log out, log in limited and test

  Tosca said:
I logged on with Limited rights, tried Start>Run>cmd then "runas /user:<name of Admin account> regedit" which did allow me to change the value in HKCU that I need to, but when I closed the registry editor and opened it normally (as Limited user), that value hadn't been changed for the Limited user!

586822363[/snapback]

That's because when you ran regedit as the administrator, you changed the value in the administrator's user hive, not your user hive. HKCU is mapped to the current user, hence the name. If you want to change a value in another user's hive, you'd have to load their hive, change the value, then unload their hive.

You should really stop trying to change it from another account and look into why you don't have access to that key. Right click the key and choose Permissions. Make sure there's no deny entries, and that you are the owner of the key (Advanced button > Owner tab).

Thank you k22 - I'll look into this, although I agree with you John as I'd rather find out why the problem's there than do a workaround!

I checked the key permissions and the setting was as Read for the Limited user. I logged out and back in with Admin rights. I changed the permission for the Limited user to Full Control. When I rebooted and checked as the Limited user, the permission had reverted to only Read!!

I checked the owner and it is set to Administrators, rather than my Limited user account. I realise that I'll have to change the ownership whilst logged on with Admin rights. Can I just ask - if I change ownership to the Limited user so I can do what I need to do, can I change the ownership back to the Administrators?

One final comment is that I always set a System Restore and backup the registry key before I "play around", just in case, but I'd far rather not have to rely upon my "B" or "C" plan if I foul things up!

John - I've been thinking about changing ownership of the key in HKCU. It won't let me do so if I'm logged on with Limited rights and I suspect that it I get to the same key when logged on with Admin rights, that wouldn't do me any good either because how will the computer know which HKCU I want to allocate to the Limited user? I guess that HKCU (when logged on with Admin rights) will show the Admin as the owner. At present, there's only one Limited user but what if there are several?

I'm so confused about this whole matter now - I thought I'd got my head around the registry but this just isn't working as I'd expected! Why can't I change the permission to allow the Limited user to have Full access to the key/subkey that I need? :-( I just wonder if there might be a GPE setting that I need to tweak?

I've been thinking about this a lot! I don't have access to gpedit.msc if I log in with Limited rights but I do if I have Admin rights (I understand that). Is there a policy setting which I could change (temporarily) to allow the Limited user access to gpedit.msc (or secpol.msc)? I'll be surprised if the answer's "no" - but I just don't know much about the policy editor.

Get the permissions of the parent key. Go to the owner tab and select your (limited) user account. Check the box to change the owner on all child objects, then click OK to dismiss all dialogs. Then go check the original registry key again. You should now be the owner and should be able to grant/modify permissions on that key.

Hi John

I've tried to do that whilst logged on as the Limited user - but it won't let me change the owner from the Administrators. I have full permission (as Limited) in everything prior to \Policies. It won't let me change the inheritance of \Policies or \Policies\Explorer (which are not inherited).

I'm not sure how I can change ownership of the HKCU ... \Policies\Exlorer from Administrators to Limited user. If I negotiate to that when logged in with Admin rights, the hive isn't that of the Limited user, is it?

I suspect that I'll have to log in with Admin rights, load the Limited user registry (Ntuser file), negotiate to the HKCU ... \Policies\Exlorer, add DontShowSuperHidden and then unload the Limited user registry (Ntuser file). Does that sound logical?

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.