loading a registry hive

  • Thread starter Thread starter Bruce Sanderson
  • Start date Start date
B

Bruce Sanderson

How does one cause a registry hive to be loaded or unloaded from/to a file - essentially, what is
the .net framework equivalent of the RegLoadKey and RegUnLoadKey Functions in the Windows API?

I need to build a small application that will load the hive from %systemdriver$\Documents and
Settings\Default User\ntuser.dat (Windows XP), set a particular value, then unload the hive. This
is so any user that has not logged on before will get this registry value when their user specific
profile (and ntuser.dat) file is created.
 
Bruce said:
How does one cause a registry hive to be loaded or unloaded from/to a
file - essentially, what is the .net framework equivalent of the
RegLoadKey and RegUnLoadKey Functions in the Windows API?
Click to expand...
There is none. This functionality is not exposed in the framework. You'll
have to P/Invoke (opening and modifying the key once the hive is loaded can
be done from .NET) or just do it in unmanaged code.
I need to build a small application that will load the hive from
%systemdriver$\Documents and Settings\Default User\ntuser.dat (Windows
XP), set a particular value, then unload the hive. This is so any user
that has not logged on before will get this registry value when their
user specific profile (and ntuser.dat) file is created.
Click to expand...
..NET typically handles this through cascading configuration files; a managed
application should not require a particular registry value to be present
somewhere. Even if you need to use the registry, an application could check
whether its expected value is missing for the user it's running under, and
if so, copy the default over from a subkey in HKEY_LOCAL_MACHINE.

If you can't modify the application logic and it depends on the value being
present before running, modifying the template user hive would be
acceptable. This is something you probably want to do from the setup
program, since it requires administrative privileges and only needs to
happen once. You typically wouldn't use a managed application for setup,
since the framework has its own prerequisites.
 
Thank your for your information. The situation is not related to application installation
processes, or a missing registry value.

The situation we have is that we are deploying several hundred new desktop computers (Windows XP
SP3) and one registry value in the Default User's Profile (ntuser.dat) is incorrect in the Image -
the Office 2007 User Name field has someone's name in it instead of being empty. The image was
corrected, but unfortunately the folks that imaged the computers chose to use the uncorrected image.
This means that users of these new computers (if they don't know they have to set the Office user
name setting) will use the person's name that was in the Defualt User's ntuser.dat at the time they
first logged on and got their own user profile and ntuser.dat copy. If someone has a file open and
someone else attempts to open it, the Office applications tell the second user someone has the file
open - the "someone" is the name stored in the Office 2007 User Name registry key, which, because of
the error in the image, is always the same, so is useless information.

The problem we're having is trying to set this registry value in the Default User's Profile via a
program - e.g. a startup "script" set via GPO after the computer is joined to the domain, but before
anyone logs on with their normal domain user account. If we can't do it with anything in the .Net
framework, we'll have to use something else.

I've been experimenting with a VB 6 program, but the LoadRegKeyA function
(http://msdn.microsoft.com/en-us/library/ms724889(VS.85).aspx) to load the hive is failing - it is
giving a return code (decimal) of 1314 and the hive does not get loaded. I'm running the
application while logged on with a user account that is a member of the local Adminstrators group.
The problem happens in the VB IDE and when the exe is launched from a Command Prompt. According to
http://msdn.microsoft.com/en-us/library/ms681385(VS.85).aspx return code 1314 means "A required
privilege is not held by the client.". Since the code runs in the context of a member of the local
Administrators group, I'm not sure what "privilege" is "not held" or how to go about getting it!

If I run regedit interactively (same logged on administrative user account) I can load the Default
User's hive, change the value, then unload the default user's hive - so the user account, via
regedit, has the "required privilege". Then, when a user logs on for the first time and launches an
Office application, they get prompted to set their User Name correctly.

We are also pursuing other potential alternatives, such as using a logon script to check the value
in HKEY_CURRENT_USER and resetting it if it has the value we know is in the Default User's registry
hive.
 
Good morning Bruce and Jeroen,

Apart from Jeroen's great suggestions, I'd like to give some .NET sample
code for RegLoadKey and RegUnLoadKey so that it's easier to come by.

According to the MSDN article
http://msdn.microsoft.com/en-us/library/ms724889(VS.85).aspx, the calling
process of RegLoadKey must have the SE_RESTORE_NAME and SE_BACKUP_NAME
privileges on the computer in which the registry resides. Therefore, a
simple P/Invoke of RegLoadKey may still not work for lack of the proper
privileges, and an 1314 error (A required privilege is not held by the
client) will be returned even if you are an administrator of the computer
(Being an admin account doesn't necessarily mean that you have those
privileges).

There is a KB article that demonstrates how to set the privilege and load &
unload a user profile:
http://support.microsoft.com/kb/297060
However, its example code is in VB6.

The .NET sample code can be found at:
http://www.csharphelp.com/archives2/archive430.html
(see the code at the bottom of the page)
I have tested it, and it worked well in my Windows XP, and 2003 boxes.

If you are using Windows Vista, an additional manifest that forces the
application to run as Administrator will be necessary:
http://community.bartdesmet.net/blogs/bart/archive/2006/10/28/Windows-Vista-
_2D00_-Demand-UAC-elevation-for-an-application-by-adding-a-manifest-using-mt
.exe.aspx
(this long URL may be truncated by the newsgroup system. Please concat it
manually, thanks)

Please let me know if you have any other concerns, or need anything else.

Regards,
Jialiang Ge ([email protected], remove 'online.')
Microsoft Online Community Support

Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
(e-mail address removed).

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
 
Hello Bruce,

I see your message that follow ups with J. after I sent out mine. :-)

The 1314 error is due to the lack of some privileges: SE_RESTORE_NAME and
SE_BACKUP_NAME. Being an Administrator does not mean that we have these
privileges. Bruce. please try the example codes in my last reply, and let
me know whether it works for you now.

Regards,
Jialiang Ge ([email protected], remove 'online.')
Microsoft Online Community Support

=================================================
Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
(e-mail address removed).

This posting is provided "AS IS" with no warranties, and confers no rights.
=================================================
 
Hello Bruce,

I am writing to check the status of the issue on your side. Would you mind
letting me know the result of the suggestions? If you need further
assistance, feel free to let me know. I will be more than happy to be of
assistance.

Have a great day!

Regards,
Jialiang Ge ([email protected], remove 'online.')
Microsoft Online Community Support

=================================================
Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
(e-mail address removed).

This posting is provided "AS IS" with no warranties, and confers no rights.
=================================================
 
Thanks, Jialiang - I'll look at the references you provided earlier - I got diverted other work, but
I'll try to spend a bit of time on this in the next few days.
 
Back
Top