Vista Startup Script problem (loading registry hive issue)

  • Thread starter Thread starter ejmichaud
  • Start date Start date
E

ejmichaud

I have a VBS startup script that works fine with Win 2000, XP, 2003
but will not function properly on Vista. The startup script's purpose
is to load the registry hive of the Default User (Default for Vista)
profile, make a change and unload the hive. If I manually run the VBS
script on Vista it works fine, however when I run it as a startup
script it fails. Specifically the startup script is failing at
loading the default user profile hive.

Does anyone know what has changed in Windows Vista that prevents the
loading of a registry hive durring a startup script? I have tried
putting in a delay, however this didn't correct the issue. I am using
reg.exe to load the hive.

Anyone with any ideas?
 
After a lot of testing I was finally get a handle on what the problem
is but I don't know how to fix it. If I have the following (test)
script run as a startup script:reg load HKLM\Defuser C:\test
\ntuser.dat

When the startup script is processed it displays the message: Error:
A required privilege is not held by the client[/QUOTE]

As the script above shows I have created a C:\test folder and placed
the ntuser.dat file into that folder. I have given Everyone & System
full control of the folder. I have also given Everyone & System the
"Act as part of the operating system" privilege.

Does anyone have any ideas on what privilege and what account needs
the privilege to accomplish loading a registry hive from a startup
script on a Windows Vista computer?
 
There's a lot of info here that may help you work around the issue -

http://www.boot-land.net/forums/Running-regexe-or-WB-under-Vista-to-l...

Good luck.

James

I reviewed the information on the link above and found no useful
solution to this problem I have run into. I have tried this on
several Vista machines, all with exactly the same results.

Here is what I did in detail:
1) Install Vista (Windows Vista Business edition), computer added to
Domain
2) From Local group policy (gpedit.msc) set the startup script to run
the following code:
REG load HKU\DefUser C:\Users\Default\ntuser.dat
Pause
3) From Local group policy set "Computer Configuration\Administrative
Templates\System\Logon\Always wait for the network at computer startup
and logon" = Enabled
4) From Local group policy set "Computer Configuration\Administrative
Templates\System\Scripts\Run startup scripts asynchronously" =
Disabled
5) From Local group policy set "Computer Configuration\Administrative
Templates\System\Scripts\Run startup scripts visible" = Enabled
6) Reboot

On boot I see the following consistently on all VISTA computers I have
tested:
---- Start of output ----
C:\windows\system32\GroupPolicy\Machine\Scripts\Startup>reg load HKU
\DefUser C:\Users\Default\ntuser.dat
ERROR: A required privilege is not held by the client.

C:\windows\system32\GroupPolicy\Machine\Scripts\Startup>pause
Press any key to continue . . .
---- End of output ----

After logging in, if I run the same script (Run as Administrator) it
loads the hive as expected.

There seems to be some permission or privilege that the SYSTEM account
doesn't have that is required to load a registry hive with a startup
script on a VISTA machine.
 
Are you able to script 'run as' to run the command as an administrator and
review what error you receive? This will allow you to pass the username and
password of an account with higher access.

James
 
Turns out that the answer is SP1 for vista. After lots of testing I
found that without SP1 a registry hive can't be loaded from a startup
script. However, with SP1 installed, a startup script can load a
registry hive without any issues.

Happy registry hive loading
Eric Michaud
 
Back
Top