Jump to content
Sign in to follow this  
stephend

Regread not working from SCCM script running as current user

Recommended Posts

stephend

I hope this isn't too off topic, as there may be other SCCM users out there.  When running a script as the logged on user (not as System) Regread and Regwrite don't work.  I think this is because even though the script is running with only the user's rights it is still running to some extent in the System account - although a message box popped up from a script running in this way does show the correct username for @username.   What I don't understand is why running in the same way Reg.exe does work in reading and writing to the registry as the logged on user - although I find the syntax harder :-).  Does anyone understand why this is or have a workaround to get Regread etc working is this situation?

Many thanks as always,

Stephen

Share this post


Link to post
Share on other sites
stephend

Sorry I didn't make it clear that I'm trying to write to the HKCU hive, so rights aren't the issue.

Share this post


Link to post
Share on other sites
JLogan3o13

Please post your code, or a reproducer. Also, what OS, bitness, and error checking do you have in place? I use a lot of reg scripts through SCCM, but it is difficult to assist you when we cannot see what you're doing.


√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites
stephend

Hi,

I'm sorry if my question wasn't clear, here is an example of regwrite that fails

RegWrite("HKCU\Software\Microsoft\Office\14.0\Excel\Add-in Manager", "C:\Program Files (x86)\Datastream\Datastream Advance\AdvanceOffice.xlam", "Reg_Sz", "")

and here is one that succeeds

RunWait('REG ADD HKCU\Software\Microsoft\Office\15.0\Excel\Options /v ' & $searchvar & ' /t REG_SZ /d ' & '"' & '\"C:\Program Files (x86)\Microsoft Office\Office15\Library\directEDGARAddInV2.xlam\"' & '"',@TempDir,@sw_hide)

They are both running on a 64bit Windows 7 client both from the same SCCM 2007 installation, both as the same user but running with "user rights".  I can duplicate this at will, running the regwrite script directly rather than through SCCM does work.  My question is why Regwrite doesn't work in this situation but using Reg.exe does?

Thanks,

Stephen

Edited by stephend

Share this post


Link to post
Share on other sites
JLogan3o13

Have you put any error checking in place? Something like this?

RegWrite("HKCU\Software\Microsoft\Office\14.0\Excel\Add-in Manager", "C:\Program Files (x86)\Datastream\Datastream Advance\AdvanceOffice.xlam", "Reg_Sz", "")
    If @error Then FileWrite(@TempDir & "\error.txt", "Error: " & @error & "   Extended: " & @extended)

√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites
stephend

Thanks, JLogan, I'll investigate further,

Stephen

Share this post


Link to post
Share on other sites
stephend

Yes Jos, the script is compiled as x86.  It's very odd, it does sometimes work using Regread, Regwrite but I can't see any pattern.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Similar Content

    • nitron
      By nitron
      Hy to all, 
      I am really Sorry to come up with this question but i can't seem to solve the Problem.
      Its quite easy, I have been using RegNumKey for Years, but i seemed to lose track of something.
      For $ZaehlerLocal = 1 to 1200
            $RegKey = RegEnumKey("HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall", $ZaehlerLocal)
            If @error <> 0 then ExitLoop
            $RegKey2=RegRead("HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\"&$RegKey,"DisplayName")
            $RegKey3=RegRead("HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\"&$RegKey,"UninstallString")
            $RegKey4=RegRead("HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\"&$RegKey,"QuietUninstallString")

            if StringInStr($RegKey,"_Office15")==0 and StringInStr($RegKey2,"(German) 2013")==0 and StringInStr($RegKey,".KB")==0 and StringInStr($RegKey2,"Security update")==0 and StringInStr($RegKey2,"Framework")==0 Then
              FileWrite($FileHandleLocal,$RegKey&";")
              FileWrite($FileHandleLocal,$RegKey2&";")
              FileWrite($FileHandleLocal,$RegKey3&";")
              FileWriteline($FileHandleLocal,$RegKey4&";")
           EndIf
         Next
       
      Ive been using this to get all uninstall Strings from the Registry but for some reason, this doesn't work anymore. 
      I get some keys but not all, nore does it start with the first registry.
      As you can see in the picture, the Registry starts with {13DA9C7C-EBFB-40D0-94A1-55B42883DF21}
      but RegNumKey starts with Adressbook.
      Any Ideas what I am doing wrong? I tried HKLM64 instead as well, but with same result.
      Again sorry to bother, but i can't Find the mistake.
       

    • careca
      By careca
      Hello, this is a tool made to be used with regedit, it starts regedit when run, then saves a list of the paths in registry the user browsed, on double click in the "history" list, it jumps to that key, it has 2 methods of jump, one is through favorites, the other through "lastkey".
      In certain cases you can use the context menu "follow" in keys like
      HKEY_CLASSES_ROOT\.abc
      to jump to
      HKEY_CLASSES_ROOT\abcfile
      As an example.
      The other context menu is "Clear", and its obvious it clears the listview.
      Best regards.
    • Trolleule
      By Trolleule
      Hey,
      i'm building a "Jump To" registry key function and trying to get access to the regedit treeview control like this:
      #include <GUIConstants.au3> #include <GuiTreeView.au3> #include <TreeViewConstants.au3> #include <SendMessage.au3> #include <WinAPI.au3> Global $h_item ShellExecute("regedit.exe") ;~ Local $pid = ProcessExists("regedit.exe") ;~ If $pid Then ;~ $h_tree = WinHandFromPID($pid, "[CLASS:RegEdit_RegEdit]") ;~ WinActivate("[CLASS:RegEdit_RegEdit]", "") ;~ EndIf WinWaitActive("[CLASS:RegEdit_RegEdit]", "") ;~ WinActivate("[CLASS:RegEdit_RegEdit]", "") ;~ WinSetState("[CLASS:RegEdit_RegEdit]", "", @SW_SHOW) ; activate ;~ WinSetState("[CLASS:RegEdit_RegEdit]", "", @SW_RESTORE) ; activate ;~ WinSetState("[CLASS:RegEdit_RegEdit]", "", @SW_RESTORE) ; activate $h_tree = WinGetHandle("[CLASS:RegEdit_RegEdit]", "") ;~ $ret = _WinAPI_ShowWindow($h_tree, @SW_RESTORE) $ctrl = ControlGetHandle($h_tree, "", "[CLASS:SysTreeView32]") ConsoleWrite("$h_tree: " & $h_tree & @CRLF) ConsoleWrite("$ctrl: " & $ctrl & @CRLF) $show = GUICtrlCreateButton("Show", 70, 180, 70, 20) Show() ;~ While 1 ;~ Sleep(200) ;~ WEnd Func Show() $result = "" _SendMessage($ctrl, $WM_SETFOCUS, 0, 0) If @error Then ConsoleWrite("error" & @CRLF) $h_item = _SendMessage($ctrl, $TVM_GETNEXTITEM, $TVGN_ROOT, 0) $split = StringSplit("HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders", "\") For $i=1 To $split[0] ConsoleWrite("item bevor findkey: " & $h_item & @CRLF) $h_item = FindKey($h_item, $split[$i]) If $h_item = 0 Then Return _SendMessage($ctrl, $TVM_SELECTITEM, 0x0009, $h_item) ; expand tree _GUICtrlTreeView_Expand($ctrl, $h_item) Next MsgBox(0, "dsfsdf", "sdfsf") Exit EndFunc Func FindKey($hItemParent, $sKey) $h_item = _SendMessage($ctrl, $TVM_GETNEXTITEM, $TVGN_CHILD, $hItemParent) ConsoleWrite("child : " & $h_item & " key: " & $sKey & " parent: " & $hItemParent & " parent text: " & _GUICtrlTreeView_GetText($ctrl, $hItemParent) & @CRLF) While $h_item <> 0 Local $sItemText = _GUICtrlTreeView_GetText($ctrl, $h_item) ConsoleWrite("text : " & $sItemText & @CRLF) If $sItemText = $sKey Then Return $h_item $h_item = _SendMessage($ctrl, $TVM_GETNEXTITEM, $TVGN_NEXT, $h_item) ConsoleWrite("next : " & $h_item & @CRLF) WEnd ConsoleWrite("not found" & @CRLF) Return 0 EndFunc it's working, when i start regedit.exe within my app. But can't get it work when regedit.exe already open. Some ideas?
    • Wicked_Caty
      By Wicked_Caty
      I wanted to have a few lines that copy the whole registry into a file. I know that there is RegRead, but I don't want to type every single key into my code...
      Any way of doing this easily? Filetype doesn't matter, as long as it isn't encrypted. A batch or exe would be okay, if it's in the same location on every PC. Doing this without admin permissions would be awesome too
      Thanks
    • iamtheky
      By iamtheky
      *Requires that you are a client of SCCM in order for SMS_ to exist/populate
      This is an exercise in formatting data returned from CIM via powershell via Autoit.  Should get you the meat:  name, version, location, installdate, and uninstall string. 
      Short Version:  Grouped by Program
       
      #RequireAdmin #include<Array.au3> $iPid = run("powershell (Get-CimInstance -Namespace root\cimv2\sms -ClassName SMS_InstalledSoftware | fl ProductName,InstallDate,InstalledLocation,ProductVersion,UninstallString | out-string).trim()", "" , @SW_HIDE , 0x2) $sOutput = "" While ProcessExists($iPid) $sOutput &= StdoutRead($iPID) WEnd $aOutput = stringsplit($sOutput, @LF , 2) _ArrayDisplay($aOutput)  
      Long Version: Each Category in its own column, modular pieces.
       
      ;CIMClasses #include<Array.au3> #RequireAdmin $iPid = run("powershell Get-CimInstance -Namespace root\cimv2\sms -ClassName SMS_InstalledSoftware | select ProductName" , "" , @SW_HIDE , 0x2) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop EndIf WEnd $aProductName = stringsplit($sOutput , @CR , 2) ;;;;;------------------------------------------- $iPid = run("powershell Get-CimInstance -Namespace root\cimv2\sms -ClassName SMS_InstalledSoftware | select InstallDate" , "" , @SW_HIDE , 0x2) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop EndIf WEnd $aInstallDate = stringsplit($sOutput , @CR , 2) ;;;;;------------------------------------------- $iPid = run("powershell Get-CimInstance -Namespace root\cimv2\sms -ClassName SMS_InstalledSoftware | select InstalledLocation" , "" , @SW_HIDE , 0x2) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop EndIf WEnd $aInstalledLocation = stringsplit($sOutput , @CR , 2) ;;;;;------------------------------------------- $iPid = run("powershell Get-CimInstance -Namespace root\cimv2\sms -ClassName SMS_InstalledSoftware | select ProductVersion" , "" , @SW_HIDE , 0x2) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop EndIf WEnd $aProductVersion = stringsplit($sOutput , @CR , 2) ;;;;;------------------------------------------- $iPid = run("powershell Get-CimInstance -Namespace root\cimv2\sms -ClassName SMS_InstalledSoftware | select UninstallString" , "" , @SW_HIDE , 0x2) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop EndIf WEnd $aUninstallString = stringsplit($sOutput , @CR , 2) ;;;;;------------------------------------------- Local $aOut[ubound($aProductName)][5] For $i = 0 to ubound($aProductName) - 1 $aOut[$i][0] = $aProductName[$i] $aOut[$i][1] = $aInstallDate[$i] $aOut[$i][2] = $aInstalledLocation[$i] $aOut[$i][3] = $aProductVersion[$i] $aOut[$i][4] = $aUninstallString[$i] Next _ArrayDisplay($aOut , "SMS Installed Software")  
×