Jump to content

Recommended Posts

hey engine,

just wanted to thank you again for this awesome UDF. by any chance would you be able to incorporate HKCU_EXPORT ? I know it'd probably be different files that would be exported (one per every user profile - NTUSER.DAT) Perhaps the syntax would include a directory to specify where the exported files would go and each exported file would be reg1.reg, reg2.reg, or whatever.

what do you think?

Link to post
Share on other sites
  • Replies 61
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

SecurityEx.au3 Reg.au3 (Requires SecurityEx.au3 from above) Current functions: _RegLoadHive _RegRestoreHive _RegSaveHive _RegUnloadHive Features: These functions support remote computers. Notes:

Posted Images

Did anyone checked this in the meanwhile?

I have no succes in running that on a Windows 7 machine.

May not be related, but I'm trying to use:

_HKCU_Import(@TempDir & "\temp.reg", "testuser")

and it doesn't seem to work at all. I've tried on Vista x32 and 7 x32 to no avail.

I'm using AutoIt v. 3.3.6.1 -- Any ideas?

Link to post
Share on other sites
  • 1 month later...
  • 7 months later...

I believe I have found the solution to the Windows Vista and 7 problem with this UDF. The internal function, GetProfile, is the function causing all the problems. It is looking for the value DefaultUserProfile, under the registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList. This value does not exist on in Windows Vista or Windows 7, so the function will return 0 for the error. The error from that function will then stop the rest of the functions in the UDF because they all use it. In Windows Vista and 7, you can check for the value Default, but you have to do some additional steps to get a return value to work correctly with the UDF. The Default value returns "%SystemDrive%\Users\Default". This is not compatiable with the UDF, so I changed it to the string "Default". This seems to work with the functions in the UDF, and returns correct the correct path for the Default profile. To get the UDF to work with Window XP and up, I had to include more logic to get the GetProfile function to check for the correct values on an XP system and a Vista/7 system.

I also noticed the UDF was not getting local account profiles, when accessing from a remote computer. This was due to the internal function ProfileAdd using the function _Security__LookupAccountSid from the Security UDF. This function only has one parameter, for SID, so it would only get the domain accounts from the remote computer. I changed the DLL call to add a additional parameter for system. It now has the same parameters as _Security__LookupAccountName, and will get local accounts as well as domain accounts. I named the function _Security__LookupAccountSidEx and added it to the UDF.

I will be continuing to test it, and see if there are any problems. Here is my updated code for HKCUReg.au3

#include-once
#include <File.au3>
#include <Security.au3>
#include ".\Reg.au3"

; #INDEX# =======================================================================================================================================
; Title .........: HKCUReg
; AutoIt Version : 3.2.10++
; Language ......: English
; Description ...: Perform registry operations on 'HKCU' for a specific or all user accounts on a computer
; ===============================================================================================================================================

; #CURRENT# =====================================================================================================================================
;_HKCU_Delete
;_HKCU_EnumKey
;_HKCU_EnumVal
;_HKCU_Import
;_HKCU_Read
;_HKCU_Write
; ===============================================================================================================================================

; #INTERNAL_USE_ONLY#============================================================================================================================
;GetProfile
;ProfileAdd
;Split_sKey
;_Security__LookupAccountSidEx
; ===============================================================================================================================================

; #FUNCTION# ====================================================================================================================================
; Name...........: _HKCU_Delete
; Description ...: Deletes a key or value from the registry
; Syntax.........: _HKCU_Delete($sKey [, $sValue])
; Parameters ....: $sKey - see RegDelete function for details (no 'HKCU' required)
;                  $sValue - [optional] see RegDelete function for details
; Requirement(s).:
; Return values .: Returns an Array where:
;                  Column 0 - User account name
;                  Column 1 - RegDelete function return value
;                  Column 2 - RegDelete function @error macro
; Author ........: engine
; Modified.......:
; Remarks .......: It is possible to access remote registries by using $sKey in the form "\\\computername\keyname"
;                  It is possible to access a specific user account by using $sKey in the form "\\username\keyname"
;                  It is possible to access both a remote registry and a specific user account by using $sKey in the form
;                  "\\\computername\\username\keyname"
; Related .......:
; Link ..........;
; Examples ......;  _HKCU_Delete("Software\7-Zip", "Path")
;                   _HKCU_Delete("\\\computername\Software\7-Zip", "Path")
;                   _HKCU_Delete("\\username\Software\7-Zip", "Path")
;                   _HKCU_Delete("\\\computername\\username\Software\7-Zip", "Path")
; ===============================================================================================================================================

Func _HKCU_Delete($sKey, $sValue = Default)
    Local $asSplit = Split_sKey($sKey)
    Local $avProfile = GetProfile($asSplit[1], $asSplit[0])
    Local $avArray[$avProfile[0][0] + 1][3], $iLoaded, $iResult
    $avArray[0][0] = $avProfile[0][0]
    For $i = 1 To $avProfile[0][0]
        If $avProfile[$i][3] = 0 Then
            $iLoaded = _RegLoadHive($avProfile[$i][1] & "\NTUSER.DAT", $avProfile[$i][2])
        EndIf
        If $sValue = Default Then
            $iResult = RegDelete($avProfile[$i][2] & "\" & $asSplit[2])
        Else
            $iResult = RegDelete($avProfile[$i][2] & "\" & $asSplit[2], $sValue)
        EndIf
        $avArray[$i][0] = $avProfile[$i][0]
        $avArray[$i][1] = $iResult
        $avArray[$i][2] = @error
        If $iLoaded Then _RegUnloadHive($avProfile[$i][2])
    Next
    Return $avArray
EndFunc ;==> _HKCU_Delete

; #FUNCTION# ====================================================================================================================================
; Name...........: _HKCU_EnumKey
; Description ...: Reads the name of a subkey according to it's instance
; Syntax.........: _HKCU_EnumKey($sKey, $iInstance)
; Parameters ....: $sKey - see RegEnumKey function for details (no 'HKCU' required)
;                  $iInstance - see RegEnumKey function for details
; Requirement(s).:
; Return values .: Returns an Array where:
;                  Column 0 - User account name
;                  Column 1 - RegEnumKey function return value
;                  Column 2 - RegEnumKey function @error macro
; Author ........: engine
; Modified.......:
; Remarks .......: It is possible to access remote registries by using $sKey in the form "\\\computername\keyname"
;                  It is possible to access a specific user account by using $sKey in the form "\\username\keyname"
;                  It is possible to access both a remote registry and a specific user account by using $sKey in the form
;                  "\\\computername\\username\keyname"
; Related .......:
; Link ..........;
; Example .......;
;                  #include <Array.au3>
;                  #include "HKCUReg.au3"
;
;                  $sComputer = @ComputerName
;
;                  For $i = 1 To 100
;                       $b = _HKCU_EnumKey("\\\" & $sComputer & "\Software", $i)
;                       $iProd = 1
;                       For $j = 1 To $b[0][0]
;                           $iProd *= $b[$j][2]
;                       Next
;                       If $iProd <> 0 Then ExitLoop
;                       _ArrayDisplay($b, $i)
;                  Next
; ===============================================================================================================================================

Func _HKCU_EnumKey($sKey, $iInstance)
    Local $asSplit = Split_sKey($sKey)
    Local $avProfile = GetProfile($asSplit[1], $asSplit[0])
    Local $avArray[$avProfile[0][0] + 1][3], $iLoaded
    $avArray[0][0] = $avProfile[0][0]
    For $i = 1 To $avProfile[0][0]
        If $avProfile[$i][3] = 0 Then
            $iLoaded = _RegLoadHive($avProfile[$i][1] & "\NTUSER.DAT", $avProfile[$i][2])
        EndIf
        $avArray[$i][0] = $avProfile[$i][0]
        $avArray[$i][1] = RegEnumKey($avProfile[$i][2] & "\" & $asSplit[2], $iInstance)
        $avArray[$i][2] = @error
        If $iLoaded Then _RegUnloadHive($avProfile[$i][2])
    Next
    Return $avArray
EndFunc ;==> _HKCU_EnumKey

; #FUNCTION# ====================================================================================================================================
; Name...........: _HKCU_EnumVal
; Description ...: Reads the name of a value according to it's instance
; Syntax.........: _HKCU_EnumVal($sKey, $iInstance)
; Parameters ....: $sKey - see RegEnumVal function for details (no 'HKCU' required)
;                  $iInstance - see RegEnumVal function for details
; Requirement(s).:
; Return values .: Returns an Array where:
;                  Column 0 - User account name
;                  Column 1 - RegEnumVal function return value
;                  Column 2 - RegEnumVal function @error macro
;                  Column 3 - RegEnumVal function @extended macro
; Author ........: engine
; Modified.......:
; Remarks .......: It is possible to access remote registries by using $sKey in the form "\\\computername\keyname"
;                  It is possible to access a specific user account by using $sKey in the form "\\username\keyname"
;                  It is possible to access both a remote registry and a specific user account by using $sKey in the form
;                  "\\\computername\\username\keyname"
; Related .......:
; Link ..........;
; Example .......;
;                  #include <Array.au3>
;                  #include "HKCUReg.au3"
;
;                  $sComputer = @ComputerName
;
;                  For $i = 1 To 100
;                       $b = _HKCU_EnumVal("\\\" & $sComputer & "\Software\AutoIt v3\Aut2Exe", $i)
;                       $iProd = 1
;                       For $j = 1 To $b[0][0]
;                           $iProd *= $b[$j][2]
;                       Next
;                       If $iProd <> 0 Then ExitLoop
;                       _ArrayDisplay($b, $i)
;                  Next
; ===============================================================================================================================================

Func _HKCU_EnumVal($sKey, $iInstance)
    Local $asSplit = Split_sKey($sKey)
    Local $avProfile = GetProfile($asSplit[1], $asSplit[0])
    Local $avArray[$avProfile[0][0] + 1][4], $iLoaded
    $avArray[0][0] = $avProfile[0][0]
    For $i = 1 To $avProfile[0][0]
        If $avProfile[$i][3] = 0 Then
            $iLoaded = _RegLoadHive($avProfile[$i][1] & "\NTUSER.DAT", $avProfile[$i][2])
        EndIf
        $avArray[$i][0] = $avProfile[$i][0]
        $avArray[$i][1] = RegEnumVal($avProfile[$i][2] & "\" & $asSplit[2], $iInstance)
        $avArray[$i][2] = @error
        $avArray[$i][3] = @extended
        If $iLoaded Then _RegUnloadHive($avProfile[$i][2])
    Next
    Return $avArray
EndFunc ;==> _HKCU_EnumVal

; #FUNCTION# ====================================================================================================================================
; Name...........: _HKCU_Import
; Description ...: Imports a previously exported reg file to the registry
; Syntax.........: _HKCU_Import($sReg [, $sName])
; Parameters ....: $sReg - Path and filename of the file to be imported, file extension (.reg)
;                  $sName - User account name, defaults to all users
; Requirement(s).: Registry Console Tool
; Return values .: Returns an Array where:
;                  Column 0 - User account name
;                  Column 1 - Return value:
;                           1 - Success
;                           0 - Failure
;                  Column 2 - @error macro:
;                           1 - Failure
;                           0 - Success
; Author ........: engine
; Modified.......:
; Remarks .......: This function doesn't support remote computers
; Related .......:
; Link ..........;
; Examples ......;  _HKCU_Import("ffdshow.reg")
;                   _HKCU_Import("ffdshow.reg", "Guest")
; ===============================================================================================================================================

Func _HKCU_Import($sReg, $sName = "")
    Local $avProfile = GetProfile($sName)
    Local $avArray[$avProfile[0][0] + 1][3], $iLoaded, $avReg, $sReplace, $sTempReg, $iResult
    $avArray[0][0] = $avProfile[0][0]
    For $i = 1 To $avProfile[0][0]
        If $avProfile[$i][3] = 0 Then
            $iLoaded = _RegLoadHive($avProfile[$i][1] & "\NTUSER.DAT", $avProfile[$i][2])
        EndIf
        _FileReadToArray($sReg, $avReg)
        $sReplace = StringReplace($avProfile[$i][2], "\\" & @ComputerName & "\", "")
        For $k = 1 To $avReg[0]
            $avReg[$k] = StringReplace($avReg[$k], "HKEY_CURRENT_USER", $sReplace)
        Next
        $sTempReg = _TempFile(@UserProfileDir, "~", ".reg")
        _FileWriteFromArray($sTempReg, $avReg, 1)
        $iResult = RunWait('reg import "' & $sTempReg & '"', "", @SW_HIDE)
        $avArray[$i][0] = $avProfile[$i][0]
        $avArray[$i][1] = 1 - $iResult - @error
        $avArray[$i][2] = @error
        FileDelete($sTempReg)
        If $iLoaded Then _RegUnloadHive($avProfile[$i][2])
    Next
    Return $avArray
EndFunc ;==> _HKCU_Import

; #FUNCTION# ====================================================================================================================================
; Name...........: _HKCU_Read
; Description ...: Reads a value from the registry
; Syntax.........: _HKCU_Read($sKey, $sValue)
; Parameters ....: $sKey - see RegRead function for details (no 'HKCU' required)
;                  $sValue - see RegRead function for details
; Requirement(s).:
; Return values .: Returns an Array where:
;                  Column 0 - User account name
;                  Column 1 - RegRead function return value
;                  Column 2 - RegRead function @error macro
;                  Column 3 - RegRead function @extended macro
; Author ........: engine
; Modified.......:
; Remarks .......: It is possible to access remote registries by using $sKey in the form "\\\computername\keyname"
;                  It is possible to access a specific user account by using $sKey in the form "\\username\keyname"
;                  It is possible to access both a remote registry and a specific user account by using $sKey in the form
;                  "\\\computername\\username\keyname"
; Related .......:
; Link ..........;
; Examples ......;  _HKCU_Read("Software\7-Zip", "Path")
;                   _HKCU_Read("\\\computername\Software\7-Zip", "Path")
;                   _HKCU_Read("\\username\Software\7-Zip", "Path")
;                   _HKCU_Read("\\\computername\\username\Software\7-Zip", "Path")
; ===============================================================================================================================================

Func _HKCU_Read($sKey, $sValue)
    Local $asSplit = Split_sKey($sKey)
    Local $avProfile = GetProfile($asSplit[1], $asSplit[0])
    Local $avArray[$avProfile[0][0] + 1][4], $iLoaded
    $avArray[0][0] = $avProfile[0][0]
    For $i = 1 To $avProfile[0][0]
        If $avProfile[$i][3] = 0 Then
            $iLoaded = _RegLoadHive($avProfile[$i][1] & "\NTUSER.DAT", $avProfile[$i][2])
        EndIf
        $avArray[$i][0] = $avProfile[$i][0]
        $avArray[$i][1] = RegRead($avProfile[$i][2] & "\" & $asSplit[2], $sValue)
        $avArray[$i][2] = @error
        $avArray[$i][3] = @extended
        If $iLoaded Then _RegUnloadHive($avProfile[$i][2])
    Next
    Return $avArray
EndFunc ;==> _HKCU_Read

; #FUNCTION# ====================================================================================================================================
; Name...........: _HKCU_Write
; Description ...: Creates a key or value in the registry
; Syntax.........: _HKCU_Write($sKey [, $sValue, $sType, $vData])
; Parameters ....: $sKey - see RegWrite function for details (no 'HKCU' required)
;                  $sValue - [optional] see RegWrite function for details
;                  $sType - [optional] see RegWrite function for details
;                  $vData - [optional] see RegWrite function for details
; Requirement(s).:
; Return values .: Returns an array where:
;                  Column 0 - User account name
;                  Column 1 - RegWrite function return value
;                  Column 2 - RegWrite function @error macro
; Author ........: engine
; Modified.......:
; Remarks .......: It is possible to access remote registries by using $sKey in the form "\\\computername\keyname"
;                  It is possible to access a specific user account by using $sKey in the form "\\username\keyname"
;                  It is possible to access both a remote registry and a specific user account by using $sKey in the form
;                  "\\\computername\\username\keyname"
; Related .......:
; Link ..........;
; Examples ......;  _HKCU_Write("Software\7-Zip", "Path", "REG_SZ", @ProgramFilesDir & "\7-Zip")
;                   _HKCU_Write("\\\computername\Software\7-Zip", "Path", "REG_SZ", @ProgramFilesDir & "\7-Zip")
;                   _HKCU_Write("\\username\Software\7-Zip", "Path", "REG_SZ", @ProgramFilesDir & "\7-Zip")
;                   _HKCU_Write("\\\computername\\username\Software\7-Zip", "Path", "REG_SZ", @ProgramFilesDir & "\7-Zip")
; ===============================================================================================================================================

Func _HKCU_Write($sKey, $sValue = "", $sType = "REG_SZ", $vData = "")
    Local $asSplit = Split_sKey($sKey)
    Local $avProfile = GetProfile($asSplit[1], $asSplit[0])
    Local $avArray[$avProfile[0][0] + 1][3], $iLoaded
    $avArray[0][0] = $avProfile[0][0]
    For $i = 1 To $avProfile[0][0]
        If $avProfile[$i][3] = 0 Then
            $iLoaded = _RegLoadHive($avProfile[$i][1] & "\NTUSER.DAT", $avProfile[$i][2])
        EndIf
        $avArray[$i][0] = $avProfile[$i][0]
        $avArray[$i][1] = RegWrite($avProfile[$i][2] & "\" & $asSplit[2], $sValue, $sType, $vData)
        $avArray[$i][2] = @error
        If $iLoaded Then _RegUnloadHive($avProfile[$i][2])
    Next
    Return $avArray
EndFunc ;==> _HKCU_Write

; #INTERNAL_USE_ONLY#============================================================================================================================
; Name...........: GetProfile
; Description ...: Determine each user's Profile folder, the user's SID and if the profile is loaded to the registry
; Syntax.........: GetProfile([$sAccount, $sComputer])
; Parameters ....: $sAccount - User account name, defaults to all users
;                  $sComputer - Computer name, the local computer is default
; Requirement(s).: Service 'RemoteRegistry' running on the target computer
;                  When the target computer is the local computer, the 'RemoteRegistry' service isn't required
; Return values .: An array containing the path to each user's profile folder, the user's SID
;                  The array returned is two-dimensional and is made up as follows:
;                  $array[0][0] = Number of profiles
;                  $array[1][0] = 1st user name
;                  $array[1][1] = Path to 1st user profile
;                  $array[1][2] = 1st user registry hive
;                  $array[1][3] = 1 if 1st user profile is loaded to the registry, 0 if not
;                  $array[2][0] = 2nd user name
;                  $array[2][1] = Path to 2nd user profile
;                  $array[2][2] = 2nd user registry hive
;                  $array[2][3] = 1 if 2nd user profile is loaded to the registry, 0 if not
;                  ...
;                  $array[n][0] = nth user name
;                  $array[n][1] = Path to nth user profile
;                  $array[n][2] = nth user registry hive
;                  $array[n][3] = 1 if nth user profile is loaded to the registry, 0 if not
; Author ........: engine
; Modified.......: AdamUL
; Remarks .......: For internal use only
; Related .......:
; Link ..........;
; Example .......; GetProfile("Default User") to get Default User's profile data on the local computer
; ===============================================================================================================================================

Func GetProfile($sAccount = "", $sComputer = @ComputerName)
    Local $avArray[1][4], $sEnv
    Local Const $sProfileListKey = "\\" & $sComputer & "\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList"
    Local Const $sRootKey = "\\" & $sComputer & "\HKEY_USERS\"
;~  Local Const $sDefaultUser = RegRead($sProfileListKey, "DefaultUserProfile") ;Original Code.
;~  If @error Then ;Original Code.
    Local Const $sDefaultUser1 = RegRead($sProfileListKey, "DefaultUserProfile")
    $iDefaultUser1Error = @error
    Local Const $sDefaultUser2 = RegRead($sProfileListKey, "Default")
    $iDefaultUser2Error = @error
    If $iDefaultUser1Error And $iDefaultUser2Error Then
        $avArray[0][0] = 0
        Return $avArray
    EndIf
    If $iDefaultUser1Error Then
        $sDefaultUser = "Default"
    Else
        $sDefaultUser = $sDefaultUser1
    EndIf

    If $sAccount = "" Or $sAccount = $sDefaultUser Then
        Local $iInstance, $sSID
        While 1
            $iInstance += 1
            $sSID = RegEnumKey($sProfileListKey, $iInstance)
            If @error Then ExitLoop
;~          If StringLen($sSID) > 8 Then ProfileAdd($avArray, $sSID, $sProfileListKey, $sRootKey) ;Original Code.
            If StringLen($sSID) > 8 Then ProfileAdd($avArray, $sSID, $sComputer, $sProfileListKey, $sRootKey)
        WEnd
        Local $u = UBound($avArray), $iSum
        For $k = 1 To $u - 1
            $iSum += $avArray[$k][3]
        Next
        ReDim $avArray[$u + 1][4]
        $avArray[$u][0] = $sDefaultUser
        $avArray[$u][1] = RegRead($sProfileListKey, "ProfilesDirectory") & "\" & $sDefaultUser
        If $iSum = 0 Then
            $avArray[$u][2] = "\\" & $sComputer & "\HKEY_CURRENT_USER"
            $avArray[$u][3] = 1
        Else
            Local $sDSID, $avDU
            Do
                $sDSID = "S-1-5-21-" & Random(1E+8, 999999999, 1) & "-" & Random(1E+9, 9999999999, 1) & "-" & Random(1E+8, 999999999, 1) & "-" & Random(1E+3, 9999, 1)
;~              $avDU = _Security__LookupAccountSid($sDSID) ;Original Code.
                $avDU = _Security__LookupAccountSidEx($sDSID, $sComputer)
            Until $avDU = 0
            $avArray[$u][2] = $sRootKey & $sDSID
            $avArray[$u][3] = 0
        EndIf
        If $sAccount = $sDefaultUser Then
            Local $avNew[2][4] = [["", "", "", ""], [$avArray[$u][0], $avArray[$u][1], $avArray[$u][2], $avArray[$u][3]]]
            $avArray = $avNew
        EndIf
    Else
        Local $avSID = _Security__LookupAccountName($sAccount, $sComputer)
;~      ProfileAdd($avArray, $avSID[0], $sProfileListKey, $sRootKey) ;Original Code.
        ProfileAdd($avArray, $avSID[0], $sComputer, $sProfileListKey, $sRootKey)
    EndIf
    $avArray[0][0] = UBound($avArray) - 1
    For $j = 1 To $avArray[0][0]
        $sEnv = StringRegExp($avArray[$j][1], "\x25\S{1,128}\x25", 1)
        If Not @error Then $avArray[$j][1] = StringReplace( $avArray[$j][1], $sEnv[0], EnvGet( StringReplace($sEnv[0], "%", "") ) )
    Next
    Return $avArray
EndFunc ;==> GetProfile

; #INTERNAL_USE_ONLY#============================================================================================================================
; Name...........: ProfileAdd
; Description ...: Add profile data to an array that will be returned by GetProfile function
; Syntax.........: ProfileAdd($avArray, $sSID, $sProfileListKey, $sRootKey)
; Parameters ....: $avArray - Array
;                  $sSID - Account SID
;                  $sProfileListKey - Constant defined inside GetProfile function
;                  $sRootKey - Constant defined inside GetProfile function
; Requirement(s).:
; Return values .:
; Author ........: engine
; Modified.......: AdamUL
; Remarks .......: For internal use only
; Related .......:
; Link ..........;
; Example .......;
; ===============================================================================================================================================

Func ProfileAdd(ByRef $avArray, $sSID, $sComputer, Const $sProfileListKey, Const $sRootKey)
;~ Func ProfileAdd(ByRef $avArray, $sSID, Const $sProfileListKey, Const $sRootKey)  ;Original Code.
    Local $sPath, $i
;~  Local $avUser = _Security__LookupAccountSid($sSID) ;Original Code.
    Local $avUser = _Security__LookupAccountSidEx($sSID, $sComputer)
    If Not @error And $avUser <> 0 Then
        If $avUser[2] = 1 Then
            $sPath = RegRead($sProfileListKey & "\" & $sSID, "ProfileImagePath")
            If Not @error Then
                $i = UBound($avArray)
                ReDim $avArray[$i + 1][4]
                $avArray[$i][0] = $avUser[0]
                $avArray[$i][1] = $sPath
                $avArray[$i][2] = $sRootKey & $sSID
                RegEnumKey($sRootKey & $sSID, 1)
                If @error Then
                    $avArray[$i][3] = 0
                Else
                    $avArray[$i][3] = 1
                EndIf
            EndIf
        EndIf
    EndIf
EndFunc ;==> ProfileAdd

; #INTERNAL_USE_ONLY#============================================================================================================================
; Name...........: Split_sKey
; Description ...: Splits $sKey between computername, username and keyname
; Syntax.........: Split_sKey($sKey)
; Parameters ....: $sKey - Reg function main key
; Requirement(s).:
; Return values .:
; Author ........: engine
; Modified.......:
; Remarks .......: For internal use only
; Related .......:
; Link ..........;
; Example .......;
; ===============================================================================================================================================

Func Split_sKey($sKey)
    Local $asArray[3]
    If StringInStr($sKey, "\\\") = 1 Then
        Local $asComputer = StringRegExp($sKey, "\\\\\\[^\\]*\\", 1)
        If Not @error Then
            $asArray[0] = StringTrimRight( StringTrimLeft($asComputer[0], 3), 1 )
            $sKey = StringReplace($sKey, $asComputer[0], "\", 1)
            If Not StringInStr($sKey, "\\") = 1 Then $sKey = StringTrimLeft($sKey, 1)
        EndIf
    EndIf
    If $asArray[0] = "" Then $asArray[0] = @ComputerName
    If StringInStr($sKey, "\\") = 1 And Not StringInStr($sKey, "\\\") = 1 Then
        Local $asUser = StringRegExp($sKey, "\\\\[^\\]*\\", 1)
        If Not @error Then
            $asArray[1] = StringTrimRight( StringTrimLeft($asUser[0], 2), 1 )
            $sKey = StringReplace($sKey, $asUser[0], "", 1)
        EndIf
    EndIf
    If Not ( StringInStr($sKey, "\") = 1 Or StringInStr($sKey, "\", 0, -1) = StringLen($sKey) Or StringInStr($sKey, "\\") ) Then
        $asArray[2] = $sKey
    EndIf
    Return $asArray
EndFunc ;==> Split_sKey

; #INTERNAL_USE_ONLY# ====================================================================================================================
; Name...........: _Security__LookupAccountSidEx
; Description ...: Retrieves the name of the account for a SID
; Syntax.........: _Security__LookupAccountSidEx($vSID,[, $sSystem = ""])
; Parameters ....: $vSID        - Either a binary SID or a string SID
;                  $sSystem     - Name of the system. This string can be the name of a remote computer.  If this string is blank,
;                  +the account name translation begins on the local system.  If the name cannot be resolved on the local system,
;                  +this function will try to resolve the name using domain controllers trusted by the local system.
; Return values .: Success      - Array with the following format:
;                  |$aAcct[0] - Account name
;                  |$aAcct[1] - Domain name
;                  |$aAcct[2] - SID type, which can be one of the following values:
;                  | 1 - Indicates a user SID
;                  | 2 - Indicates a group SID
;                  | 3 - Indicates a domain SID
;                  | 4 - Indicates an alias SID
;                  | 5 - Indicates a SID for a well-known group
;                  | 6 - Indicates a SID for a deleted account
;                  | 7 - Indicates an invalid SID
;                  | 8 - Indicates an unknown SID type
;                  | 9 - Indicates a SID for a computer
;                  Failure      - 0
; Author ........: Paul Campbell (PaulIA)
; Modified.......: Adam Lawrence (AdamUL)
; Remarks .......:
; Related .......: _Security__LookupAccountName, _Security__GetAccountSid
; Link ..........: @@MsdnLink@@ LookupAccountSid
; Example .......:
; ===============================================================================================================================
Func _Security__LookupAccountSidEx($vSID, $sSystem = "")
    Local $pSID, $aAcct[3]

    If IsString($vSID) Then
        Local $tSID = _Security__StringSidToSid($vSID)
        $pSID = DllStructGetPtr($tSID)
    Else
        $pSID = $vSID
    EndIf
    If Not _Security__IsValidSid($pSID) Then Return SetError(-1, 0, 0)

;~  Local $aResult = DllCall("advapi32.dll", "bool", "LookupAccountSidW", "ptr", 0, "ptr", $pSID, "wstr", "", "dword*", 256, "wstr", "", "dword*", 256, "int*", 0) ;Original DLL call.
    Local $aResult = DllCall("advapi32.dll", "bool", "LookupAccountSidW", "wstr", $sSystem, "ptr", $pSID, "wstr", "", "dword*", 256, "wstr", "", "dword*", 256, "int*", 0) ;Added $sSystem parameter and change to type "wstr".
    If @error Then Return SetError(@error, @extended, 0)
    If Not $aResult[0] Then Return 0

    Local $aAcct[3]
    $aAcct[0] = $aResult[3]     ; Name
    $aAcct[1] = $aResult[5]     ; Domain
    $aAcct[2] = $aResult[7]     ; SNU
    Return $aAcct
EndFunc   ;==>_Security__LookupAccountSidEx

I welcome more people to test it.

Adam

Link to post
Share on other sites

Found a small bug during testing. Please change line 435 in HKCUReg.au3 in the ProfileAdd function from

Local $asSplit = Split_sKey($sProfileListKey)

to

Local $asSplit = Split_sKey("\" & $sProfileListKey)

This will correct an issue with getting local accounts on a remote computer, and allow the Split_sKey function to parse the string as designed.

Adam

Link to post
Share on other sites

May not be related, but I'm trying to use:

_HKCU_Import(@TempDir & "\temp.reg", "testuser")

and it doesn't seem to work at all. I've tried on Vista x32 and 7 x32 to no avail.

I'm using AutoIt v. 3.3.6.1 -- Any ideas?

If there is no "reg.exe" file (Registry Console Tool) in Windows Vista or 7, it won't work. You could try running the Windows XP 32 bit version under Vista or 7.

My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Link to post
Share on other sites

There is a reg.exe in Vista and Windows 7, 32-bit and 64-bit. There could be a few issues causing the problem.

  • Does the account running the script have permissions to write to were the reg file is being imported to?
  • At the top of the reg file that is trying to be imported, does it say the following "Windows Registry Editor Version 5.00"? I have seen were this can be an issue on Vista and 7.

Adam

Link to post
Share on other sites
  • 5 months later...

hi engine..

i changed line 405

ProfileAdd($avArray, $avSID[0], $sProfileListKey, $sRootKey)

to this line

If IsArray($avSID) Then ProfileAdd($avArray, $avSID[0], $sProfileListKey, $sRootKey)

was getting an array error.

thanks for the great UDF!

Link to post
Share on other sites
  • 6 months later...
  • 1 year later...

There is a bug on this section

Func applyeula()
    
    $KEY_READ = 0x20019
    $KEY_WRITE = 0x20006
    
    Global Const $SE_RESTORE_NAME = "SeRestorePrivilege"
    Global Const $SE_PRIVILEGE_ENABLED = 0x00000002
    Global Const $SE_BACKUP_NAME = "SeBackupPrivilege"
    
    Global Const $TOKEN_QUERY               = 0x00000008
    Global Const $TOKEN_ADJUST_PRIVILEGES   = 0x00000020
    
    ; Detect OS version
    If @OSVersion == "WIN_8" Or @OSVersion == "WIN_7" Or @OSVersion == "WIN_VISTA" Or @OSVersion = "WIN_2008" Then
        $OS = 'NT6'
    ElseIf @OSVersion == "WIN_XP" Then
        $OS = 'NT5'
    Else
        MsgBox(48, "Error", "Wrong OS version")
        Exit
    EndIf
    
    ; UDFs from here - http://www.autoitscript.com/forum/topic/75250-registry-udfs/page__p__545798#entry545798
    Local $aUserList[10][10], $UserList[10], $x = 0
    If $OS = 'NT5' Then
        $UserList = _FileListToArray(@HomeDrive & "\Documents and Settings", "*", 2)
        ;_ArrayDisplay($UserList)
        For $i = 1 To $UserList[0]
            Select
                Case $UserList[$i] = "All Users"
                Case $UserList[$i] = "NetworkService"
                Case $UserList[$i] = "LocalService"
                Case Else
                    $aUserList[$x][0] = @HomeDrive & "\Documents and Settings"
                    $aUserList[$x][1] = $UserList[$i]
                    $x += 1
                    If $x >= UBound($aUserList) Then
                        ReDim $aUserList[UBound($aUserList) + 10]
                    EndIf
            EndSelect
        Next
    ElseIf $OS = 'NT6' Then
        $UserList = _FileListToArray(@HomeDrive & "\Users", "*", 2)
        For $i = 1 To $UserList[0]
            Select
                Case $UserList[$i] = "All Users"
                Case $UserList[$i] = "Default"
                Case $UserList[$i] = "Public"
                Case Else
                    $aUserList[$x][0] = @HomeDrive & "\Users"
                    $aUserList[$x][1] = $UserList[$i]
                    $x += 1
                    If $x >= UBound($aUserList) Then
                        ReDim $aUserList[UBound($aUserList) + 10]
                    EndIf
            EndSelect
        Next
    EndIf
    ;_ArrayDisplay($aUserList)
    If Not $x = 0 Then 
        ReDim $aUserList[$x][2]
        ;_ArrayDisplay($aUserList)
    Else
        MsgBox(48, "Error", "No valid users found to apply reg changes to",30)
        Return
    EndIf
    
    For $i = 0 To UBound($aUserList) - 1
        $regpath = $aUserList[$i][0] & '\' & $aUserList[$i][1] & '\NTUSER.DAT'
;~      ConsoleWrite($aUserList[$i][1] & ' = ' & @UserName & @CRLF)
        
        If $aUserList[$i][1] = @UserName Then
            RegWrite("HKCU\Software\Adobe\CommonFiles\Usage\Demographic", "CompanySize", "REG_SZ", "NOVALUE")
            RegWrite("HKCU\Software\Adobe\CommonFiles\Usage\Demographic", "Industry", "REG_SZ", "NOVALUE")
            RegWrite("HKCU\Software\Adobe\CommonFiles\Usage\Demographic", "JobFunction", "REG_SZ", "NOVALUE")
            RegWrite("HKCU\Software\Adobe\CommonFiles\Usage\Reader 10", "OptIn", "REG_DWORD", "0")

            RegWrite('HKCU\Software\Adobe\Acrobat Reader\10.0\AdobeViewer', 'TrustedMode', 'Reg_Dword', '0x00000000')
            RegWrite('HKCU\Software\Adobe\Acrobat Reader\10.0\AdobeViewer', 'EULA', 'Reg_Dword', '0x00000001')
            RegWrite('HKCU\Software\Adobe\Acrobat Reader\10.0\AdobeViewer', 'Launched', 'Reg_Dword', '0x00000001')

            RegWrite('HKCU\Software\Adobe\Acrobat Reader\10.0\AdobeViewer', 'EULA', 'REG_DWORD',1) ;Accept eula

        Else
;~          ConsoleWrite($regpath & @CRLF)
            _RegLoadHive($regpath, "HKU\ZZZ")
            RegWrite("HKU\ZZZ\Software\Adobe\CommonFiles\Usage\Demographic", "CompanySize", "REG_SZ", "NOVALUE")
            RegWrite("HKU\ZZZ\Software\Adobe\CommonFiles\Usage\Demographic", "Industry", "REG_SZ", "NOVALUE")
            RegWrite("HKU\ZZZ\Software\Adobe\CommonFiles\Usage\Demographic", "JobFunction", "REG_SZ", "NOVALUE")
            RegWrite("HKU\ZZZ\Software\Adobe\CommonFiles\Usage\Reader 10", "OptIn", "REG_DWORD", "0")

            RegWrite('HKU\ZZZ\Software\Adobe\Acrobat Reader\10.0\AdobeViewer', 'TrustedMode', 'Reg_Dword', '0x00000000')
            RegWrite('HKU\ZZZ\Software\Adobe\Acrobat Reader\10.0\AdobeViewer', 'EULA', 'Reg_Dword', '0x00000001')
            RegWrite('HKU\ZZZ\Software\Adobe\Acrobat Reader\10.0\AdobeViewer', 'Launched', 'Reg_Dword', '0x00000001')

            RegWrite('HKU\ZZZ\Software\Adobe\Acrobat Reader\10.0\AdobeViewer', 'EULA', 'REG_DWORD',1) ;Accept eula
            _RegUnloadHive("HKU\ZZZ")
        EndIf
    Next
EndFunc

It should look like

Func applyeula()
    
    $KEY_READ = 0x20019
    $KEY_WRITE = 0x20006
    
    Global Const $SE_RESTORE_NAME = "SeRestorePrivilege"
    Global Const $SE_PRIVILEGE_ENABLED = 0x00000002
    Global Const $SE_BACKUP_NAME = "SeBackupPrivilege"
    
    Global Const $TOKEN_QUERY               = 0x00000008
    Global Const $TOKEN_ADJUST_PRIVILEGES   = 0x00000020
    
    ; Detect OS version and profile folders
    $sDisk = EnvGet('systemdrive') ;Drive letter
    If @OSVersion == 'WIN_8' Or @OSVersion == 'WIN_7' Or @OSVersion == 'WIN_VISTA' Or @OSVersion = 'WIN_2008' Then
        $OS = 'NT6'
        $profiledir = $sDisk & '\Users'
    ElseIf @OSVersion == 'WIN_XP' Then
        $OS = 'NT5'
        $profiledir = $sDisk & '\Documents and Settings'
    Else
        MsgBox(48, 'Error', 'Wrong OS version')
        Exit
    EndIf
    
    ; Set the user profile folders as $auserprofilefolders[] array
    Global $auserprofilefolders[1]
    $x = 0
    $userprofilefolders = _FileListToArray($profiledir, '*', 2)
    For $i = 1 To $userprofilefolders[0]
        Select
            Case $userprofilefolders[$i] = "All Users"
            Case $userprofilefolders[$i] = "LocalService"
            Case $userprofilefolders[$i] = "NetworkService"
            Case $userprofilefolders[$i] = "Public"
            Case Else
                $auserprofilefolders[$x] = $userprofilefolders[$i]
                $x += 1
                If $x >= UBound($auserprofilefolders) Then
                    ReDim $auserprofilefolders[UBound($auserprofilefolders) + $x  + 1]
                EndIf
        EndSelect
    Next

    ReDim $auserprofilefolders[$x]
    ;~ _ArrayDisplay($auserprofilefolders)
    
    For $i = 0 To UBound($auserprofilefolders) - 1
        $regpath = $profiledir & '\' & $auserprofilefolders[$i] & '\NTUSER.DAT'
        
        If $auserprofilefolders[$i] = @UserName Then
            RegWrite("HKCU\Software\Adobe\CommonFiles\Usage\Demographic", "CompanySize", "REG_SZ", "NOVALUE")
            RegWrite("HKCU\Software\Adobe\CommonFiles\Usage\Demographic", "Industry", "REG_SZ", "NOVALUE")
            RegWrite("HKCU\Software\Adobe\CommonFiles\Usage\Demographic", "JobFunction", "REG_SZ", "NOVALUE")
            RegWrite("HKCU\Software\Adobe\CommonFiles\Usage\Reader 11", "OptIn", "REG_DWORD", "0")

            RegWrite('HKCU\Software\Adobe\Acrobat Reader\11.0\AdobeViewer', 'TrustedMode', 'Reg_Dword', '0x00000000')
            RegWrite('HKCU\Software\Adobe\Acrobat Reader\11.0\AdobeViewer', 'EULA', 'Reg_Dword', '0x00000001')
            RegWrite('HKCU\Software\Adobe\Acrobat Reader\11.0\AdobeViewer', 'Launched', 'Reg_Dword', '0x00000001')

            RegWrite('HKCU\Software\Adobe\Acrobat Reader\11.0\AdobeViewer', 'EULA', 'REG_DWORD',1) ;Accept eula

        Else
;~          ConsoleWrite($regpath & @CRLF)
            _RegLoadHive($regpath, "HKU\ZZZ")
            RegWrite("HKU\ZZZ\Software\Adobe\CommonFiles\Usage\Demographic", "CompanySize", "REG_SZ", "NOVALUE")
            RegWrite("HKU\ZZZ\Software\Adobe\CommonFiles\Usage\Demographic", "Industry", "REG_SZ", "NOVALUE")
            RegWrite("HKU\ZZZ\Software\Adobe\CommonFiles\Usage\Demographic", "JobFunction", "REG_SZ", "NOVALUE")
            RegWrite("HKU\ZZZ\Software\Adobe\CommonFiles\Usage\Reader 11", "OptIn", "REG_DWORD", "0")

            RegWrite('HKU\ZZZ\Software\Adobe\Acrobat Reader\11.0\AdobeViewer', 'TrustedMode', 'Reg_Dword', '0x00000000')
            RegWrite('HKU\ZZZ\Software\Adobe\Acrobat Reader\11.0\AdobeViewer', 'EULA', 'Reg_Dword', '0x00000001')
            RegWrite('HKU\ZZZ\Software\Adobe\Acrobat Reader\11.0\AdobeViewer', 'Launched', 'Reg_Dword', '0x00000001')

            RegWrite('HKU\ZZZ\Software\Adobe\Acrobat Reader\11.0\AdobeViewer', 'EULA', 'REG_DWORD',1) ;Accept eula
            _RegUnloadHive("HKU\ZZZ")
        EndIf
    Next
EndFunc
Link to post
Share on other sites
  • Moderators

As the OP has not been active on this forum for over a year, I'm going to take a wild guess this will go unheeded...

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to post
Share on other sites
  • 5 years later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...