Jump to content
Sign in to follow this  

RegWrite + user permission ? runas ?

Recommended Posts


hi all,

I have a little script that need to be able to create/update a key in the Registry. in HKLM and/or HKCU sub-tree.

Problem : when i run my AutoIT EXE file in the user session, he isn't allowed to d othis.

is there a tip to do this using another DOMAIN user account in order to get access to these 2 registry keys ?



Edited by fgilain

Share this post

Link to post
Share on other sites

Windows XP SP3 OS, here is what i try to do (but doesn't works at all...):

deleting key :

RunAs($sUserName, $sDomainName, $sPassword, 0, @ComSpec & " /c " & "reg.exe delete HKLM\Software\Policies\Microsoft\Communicator\TabUrl /f", @SystemDir, @SW_HIDE)

RunAs($sUserName, $sDomainName, $sPassword, 0, @ComSpec & " /c " & "reg.exe delete HKCU\Software\Policies\Microsoft\Communicator\TabUrl /f", @SystemDir, @SW_HIDE)

adding key :


Case $User_Btn And BitAND(GUICtrlRead($User_Btn), $GUI_CHECKED) = $GUI_CHECKED

;$add_conf_tab = RegWrite("HKEY_CURRENT_USER\Software\Policies\Microsoft\Communicator", "TabUrl", "REG_SZ", GUICtrlRead($TabUrl))

RunAs($sUserName, $sDomainName, $sPassword, 0, @ComSpec & " /c " & "reg.exe add HKCU\Software\Policies\Microsoft\Communicator /v TabUrl /d " & $TabUrl & " /t REG_SZ /f", @SystemDir, @SW_HIDE)

Case $Machine_Btn And BitAND(GUICtrlRead($Machine_Btn), $GUI_CHECKED) = $GUI_CHECKED

;$add_conf_tab = RegWrite("HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Communicator", "TabUrl", "REG_SZ", GUICtrlRead($TabUrl))

RunAs($sUserName, $sDomainName, $sPassword, 0, @ComSpec & " /c " & "reg.exe add HKLM\Software\Policies\Microsoft\Communicator /v TabUrl /d " & $TabUrl & " /t REG_SZ /f", @SystemDir, @SW_HIDE)


Share this post

Link to post
Share on other sites


RunAs($sUserName, $sDomainName, $sPassword, 0, @ComSpec & " /c " & "reg.exe delete HKCU\Software\Policies\Microsoft\Communicator\TabUrl /f", @SystemDir, @SW_HIDE)

will delete and (later on) create the registry keys in the registry-path of the user that belongs to $sUserName. Your user that will logon to the machine won't ever get this registry key. Another hint: What will happen if someone else will logon to this machine? He also will never get the registry settings.

If you are on a Windows 2008 domain level, you can deploy registry keys easily via GPO.

If you are on an earlier domain level you should try to create MSI packages via InstallShield LE (yes, it's still alive!) and also distribute them via GPO. It's just as easy as AutoIt >_<

Sorry for my solution is not in conjunction with AutoIt.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.