none
Windows Photo Screensaver Settings

    Question

  • I am working on making the base image for our users and one of the steps we do is set the default screen saver for all users to a folder containing stock photo's our our products.  While capturing what gets changed for settings when i configure this i've found that I need to set the following keys.

    [HKEY_CURRENT_USER\Software\Microsoft\Windows Photo Viewer\Slideshow\Screensaver]
    "Speed"
    "Shuffle"
    "EncryptedPIDL"

    [HKEY_CURRENT_USER\Control Panel\Desktop]
    "ScreenSaveActive"
    "ScreenSaverIsSecure"
    "SCRNSAVE.XE"
    "ScreenSaveTimeOut"

    At first i was a little confused as in the past you could just set the path for the pictures and that was it.  After some reading it looks like the EncryptedPIDL now holds the value of the location to the pictures folder, its just encrypted now.  Most of what I've read just says set it then export that key and then import it so it works.  However when I did this and imported it nothing happened.  I then did it on two machines setting the path to C:\windows\stdPictures and exported the keys.  To my surprise the export resulted in different values.  I've since done this as a manual step prior to syspreping and the settings sticks however we like our build process to be completely hands off to remove human error so I need to script it and I prefer direct API or reg import.  I was wondering if there was a way to call a API for this key, so that I just pass it the value of path and it encrypts it.  Below is my example of the two machines reg export of what should be the same value.

     

    Machine 1
    [HKEY_CURRENT_USER\Software\Microsoft\Windows Photo Viewer\Slideshow\Screensaver]
    "Speed"=dword:00000001
    "Shuffle"=dword:00000001
    "EncryptedPIDL"="FAAfUOBP0CDqOmkQotgIACswMJ0ZAC9DOlwAAAAAAAAAAAAAAAAAAAAAAAAAUgAx
    AAAAAADdPGCXEABXaW5kb3dzADwACAAEAO++7jqFGt08YJcqAAAAWAcAAAAAAQAA
    AAAAAAAAAAAAAAAAAFcAaQBuAGQAbwB3AHMAAAAWAFwAMQAAAAAA3TxclxAAU1RE
    UElDfjEAAEQACAAEAO++3Txcl908XJcqAAAA80MAAAAACgAAAAAAAAAAAAAAAAAA
    AFMAdABkAFAAaQBjAHQAdQByAGUAcwAAABgAAAA=
    "

    Machine 2
    [HKEY_CURRENT_USER\Software\Microsoft\Windows Photo Viewer\Slideshow\Screensaver]
    "Speed"=dword:00000001
    "Shuffle"=dword:00000001
    "EncryptedPIDL"="FAAfUOBP0CDqOmkQotgIACswMJ0ZAC9DOlwAAAAAAAAAAAAAAAAAAAAAAAAAUgAx
    AAAAAADdPCCYEABXaW5kb3dzADwACAAEAO++7jqFGt08IJgqAAAAbAIAAAAAAQAA
    AAAAAAAAAAAAAAAAAFcAaQBuAGQAbwB3AHMAAAAWAFwAMQAAAAAA3TwbmBAAU1RE
    UElDfjEAAEQACAAEAO++3TwbmN08G5gqAAAAWjICAAAACgAAAAAAAAAAAAAAAAAA
    AFMAdABkAFAAaQBjAHQAdQByAGUAcwAAABgAAAA=
    "

    Thursday, July 01, 2010 2:01 PM

Answers

All replies

  • Hi, jdpickering:

    That string seems to be encrypted in Base64, and it represents an item list, which is a shell structure that contains the path and other things. This is the reason why you may get different strings for the same paths.

    For example, to decrypt it, the first thing you should do is call the API CryptStringToBinary (http://msdn.microsoft.com/en-us/library/aa380285(VS.85).aspx) with the third parameter set to CRYPT_STRING_BASE64. This API will return a pointer to an item list (PIDL), so you would use the API ShCreateItemFromIDLIST (http://msdn.microsoft.com/en-us/library/bb762133(VS.85).aspx) to get a shell item for the path. Once you have the pointer to the shell item (say "pItem"), call pItem->GetDisplayName(...) to get the path.

    Here's more information about PIDL's: http://msdn.microsoft.com/en-us/library/cc144089(VS.85).aspx#ID_Lists_PIDL

    If you need more information, post your question to the MSDN forums: http://social.msdn.microsoft.com/Forums/en/categories/


    Microsoft MVP Windows Desktop Experience
    Thursday, July 01, 2010 11:23 PM
  • This is an excellent explanation of why the registry key is encrypted and the API calls required to de-crypt it but does anyone have sample code for either reading or writing this information?

    If this encrypted key truly does hold and encrypted version of the folder path for the screensaver picture location then exporting the registry key and importing it to another machine should set the folder location. Right?

    I can't see why that wouldn't work? But it doesn't!

    I set the folder location on my screensaver.
    Exited the customization screen.
    Exported the registry key in question.
    Changed the screensaver folder location to a new location. 
    Exited the customization screen.
    Imported the registry key.

    The settings were still the same and did not revert back to the setting I first set.

    What is worth noting is the speed and shuffle values DO change and ARE set.

    Is anyone else go an answer to this frustrating issue?

    and why can't Microsoft add this in to Group Policy by default?


    Brett Moffett
    • Edited by Moff25 Thursday, October 21, 2010 5:17 AM
    Wednesday, October 20, 2010 5:47 AM
  • SOLUTION FOUND!

    When exporting the registry key and re-importing it I noticed that the Speed and Shuffle values were being set but not the PIDL value.

    If you look at the exported registry key it looks like this:

    [HKEY_CURRENT_USER\Software\Microsoft\Windows Photo Viewer\Slideshow\Screensaver]
    "Speed"=dword:00000001
    "Shuffle"=dword:00000001
    "EncryptedPIDL"="FAAfUOBP0CDqOmkQotgIACswMJ0ZAC9DOlwAAAAAAAAAAAAAAA
    AAAAAAAAAAUgAxAAAAAADdPGCXEABXaW5kb3dzADwACAAEAO++7jqFGt08YJcqAAA
    AWAcAAAAAAQAA
    AAAAAAAAAAAAAAAAAFcAaQBuAGQAbwB3AHMAAAAWAFwAMQA
    AAAAA3TxclxAAU1RE
    UElDfjEAAEQACAAEAO++3Txcl908XJcqAAAA80MAAAAACgAAAAAA
    AAAAAAAAAAAA
    AFMAdABkAFAAaQBjAHQAdQByAGUAcwAAABgAAAA=
    "

    The problem is the .reg file seems to inject carriage return or paragraph mark items at a given distance in the PIDL string and when re-imported in to the registry it can't deal with it so does not import it.

    By removing the line breaks and representing the key as one VERY long string it can then import the value fine. For example:

    [HKEY_CURRENT_USER\Software\Microsoft\Windows Photo Viewer\Slideshow\Screensaver]
    "Speed"=dword:00000001
    "Shuffle"=dword:00000001
    "EncryptedPIDL"="FAAfQiVIHgOUe8NNsTHpRrRMjdUgAAAAGgDuu/4jAAAQAJ+ukKk7oIBOlLyZEtdQQQQAADQPAAAuD4EZFBAEDyAAAAAAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdAAAAMVNQUzDxJbfvRxoQpfECYIye66wxAAAACgAAAAAfAAAAEAAAAFAAdQBiAGwAaQBjACAAUABpAGMAdAB1AHIAZQBzAAAAFQAAAA8AAAAAQAAAAABRT/4xBMoBEQAAAA0AAAAAEwAAABEAAAAVAAAADgAAAABAAAAAAO4WuOP2ygEVAAAAEAAAAABAAAAAAO4WuOP2ygEAAAAAMQAAADFTUFOxFm1ErY1wSKdIQC6kPXiMFQAAAGQAAAAAFQAAABBdvi1T1hPjAAAAAKwNAAAxU1BTpmpjKD2V0hG11gDAT9kY0BEAAAAZAAAAABMAAAB9AYBwNQ0AACAAAAAAERAAACINAAAUAB9CJUgeA5R7w02xMelGtEyN1VEAAABLAO67/iMxABAAn66QqTuggE6UvJkS11BBBC0AAAAxU1BTw8m4gLthn0O7H/eKQ5gjdxEAAAACAAAAABMAAAABAAAAAAAAAAAAAAAAALsMAAC1DExpYkyqDAEAAC0AAAAxU1BTf7Z2XT2bu0S2riXaT2OKZxEAAAAFAAAAAAsAAAD//wAAAAAAAEEAAAAxU1BTAtXN1ZwuGxCTlwgAKyz5riUAAAAPAAAAAB8AAAAKAAAATQBpAGMAcgBvAHMAbwBmAHQAAAAAAAAApgAAADFTUFOmamMoPZXSEbXWAMBP2RjQEQAAABoAAAAAAwAAAAEAAAB5AAAAGAAAAAAfAAAAMwAAAGsAbgBvAHcAbgBmAG8AbABkAGUAcgA6AHsAQgA2AEUAQgBGAEIAOAA2AC0ANgA5ADAANwAtADQAMQAzAEMALQA5AEEARgA3AC0ANABGAEMAMgBBAEIARgAwADcAQwBDADUAfQAAAAAAAAAAAH4AAAAxU1BTU33vDGT60RGiAwAA+B/t7iEAAAAHAAAAAB8AAAAIAAAAVwBpAG4AZABvAHcAcwAAAEEAAAADAAAAAB8AAAAXAAAAUAB1AGIAbABpAGMAIABQAGkAYwB0AHUAcgBlAHMAIABGAG8AbABkAGUAcgAAAAAAAAAAAMkBAAAxU1BTgfqfH6ZePUyGQVvFfITNaK0BAAACAAAAABEQAACZAQAAFAAfUOBP0CDqOmkQotgIACswMJ0ZAC9DOlwAAAAAAAAAAAAAAAAAAAAAAAAAdAAxAAAAAADDPCkCEQBVc2VycwBgAAgABADvvu46hRrDPCkCKgAAANQBAAAAAAEAAAAAAAAAAAA2AAAAAABVAHMAZQByAHMAAABAAHMAaABlAGwAbAAzADIALgBkAGwAbAAsAC0AMgAxADgAMQAzAAAAFAB4ADEAAAAAAO468ToRAFB1YmxpYwAAYgAIAAQA777uOoUa7jrxOioAAAD5AQAAAAABAAAAAAAAAAAAOAAAAAAAUAB1AGIAbABpAGMAAABAAHMAaABlAGwAbAAzADIALgBkAGwAbAAsAC0AMgAxADgAMQA2AAAAFgB+ADEAAAAAALI8Qr0RAFBpY3R1cmVzAABmAAgABADvvu46hRqyPEK9KgAAAAECAAAAAAEAAAAAAAAAAAA8AAAAAABQAGkAYwB0AHUAcgBlAHMAAABAAHMAaABlAGwAbAAzADIALgBkAGwAbAAsAC0AMgAxADgAMAAyAAAAGAAAAAAAAAAAAABLCQAAMVNQUwXVzdWcLhsQk5cIACss+a4vCQAAHgAAAABzAGUAcgBpAGEAbABpAHoAZQBkAEwAaQBuAGsAAAAfAAAAfwQAAE0AQgBBAEEAQQBFAEEARgBDAEEAQQBBAEEAQQBBAEEAQQBEAEEAQQBBAEEAQQBBAEEAWQAwAGcAQQBBAFEAQgBSAEEAQQBBAEEAdwAzAHgAdwAyAGYATQBFAG8AYwBBAFgAVQA5AFEAMwBPAHUAOQBLAEgAdwBGAFYAUAAwAHQAagBiAHYAeQBCAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBCAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBrAFoAQQBVAEEAdwBIAFEAQgArAFQAUQBEAGkANgA2AGsARwBFAGkAaQBOAEMAQQBzAEMATQB3ADAAWgBHAEEAOAB5AFEANgB3AEYAQQBBAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQAwAEIAUQBNAEEAQQBBAEEAQQBBAHcAdwA4AGsAaQBBAFIAQQBRAFYAegBWAG0AYwB6AEIAQQBZAEEAZwBBAEEARQBBAHcANwArADYAdQBPAEYAcQB4AHcAOABrAGkAQQBxAEEAQQBBAEEAUQBkAEEAQQBBAEEAQQBBAEUAQQBBAEEAQQBBAEEAQQBBAEEAQQBBAEEAZwBOAEEAQQBBAEEAQQBBAFEAVgBBAE0ASABBAGwAQgBnAGMAQQBNAEgAQQBBAEEAQQBRAEEATQBIAEEAbwBCAFEAWgBBAHcARwBBAHMAQgB3AE0AQQBJAEQAQQB1AEEAQQBaAEEAdwBHAEEAcwBCAEEATABBADAAQwBBAHkAQQBRAE0AQQBnAEQAQQB4AEEAdwBNAEEAQQBBAEEAVQBBAEEAZQBBAEUARABBAEEAQQBBAEEAQQA0AHUATwB4AHIAVABFAEEAQQBWAGQAaQB4AFcAYQBqAEIAQQBBAGkAQgBBAEMAQQBRAEEAQQB2ADcAcgA3ADYAVQBvAEcAdQByAFQAOAA2AG8AQwBBAEEAQQBRACsAQgBBAEEAQQBBAEEAUQBBAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBBADQAQQBBAEEAQQBBAEEAQQBRAEIAUQBkAEEASQBHAEEAcwBCAFEAYQBBAE0ARwBBAEEAQQBBAFEAQQBNAEgAQQBvAEIAUQBaAEEAdwBHAEEAcwBCAHcATQBBAEkARABBAHUAQQBBAFoAQQB3AEcAQQBzAEIAQQBMAEEAMABDAEEAeQBBAFEATQBBAGcARABBAHgAQQBnAE4AQQBBAEEAQQBXAEEAZwBmAEEARQBEAEEAQQBBAEEAQQBBAEkATABQAEMAMQBiAEUAQQBBAFYAYQBqAFIAWABkAHkAVgAyAGMAQQBBAGcAWgBBAGcAQQBBAEUAQQB3ADcAKwA2AHUATwBGAHEAaABzADgASQBVAHYAcQBBAEEAQQBBAEUAZwBBAEEAQQBBAEEAQQBFAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBBAEEAUABBAEEAQQBBAEEAQQBBAFUAQQBrAEcAQQBqAEIAQQBkAEEAVQBIAEEAeQBCAFEAWgBBAE0ASABBAEEAQQBBAFEAQQBNAEgAQQBvAEIAUQBaAEEAdwBHAEEAcwBCAHcATQBBAEkARABBAHUAQQBBAFoAQQB3AEcAQQBzAEIAQQBMAEEAMABDAEEAeQBBAFEATQBBAGcARABBAHcAQQBnAE0AQQBBAEEAQQBZAEEAQQBBAEEANABFAEEAQQBBAEEASABBAEEAQQBBAEIAQQBBAEEAQQB3AEIAQQBBAEEAQQBOAEEAQQBBAEEAQQBBAEEAQQBBADAARQBBAEEAQQBBAEcAQQBBAEEAQQBEAEEAQQBBAEEAbwBjAGMAKwBwAEQARQBBAEEAQQBBAEUAVgBtAFoAaABWAEgAYgAwAEIAdwBRADYAdwBWAFYAegBWAG0AYwB6AHgARgBVADEASgBHAGIAcABOAEcAWABRAGwAMgBZADAAVgBuAGMAbABOAEgAQQBBAEEAQgBBAEEAQQBRAEIAQQBBAEEAbwAyAEEAQQBBAEEAYwBaAEEAQQBBAEEASABBAEEAQQBBAEwAQQBBAEEAZwBhADQAKwByAGIANwBCAHAAeABUAFEAYQBlAC8AVABDAHYASwA4ADgAVgA4AGwAQgBBAEEAQQBaAEMAQQBBAEEAawBBAEEAQQBBAGEAagBBAEEAQQBBAHgATQBGAFUAVABKAHUAaQBZAFoARQB2AE0AaAB6AFEANwB5AC8ARQBUAGEAQwBtAHQANQBjAGMAQQBBAEEAQQBFAEEAQQBBAEEAQQB3AEgAQQBBAEEAQQB2AEEAQQBBAEEATQBGAEEAdABBAFEATQBBADAAQwBBADEAQQBRAEwAQQBJAEQAQQB4AEEAUQBMAEEARQBEAEEAMgBBAFEATwBBAEEARABBAHkAQQBRAE0AQQBBAEQAQQB4AEEAUQBPAEEAQQBEAEEAdABBAHcATQBBAEkARABBAHcAQQBBAE4AQQBZAEQAQQAwAEEAdwBOAEEAWQBEAEEAMABBAHcATgBBADAAQwBBADIAQQBBAE0AQQBFAEQAQQAwAEEAZwBOAEEASQBEAEEAdwBBAFEATQBBAFEARABBAHQAQQBnAE0AQQBnAEQAQQB3AEEAQQBOAEEAZwBEAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBBAEEAQQBnAEIAQQBBAEEATQBBAEEAQQBBAEsAVwBBAEEAQQBBAEEAQQBBAEEAQQBnAEcAYwA0AGMAVABNAHcAQQBYAEwAdAA5AG0AWgBtAFYARwBkADAAQgBBAEgAeQB1AEwATABvAGIAZwBBAEgASgBLAHoAdABIAGEARABrAEgAcQBaAGoARwArAGIAUABSAEQAYwBlAEgAaAB0ADEAQgBRAEgASgBvAHYAVwBjAHcAaABzADcAeQBDADYARwBJAHcAUgBpAHkAYwA3AGgAMgBBADUAaABhADIAbwBoAC8AMgBUADAAQQBuADMAUgBZAGIAZABBADAAUgBDADYAcgBGAEgAQQBBAEEAQQBBAEEAAAAAAAAAAAAAAAAAAAAAAAAAJQAAABgAAAAAHwAAAAkAAABQAGkAYwB0AHUAcgBlAHMAAAAAACUAAAALAAAAAB8AAAAKAAAARABpAHIAZQBjAHQAbwByAHkAAAAAAAAAhgAAADFTUFNA6D4eK7xsR4I3Ks0ag5siRQAAAAgAAAAAHwAAABkAAABDADoAXABVAHMAZQByAHMAXABQAHUAYgBsAGkAYwBcAFAAaQBjAHQAdQByAGUAcwAAAAAAJQAAAAMAAAAAHxAAAAEAAAAHAAAAZgBvAGwAZABlAHIAAAAAAAAAAAAAAAAAAAAAAA==
    "

    Even on this page the value does not fit but if you do copy this to a .reg file you will be able to set the PhotoScreensaver value to Public Pictures.

    It is then possible to set this value via Group Policy Preferences or custom GPO to maintain a consistent approach throughout your organisation.

    Hope these notes help



    Brett Moffett
    • Proposed as answer by Moff25 Thursday, October 21, 2010 5:16 AM
    Thursday, October 21, 2010 5:15 AM
  • Do not attempt while tired.

    I was completely distracted by this EncryptedPIDL. I am so relieved that the location of my screensaver photos is encrypted by the way!

    My issue is that I was running the wrong *.scr file

    in User Configuration\Policies\Administrative Templates\Control Panel\Personalization

    Force specific screen saver

    I was running screensvr.scr instead of PhotoScreensaver.scr

    I really hope this helps someone.

    Friday, February 21, 2014 1:41 AM
  • My solution for the encryption was to configure my photo location on a client (not a domain controller) and then run the Registry Wizard and browse to that client machine.

    details:
     In the group policy object
     User Configuration/Preferences/Registry
     right click, select new, then registry wizard
     pick the Another computer radial dial and enter \\clientname
    Once there drill down to Windows Photo Viewer to Screensaver and just select the EncryptionPIDL string.

    The go back to the Preferences\windows\Registry entry and drill down to the string, copy it back to the root, remove the SID path so that Software\Microsoft\Windows Photo Viewer\Slideshow\Screensaver is all that remains

    I noticed that I whenever I touched the Encryption hash it breaks it. The method above allows me to move the hash without touching it.

    Friday, February 21, 2014 6:43 PM