locked
Unable to create a registry in HKLM\System in APPV bubble using pre-launching script in protect=true RRS feed

  • Question

  • I have a requirement to create a registry key in virtual bubble  under

    "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\VB net application"
    DisplayName:
    Datatype: REG_EXPAND_SZ
    value:"c:\myapp\abc.dll"

     

    I created a prelauching script , protect = true: Howver I am getting Access denied in User mode: If I change the same to HKLM\Software  key gets created successfully. Please helpme in troubleshooting the issue

    Monday, December 3, 2012 1:01 PM

Answers

  • Hello,

    The above replies really answer the question.

    1. The key is excluded from all and any virtual package due to a override on the App-V Client

    2. If you spend additional time to have the key included and do it successfully - it will not impact any running service in any way.

    3. The user can not write to those keys - any attempt to set that requires elevated permissions


    Nicke Källén | The Knack| Twitter: @Znackattack

    Wednesday, December 5, 2012 9:37 AM

All replies

  • Hello,

    Have you verified that the script is running within the virtual environment? There are several script ways that could cause it to execute outside of the virtual environment, all depends on how you write your script...

    Also assuming that you have set Enforce Security Descriptors to off

    Nicke Källén | The Knack| Twitter: @Znackattack


    • Edited by znack Monday, December 3, 2012 1:03 PM
    Monday, December 3, 2012 1:02 PM
  • I havent executed the script but I launched from virtual command prompt

    Command I used is reg add

    Monday, December 3, 2012 1:25 PM
  • What's the permissions on the key inside the bubble: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application


    Please remember to click "Mark as Answer" or "Vote as Helpful" on the post that answers your question (or click "Unmark as Answer" if a marked post does not actually answer your question). This can be beneficial to other community members reading the thread.


    This forum post is my own opinion and does not necessarily reflect the opinion or view of my employer, Microsoft, its employees, or other MVPs.

    Twitter: @stealthpuppy | Blog: stealthpuppy.com | The Definitive Guide to Delivering Microsoft Office with App-V

    Monday, December 3, 2012 1:51 PM
    Moderator
  • Hello,

    Great, that should work unless you haven't checked my last comment and verified the security descriptors setting within the package.


    Nicke Källén | The Knack| Twitter: @Znackattack

    Monday, December 3, 2012 1:52 PM
  • Let me explain the scenario. I have an application we need to virtualize. It need to create a registry key and a network shortcut

    I opened the virtual cmd line and execute the following command

    Q:\NewDel11.V01\VFS>reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\VB Net Application" /v EventMessageFile /t REG_EXPAND_SZ /d "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll"

    Registry got added inside the physical registry not in virtual bubble

    but if I give the same except changing HKEY_LOCAL_MACHINE\SYSTEM to HKEY_LOCAL_MACHINE\SOFTWARE, registry got added into virtual bubble successfully

    Please help in why the HKLM\System getting created in physical whereas HKLM\Software getting created in virtual key

    Monday, December 3, 2012 6:09 PM
  • Hello,

    Even if you set a registry key there - it will not impact anything on your machine.

    Those registry keys are used by boot time services and even if you manage to set something - it will not impact the service running


    Nicke Källén | The Knack| Twitter: @Znackattack

    Monday, December 3, 2012 6:14 PM
  • The 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application' path is included in VirtualRegistryPassthroughEx, which means that writes to that location will always end up in the real registry.

    You can read more on VirtualRegistryPassthroughEx here: Allowing applications running inside an App-V Virtual Environment (VE) to read from or write to the native registry

    I'll second Znack's point that this location will be used by boot time services and processes. So while you could remove the registry path from that value, it's most likely there for a reason and I would recommend against removing it as it will have a global impact, not just for that one package. Test thoroughly.



    Please remember to click "Mark as Answer" or "Vote as Helpful" on the post that answers your question (or click "Unmark as Answer" if a marked post does not actually answer your question). This can be beneficial to other community members reading the thread.


    This forum post is my own opinion and does not necessarily reflect the opinion or view of my employer, Microsoft, its employees, or other MVPs.

    Twitter: @stealthpuppy | Blog: stealthpuppy.com | The Definitive Guide to Delivering Microsoft Office with App-V


    Monday, December 3, 2012 7:15 PM
    Moderator
  • Yes, the registry is mentioned in VirtualRegistryPassthroughEx.

    However I have a query like

    We included the following key in the package, but we couldnt find the key generated in virtual or physical registry. The key is not mentioned as part of exclusion items.

    Note: We have a standalone environment and deploy virtual MSI.

    Tuesday, December 4, 2012 12:02 PM
  • Any help to the above question
    Wednesday, December 5, 2012 9:18 AM
  • Hello,

    The above replies really answer the question.

    1. The key is excluded from all and any virtual package due to a override on the App-V Client

    2. If you spend additional time to have the key included and do it successfully - it will not impact any running service in any way.

    3. The user can not write to those keys - any attempt to set that requires elevated permissions


    Nicke Källén | The Knack| Twitter: @Znackattack

    Wednesday, December 5, 2012 9:37 AM
  • Hello,

    Security descriptors is used  for giving permissions for files inside Q drive and not to virtual registries. User has full permissions to virtual registries regardless of security descriptor options.  I have sequenced several applications in which i had the requirement of adding a registry under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application. You can chk my blog where in i have captured one of those : appvtech.blogspot.com/2012/12/sequencing-aspect-rtaclient-7208.html.  In this example i have unchecked security descriptors as i had some other issue.

    I hope this solves your issue of adding a registry to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application" inside the virtual bubble.

    Monday, January 7, 2013 5:17 AM