HELP Deploying HKCU Registry Keys using SCCM RRS feed

  • Question

  • Guys,

    I need to deploy HKCU, registry keys to about 60 users. As it contains License for Toad.

    Below is the Batch script i have created to add the Registry Keys:

    reg add "HKCU\SOFTWARE\{08439167-4CA5-48E9-A810-A3A7C0B80B06}" /f
    reg add "HKCU\Software\{08439167-4CA5-48E9-A810-A3A7C0B80B06}\Local" /f
    reg add "HKCU\Software\{08439167-4CA5-48E9-A810-A3A7C0B80B06}\Local\EGRS8BGAZ14L" /f
    reg add "HKCU\Software\{08439167-4CA5-48E9-A810-A3A7C0B80B06}\Local\EGRS8BGAZ14L" /v SiteMessage /t REG_SZ /d "FI CORP" /f
    reg add "HKCU\Software\{08439167-4CA5-48E9-A810-A3A7C0B80B06}\Local\EGRS8BGAZ14L" /v ProductName /t REG_SZ /d "Toad for Oracle" /f
    reg add "HKCU\Software\{08439167-4CA5-48E9-A810-A3A7C0B80B06}\Local\EGRS8BGAZ14L" /v ProductVersion /t REG_SZ /d 13.1.1 /f

    Below is the Powershell script to add the Registry Keys:

    New-Item -Path HKCU:\Software -Name "{08439167-4CA5-48E9-A810-A3A7C0B80B06}" –Force
    New-Item -Path "HKCU:\Software\{08439167-4CA5-48E9-A810-A3A7C0B80B06}" -Name Local –Force
    New-Item -Path "HKCU:\Software\{08439167-4CA5-48E9-A810-A3A7C0B80B06}\Local" -Name "EGRS8BGAZ14L" –Force
    New-ItemProperty -Path  "HKCU:\Software\{08439167-4CA5-48E9-A810-A3A7C0B80B06}\Local\EGRS8BGAZ14L" -Name "SiteMessage" -Value "FI CORP"
    New-ItemProperty -Path  "HKCU:\Software\{08439167-4CA5-48E9-A810-A3A7C0B80B06}\Local\EGRS8BGAZ14L" -Name "ProductName" -Value "Toad for Oracle" -Force
    New-ItemProperty -Path  "HKCU:\Software\{08439167-4CA5-48E9-A810-A3A7C0B80B06}\Local\EGRS8BGAZ14L" -Name "ProductVersion" -Value "13.1.1" -Force

    But neither the powershell script or the bat file are working with SCCM. As they need elevated rights.

    So, i used the script: https://gallery.technet.microsoft.com/scriptcenter/Write-to-HKCU-from-the-3eac1692?ranMID=24542&ranEAID=TnL5HPStwNw&ranSiteID=TnL5HPStwNw-w18SvSNogYyxDIDbMr77sA&epi=TnL5HPStwNw-w18SvSNogYyxDIDbMr77sA&irgwc=1&OCID=AID2000142_aff_7593_1243925&tduid=(ir__q0mdnvovd9kfr30xkk0sohzz0m2xgj6ciurd6aev00)(7593)(1243925)(TnL5HPStwNw-w18SvSNogYyxDIDbMr77sA)()&irclickid=_q0mdnvovd9kfr30xkk0sohzz0m2xgj6ciurd6aev00

    Created a Bat file with below contents, which will write HKCU to current account

    PowerShell.exe -File C:\scripts\WriteToHkcuFromSystem.ps1 -RegFile C:\Temp\myApp.reg –CurrentUser –DefaultProfile

    Even this is not working.

    Can any of you please let me know would i be able to deploy these registry keys?

    Thank you very much in advance.

    Regards, Prasad

    Friday, October 18, 2019 6:45 AM


  • Hi,

    Generally, a user account will have full access to read/write to their own HKCU, and, the LocalSystem account (which ConfigMgr uses when you "install for system") has full access to read/write to HKLM. LocalSystem has no access to a user's HKCU because HKCU for a user is only mounted when that particular user is logged-on.

    So, yes, if you are writing regkeys into HKCU you will need to do it as "install for user" and that user can be expected to have enough permissions to succeed.

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by RealStruggler Monday, October 21, 2019 10:32 AM
    Monday, October 21, 2019 8:20 AM