Sunday, June 18, 2017

windows 10 - Write to current user's registry through a different admin account


I have 2 users:



  • Domain\Me (domain user)


  • .\MeAdmin (local administrator)



I frequently have to update my registry for multiple purposes (IE trusted sites, override policies, etc.).


e.g.


[HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\gov.pt]
[HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\gov.pt\portaldasfinancas]
"https"=dword:00000001
"http"=dword:00000001

My problem lies with the fact that have been told that I cannot make myself (domain account) local admin, I have to use an independent local admin account for all administrator tweaks.


The thing is, if I run this as user .\MeAdmin, it will run current user of MeAdmin and not user Domain\Me; if I run as Domain\Me, I will bump into permissions wall.


Is there a way to assign Domain\Me permissions to edit registry without being Administrator, or update current user of that account through local admin?


Note: I've read about remote registry connections, but I was hoping to still run this as a script/shell for automation purposes.


Update:
When I run through domain user (all HKEY_CURRENT_USER entries):


enter image description here


Answer



To access another user's registry:



  1. You must use the full path – you need HKEY_USERS\ instead of HKEY_CURRENT_USER (which is only a symlink to the former), and likewise HKEY_USERS\_Classes instead of HKEY_CLASSES_ROOT. Use whoami /user to figure out your SID.


  2. The registry hive must be loaded (mounted) – each user's registry is stored in their own ntuser.dat file (HKCU) and UsrClass.dat (HKCR) separately from the system registry (loaded/unloaded on login/logout).


    In case the target user isn't logged in, you can use reg load or the similar Regedit menu item to mount their ntuser.dat under HKU (but don't forget to unload it later, or that user might be unable to log in).


  3. The registry keys (folders) must have the correct permissions allowing write by another user – they work more-or-less the same way as file permissions; open Regedit, right-click a folder, choose "Permissions…", and add the user which is doing the modifications.



-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

hard drive - Leaving bad sectors in unformatted partition?

Laptop was acting really weird, and copy and seek times were really slow, so I decided to scan the hard drive surface. I have a couple hundr...