In this scenario, I needed to be able to write to the currently logged on users’ HKCU registry, but from a process being run as local system. Afterwards I even had to write the HKCU for every user that will ever logon to the machine, and for every user that already logged-on before.
The solution for these, was a script that accepts a .reg file’s path and the mode that the script needs to run in.
The script simply reads the .reg file, then replaces the registry hive and/or path as needed, saves the new file temporarily and imports it with the /s switch in regedit.exe.
if it needs to write to the default profile’s HKCU, it first loads the ntuser.dat file as a hive, imports the reg file, and unloads the hive (using reg.exe).
So for example, let’s say you need to import the following to the logged-in user’s registry:
Windows Registry Editor Version 5.00
(Note that the registry key needs to be listed under the HKEY_CURRENT_USER hive)
1. Save the contents to a text file, and set the extension to .reg (e.g. C:\Temp\myApp.reg)
2. Run the script with the CurrentUser switch:
PowerShell.exe -File C:\scripts\WriteToHkcuFromSystem.ps1 -RegFile C:\Temp\myApp.reg -CurrentUser
If you need to write to the default profile (for every user that will ever logon to the machine), use the DefaultProfile switch, or for all the users that already have a profile on the machine, use the AllUsers switch.
The modes can be combined, to cover all the options:
PowerShell.exe -File C:\scripts\WriteToHkcuFromSystem.ps1 -RegFile C:\Temp\myApp.reg –CurrentUser –AllUsers –DefaultProfile
The WriteToHkcuFromSystem.ps1 script can be downloaded from the PowerShell script repository: