Reputation: 77
Writing to users policy registry key
I want to be able to write values into a users policy key located in HKEY_CURRENT_USER\Software\Policies\ - but this location can only be written to by an admin user.
I have both an application running as the user and a service on the system that I control. I'd like for the app to tell the service which user it is logged on as and for the service to then go in and write to that users policy section.
What is the best way to do this? Impersonating the user? Can I just clone the users token and send it accross to the service or is there a way to find the full path from HKEY_USERS to the users policy section?
Many thanks.
Upvotes: 1
Views: 740
Answers (2)
Reputation: 77
Heres what I did in the end:
- Find current users SID in the application (OpenProcessToken, GetTokenInformation, ConvertSidToStringSid)
- Pass the string SID to the service
- Make changes to HKEY_USERS{SID}\Software\Policies
Upvotes: 0
Reputation: 6031
User profiles are organized within HKEY_USERS by the user's "Security Identifier." This security identifier can be obtained by iterating through ProfileImagePath keys within HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList. (User accounts start with S-1-5-21. This links usernames to security identifiers. You can then access the user from HKEY_USERS using the obtained security identifier.
Upvotes: 1
Related Questions
- Programmatically allow write access for a Registry key
- How can I get permissions to write to registry keys?
- Write keys into the Windows registry in C#
- Programmatically set Registry Software Policy key for all Users
- Setting Registry key write permissions using .NET
- Write to protected registry key
- C# writing to the registry
- cannot write to the registry key
- How to edit the registry keys of a specific user programatically?
- Writing to Windows registry?