Powershell REG LOAD command not working

Question

Windows 7, in Powershell (running as admin), running the following command on an offline user:

& REG LOAD HKLM\CHANGEUSER c:\users\testuser\ntuser.dat
Write-Host Loaded with result $?

Result: False. On inspection of the key using regedit, it has NOT been loaded. Note: HKLM\Changeuser is not precreated.

---

If I use the same command from a command prompt (as admin), it is all fine:

REG LOAD HKLM\CHANGEUSER c:\users\testuser\ntuser.dat

Result: The command completed successfully, and the file has been loaded into the registry.

Why is it not loading into the registry when using powershell? I have attempted with and without the call operator (&), but get the same result.

Answer 1

I would not attach the hive to HKLM. You're supposed to attach it to HKEY_USERS (HKU). That's what it's for.

Try:

reg.exe load HKU\Changeuser c:\users\testuser\ntuser.dat
Write-Host Loaded with result $?

You can access it like so:

Set-Location Registry::\HKEY_USERS\Changeuser

If you want a PowerShell drive (HKEY_USERS normally doesn't have one) you can use:

New-PSDrive -Name HKU -PSProvider Registry -Root HKEY_USERS; 
Set-Location HKU:

---

To expand, I've scheduled this with Task Scheduler running as a service account and as the local SYSTEM account using at.exe and I got nothing but success. I even tried HKLM, and had success. It's not clear to me what you're doing, but I don't have enough information anymore for why it's failing.