Kaseya Community

Problems deleting registry key

This question has suggested answer(s)

I'm trying to delete a registry key, but the procedure fails. I see this in the procedure log:

FAILED in processing THEN step 3, Delete Registry Value, with error Registry Access Failed, HKEY_CURRENT_USER

I have verified the path of the key I want to delete, and it matches my procedure. I also though it might be a permissions problem, so I tried impersonating an administrator. That doesn't seem to help. Does anyone have any insight? The target computer is a Windows 7 system.

All Replies
  • Impersonating the Administrator will only delete the HKCU registry value for that user AND only if that account is logged in at the time. For the purposes of scripting, that is probably not desirable. Counting on users to be logged in sucks.

    You do have some other options...

    1. Logon script in Group Policy. This is how people would accomplish what you're trying to do without Kaseya.

    2. Kaseya script to check if a user is logged in. Make a conditional step to check if someone is logged in. If they are, delete the registry value. Otherwise, have the script reschedule itself for an hour later. I think this is a common technique with other Kaseya administrators.

    3. VBScript. This is how I prefer to make changes to HKCU values. With VBScript, we can load up the NTUSER.dat files and make changes for all profiles in one go.

  • SMason is right the agent procedure can only access the "System" "Agent Credential" and "logged on user" (if currently logged in). Sometimes the logged in user is not allowed to modify the registry so using the "logged on user" method I personally see as flawed and won't work in all scenarios.

    Instead of modifying the HKCU registry hive you could access it via the HKU registry hive, this allows you to access all the existing user hives on the target machine. The trick to it though is that you need to be able to figure out what the user's SID is or you might want to apply the registry changes to all of the user hives with a recursive script.

    There are plenty of VBscripts out there that can be used to enumerate a user SID's and more that can show you how to modify registry keys.