Hi Gilles, On 21.01.2014 12:22, Gilles Lapene wrote: > I want create a data in the registry HKCU (HKEY CURRENT USER). It's for a software called intramessenger. It's the parameter of the server for all users. > My file reg functionally but i can't use it with wpkg. Do you have any idea? HKCU registry tree is user-specific and can be changed only by this user. Therefore WPKG cannot do this for you unless you execute WPKG in user space. But usually WPKG is executed by some special account with admin privileges or the SYSTEM account when run as service. During WPKG execution HKCU is not available (or more precisely directs you to the WPKG-executing user registry). So best option is to exexute some script in user space. To do this you have multiple options: Logon script: If you use network logon you might include some "reg.exe" or similar registry-modifications within the logon script which executes in user space. So HKCU is available. You might also place any script on the hard disk and link it in Startup folder for all users or add it to HKLM\Software\Microsoft\Windows\Run key in order to execute it on user login. This way the script is also executed when the user logs in. In all cases HKCU is available as the script is run by the user on login. Be aware that the script in this case is run at every login, not just once. So write the script in a way that it won't harm if executed multiple times. It might be removed at a later stage. Mount User tree: You might do offline modification of a users profile which is NOT logged in (ie. user registry not locked) by mounting it's HKCU registry tree. e.g. reg load HKLM\user-hive c:\users\user\ntuser.dat This will mount the user software hive (HKCU) at HKLM\user-hive. Make sure any modification now will have to be done on this path, so instead of HKCU\some-key you need to modify HKLM\user-hive\some-key. Do also not forget to unload (reg unload HKLM\user-hive) the hive after finishing modification. This method is unsuitable if the user is logged in while the modification takes place. Modify HKEY_USERS\<sid> If you know the user SID you might directly modify HKEY_UUSERS\<sid>\some-key while the user is logged in. I never did this as I consider this to be quite insecure. Modify default profile: You might modify HKEY_USERS\.DEFAULT from WPKG. However this is only suitable if the user profile has NOT been created yet. Modifying the default will have any effect on new user profiles created after modifying the default only. So if you don't use roaming profiles and do a clean setup of a machine this is likely the most safe place to include some registry defaults for first-time-login-users. ActiveSetup: Actually very few people even know about this but it's very handy to do exactly this type of modification. I give here a very brief description and example. You might find more details on the internet. To use ActiveSetup basically checks during login whether there are components defined on the local system which have never been run by the user which logs in (e.g. first time logon or roaming from other machine in network environment). If a component is found which was not previously executed then it's run and its state is stored in user profile. If the administrator upates one of the components or adds new ones then ActiveSetup will detect this change and (re)execute these components. First add the component to the registry. For example: reg delete "HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\mySetup" /f reg add "HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\mySetup" /v Version /t REG_SZ /d "1" /f reg add "HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\mySetup" /v StubPath /t REG_SZ /d "c:\path\to\script.cmd" /f (caution: line breaks) In this case a component called "mySetup" is created with version 1. If a user logs on to the system and does not find mySetup in version 1 to be executed already it will run the command defined in StubPath. On subsequent logins this is not re-executed unless the administrator increments the version. I found ActiveSetup to be a very convenient way to make sure users will have executed certain actions once in their profile. I use it to distribute user profile fixes to machines. In your case I would think about an ActiveSetup component which executes commands to modify the user registy for intramessenger. br, Rainer |