_winreg and access registry settings of another user

[News123]

Hi,

I habe administrator privilege on a window host and would like to write
a script setting some registry entries for other users.




There are potentially at least two wo ways of doing this:

1.) start a subprocess as other user and change the regitrey for
CURRENT_USER

However I don't know how to start a process (or ideally just a thread)
as another user with python.


2.) Load the 'hive' of the othe user and chnage the registry.

It seems, that one has to load the 'hive' of a different user in order
to have access to somebody eleses registry entries.

I did not find any documetnation of how to load a 'hive' wit the library
_winreg or another python library/


Did anybody else try already something similiar?


thanks in advance for pointers



bye


N

 

[Mensanator]

Hi,

I habe administrator privilege  on a window host and would like to write
a script setting some registry entries for other users.

Why? Are you writing a virus?

 

[News123]

Why? Are you writing a virus?

Writing a virus in python???? Why not? though I didn't think about it as
ideal choice of implementing viruses.
For my script to run I have to run it explicitly as administrator
(as being required by Vista / Win7).


My script shall be part of installing and configuring a PC with some
default settings with the minimal amount of human administrator
interactions.

The steps:
- install windows
- install python
- setup one admin account and one or more user accounts (without admin
privileges)
- run a script, that preconfigures registry settings for some users.

As mentioned before I see at least two possible ways and achieving this
but lack information for either.


1.) run a sub process or thread as another user (the user wouldn't even
have a password during the installation phase) and change the registry
from this thread. I have no experience of running 'suid' under windows.


2.) being able to load the 'hive' of another user into the registry and
be therefore able to change his settings. I didn't find a function
allowing _winreg to load additional 'hives'



bye


N

 

[Tim Golden]

My script shall be part of installing and configuring a PC with some
default settings with the minimal amount of human administrator
interactions.

The steps:
- install windows
- install python
- setup one admin account and one or more user accounts (without admin
privileges)
- run a script, that preconfigures registry settings for some users.

2.) being able to load the 'hive' of another user into the registry and
be therefore able to change his settings. I didn't find a function
allowing _winreg to load additional 'hives'

You can use a combination of the win32security, win32api and win32profile
modules from the pywin32 package for this:

<code>
import win32security
import win32api
import win32profile

username = "USERNAME"
domain = "DOMAIN"
password = "PASSWORD"

hUser = win32security.LogonUser (
username,
domain,
password,
win32security.LOGON32_LOGON_NETWORK,
win32security.LOGON32_PROVIDER_DEFAULT
)
hReg = win32profile.LoadUserProfile (
hUser,
{"UserName" : "fozrestore"}
)
try:
print win32api.RegEnumKeyExW (hReg)
finally:
win32profile.UnloadUserProfile (hUser, hReg)

</code>

TJG

 

[Dennis Lee Bieber]

There are potentially at least two wo ways of doing this:

Three I think... Though I'm not certain if it will run without
putting dialogs before the user...

Create a .reg file with the update/changes specified relative to
"HKEY_CURRENT_USER";

Copy to someplace like
C:\documents and settings\all users\<something>

Create a "regupdate.bat" file that essentially does

regedt32 "C:\documents and settings\all users\<something>"
delete "%APPDATA%\..\start menu\programs\startup\regupdate.bat"

Copy the .bat file to each users' startup directory.

The next time that user logs on, the bat file will run, and with
luck silently update the registry with the contents of the .reg file (or
you put instructions in the bat file with a pause informing the user to
accept the registry update...


It may not be as clean as remotely accessing the registry itself,
but it sure doesn't need much in the way of privileges -- just file
write to the startup directories of each user on the machine, and the
shared data directory...