Jump to content

HKCU key not being written via unattend

Recommended Posts

I've been trying to change a registry key in HKCU via unattend but it doesn't seem to work. I confirmed the key itself and if I apply the .reg file manually and reboot, it works.

The key is located in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Flags. (specifically, uncheck the require https in Trusted Sites)


The other things in the reg file DO apply, so I know the command is firing. I am suspecting that it is being run prior to the "mini-setup" box that appears when it is setting up the account's Internet and Desktop settings. I have tried both FirstLogonCommands and using SetupComplete.cmd. I am executing the .reg with regedit /s.


I had also looked into the Default user account's hive but this key does not exist. It must get this setting from somewhere? I also cannot modify the accounts in the image because they are created via the unattend.xml.


Is there another way I can try to automate this? I did a bunch of research already but it mostly deals with using GPOs on domains. Even using this method, enabling it does not actually remove the checkmark on the dialog box for Trusted Sites.


Any other ideas about how to accomplish this? I'd rather not have to end up making it a manual step.


Edit: Windows 7 x64

Link to comment
Share on other sites

  • 2 weeks later...

I had some time to have a play and it seems your suspicions were correct. I made a script that wrote to the registry, checked the write was successfull then read and logged the key to a file.


The Flag was changed to the dword value of 43 but shortly after was updated to 71. The mini setup as you call it that configures the desktop settings also configures some IE settings, this is just after Windows Media Player in the dialog box.


My suggestion would be to write a batch file that adds the key and then deletes itself. Copy this to the Startup folder.

Link to comment
Share on other sites

benners said;

"The Flag was changed to the dword value of 43 but shortly after was updated to 71."

Perhaps better expressed as 'the Flag was changed to the DWORD value of 0x00000043 (67) ,

but shortly after was updated to DWORD value 0x00000047 (71) '.

Edited by buyerninety
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Create New...