How to import a registry fix using SCCM 2012 R2?

I am attempting to create a package in SCCM 2012 R2 to import the following reg fix for Win XP, Win 7 & Win8.1 workstations:

": ExcludeHttpsRootDomain"=dword:00000001


The package source points to the O365ResourceAcctFix.reg file and I've added the following Command line to the program, but the installation still fails in Software Center on my test machine: regedit.exe /s "%~dp0O365ResourceAcctFix.reg"

How do I package this reg file? Does it require a batch file? Is it better practice to attempt this using powershell? 

All suggestions and feedback are appreciated!

0 Comments   [ + ] Show comments

Answers (4)

Answer Summary:
Posted by: SMal.tmcc 5 years ago
Red Belt

Top Answer

you can use reg.exe  add .... in a batch file to make the reg calls

REG QUERY [ROOT\]RegKey /v ValueName [/s]
REG QUERY [ROOT\]RegKey /ve --This returns the (default) value

REG ADD [ROOT\]RegKey /v ValueName [/t DataType] [/S Separator] [/d Data] [/f]
REG ADD [ROOT\]RegKey /ve [/d Data] [/f] -- Set the (default) value

REG DELETE [ROOT\]RegKey /v ValueName [/f]
REG DELETE [ROOT\]RegKey /ve [/f] -- Remove the (default) value
REG DELETE [ROOT\]RegKey /va [/f] -- Delete all values under this key

REG COPY [\\SourceMachine\][ROOT\]RegKey [\\DestMachine\][ROOT\]RegKey

REG EXPORT [ROOT\]RegKey FileName.reg
REG IMPORT FileName.reg
REG SAVE [ROOT\]RegKey FileName.hiv
REG RESTORE \\MachineName\[ROOT]\KeyName FileName.hiv

REG LOAD KeyName FileName

REG COMPARE [ROOT\]RegKey [ROOT\]RegKey [/v ValueName] [Output] [/s]
REG COMPARE [ROOT\]RegKey [ROOT\]RegKey [/ve] [Output] [/s]

HKLM = HKey_Local_machine (default)
HKCU = HKey_current_user
HKU = HKey_users
HKCR = HKey_classes_root

ValueName : The value, under the selected RegKey, to edit.
(default is all keys and values)

/d Data : The actual data to store as a "String", integer etc

/f : Force an update without prompting "Value exists, overwrite Y/N"

\\Machine : Name of remote machine - omitting defaults to current machine.
Only HKLM and HKU are available on remote machines.

FileName : The filename to save or restore a registry hive.

KeyName : A key name to load a hive file into. (Creating a new key)

/S : Query all subkeys and values.

/S Separator : Character to use as the separator in REG_MULTI_SZ values
the default is "\0"

/t DataType : REG_SZ (default) | REG_DWORD | REG_EXPAND_SZ | REG_MULTI_SZ

/reg:32 : Force REG.exe to write to the 32-bit registry location
/reg:64 : Force REG.exe to write to the 64-bit registry location

By default a 32-bit process (such as an SCCM client or a 32 bit MSI installer)
on a 64 bit machine, will use a 32-bit view of the registry: HKLM\SOFTWARE\Wow6432Node
Use the /REG switch to over-ride this.

Output : /od (only differences) /os (only matches) /oa (all) /on (no output)
Posted by: anonymous_9363 5 years ago
Red Belt
Remember you'll need to set the program to run in user context and only when the user is logged in.
Posted by: vjaneczko 5 years ago
9th Degree Black Belt
You can only use "%~dp0" in a .cmd file so either create one or remove it from your command line. Since sccm will copy the files to a cache folder and run the command from within that folder, you don't have to worry about it.
Posted by: kkaminsk 5 years ago
9th Degree Black Belt
Another approach could be to use Desired Configuration Management to push out the fix. If you get certified on CM2012 you can run into a question that explores that scenario. Not saying many people do this in real life but it is another option to reconfigure a setting if it is not set correctly as it will be checked for compliance over time opposed to a one time poke.

  • Best and recommended method would be this (Configuration Baseline via ConfigMGR). If you need to create the registry key you use a poweshell script to do that with a detection rule if it doesn't exist then execute, this would be one configuration item.

    From there you would have another configuration item that detects the value (if someone decides to change it) and have it set to the required value. This second one is native and doesn't need any scripts. - Rob_Cliffeild 5 years ago
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ