/build/static/layout/Breadcrumb_cap_w.png

Registry : Granting permissions

Hi

I need to grant full permission to a registry key which is installed by my application. Does anyone know how to approach this? I have seen a solution on these forums before, but cant seem to find it now.

The key is in HKLM\Software.

Any advice would be appreciated.
Thanks!
Lyall

0 Comments   [ + ] Show comments

Answers (6)

Posted by: misk 18 years ago
Orange Senior Belt
0
granting permissions to the entire hklm\software key is not a good idea. however to answer the question you asked, you can use the lockpermissions table in your msi. this is not the best practice solution though,secedit is a better approach. do a search for secedit on this forum and you should get some useful info
Posted by: WiseUser 18 years ago
Fourth Degree Brown Belt
0
ORIGINAL: lyallh

Hi

I need to grant full permission to a registry key which is installed by my application. Does anyone know how to approach this? I have seen a solution on these forums before, but cant seem to find it now.

The key is in HKLM\Software.

Any advice would be appreciated.
Thanks!
Lyall


Try reading this:

http://www.appdeploy.com/messageboards/fb.asp?m=8692
Posted by: rahvintzu 18 years ago
Orange Senior Belt
0
Also If you have allready rolled it out, then you can do ACLs on Registry via group policy.
Posted by: The Packeteer 18 years ago
Senior Yellow Belt
0
lyallh,

Judging by the name im thinking your using WISE for packaging.

I create a Seperate Seciruty Template using the Microsoft Windows Administrative Tools. --> Security Templates

(templates are located : c:\windows\security\templates )

In this template i create a Entry of the Key or Strings you want the security set on. --> set the correct security Groups/Users.

Import this (YourTemplate).inf from the security/templates in your WSI in the same location ( c:\windows\security\templates ).

Set a property in your WSI that is already there, its called : SecurityFile=0 --> change this to SecurityFile=(YourTemplate)
Do NOT put the INF behind it, just the name.

When your package is gonna be deployed the security will be set due to that template.

This sequence can be repeated for every application.

Regards,

The Packeteer

p.s. WiseUser sorry for the redirection ;-) i was reading multiple threads :-) thanks for the heads up!
Posted by: WiseUser 18 years ago
Fourth Degree Brown Belt
0
I do tend to use Wise... but I'm not the person asking the question - I think it's lyallh your question should be directed at?
[;)]
Posted by: Foleymon 18 years ago
Orange Senior Belt
0
You can also use Subinacl.exe from Microsoft. File, information and usage can be found here.

This line below will do what you are asking but I really don't think that is what you want to do.

subinacl.exe /subkeyreg HKEY_LOCAL_MACHINE\SOFTWARE\ /grant=Users=F
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ