Modify a user’s registry hive without logging in

by Shijaz Abdulla on 23.06.2007 at 13:35

ModifyProfile, an ingenious freeware tool written by Marty List, lets you modify the HKEY_CURRENT_USER registry hive of any user on your machine, without requiring the user to login.

By design, Windows has a different HKEY_CURRENT_USER hive for every user that has a profile on the Windows computer. This is stored in the C:Documents & SettingsusernameNTUser.dat file in each user’s profile. This hive is “loaded” whenever the user logs in and is displayed in REGEDIT as the HKEY_CURRENT_USER hive. Depending on which user is logged in, the hive is different, because a different NTUser.dat file has been loaded.

Sometimes an administrator needs to change a registry value in the HKEY_CURRENT_USER hive of many or all users who log on to a particular system. I’ve seen that adminsitrators are usually confronted with this kind of a challenge on Terminal Servers, where multiple users estabish remote desktop/terminal sessions, and a change/restriction needs to be made in the HKEY_CURRENT_USER hive of all users.

Instead of having to login to each user’s session or write a login script to make the change, the administrator can pick a time when no user will be logged in (because the NTUser.dat file should not be “in use”) and use the ModifyProfile tool from the administrator’s command line.

For instance, I can implement a registry change stored in a .reg file for all users, by using a single command like:

ModifyProfile.exe /PROFILE:ALL /REG:”C:TEMPChanges.reg” /KEYNAME:TempHive
and ModifyProfile will open each user’s hive and do the job!