Back in the days, when I started out being a newbie in the software deployment world, I had no real grasp about the different contexts (USER vs. SYSTEM), and I found it to be a trivial task to combine the two.
Today I find it an obvious approach, and in this post, I will give a quick example of how to modify registry for the CURRENTLY logged on user, while delivering an installation in SYSTEM context.
Oftentimes the scenario is, that you need to deploy software which requires local SYSTEM permissions, and while doing so, you’d like to modify the registry for the CURRENTLY logged on user.
There’s no real requirement, as to whether you are using Configuration Manager or Intune in this specific scenario. The magic lies within PowerShell.
I do however, often use this with the PowerShell App Deployment Toolkit and ConfigMgr. When doing so, the installation paragraph often looks similar to below:
Execute-Process -Path 'powershell.exe' -Parameters "-ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File `"$dirFiles\Edit-DocumentaalRegistry.ps1`""
Find my PowerShell script on my GitHub page: PowerShell/Edit-HKCURegistryfromSystem.ps1 at master · imabdk/PowerShell (github.com)
This script will do following:
- Find the username of the currently logged on user
- Use the username, to get the SID of the logged on user
- Use the SID, to be able to modify the HKEY_Users hive in registry
- Modify the configured portion of the registry for the logged on user (edit this to suit your needs)