Hi Maurit,
I believe I understand your post / questions correctly so want to highlight
a few things for you. Firstly the NTUSER.DAT file within a users profile is
actually their HKEY_CURRENT_USER hive - I think you know this already
because of the copying exercise. This file is mapped when the user logs
onto a machine and becomes HKCU - see
http://www.insidetheregistry.com/reg...se.asp?keyid=2
One of the potential issues in doing what you are doing (saving
HKEY_CURRENT_USER to NTUSER.DAT file and then copying it) is that the
HKEY_CURRENT_USER you are saving will contain personal settings specific for
the user you are copying it from, everything from application settings to
security settings and so fourth. Unless you then go back and remove all of
those settings you can potentially cause yourself a little pain and trouble
down the line. Why is it you use this method - are you trying to deploy
various 'default' settings to users?
I may be mistaken but it appears you are using this method to apply policy
settings, basically baking the policy settings into the NTUSER.DAT file
(HKEY_CURRENT_USER) and then copying this to your users to enforce the
restrictions - is this the case? Is there any reason you can't actually
create a group policy on the domain and have that apply to your machines?
It's also worth nothing that there are many policy settings that can be
applied at a machine level (HKEY_LOCAL_MACHINE) and also a user level
(HKEY_CURRENT_USER) and it is possible that although you are setting a
policy registry value in HKEY_CURRENT_USER it's being overridden by another
policy set somewhere else.
Obviously I (we) would like to help you achieve what you want here so if you
can try to explain what your trying to do and why you are doing your
registry save (and how) and deploying the NTUSER.DAT file it would be a
really good start.
With Best Regards,
Jon
www.insidetheregistry.com
---