Change Permissions on Registry Hive Recursively
Below is a small powershell script that will add the “Everyone” Group to Full control for a the registry key HKEY_LOCAL_MACHINE\Software\MyKey. This script will then recursively change the permission on SubKeys and future keys. Save the text to a notepad document and call it something like RegPermissions.ps1
$acl = Get-Acl HKLM:\Software\MyKey
# Everyone has Full contol may do anything: $person = [System.Security.Principal.NTAccount]"Everyone" $access = [System.Security.AccessControl.RegistryRights]"FullControl" $inheritance = [System.Security.AccessControl.InheritanceFlags]"ObjectInherit,ContainerInherit" $propagation = [System.Security.AccessControl.PropagationFlags]"None" $type = [System.Security.AccessControl.AccessControlType]"Allow" $rule = New-Object System.Security.AccessControl.RegistryAccessRule($person,$access,$inheritance,$propagation,$type) $acl.ResetAccessRule($rule) Set-Acl HKLM:\Software\MyKey $acl
To run the program from a login script you can assign it to the computer and run using the following syntax:
powershell -executionpolicy bypass -File \\Server\Share\RegPermissions.ps1
Uncategorized | Wayne | 
January 31, 2012 6:30 am
2 Comments
Other Links to this Post
RSS feed for comments on this post. TrackBack URI
By Julio, April 25, 2012 @ 11:29 pm
I’ve recently been tasked to modify registry permissions so this really helps. Can you tell me how you would remove the Everyone group?
By Julio, April 27, 2012 @ 12:43 am
nvm….got it.