Delphi Write Registry on Windows Service Application

Question

I am working on windows service and i need to write registry HKCU keys on windows service mode but i know is not possible.

HKCU\Software\Microsoft\Windows\CurrentVer\Policies\Explorer\RestrictRun

I need to write this key, if i cant do that with windows service, how can i write to this key without admin rights? or is it possible?

Actually i can write this key on HKLM but it doesn't work on this key.

procedure CreatePolicy(AppName: string);
var
  Reg: TRegistry;
Begin
  Reg := TRegistry.Create;
  try
    Reg.RootKey := HKEY_CURRENT_USER;
    if Reg.OpenKey
      ('Software\Microsoft\Windows\CurrentVersion\Policies\Explorer', True) then
      Reg.WriteInteger('RestrictRun', 1);
    if Reg.CreateKey('RestrictRun') then
      if Reg.OpenKey('RestrictRun', True) then
        Reg.WriteString(AppName, AppName);
  except
    Reg.CloseKey;
    Reg.Free;
  end;
  Reg.CloseKey;
  Reg.Free;
end

My Delphi version is XE7.

Which user account's registry do you want to modify? Do you appreciate that services do not run under the logged in user account? — David Heffernan, Aug 26 '18 at 21:40
@DavidHeffernan actually i want for all users and because of i tryed HKLM root key but doesnt work. My application is remote management tool and only machines important for me. This policies should be include all acccounts on remote computer. — Maximilliane, Aug 26 '18 at 21:47
So you need to iterate over all users and write to. Each one's hive. It sounds like you don't fully understand services, users, sessions etc. I think you need better foundations before you proceed. As an interesting thought experiment, what happens if a new user is created after your code runs? — David Heffernan, Aug 26 '18 at 22:12
@DavidHeffernan Deffinatelly you’re right, i am still learning. — Maximilliane, Aug 26 '18 at 22:14
@JamesFranklin that was important information that should have been included in your question to begin with. — Remy Lebeau, Aug 27 '18 at 06:01

Remy Lebeau · Answer 1 · 2018-08-27T06:04:26.943

3

You do not need admin rights to access most sections of a user's HKEY_CURRENT_USER hive from an app that is running in that user's own session. However, non-admin users do not have write access to HKCU\Software\Microsoft\Windows\CurrentVersion\Policies specifically, and its subkeys. So, you are stuck requiring admin rights to modify policies.

A service can use CreateProcessAsUser() to run a non-service app in a specific user's session, if that user is already logged in. The service can use WTSEnumerateSessions() and WTSQuerySessionInformation() to locate the desired user session, and then use WTSQueryUserToken() to get the session's user token that is needed for CreateProcessAsUser().

However, if the service wants to directly access a user's HKEY_CURRENT_USER hive, and if the service is not running as that user, then the service must impersonate that user first, then it can call RegOpenCurrentUser() to obtain an HKEY handle to the user's HKEY_CURRENT_USER hive.

edited Aug 27 '18 at 06:04

answered Aug 26 '18 at 19:18

Remy Lebeau

555,201
31
458
770

thanks for quick answer. You said "You do not need admin rights to access a user's HKEY_CURRENT_USER hive from an app running in that user's own session" so, my code is not working for normal application and without admin rights. Maybe i got it all wrong. So service executing before logon and my procedure execute on service start, can i write data to hkcu? – Maximilliane Aug 26 '18 at 21:05
Your code is problematic to begin with. One, you are not using `TRegistry` correctly. Two, although non-admin users have write access to HKCU, they do not have write access to `HKCU\Software\Microsoft\Windows\CurrentVersion\Policies` and its subkeys. So, you are stuck requiring admin rights. – Remy Lebeau Aug 27 '18 at 06:00

Delphi Write Registry on Windows Service Application

1 Answers1