Setting HKEY_USERS keys in a custom Credential Provider RRS feed

  • Question

  • I'm currently working on some code to set HKEY_USERS registry values from our custom Credential Provider.  The code executes correctly in a standalone test application, but fails to open the base key (HKEY_USERS\S-1-5-21-.....) when doing a logon.  The code does work in the CP if you are performing a session unlock.  The error being returned from RegOpenKeyEx is 2 - File not found, but the registry path does exist.  Here is the syntax being used;  RegOpenKeyEx(HKEY_USERS, RegPath, 0, KEY_ALL_ACCESS, &userKey).  The actual registry path is HKEY_USERS\{SID}\Software\{Vendor}\{Product}.  The code is being executed from the ReportResult function in the Credential Provider.  Thanks in advance for any thoughts or suggestions. 
    Friday, January 11, 2019 2:13 PM


All replies

  • Just brainstorming here -- At the time of the call during logon to RegOpenKeyEx has the user's profile already been loaded?
    Friday, January 11, 2019 2:39 PM
  • It's possible.  I'll shift over to HKEY_CURRENT_USERS and see.  I'll let you know what I find.  Thanks!
    Friday, January 11, 2019 3:52 PM
  • If the user profile has not been loaded then HKEY_USERS\(Sid) will not be available.
    Friday, January 11, 2019 3:58 PM
  • No, the profile hasn't been loaded yet.  Thanks for the tip!
    • Marked as answer by gredman42 Friday, January 11, 2019 4:42 PM
    Friday, January 11, 2019 4:42 PM
  • Glad my observation about an unloaded user profile was helpful.  Do you think it deserves to be marked as an answer to your question?
    Friday, January 11, 2019 5:02 PM
  • Yes.  I know now that I need to call my Windows service to load the profile and modify the registry keys.


    Friday, January 11, 2019 6:23 PM