I’m sorry I’m not writing something interesting every week but recently not so much interesting stuff has been happening.
But this week I finally had something challenging to work on: Exporting Internet Explorer registry settings.
The vexing part: Even if you change some settings in Internet Explorer, the changes are stored in the HKU hive rather than the HKCU hive of the registry.
A colleague sent me the key name he needed exported on all workstations where we will deploy a newer version of Internet Explorer but because we need to preserve some settings (some proxy configuration file), we export the registry key HKU\__your__SID__here__\Software\Microsoft\Windows\CurrentVersion\Internet Settings” and import it later once the update has been deployed.
On the command line, you can the command REG to query, display, export and import keys and values. The vexing thing is: There is a non-fixed part int the key path: After HKU\, the following SID starts with S-1-5-21 but can vary – probably based on the operating system image you deploy. Meaning: If you only use one super-duper OS image for all installations, you should be safe. If you also do manual installations, you need to find this SID before you can export the “Internet Settings”.
Thankfully, it’s possible to use wildcards in batch files together with REG.
Here’s how I find the SID:
***********************
@echo OFF
setlocal ENABLEEXTENSIONS
set HKH=”HKU”
set HKH_VALUE=S-1-5-21*
FOR /F “usebackq tokens=2 delims=\” %%A IN (`REG QUERY %HKH% /f %HKH_VALUE% /k 2^>nul`) DO (
set HKUV=%%A
)
***********************
The FOR line returns two lines when querying for HKU\S-1-5-21, name HKU\S-1-5-21…. and HKU\S-1-5-21….._Classes, the second one of which is assigned to HKUV. Notice the clever use of tokens and delims 😉
Next, I process the value in HKUV:
***********************
FOR /f “usebackq tokens=1 delims=_” %%X IN (`echo %HKUV% `) DO (
set HKUVAL=%%X
)
***********************
Again using for I cut apart the HKU\S-1-5-21….._Classes key using “_” as delimiter and save only the first part (tokens=1) in HKUVAL. Et voilà !
Finally I can use REG to export HKU\%HKUVAL%\…. to export this to a file. And since it can (and must) be run as user, I can do that using a login script deployed using GPO and even use environment variables such as %USERNAME% to put the file wherever I want e.g. %USERPROFILE%\DESKTOP\%USERNAME%_ie_old.reg
The last object in the path of eternal obstacles: If you try to save this file to a network share, make sure the appropriate user group has permissions to create files and append data. And as in most cases you’re safer off specifying “domain\authenticated users” rather than “everyone” as user group.