Dave,
By more secure do you mean harder for a user to get at?
*See below for Group Policy.
Anything in HKEY_LOCAL_MACHINE is machine wide, user doesn't matter.
Anything means any setting, no matter what the setting is. So anything
in any Run key will start regardless what user logs on.
Anything in HKEY_CURRENT_USER is for the current logged on user.
Anything means any setting, no matter what the setting is.
I.e. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Anything in HKEY_USERS\SID#Here is for a particular user.
I.e. HKEY_USERS\SID#Here\Software\Microsoft\Windows\CurrentVersion\Run
-----
Any changes made in the HKEY_CURRENT_USER hive will also be made in the
corresponding keys in HKEY_USERS\Security ID (SID) of current user
subkey. And vice versa.
The HKEY_CURRENT_USER subtree contains the user profile for the user who
is currently logged on to the computer.
The information in HKEY_CURRENT_USER is built from the HKEY_USERS key
during the logon process. Therefore, all information found in the
HKEY_CURRENT_USER key is a copy of the subkey HKEY_USERS\username, where
username is the name of the active user (or Default).
The HKEY_CURRENT_USER subtree does not contain any data. It just stores
a pointer to the content of the HKEY_USERS\Security ID (SID) of current
user subkey. Therefore, the content of that subkey also appears in
HKEY_CURRENT_USER, and it can be viewed and changed in either location.
The HKEY_CURRENT_USER subtree just provides easier access to the data.
HKEY_CURRENT_USER Contains the user profile for the user who is
currently logged on interactively (as opposed to remotely), including
environment variables, desktop settings, network connections, printers,
and program preferences. This subtree is an alias of the HKEY_USERS
subtree and points to HKEY_USERS\security ID of current user.
The HKEY_USERS subtree contains all actively loaded user profiles.
HKEY_USERS has at least three keys:
• .DEFAULT
• A subkey named for the Security Identifier (SID) of the current
local user. This subkey contains the current user's profile. The data
in HKEY_USERS\SID also appears in HKEY_CURRENT_USER.
• A subkey named for the Security Identifier (SID) of the current
local user with the _Classes suffix. This subkey contains the current
user's Classes. The data in HKEY_USERS\SID\_Classes is also contained in
HKEY_CLASSES_ROOT.
References:
About the Windows Registry
http://www.microsoft.com/resources/...Serv/2003/all/deployguide/en-us/RegTopics.asp
Description of HKEY_CURRENT_USER Registry Subkeys
http://support.microsoft.com/default.aspx?scid=kb;en-us;310595
Registry overview
http://www.microsoft.com/resources/...ard/proddocs/en-us/sag_ntregconcepts_yynh.asp
----
* If XP Pro, use Group Policy.
For the machine...
Computer Configuration\Administrative Templates\System\Logon\
and
For the user...
User Configuration\Administrative Templates\System\Logon\
Run these programs at user logon
[[Specifies additional programs or documents that Windows starts
automatically when a user logs on to the system.
To use this setting, click Show, click Add, and then, in the text box,
type the name of the executable program (.exe) file or document file.
Unless the file is located in the %Systemroot% directory, you must
specify the fully qualified path to the file.
Note: This setting appears in the Computer Configuration and User
Configuration folders. If both settings are configured, the system starts
the programs specified in the Computer Configuration setting just before
it starts the programs specified in the User Configuration setting.
Also, see the "Do not process the legacy run list" and the "Do not
process the run once list" settings.]]
MACHINE (Computer Configuration)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\
CurrentVersion\Policies\Explorer\Run
and
USER (User Configuration)
HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Policies\Explorer\Run
--
Hope this helps. Let us know.
Wes
MS-MVP Windows Shell/User
In
Dave said:
Thanks Wesley. I should have said that I need something more secure than
just putting a shortcut in a startup directory, which rules out a and
b1. Also a and b1 are no good as they will both run the program as the
current user, which is exactly what I need to change. However, b2 -
putting in in
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
is worth looking into - I had just assumed that was for services only,
but I suppose there's no reason not to put a program in there. The
question is, what user does it run as? What I could really do with is a
registry entry that specifies both the program and the user. However I
shall look into RunServices, thanks for that. --
Dave
:
a.
To run a program when Windows starts, for a particular user, place a
program shortcut in
C:\Documents and Settings\User's Name Here\Start Menu\Programs\Startup
b.
To run a program when Windows starts, regardless of who is logged on,
place a program shortcut in
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
To run a program when Windows starts and no one is logged on, start it
from
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
This key loads before anyone logs on.
c.
That probably would depend on if the application was installed for all
users or just for a particular user.
--
Hope this helps. Let us know.
Wes
MS-MVP Windows Shell/User
In Dave <
[email protected]> hunted and pecked:
I'm trying to find a way to run an application at startup or at login
under an adminstrator user. I know the obvious way is to run as a
service, but I have reasons not to do that.
So, does anyone know if it is possible to either:
a) run an app at startup, specifying the user,
b) run an app at logon, specifying the user (ie not the one that
logged on) c) change an app's user (or its privileges)
programatically from within the app.
The existence of the "Run as..." command leads me to think it must be
possible, but I've no idea how.