Menu
I know that we shouldn't being using the registry to store Application Data anymore, but in updating a Legacy application (and wanting to do the fewest changes), what Registry Hives are non-administrators allowed to use?
Can I access all of HKEY_CURRENT_USER (the application currently access HKEY_LOCAL_MACHINE) without Administrator privileges?
383
To open the registry: Open the Windows Start Menu. Type in "regedit" and press 'Enter' on the keyboard. Workstations which are a member of a domain will prompt for a password - just enter the password for your non-administrator account.
On Win10, REGEDIT always prompts for elevation, or for standard users, it asks for administrator credentials. @UweBaemayr It works, the same way as you can run nearly every tool in the Admin tools list with a normal account.
Administrative privileges are associated with your user account. Administrator users are allowed to have these privileges while Standard users are not. Without administrative privileges you will not be able to install software.
Having administrator rights (sometimes shortened to admin rights) means a user has privileges to perform most, if not all, functions within an operating system on a computer. These privileges can include such tasks as installing software and hardware drivers, changing system settings, installing system updates.
In general, a non-administrator user has this access to the registry:
Read/Write to:
HKEY_CURRENT_USERRead Only:
HKEY_LOCAL_MACHINEHKEY_CLASSES_ROOT (which is just a link to HKEY_LOCAL_MACHINE\Software\Classes)It is possible to change some of these permissions on a key-by-key basis, but it's extremely rare. You should not have to worry about that.
For your purposes, your application should be writing settings and configuration to HKEY_CURRENT_USER. The canonical place is anywhere within HKEY_CURRENT_USER\Software\YourCompany\YourProduct\
You could potentially hold settings that are global (for all users) in HKEY_LOCAL_MACHINE. It is very rare to need to do this, and you should avoid it. The problem is that any user can "read" those, but only an administrator (or by extension, your setup/install program) can "set" them.
Other common source of trouble: your application should not write to anything in the Program files or the Windows directories. If you need to write to files, there are several options at hand; describing all of them would be a longer discussion. All of the options end up writing to a subfolder or another under %USERPROFILE% for the user in question.
Finally, your application should stay out of HKEY_CURRENT_CONFIG. This hive holds hardware configuration, services configurations and other items that 99.9999% of applications should not need to look at (for example, it holds the current plug-and-play device list). If you need anything from there, most of the information is available through supported APIs elsewhere.
94
Yes, you should be able to write to any place under HKEY_CURRENT_USER without having Administrator privileges. But this is effectively a private store that no other user on this machine will be able to access, so you can't put any shared configuration there.
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
