Set registry key owner
In chapter 7 of PowerShell and WMI I stated that I would post a .NET version of a script to set ownership of a registry key. The WMI method needs Vista or above so we need the .NET version for pre-Vista operating systems.
function set-regkeyowner {
[CmdletBinding()]
param (
[parameter(Mandatory=$true)]
[string]
[Validateset(“HKCR”, “HKCU”, “HKLM”, "HKUS", "HKCC")]
$hive,
[parameter(Mandatory=$true)]
[string]$key
)
PROCESS {
Write-Verbose "Set Hive"
switch ($hive){
“HKCR” {$reg = [Microsoft.Win32.Registry]::ClassesRoot}
“HKCU” {$reg = [Microsoft.Win32.Registry]::CurrentUser}
“HKLM” {$reg = [Microsoft.Win32.Registry]::LocalMachine}
"HKUS" {$reg = [Microsoft.Win32.Registry]::Users}
"HKCC" {$reg = [Microsoft.Win32.Registry]::CurrentConfig}
}
$permchk = [Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree
$regrights = [System.Security.AccessControl.RegistryRights]::ChangePermissions
Write-Verbose "Open Key and get access control"
$regkey = $reg.OpenSubKey($key, $permchk, $regrights)
$rs = $regkey.GetAccessControl()
Write-Verbose "Create security principal"
$user = New-Object -TypeName Security.Principal.NTaccount -ArgumentList "Administrators"
$rs.SetGroup($user)
$rs.SetOwner($user)
$regkey.SetAccessControl($rs)
}
}
Take a hive and key as parameters. Use a switch to set the Registry enumeration and then set the permissions and rights we want. Open the key and get the access controls.
Create a security principal for the Administrators group and set the group and owner in the access control. Use SetAccessControl to change the permissions