EnumUsersReg: Difference between revisions
From NSIS Wiki
Jump to navigationJump to search
No edit summary |
m (category) |
||
| Line 145: | Line 145: | ||
FunctionEnd</highlight-nsis> | FunctionEnd</highlight-nsis> | ||
[[{{ns:14}}:User Accounts Related Functions]] | |||
Revision as of 09:27, 13 June 2005
This script will enumerate all local users and load their registry hives (HKCU) one by one. You can use it to delete settings of logged off users.
Note that registry hives of logged on users will not be loaded as RegLoadKey doesn't seem to be able to load hives twice.
Usage Example
!include "EnumUsersReg.nsh" Name EnumUsersReg OutFile EnumUsersReg.exe ShowInstDetails show Section ${EnumUsersReg} CallbackFunction temp.key SectionEnd Function CallbackFunction ReadRegStr $0 HKU "temp.key\Software\Microsoft\Internet Explorer" "Download Directory" DetailPrint $0 FunctionEnd
EnumUsersReg.nsh
!include "LogicLib.nsh" !define TOKEN_QUERY 0x0008 !define TOKEN_ADJUST_PRIVILEGES 0x0020 !define SE_RESTORE_NAME SeRestorePrivilege !define SE_PRIVILEGE_ENABLED 0x00000002 !define HKEY_USERS 0x80000003 !macro _EnumUsersReg_AdjustTokens StrCpy $R1 0 System::Call "kernel32::GetCurrentProcess() i .R0" System::Call "advapi32::OpenProcessToken(i R0, i ${TOKEN_QUERY}|${TOKEN_ADJUST_PRIVILEGES}, \ *i R1R1) i .R0" ${If} $R0 != 0 System::Call "advapi32::LookupPrivilegeValue(t n, t '${SE_RESTORE_NAME}', *l .R2) i .R0" ${If} $R0 != 0 System::Call "*(i 1, l R2, i ${SE_PRIVILEGE_ENABLED}) i .R0" System::Call "advapi32::AdjustTokenPrivileges(i R1, i 0, i R0, i 0, i 0, i 0)" System::Free $R0 ${EndIf} System::Call "kernel32::CloseHandle(i R1)" ${EndIf} !macroend !macro _EnumUsersReg_Load FILE CALLBACK SUBKEY GetFullPathName /SHORT $R2 ${FILE} System::Call "advapi32::RegLoadKey(i ${HKEY_USERS}, t '${SUBKEY}', t '${FILE}') i .R2" ${If} $R2 == 0 Push $0 Push $1 Push $R0 Push $R1 Push $R2 Call "${CALLBACK}" Pop $R2 Pop $R1 Pop $R0 Pop $1 Pop $0 System::Call "advapi32::RegUnLoadKey(i ${HKEY_USERS}, t '${SUBKEY}')" ${EndIf} !macroend !macro EnumUsersReg CALLBACK SUBKEY Push $0 Push $1 GetFunctionAddress $0 "${CALLBACK}" StrCpy $1 "${SUBKEY}" Call _EnumUsersReg Pop $1 Pop $0 !macroend !define EnumUsersReg "!insertmacro EnumUsersReg" Function _EnumUsersReg Push $R0 Push $R1 Push $R2 System::Call "kernel32::GetVersion() i .R0" IntOp $R0 $R0 & 0x80000000 ${If} $R0 == 0 # nt !insertmacro _EnumUsersReg_AdjustTokens StrCpy $R0 0 ${Do} EnumRegKey $R1 HKLM "SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" $R0 ${If} $R1 != "" ReadRegStr $R1 HKLM "SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\$R1" \ ProfileImagePath ExpandEnvStrings $R1 $R1 !insertmacro _EnumUsersReg_Load "$R1\NTUSER.DAT" $0 $1 IntOp $R0 $R0 + 1 ${EndIf} ${LoopUntil} $R1 == "" ${Else} # 9x ClearErrors FindFirst $R1 $R2 "$WINDIR\Profiles\*.*" ${Unless} ${Errors} ${Do} ${If} $R2 != "." ${AndIf} $R2 != ".." ${If} ${FileExists} "$WINDIR\Profiles\$R2\USER.DAT" !insertmacro _EnumUsersReg_Load "$WINDIR\Profiles\$R2\USER.DAT" $0 $1 ${EndIf} ${EndIf} ClearErrors FindNext $R1 $R2 ${LoopUntil} ${Errors} FindClose $R1 ${EndUnless} ${Endif} Pop $R2 Pop $R1 Pop $R0 FunctionEnd
