After i successfully create a new user, add user to built-in admins group, i would like to edit the newly created user's registry (this program is an elevated-as-admin program). I called NetUserAdd(), NetLocalGroupAddMembers(), LogonUser(), and then, finally LoadUserProfile() so the user's directory exists.
Excuse the sloppy code, but this is what I am doing after that:
DuplicateTokenEx(hToken,TOKEN_ALL_ACCESS,&sa,SecurityImpersonation,TokenPrimary,&hNewToken);
ImpersonateLoggedOnUser(hNewToken);
HKEY hKey;
LSTATUS stat = RegOpenCurrentUser(KEY_READ|KEY_WRITE, &hKey);
// stat is 5 (ACCESS_DENIED) when KEY_WRITE is added, it
// returns 0 (ERROR_SUCCESS) when it's just KEY_READ
RegCloseKey(hKey);
RevertToSelf();
CloseHandle(hNewToken);
The error is on the RegOpenCurrentUser() line. It errors out when I ask to write to that user's HKU registry. It works perfectly fine if I use just KEY_READ
Is this even possible what I am trying to do? Is the user's registry hive even created yet? Or does the user have to physically sign on to create it?
Ultimately what i would want to do is create GPO's for the new user.
If you already have the user profile loaded with LoadUserProfile(), you don't really need to use RegOpenCurrentUser() at all. You can instead use the hProfile field of the PROFILEINFO that LoadUserProfile() returns:
hProfile
Type: HANDLEA handle to the HKEY_CURRENT_USER registry subtree.
...
When the LoadUserProfile call returns successfully, the hProfile member receives a registry key handle opened to the root of the user's subtree, opened with full access (KEY_ALL_ACCESS).