REGINI (Windows7/2008 or XP Resource kit)

Change Registry Permissions.

      REGINI [-m \\machinename] [-i n]
         [-o outputWidth][-b] textFiles...

      REGINI [-h hivefile hiveroot] [-i n]
         [-o outputWidth][-b] textFiles...

   -m     A remote computer to be modified.

   -h     The local hive to manipulate.

   -i n   The display indentation multiple.  Default is 4

   -o outputWidth 
          The width of the command output.  By default the outputWidth is set
          to the width of the console window unless standard output has 
          been redirected to a file, in which case, 240 is used.

   -b     Make REGINI backward compatible with older versions of REGINI that
          did not strictly enforce line continuations and quoted strings
          Specifically, REG_BINARY, REG_RESOURCE_LIST and
          REG_RESOURCE_REQUIREMENTS_LIST data types did not need line
          continuations after the first number that gave the size of the data.
           It just kept looking on following lines until it found enough data
           values to equal the data length or hit invalid input.  Quoted
           strings were only allowed in REG_MULTI_SZ.  They could not be
           specified around key or value names, or around values for REG_SZ or
           REG_EXPAND_SZ  Finally, the old REGINI did not support the semicolon
           as an end of line comment character.

   textFiles One or more ANSI or Unicode text files containing registry data.

The easiest way to understand the format of the input textFile is to use the REGDMP command with no arguments to dump the current contents of
your Registry to standard out. Redirect standard out to a file and this file is acceptable as input to REGINI

Some general rules are:
Semicolon character is an end-of-line comment character, provided it is the first non-blank character on a line

Backslash character is a line continuation character. All characters from the backslash up to but not including the first non-blank character of the next line are ignored. If there is more than one space before the line continuation character, it is replaced by a single space.

Indentation is used to indicate the tree structure of registry keys The REGDMP program uses indentation in multiples of 4. You may use hard tab characters for indentation, but embedded hard tab characters are converted to a single space regardless of their position

Values should come before child keys, as they are associated with the previous key at or above the value's indentation level.

For key names, leading and trailing space characters are ignored and not included in the key name, unless the key name is surrounded by quotes. Imbedded spaces are part of a key name.

Key names can be followed by an Access Control List (ACL) which is a series of decimal numbers, separated by spaces, bracketed by a square brackets (e.g. [8 4 17]). The valid numbers and their meanings are:

              1  - Administrators Full Access
              2  - Administrators Read Access
              3  - Administrators Read and Write Access
              4  - Administrators Read, Write and Delete Access
              5  - Creator Full Access
              6  - Creator Read and Write Access
              7  - World Full Access
              8  - World Read Access
              9  - World Read and Write Access
              10 - World Read, Write and Delete Access
              11 - Power Users Full Access
              12 - Power Users Read and Write Access
              13 - Power Users Read, Write and Delete Access
              14 - System Operators Full Access
              15 - System Operators Read and Write Access
              16 - System Operators Read, Write and Delete Access
              17 - System Full Access
              18 - System Read and Write Access
              19 - System Read Access
              20 - Administrators Read, Write and Execute Access
              21 - Interactive User Full Access
              22 - Interactive User Read and Write Access
              23 - Interactive User Read, Write and Delete Access

If there is an equal sign on the same line as a left square bracket then the equal sign takes precedence, and the line is treated as a registry value. If the text between the square brackets is the string DELETE with no spaces, then REGINI will delete the key and any values and keys under it.

           For registry values, the syntax is:

              value Name = type data

Leading spaces, spaces on either side of the equal sign and spaces between the type keyword and data are ignored, unless the value name
is surrounded by quotes. If the text to the right of the equal sign is the string DELETE, then REGINI will delete the value.

The value name may be left off or be specified by an at-sign character which is the same thing, namely the empty value name. So the following two lines are identical:

= type data
@ = type data

This syntax means that you can't create a value with leading or trailing spaces, an equal sign or an at-sign in the value name, unless you put the name in quotes.

Valid value types and format of data that follows are:

              REG_SZ text
              REG_EXPAND_SZ text
              REG_MULTI_SZ "string1" "str""ing2" ...
              REG_DATE mm/dd/yyyy HH:MM DayOfWeek
              REG_DWORD numberDWORD
              REG_BINARY numberOfBytes numberDWORD(s)...
              REG_NONE           (same format as REG_BINARY)
              REG_RESOURCE_LIST  (same format as REG_BINARY)
              REG_RESOURCE_REQUIREMENTS      (same format as REG_BINARY)
              REG_RESOURCE_REQUIREMENTS_LIST (same format as REG_BINARY)
              REG_FULL_RESOURCE_DESCRIPTOR   (same format as REG_BINARY)
              REG_QWORD numberQWORD
              REG_MULTISZ_FILE fileName
              REG_BINARYFILE fileName

If no value type is specified, default is REG_SZ

For REG_SZ and REG_EXPAND_SZ, if you want leading or trailing spaces in the value text, surround the text with quotes. The value text
can contain any number of imbedded quotes, and REGINI will ignore them, as it only looks at the first and last character for quote characters.

For REG_MULTI_SZ, each component string is surrounded by quotes. If you want an imbedded quote character, then double quote it, as in string2 above.

For REG_BINARY, the value data consists of one or more numbers The default base for numbers is decimal. Hexidecimal may be specified by using 0x prefix. The first number is the number of data bytes, excluding the first number. After the first number must come enough numbers to fill the value. Each number represents one DWORD or 4 bytes. So if the first number was 0x5 you would need two more numbers after that to fill the 5 bytes. The high order 3 bytes
of the second DWORD would be ignored.

Whenever specifying a registry path, either on the command line or in an input file, the following prefix strings can be used:

   Each of these strings can stand alone as the key name or be followed
   a backslash and a subkey path.


Grant Admin full access and World Read/Write access to an HKLM registry key on computer64:


HKEY_LOCAL_MACHINE\Software\Classes\SS64 [1 9]


C:\> RegIni -m \\computer64 regdemo.txt

“If you're not failing every now and again, it's a sign you're not doing anything very innovative” - Woody Allen


Regini documention - Full docs originally provided as part of the Windows Server 2000 Resource Kit
REGEDIT - Import or export registry settings
REG - Registry: Read, Set, Export, Delete keys and values
Q245031 - Use a script to change registry permissions
Q237607 - Use Regini.exe to set permissions on registry

© Copyright 1999-2015
Some rights reserved