Fixing Profile permissions

A friend of mine (adopted brother) accidentally infected his laptop with malware and I’ve finally made time (and was able to) to restore his setup.

He has an Acer Aspire 5500 with Windows XP Media Center 2005, but didn’t have restore discs. After calling Acer tech support I was quoted a $30 fee for replacement.

Seemed high, but there didn’t seem to be any other option. Due to funding issues at the time the restore task was put on hold.

A week later I was repairing another family member’s desktop system and had to call Dell for restore discs. They shipped me a new set free of charge and were very quick about it (no nonsense dialog and shipping both). In the future I’ll be sure to use their online chat for all trouble issues as it was a breeze.

I mention both of these situations because of the similarities and the differences.

In both cases I had a backup of their profiles and wanted to restore them with all settings intact. I did the following:

  1. Backed the systems up
  2. Restored the systems
  3. Created a user account with non-admin rights for them to use as their day-to-day tasks.
  4. Logged in with the new account
  5. Rebooted the system so the newly created account’s registry hive would be unloaded.
  6. Copied the old files over and choosing to overwrite the new files.
  7. Loaded the registry hive and granted full rights to the newly created non-admin account.

That is where the similarities ended.

Continue reading

Moving a Windows profile

I would copy a profile from a user’s system, wipe it, reinstall and then copy the profile back only to find that if the person had admin rights, no problem – everything worked. If not, even after I gave their new account full permissions odd things like missing backgrounds would happen (Windows XP theme settings).

With the help of my wife (who made me describe in length the process), I tracked it down to the SID being different in the profile registry settings. The registry hive for the profile had security set to the old SID, whereas the new account had a totally different one.

Once I followed the steps here and changed the permissions to allow the new account full access, everything worked.

Just thought I’d pass that along. Hope it helps someone.

Reading the registry via Win32API


I had no idea just how badly my knowledge of C programming was until I attempted to read a single value from the registry.

In the end I found that the majority of my problems were because of UNICODE being defined for Windows XP and Windows Vista. For all I know it’s probably defined for Windows 2000 and newer.

I “cheated” in a way and used the ANSI versions of the functions due to my inexperience. Hopefully I’ll be able to revisit the project in the future and fix it the way it should have been to begin with.

Fall feeling in the air

I rushed outside this morning (running behind) to find the air crisp and feeling very much like my favorite season on the way.

Work was “work” and progress seemed to crawl along. I managed to complete (let’s hope) a Python script to inject binary values into two registry keys depending on what system it runs on. The keys represent “mail boxes” for locked printer jobs.

The hex encoded binary string is 8176 characters long (only stating it because I’m sort of amazed at the length) and contains all settings for that printer. I wonder if the devs realized that breaking individual settings out into subkeys would be a good thing?

Oh well.

I’m also making good progress on an audio volume limiter (governor). It’ll run every X seconds and make sure that the various mixer volume levels are within a set threshold. If not the volume controls will be lowered to the maximum allowed.

The concept and pseudocode is pretty simple, but dealing with the WinAPIs is another story.

Thankfully I found an article showing how to set the master volume and I managed to get the waveOut code from there. I had no idea just how ugly working with ALL CAPS TYPEDEFS CAN BE. IT’S NOT LIKE IT MAKES IT HARD TO READ OR ANYTHING. I’m sure I’ll get used to it.