As an application packager I come across software all the time that requires some kind of registry value modification to the HKCU registry hive.

Software vendors typically overlook a mass deployment method and just give you a registry file to import with all kinds of references to the HKCU registry hive.

If you're doing a mass deployment of software (under LOCAL SYSTEM typically) the "HKCU hive" isn't available to you.

Notice how I put the HKCU hive in quotes? �I did this because, technically, there is no real HKCU hive. �The HKCU hive is simply an alias to the HKU\%SID% hive with the SID being the SID of whatever user is currently logged onto the console.

I could write a few posts just on this topic or an entire course module *wink* on this topic but to be pragmatic I decided just to share one of the more important functions I use.

This PowerShell function (when executed as any user) will search the HKU registry hive for any key matching a GUID pattern.

It's a pretty simple function but there's one caveat I wanted to mention. �On workstations, you'll usually only see a single GUID key. �Workstations can't support multiple users, right? �Technically, yes but I've seen instances where the hive won't unload properly and you'll see multiple SID keys there so don't go dropping this function in and writing your script expecting only a single string to come back. �I learned that lesson the hard way.

Also, if you run this on a terminal server you'll get back all of the SIDs of all the users that are logged in. �This can come in pretty handy for that as well.

function Get-LoggedOnUserSID {
    <#
        .SYNOPSIS
            This function queries the registry to find the SID of the user that's currently logged onto the computer interactively.
    #>
    [CmdletBinding()]
    param ()
    
    process {
        try {
            New-PSDrive -Name HKU -PSProvider Registry -Root Registry::HKEY_USERS | Out-Null
            (Get-ChildItem HKU: | where { $_.Name -match 'S-\d-\d+-(\d+-){1,14}\d+$' }).PSChildName
        } catch {
            Write-Error -Message "Error: $($_.Exception.Message) - Line Number: $($_.InvocationInfo.ScriptLineNumber)"
            $false
        }
    }
}

Join the Jar Tippers on Patreon

It takes a lot of time to write detailed blog posts like this one. In a single-income family, this blog is one way I depend on to keep the lights on. I'd be eternally grateful if you could become a Patreon patron today!

Become a Patron!