HOWTO edit HKEY_CURRENT_USER that's not the ansible user?
440 views
Skip to first unread message
b...@tanners.org
Jun 16, 2017, 6:27:46 PM6/16/17
to Ansible Project
I need to make edits to HKEY_CURRENT_USER of a different user then the ansible_user.
How do I do that?
Any edits I make with win_regmerge are made to the ansible_user's registry.
I tried become_method: runas with become_user: but that throws a warning and error.
[WARNING]: The Windows 'runas' become method is experimental, and may change significantly in future Ansible releases.
FAILED! => {"failed": true, "msg": "The 'runas' become method requires a password (specify with the '-K' CLI arg or the 'ansible_become_password' variable)"}
I come from a linux/unix background so I thought runas would be like sudo would let me run the command as the become_user but I guess runas is a little different.
Any help?
Thanks.
Jordan Borean
Jun 16, 2017, 7:47:26 PM6/16/17
to Ansible Project
Hey
So the 'HKEY_CURRENT_USER' when running as 'user' can also be accessed at 'HKEY_USERS\S-1-5-21-2607664055-1112657780-300677247-500'.
Windows unfortunately doesn't have the concept of sudo like unix so to be able to run a process as another user you need to set the password as well as the username. Going by the error message you need to set 'ansible_become_password' to the password of the account you are wanting to run as. I haven't played around with runas unfortunately so I can't give you any more info.
Another option if you really want to go the route is using the 'HKEY_USERS' key. The entry for 'HKEY_CURRENT_USER' in 'HKEY_USERS' is located in this key under the SID (S-*-*-*-*-*). So using the 'user' account as an example I can use this command to get the SID of the Administrator account
$AdObj = New-Object System.Security.Principal.NTAccount('user')
$strSID = $AdObj.Translate([System.Security.Principal.SecurityIdentifier])
$strSID.ValueIt will return the value
So the 'HKEY_CURRENT_USER' when running as 'user' can also be accessed at 'HKEY_USERS\S-1-5-21-2607664055-1112657780-300677247-500'.
Hope this helps in some way.
Thanks
Jordan
Bob Tanner
Jun 17, 2017, 1:57:16 AM6/17/17
to Ansible Project
So the 'HKEY_CURRENT_USER' when running as 'user' can also be accessed at 'HKEY_USERS\S-1-5-21-2607664055-1112657780-300677247-500'.
I put the edits into the HKEY_USERS\S-*-*-*-*-* should they show up in the HKEY_CURRENT_USER when I'm logged in as that user?
It doesn't look like it.
Bob Tanner
Jun 17, 2017, 2:42:09 AM6/17/17
to Ansible Project
Difference between HKEY_Current_User and HKEY_USERs?
Suggests edits to HKEY_USERS should be reflected in HKEY_CURRENT_USER
Reply all
Reply to author
Forward
0 new messages