Copying Windows Registry Keys from One User to Another

Windows Registry - regedit.exe

After switching the logged on user on a Windows Service, I found out that the original user had some printers set up that were not present in the new user’s profile.

While I could have manually set up the necessary printers on the new user, it seemed that there must be a way to do this that would ensure that all of the printers were set up correctly on the new user.

Printer information for each user is stored in the HKEY_CURRENT_USER\Printers registry key.

However, the HKEY_CURRENT_USER hive only shows registry information for whatever user you’re logged on as. What if you wanted to copy from one user (other than you), to some other user?

The HKEY_CURRENT_USER key for each user is found in the registry under the HKEY_USERS hive, under each user’s SID. If you don’t have an easy way to find out what a user’s SID is, what then?

There is a solution! The information that is displayed in the HKEY_CURRENT_USER hive is stored in the NTUSER.DAT file in each user’s profile.

Each user’s hive can be loaded either from the Registry Editor or the command line. Both of these must be started as an Administrator to have the privileges to do this.

The example below shows how to do this from a command line. If the user whose hive to be copied is called OLDUSER, the following command (reg load) should attach the OLDUSER hive as HKEY_USERS\OLDUSER. This can be run from Command Prompt or PowerShell.

reg load C:\Users\OLDUSER\NTUSER.DAT

Do the same thing with the new user (NEWUSER):

reg load C:\Users\NEWUSER\NTUSER.DAT

Note: If either of these users is currently logged on or running a service, they must first be logged off or the service stopped.

In the Registry Editor, export (in this case) the Printers key from HKEY_USERS\OLDUSER into a .reg file.

Open the .reg file with an editor and replace all instances of OLDUSER with NEWUSER. Save the file. Execute the file by double-clicking on it. Confirm the dialog box to add the information to NEWUSER’s hive.

confirm registry change

To unload both users’ hives, execute the following commands:

reg unload OLDUSER
reg unload NEWUSER

(Remember to restart any Services that were stopped before loading!)

To verify that the information was copied correctly, you can log on as the new user and examine its HKEY_CURRENT_USER hive.

Enabling Single Sign-On in Citrix Receiver

Citrix logo

After downloading a new version of Citrix Receiver and installing it, I discovered that the single sign-on (SSO) functionality that used to “just work”, had stopped working.

After hunting through the Local Group Policy Editor, the registry, and the folder in which Citrix was installed, I was able to put together the following instructions. Completing these steps fixed my problem, however, the fole locations may vary somewhat depending on how your Windows and Citrix installations are configured.

Note: The person executing these steps will need local admin rights on the PC.

  1. Add the following site(s) to the Local Intranet zone in Internet Options. (These will be specific to your organization.)
    3. In Internet Explorer, go to Tools –> Internet options.
      On the Security tab, click “Local intranet” in the “Select a zone…” area.
      Internet Options dialog box
      Click the Sites button, and on the next dialog box, click the Advanced button.
      Local intranet zone box
      Add each site above by pasting or typing the URL into the “Add this website…” field and click the Add button for each one. The checkbox requiring HTTPS should be unchecked.
      Local intranet zone - add sites
      Click Close, OK.

      Click the Advanced tab on the Internet Options box. Make sure the “Enable Integrated Windows Authentication” checkbox is checked. If not, check it. (You will also need to reboot the PC if this setting is changed after closing Internet Options.)
      Internet Options box - Advanced tab
      Click OK to close Internet Options.

  2. Copy files from the Citrix Receiver client into the appropriate Windows folder to enable Citrix Group Policies.
    1. Copy CitrixBase.admx and receiver.admx from “C:\Program Files (x86)\Citrix\ICA Client\Configuration” to “C:\Windows\PolicyDefinitions”
    2. Copy CitrixBase.adml and receiver.adml from “C:\Program Files (x86)\Citrix\ICA Client\Configuration\en-US” to “C:\Windows\PolicyDefinitions\en-US”

  3. Click Start –> Run –> type gpedit.msc in the search field and hit Enter to open the Local Group Policy Editor. Find the “User authentication” folder in the left pane under Local Computer Policy –> Computer Configuration –> Administrative Templates –> Citrix Components –> Citrix Receiver. Click “User authentication” to display its settings in the right pane. In the right pane, double click “Local user name and password”. Click the Enabled radio button, and make sure that the “Enable pass-through authentication” and “Allow pass-through authentication for all ICA connections” checkboxes are checked. Click OK to close the “Local user name and password” settings box. Close the Local Group Policy Editor.
    Local Group Policy Editor
  4. Reboot the PC.
  5. When opening the Citrix app you may see a box asking to Permit or Block access to local resources. Check the checkbox and select Permit.
%d bloggers like this: