Guest boba Posted May 19, 2008 Posted May 19, 2008 When users logon to the machine get error message: invalid root in registry key "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM" code 80070005 source wshshell.regwrite. How do I fix this error. My logon script shows the following Set WSHShell = WScript.CreateObject("WScript.Shell") 'To Enable Remote DCOM in the computer WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM","Y","REG_SZ" 'To Set Authentication Level to Connect WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\LegacyAuthenticationLevel",2,"REG_DWORD" 'To Set Impersonation level to Impersonate WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\LegacyImpersonationLevel",3,"REG_DWORD"
Guest Richard Mueller [MVP] Posted May 19, 2008 Posted May 19, 2008 Re: error message boba wrote: > When users logon to the machine get error message: invalid root in > registry > key "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM" code 80070005 source > wshshell.regwrite. How do I fix this error. My logon script shows the > following > > Set WSHShell = WScript.CreateObject("WScript.Shell") > 'To Enable Remote DCOM in the computer > WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM","Y","REG_SZ" > 'To Set Authentication Level to Connect > WshShell.RegWrite > "HKLM\SOFTWARE\Microsoft\Ole\LegacyAuthenticationLevel",2,"REG_DWORD" > 'To Set Impersonation level to Impersonate > WshShell.RegWrite > "HKLM\SOFTWARE\Microsoft\Ole\LegacyImpersonationLevel",3,"REG_DWORD" Users normally do not have permission to write to HKLM. On Vista clients even administrators ordinarily cannot write to HKLM in a logon script. A Startup script is a better option, as it runs with System privileges on the local computer (although this might not work on Vista clients). -- Richard Mueller MVP Directory Services Hilltop Lab - http://www.rlmueller.net --
Guest boba Posted May 19, 2008 Posted May 19, 2008 RE: error message This logon script is on Domain Controller under Default Domain Policy under User Configuration -> Script. Because of this script the users are getting this error message. "boba" wrote: > When users logon to the machine get error message: invalid root in registry > key "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM" code 80070005 source > wshshell.regwrite. How do I fix this error. My logon script shows the > following > > Set WSHShell = WScript.CreateObject("WScript.Shell") > 'To Enable Remote DCOM in the computer > WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM","Y","REG_SZ" > 'To Set Authentication Level to Connect > WshShell.RegWrite > "HKLM\SOFTWARE\Microsoft\Ole\LegacyAuthenticationLevel",2,"REG_DWORD" > 'To Set Impersonation level to Impersonate > WshShell.RegWrite > "HKLM\SOFTWARE\Microsoft\Ole\LegacyImpersonationLevel",3,"REG_DWORD" > > >
Guest boba Posted May 19, 2008 Posted May 19, 2008 RE: error message I forgot to mention, it has code: 80070005 after the error message. Does it mean I need to run updates on the server and that will fix the error? Last time I see the updates run on one DC was March 2007 with Service pack 1 and on the other DC with service pack 2 updates were run on May 2007. "boba" wrote: > When users logon to the machine get error message: invalid root in registry > key "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM" code 80070005 source > wshshell.regwrite. How do I fix this error. My logon script shows the > following > > Set WSHShell = WScript.CreateObject("WScript.Shell") > 'To Enable Remote DCOM in the computer > WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM","Y","REG_SZ" > 'To Set Authentication Level to Connect > WshShell.RegWrite > "HKLM\SOFTWARE\Microsoft\Ole\LegacyAuthenticationLevel",2,"REG_DWORD" > 'To Set Impersonation level to Impersonate > WshShell.RegWrite > "HKLM\SOFTWARE\Microsoft\Ole\LegacyImpersonationLevel",3,"REG_DWORD" > > >
Guest Richard Mueller [MVP] Posted May 19, 2008 Posted May 19, 2008 Re: error message That explains the error. Logon scripts run with the credentials of the user and users generally do not have permission to write to HKLM. They should not have this privilege, as then they can be tricked to run code that messes up the registry. You probably can make these changes using a Startup script. In a Group Policy navigate to "Computer Configuration", "Windows Settings", "Scripts". A startup script runs before there is any user. It has System privileges on the local computer so it can write to HKLM. -- Richard Mueller MVP Directory Services Hilltop Lab - http://www.rlmueller.net -- "boba" <boba@discussions.microsoft.com> wrote in message news:D8994E36-BD13-48B9-ACF0-387A406DCA58@microsoft.com... > This logon script is on Domain Controller under Default Domain Policy > under > User Configuration -> Script. Because of this script the users are getting > this error message. > > "boba" wrote: > >> When users logon to the machine get error message: invalid root in >> registry >> key "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM" code 80070005 source >> wshshell.regwrite. How do I fix this error. My logon script shows the >> following >> >> Set WSHShell = WScript.CreateObject("WScript.Shell") >> 'To Enable Remote DCOM in the computer >> WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM","Y","REG_SZ" >> 'To Set Authentication Level to Connect >> WshShell.RegWrite >> "HKLM\SOFTWARE\Microsoft\Ole\LegacyAuthenticationLevel",2,"REG_DWORD" >> 'To Set Impersonation level to Impersonate >> WshShell.RegWrite >> "HKLM\SOFTWARE\Microsoft\Ole\LegacyImpersonationLevel",3,"REG_DWORD" >> >> >>
Recommended Posts