GPO: add a registry key


Windows Server 2019

In this tutorial, we will see how to add a registry key using group policy.

With group policies, it is also possible to delete or modify the value of an existing key

Depending on the hive (HKLM / HKCU) it is appropriate to place the policy on the correct OU (Organizational Unit) and the correct computer or user configuration.

Registry settings are available in Computer and User Configuration.

In addition to placement, as I mentioned above, you have to take into account the hive, if you want to apply a key to the hive (HK_CURRENT_USER) you have to use the user configuration parameters.

It is possible to use the “hive” HK_CURRENT_USER.DEFAULT in the Computer configuration which allows to apply the key for all new users who will open a session on the computer, it is the equivalent of the default profile.

To illustrate the tutorial, the GPO which will be configured has a key in the HKCU hive, therefore on the user configuration.

Configuring Group Policy

From the Group Policy Management console, right-click on the location 1 where the Group Policy should apply and click Create a GPO in this domain, and link it here 2.

Nouvelle stratégie de groupe (GPO)

Name the group policy 1 and click OK 2.

Définir le nom de la stratégie de groupe

Right-click on strategy 1 and click Edit 2.

Modifier la stratégie de groupe

Go to User Configuration / Preferences / Windows Settings / Registry 1.

Configuration utilisateur / Préférences / Paramètres Windows / Registre

Right-click in the central area, go to New 1 and then click on Registry Item 2.

Créer un nouveau élément de registre

Configure the registry item by selecting Action 1 then hive 2. Indicate the key path 3 and the key name 4. Then choose the value type 5 and enter the value 6. If necessary, change the base according to the key configuration. Validate by clicking on Apply 7 and OK 8 to close the window.

Configuration de la clef

In the above screenshot, the RDGClientTransport key is created or updated with the value 1, in the HKEY_CURRENT_USER hive at the location Software\Microsoft\Terminal Server Client\

In the central area, the registry item 1 has been successfully added.

Clef ajoutée

Summary of Group Policy settings.

Paramètres de la stratégie

Validate the operation of the GPO

On a computer and with a user to whom the group policy applies, open a session and check in the computer registry that it is applied with the presence of the key.




Leave a Comment