I recently needed to change a registry entry for a currently logged on remote user for one of my company's customers. When you use regedt32 to connect to a remote registry, the HKEY_CURRENT_USER registry key isn't available. To solve this problem, I used a combination of simple batch commands, Microsoft Windows NT Server 4.0 Resource Kit utilities, and Sysinternals' PsTools freeware toolkit (available at http://www.sysinternals.com/ntw2k/freeware/pstools.shtml) to write the script that Listing 5, page 16, shows. This script lets you query, add, or change remote registry entries.
You can customize the batch file to accept a variety of parameters. As shown, the batch file takes a machine name as a parameter, which lets you pipe the results of other batch files calling this one.
The Psloggedon command checks the remote machine for locally logged on users and dumps the results into a file. I then used the Find command to filter the results, excluding the Microsoft Systems Management Server (SMS) process account, which was logged on every machine on the customer's site by default. The Psgetsid command obtains the currently logged on user's SID. This SID is the equivalent of HKEY_CURRENT_USER and can be referenced under the HKEY_USER subtree on the remote machine. Thus, you can use the resource kit's reg.exe utility to access and query or modify the correct subtree under HKEY_USER.
The script uses the Find command extensively to pinpoint the exact lines necessary in each phase. I'm searching specifically for a domain, but you can customize the script to suit your environment. The script also uses the For /F command, environment variables, and temporary files extensively.
Remember to clean up your environment after running the script and to delete your temporary files. I use a standard naming structure for temporary files (i.e., %~n0.*.tmp) so that I can easily find and delete them later.