JSI Tip 9545. How can a logon script import .REG files if the 'Prevent access to registry editing tools' policy is enabled, or the DisableRegistryTools Value Name is set to 1?

If the Prevent access to registry editing tools policy is enabled for a user, or the DisableRegistryTools Value Name is set to 1, a user cannot import a .REG file.

If you require that a logon script import a .REG file, download and unzip Regpol.zip.

You can locate the Regpol.exe any place that it is accessible, like on the NetLogon share of each domain controller.

In the logon script, you can, for example, use the following command:

"%LOGONSERVER%\Netlogon\regpol.exe" "%LOGONSERVER%\Netlogon\MyRegFile.REG"

NOTE: Regpol.exe runs on Windows 2000, Windows XP, Windows Server 2003, and later.

NOTE: Regpol.exe uses the Windows Registry Editor Version 5.00 file format.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.