1

Closed

Invoke-HKCURegistry... - Default ntuser.dat not unloaded

description

I put together an SCCM installer for the latest Adobe Acrobat Reader and wanted to added one item to the toolbar. I'm using the 3.5.0 version.
[scriptblock]$HKCURegistrySettings = {
    Set-RegistryKey -Key 'HKCU\Software\Adobe\Acrobat Reader\11.0\AVGeneral\cCommonToolsDesktop' -Name 'a25' -Value 'SelectMenuItem' -SID $UserProfile.SID
}
$GoodUserProfiles = Get-UserProfiles -ExcludeNTAccount TVNET\tvdsb,$envComputerName\tsa -ExcludeSystemProfiles $true
Invoke-HKCURegistrySettingsForAllUsers -RegistrySettings $HKCURegistrySettings -UserProfiles $GoodUserProfiles
I'm uninstalling Reader (with Remove-MSIApplications) then installing with a custom Transform.
After that I run the registry change above. This is what I get:
<![LOG[[Post-Installation] :: Load the User [Default User] registry hive in path [HKEY_USERS\S-1-5-21-Default-User]]LOG]!><time="10:04:23.577-300" date="04-02-2015" component="Invoke-HKCURegistrySettingsForAllUsers" context="" type="1" thread="1" file="">
<![LOG[[Post-Installation] :: Execute ScriptBlock to modify HKCU registry settings for all users.]LOG]!><time="10:04:23.625-300" date="04-02-2015" component="Invoke-HKCURegistrySettingsForAllUsers" context="" type="1" thread="1" file="">
<![LOG[[Post-Installation] :: Return fully qualified registry key path [Registry::HKEY_USERS\S-1-5-21-Default-User\Software\Adobe\Acrobat Reader\11.0\AVGeneral\cCommonToolsDesktop]]LOG]!><time="10:04:23.641-300" date="04-02-2015" component="Convert-RegistryPath" context="" type="1" thread="1" file="">
<![LOG[[Post-Installation] :: Create registry key [Registry::HKEY_USERS\S-1-5-21-Default-User\Software\Adobe\Acrobat Reader\11.0\AVGeneral\cCommonToolsDesktop].]LOG]!><time="10:04:23.650-300" date="04-02-2015" component="Set-RegistryKey" context="" type="1" thread="1" file="">
<![LOG[[Post-Installation] :: Set registry key value: [Registry::HKEY_USERS\S-1-5-21-Default-User\Software\Adobe\Acrobat Reader\11.0\AVGeneral\cCommonToolsDesktop] [a25 = SelectMenuItem]]LOG]!><time="10:04:23.665-300" date="04-02-2015" component="Set-RegistryKey" context="" type="1" thread="1" file="">
<![LOG[[Post-Installation] :: Unload the User [Default User] registry hive in path [HKEY_USERS\S-1-5-21-Default-User]]LOG]!><time="10:04:23.698-300" date="04-02-2015" component="Invoke-HKCURegistrySettingsForAllUsers" context="" type="1" thread="1" file="">
<![LOG[[Post-Installation] :: Failed to unload the registry hive for User [Default User] with SID [S-1-5-21-Default-User]. 
Error Record:
-------------

Message        : 
InnerException : 

FullyQualifiedErrorId : 
ScriptStackTrace      : at Invoke-HKCURegistrySettingsForAllUsers<Process>, 
                        C:\Folders\Office Desktop\Adobe_Reader_11.0.10\AppDeployToolkit\
                        AppDeployToolkitMain.ps1: line 3304
                        at <ScriptBlock>, C:\Folders\Office 
                        Desktop\Adobe_Reader_11.0.10\Deploy-Application.ps1: line 171

PositionMessage : At C:\Folders\Office Desktop\Adobe_Reader_11.0.10\AppDeployToolkit\App
                  DeployToolkitMain.ps1:3304 char:41
                  +                         If ($global:LastExitCode -ne 0) { Throw 
                  "$HiveLoadResult" }
                  +                                                           
                  ~~~~~~~~~~~~~~~~~~~~~~~



]LOG]!><time="10:04:24.110-300" date="04-02-2015" component="Invoke-HKCURegistrySettingsForAllUsers" context="" type="3" thread="1" file="">
This happens almost every time (every once in awhile it doesn't). I've used this function before without any trouble. Any ideas? I'm running this in a VMWare machine and reverting to a saved state to test.
Closed Apr 14, 2015 at 1:04 PM by mmashwani
We have moved to a new homepage! You can now find us as http://psappdeploytoolkit.com.

We have also moved to a new repository on GitHub and this request has been migrated there. Please post all new relevant details on the issue listed on GitHub.
https://github.com/PSAppDeployToolkit/PSAppDeployToolkit/

comments

mmashwani wrote Apr 2, 2015 at 3:29 PM

Replace line:
If ($global:LastExitCode -ne 0) { Throw "$HiveLoadResult" }
With
If ($global:LastExitCode -ne 0) { Throw "Reg.exe exited with exit code [$global:LastExitCode] and result [$HiveLoadResult]" }
This will allow us to capture the exit code that Reg.exe failed with so that we can know a little more about the failure.

Also, when posting log file details, please first open the log file in CMTrace and copy the text so that it is a little easier to read when posted here.

mmashwani wrote Apr 2, 2015 at 3:35 PM

I would also recommend testing with the latest version of the toolkit as we have made many improvements and fixed many bugs since 3.5.0 was released.

mmashwani wrote Apr 2, 2015 at 3:42 PM

Also, see if any of the comments on this thread are of any help to you in resolving this issue:
TEXT

macxcool wrote Apr 2, 2015 at 4:38 PM

I put in the [$global:LastExitCode] and got (this time I used cmtrace):
[Post-Installation] :: Failed to unload the registry hive for User [Default User] with SID [S-1-5-21-Default-User]. 
Error Record:
-------------

Message        : Reg.exe exited with exit code [1] and result []
InnerException : 

FullyQualifiedErrorId : Reg.exe exited with exit code [1] and result []
ScriptStackTrace      : at Invoke-HKCURegistrySettingsForAllUsers<Process>, 
                        C:\Folders\Office Desktop\Adobe_Reader_11.0.10\AppDeployToolkit\
                        AppDeployToolkitMain.ps1: line 3304
                        at <ScriptBlock>, C:\Folders\Office 
                        Desktop\Adobe_Reader_11.0.10\Deploy-Application.ps1: line 171

PositionMessage : At C:\Folders\Office Desktop\Adobe_Reader_11.0.10\AppDeployToolkit\App
                  DeployToolkitMain.ps1:3304 char:41
                  +                         If ($global:LastExitCode -ne 0) { Throw 
                  "Reg.exe exited with exit code [$g ...
                  +    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    Invoke-HKCURegistrySettingsForAllUsers  4/2/2015 11:35:37 AM    1 (0x0001)

macxcool wrote Apr 2, 2015 at 4:54 PM

I just upgraded to 3.6.0 and got the exact same results. You're right, it's probably a locked file or something. It only happens, very consistently, with only the Default User hive, only on this installation (Adobe Reader).
I'm using the function with the installation of Quicktime 7.76 too. It has the occasional glitch, but not like this.
I'm going to run handles or process explorer and see what's up. Maybe the Adobe Reader installation is loading the Default User hive and not always unloading it properly?
A corrupt Default User hive kills Domain logins.

macxcool wrote Apr 2, 2015 at 5:08 PM

I even threw a 5-second sleep into the script. It still failed.

mmashwani wrote Apr 2, 2015 at 5:33 PM

It could be some security tool as will with a handle to the registry hive.

If your environment has a DLP protection tool installed in your environment, that is also worth looking into because those are designed to completely hide themselves from being visible to users and can only be detected with psexec. I remember having many problems with hangs and other issues when we first rolled out a DLP solution to the company.

At the very least, a default registry hive that does not unload will not cause corruption of that hive. I would assume that a domain login could still work even if the default hive was loaded because all new logins do is copy the .dat file for the default user to provision the new user.

mmashwani wrote Apr 11, 2015 at 8:44 PM

CodePlex has been down for a while so just checking in to see if you were you able to make any progress on this issue?