Invoke-HKCURegistrySettingsForAllUsers: ntuser.dat registry hive not unloaded for Default profile #6
Assignees
Comments
mmashwani
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue migrated from CodePlex:
https://psappdeploytoolkit.codeplex.com/workitem/192
Issue is probably caused by some program in the user's environment that maintains a handle to the default registry profile.
It could be some security tool as will with a handle to the registry hive.
If your environment has a DLP protection tool installed in your environment, that is also worth looking into because those are designed to completely hide themselves from being visible to users and can only be detected with psexec. I remember having many problems with hangs and other issues when we first rolled out a DLP solution to the company.
At the very least, a default registry hive that does not unload will not cause corruption of that hive. I would assume that a domain login could still work even if the default hive was loaded because all new logins do is copy the .dat file for the default user to provision the new user.
The text was updated successfully, but these errors were encountered: