My preferred method is to use Active Setup. What it does, is check when a user logs into a machine if they've ran a particular script or command (Such as the one you would have) and if not, execute it. So, you'll only run a particular script for a user one time on their workstation. I found this to be perfect for writing to HKCU, because you don't have to load each hive and only the accounts that people log into are modified.
Not to self promote, but I did write a blog post about doing this. The basic solution is as follows:
Add the following registry entries:
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\UniqueID]
"Version"=""
"Stubpath"=""
@=""
- You can choose any Unique ID you want. GUID's are often used, but you can use anything that will be unique.
Version
is whatever version number you want to use.
Stubpath
is the command that will be executed. MSI, EXE, and VBS calls all seem to be fine.
- The
@
is what should be displayed when the command is running.
With this solution, the scripting language is irrelevant. You could do a VBScript, Powershell, Batch file. Whatever lets you write to HKCU as the logged in user. Using reg.exe
directly works fine as well.
The other, optional final touch you could make is load and modify the default user Hive. That would set the registry value for any new users that log on for the first time to that particular system.