Microsoft KB Archive/171274

{|
 * width="100%"|

BUG: ADDITIVE Keyword Does Not Work in Custom .ADM Files

 * }

Q171274

-

The information in this article applies to:


 * Microsoft Windows NT Server version 4.0
 * Microsoft Windows NT Workstation version 4.0

-

IMPORTANT: This article contains information about editing the registry.Before you edit the registry, make sure you understand how to restore it ifa problem occurs. For information about how to do this, view the "Restoringthe Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.

SYMPTOMS
The Resource Kit for Windows 95 and the Platform SDK document how to create custom .ADM files that can be used with the System Policy Editor (POLEDIT.EXE) under the Windows 95 and Windows NT platforms. This documentation refers to the ADDITIVE keyword that you can use to add values to the System Registry via a list box entry in the Policy Editor. The ADDITIVE keyword is documented as follows:

ADDITIVE

If specified, values set in the list box are added to whatever values exist in the target Registry entry. Existing values are not deleted; by default, the content of list boxes will "override" whatever values are set in the target Registry. Specifically, a control value is inserted in the policy file which causes existing values to be deleted before the values set in the policy file are merged. When you use the ADDITIVE keyword in a custom .ADM file in Windows NT 4.0, it does not add values to the target registry entry. Instead it replaces all the old values with the new value specified in the list box entry. In addition, even if no changes are made, any binary data type in the registry key is replaced by a string data type.

RESOLUTION
Do not use the ADDITIVE keyword while creating custom .ADM files to be used by the Policy Editor.

STATUS
Microsoft has confirmed this to be a bug in the System Policy Editor (POLEDIT.EXE) component of the Microsoft products listed at the beginning of this article. We are researching this bug and will post new information here in the Microsoft Knowledge Base as it becomes available.

MORE INFORMATION
Below is a sample TEST.ADM file that reproduces the problem with the ADDITIVE keyword. This .ADM file will modify the following key in the Registry:

  Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\System The existing value for this registry key is probably "lsass.exe" or "lsass.exe spoolss.exe". When the following .ADM file is used with the System Policy Editor, it allows the user to append any string, say "TEST.EXE" to the existing value. The final value for this registry key should then be "lsass.exe TEST.EXE" or "lsass.exe spoolss.exe TEST.EXE" depending on what the value was before the modification.

    CLASS MACHINE CATEGORY "SYSTEM Startup Programs" POLICY "Execute My TEST Program in system context" KEYNAME "Software\Microsoft\Windows NT\CurrentVersion\Winlogon" PART "Add Entry" LISTBOX EXPLICITVALUE ADDITIVE END PART END POLICY END CATEGORY

Steps to Reproduce the Problem

 * 1) First, save your original WINLOGON key by exporting it to a .REG file using the Registry Editor (REGEDTI.EXE).
 * 2) Add the above TEST.ADM file into the System Policy Editor along with WINNT.ADM and COMMON.ADM.
 * 3) Inside the Policy Editor, open the Registry and select the "Execute Custom Program" option listed in the TEST.ADM file above. Add a string like "TEST.EXE" which should be added to the existing value of the Winlogon registry key. Close the Policy Editor saving your changes to the Registry.
 * 4) Open the Registry Editor and check the Winlogon registry key to see if "TEST.EXE" was appended to the key. You will notice that this key only contains "TEST.EXE", and that the original values have been deleted.
 * 5) To restore the Registry back to normal, double-click the .REG file created in Step 1.