Hello,
I am trying to find a way to decode the REG_BINARY value for "HKLM\Software\Microsoft\Ole\DefaultLaunchPermission" to see which users have permissions by default, and if possible, a method in which I can also append other users by their username.
At work we make use of DCOM and for the most part we always give the same users permission but in some cases we are forced to accommodate our clients and add custom users/groups to suit their needs. Unfortunately the custom users we need to add are random usernames so I am unable to just add all the users and copy the value from the key like I have done with the default users we use 95% of the time.
I am currently working on a command-line executable application where I have a command to set permissions for pre-defined users but I would also like to be able to add an option to append a custom user(s) to add to the default permission along with our predefined default users list.
Currently, to set the default users list with my application I would just type:
MyTool.exe Policies
But I would like to be able to make it a bit more verbose, closer to how NET command is used for windows users, something like:
MyTool.exe Policies /ADD:"MyCustomUsername"
The problem is that the data stored in the REG_BINARY value doesn't seem to be easily decoded. I was able to decode the hex portion in python but I am left with some sort of binary data which I don't have a clue what to do with as I don't even know what kind of encoding was used in the first place to know what to use to decode it. :P
I have done quite a bit of googling but I think my lack of understanding the terminology around this topic has probably caused me to overlook the answer without recognizing it for what it is.
I guess my first real question would have to be what kind of encoding is used for the above key after it has been decoded from hex?
Or better yet, is it even possible to obtain/modify the key's value programmatically so that I can obtain a list of the users that are currently set, and if necessary, append additional users/groups?
I would prefer to keep this application written strictly in Python if possible (or WMI/WMIC), but if necessary I can attempt to implement other types of code into my python application if it means getting the job finally done! I guess it would also be useful to mention that this application is primarily used on Windows XP Professional and most Windows Server versions so I am not worried if any possible solution will not be compatible with earlier Windows OS version(s).
Any assistance, code or just some simple help with getting familiar with this topic, would be GREATLY appreciated!
Thanks in advance for any help you can provide!! :D