Powershell: Permanently Modify Path, "Requested registry access is not allowed."

13,179

Solution 1

It sounds like you might not be running as an elevated admin. By default, I believe there's a PowerShell shortcut on your taskbar in Server 2012. Right-click on it, and choose "Run as Administrator" (or something like that). Then try running the command in your original post.

Solution 2

Give permissions to HKLM\System\CurrentControlSet\Control\Session Manager\Environment to a desired user

Solution 3

I'm running a script in a JEA PSSession as a non-admin user (Administrator permissions are not an option in our environment.) @Nipp's answer pointed me in the right direct (I'll up-vote you when I have enough reputation.) This should work for anyone who wants to allow a non-admin to update environment variables (including Path):

#allow necessary registry permissions to allow updating environment variables
#e.g.:
#Allow-EnvironmentVariableUpdate -Principal 'Power Users'
function Allow-EnvironmentVariableUpdate()
{
    Param(
    [string]$Principal  #name of user or group
    )

    $acl= get-acl -path "hklm:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment"
    $inherit = [system.security.accesscontrol.InheritanceFlags]"None"
    $propagation = [system.security.accesscontrol.PropagationFlags]"None"
    $rights = "QueryValues,SetValue,CreateSubKey"
    $rule=new-object system.security.accesscontrol.registryaccessrule $Principal,$rights,$inherit,$propagation,"Allow"
    $acl.addaccessrule($rule)
    $acl | set-acl
    "'$Principal' can edit environment variables."
}
Share:
13,179

Related videos on Youtube

corneria
Author by

corneria

Updated on June 04, 2022

Comments

  • corneria
    corneria over 1 year

    I need to permanently add a scripts folder to my PowerShell path (not just a particular session). I am running the following code:

    [System.Environment]::SetEnvironmentVariable("PATH", $Env:Path + ";C:\scripts", "Machine")
    

    The error is as follows:

    Exception calling "SetEnvironmentVariable" with "3" argument(s): "Requested registry access is not allowed."

    How do I get registry access/fix this?

    EDIT: Not sure if it helps, but I'm using PowerCLI (VMware PowerShell API) on Windows Server 2012.

    • mikekol
      mikekol
      Let's assume you aren't. By default, I believe there's a PowerShell shortcut on your taskbar in Server 2012. Right-click on it, and choose "Run as Administrator" (or something like that). Then try running the command in your original post.
  • 110100100
    110100100 about 3 years
    This answer allows the specified user set these values without elevating to admin status.