The Delphi TRegistry function CreateKey fails when the user is not
logged in with administrative rights. The cause of this problem is that
by default Delphi opens the Windows registry with security access of
KEY_ALL_ACCESS. Even the Delphi function OpenKeyReadOnly opens the registry
with the security access value KEY_ALL_ACCESS.
This is a major problem since you should store shared information
about your program in HKEY_LOCAL_MACHINE (HKLM) so all users of the
computer have access to the settings. However, especially on a network
users should never be setup as administrators. To get around this problem
when your program needs to access values in the registry, you can use
the standard Windows API functions RegOpenKeyEx, RegQueryValueEx, and
RegCloseKey. The RegOpenKeyEx allows you to set the security access
to a lower level such as KEY_READ. KEY_READ should be the only access
required by standard users.
I use the Delphi TRegistry methods to create registry keys when the
program is first run and then use the Windows API functions when I need
to read registry keys. This system works well for me when I deploy my
software on networks. My software must first be run by a user with administrative
rights so various paths to the network control and data directories
can be set. After the initial run any user of the computer can read
the necessary paths.
Below is the unit I use to read registry keys with the software I
develop. You can also click here to
download the unit I use to read
the registry information. Feel free to add this unit to your software.
If you have any comments or questions please feel free to
email me.
