Update Windows Registry

Upload and deploy Windows Registry (.reg) files to one or more devices using Custom Remediation. Ideal for applying system policies, security settings, or config changes at scale.

About this task

The Upload Windows Registry File feature lets IT admins apply registry changes to one or more Windows devices quickly and securely — without creating a Fixlet or waiting for official content updates.

  • Import a .reg file directly into the Custom Remediation wizard.

  • Automatically converts the registry file into a script that runs silently on targeted devices.

  • Supports deploying to any number of Windows endpoints that meet targeting criteria.

To open the Windows Registry Configuration widget, from the Custom Remediation app, on the Windows Registry Configuration card, click Update.
Update Windows registry

Procedure

  1. Registry:

    • You can upload a .reg file by:

      • Dragging and dropping the file into the upload area, or

      • Clicking Browse Files to select the file from your system.

    • If you prefer to specify registry changes directly:

      1. Enter Registry Key Path, specify the full path to the registry key you want to modify.

        Example:

        HKEY_LOCAL_MACHINE\Software\YourCompany\Settings
      2. Provide New Registry Key Data

        • Data Name: The name of the registry value to be created or modified.

          Example: EnableFeatureX

        • Data Type: Choose from supported types:

        • Data Value: Enter the value associated with the key.

          Example: 1 (for enabling a feature)

      3. Click Add Registry Key. This adds the key-value pair to the list of changes to be deployed.
      4. Add Multiple Registry Keys (Optional)

        • You can repeat Step 2 to add multiple registry entries under different or the same paths.

        • All keys will be written in a single execution sequence on the endpoint.

      Example:
      Registry Path Name Type Value
      HKEY_LOCAL_MACHINE\Software\MyApp AutoStart REG_DWORD 1
      HKEY_LOCAL_MACHINE\Software\MyApp\Config ServerURL REG_SZ https://example.com
  2. Devices: Filter target devices and click Next.
  3. Sequence: The configured options are processed sequentially from top to bottom, giving you precise control over how deployments are delivered, how users are informed, and how failures are handled.

    1. Start downloading immediately

      When enabled, targeted endpoints begin downloading the required payloads as soon as the remediation action is deployed.

    2. Before running message

      When enabled, the configured message is displayed to the end user before the action starts. This can be used to provide context, warnings, or request user confirmation.

    3. While running message

      When enabled and a message is configured, during execution of the action, the notification message is shown to indicate that the remediation is currently in progress. This helps maintain user awareness and reduce support inquiries.

    4. Reboot/restart devices on completion of deployment

      After the remediation completes, targeted devices are automatically rebooted if required by the fixlet. This step ensures that changes are properly applied and system integrity is maintained.

    5. On failure: retry x time and wait x hour between attempts

      If the action fails, you can configure:

      • Number of retries: how many times the system should reattempt the action.

      • Wait time between retries: the number of hours to wait between each retry.

      This setting increases the success rate by accounting for temporary issues like device disconnection or network latency.

    Click Next to proceed.

  4. Schedule: Select a time range for the scheduled activity. This setting defines the window during which the schedule remains in effect. After configuring the schedule, click Next to proceed.
    Field Label Description
    Start Date Select the calendar date when the remediation deployment should begin.
    Start Time Select the time (hh:mm) at which the remediation should start.
    Time Zone (Start) Choose the time zone to apply for the start time: - Client: Uses each endpoint's local time. - UTC: Uses Coordinated Universal Time.
    End Date Select the calendar date by which the remediation deployment should be completed.
    End Time Select the time (hh:mm) at which the deployment window ends.
    Run During Agent’s Configured Maintenance Window Enable this option to restrict the deployment to devices that have a maintenance window configured. The remediation will only run within those windows. ❗ Note: Devices without a maintenance window will be excluded from the deployment.
    Run on All Devices, Regardless of Their Configured Maintenance Window Enable this option to override maintenance window restrictions. The remediation will run on all targeted devices, whether or not they have a maintenance window configured.
    Reset Click to clear all current scheduling fields and revert the section to its default state. Use this to start over if needed.
  5. Summary: The Summary section provides a consolidated view of all the configuration options selected in the remediation flow. It acts as the final checkpoint before deployment, allowing you to review and confirm your settings.
    Action name:

    • Enter a unique and meaningful name that clearly describes the purpose of the action.

    • This name will appear in action history, logs, and dashboards, helping you and your team quickly identify and differentiate actions.

    • Use descriptive terms (e.g., "Critical Patch – May 2025 – Windows Devices") to ensure clarity and traceability.

  6. Deploy: After verifying the configured information, click Deploy to deploy the action.