Here's a command you can use to assign permissions to a registry key. You can write this action using VBScript or WiseScript. As this script needs admin privileges to work, run this action in system context in deffered execution.
SetACL.exe -on "hklm\software\microsoft\policies" -ot reg -actn ace -ace "n:domain1\user1;p:full"
This command sets 'full' permissions on the registry key 'HKEY_LOCAL_MACHINE\Software\Microsoft\Policies' for user 'user1' in domain 'domain1'.
Cheers' Vijay Raj
If you are running this custom action using the System Account in Deferred sequence, then first of all you will not have network access because the localsystem account has no domain privileges, and secondly, the localsystem account already has elevated access so you don't need to login as an elevated user at all.
Perhaps this blog therefore needs a rethink??