Winreg is not restricting acces to Remote Registry

Discussion in 'Microsoft Windows 2000 Registry Archive' started by Dave Berry, Aug 30, 2004.

  1. Dave Berry

    Dave Berry Guest

    I have modified the WINREG key on a remote Windows 2000
    Professional workstation, so that only a user (user1), who
    is not a member of local administrators (or any
    administrative group)is added to the WINREG key located at
    HKLM\System\CurrentControlSet\Control\SecurePipeServers\win
    reg.

    In additions there are no users listed under
    AllowedPaths\Users.

    Next, I run Regedit on my local computer, and connect to
    the remote registry.

    My question is: With only User1 added to the WINREG key,
    why do I have full control to the remote registry's
    HKEY_USERS hive? I am able to add without restruction
    under .DEFAULT.

    Thanks in Advance
    Dave


    Microsoft says that the permissions on this winreg key
    determine who is
    allowed to remotely connect to this registry. It also
    says that you can put
    addtional paths under the AllowedPaths subkey under winreg
    if you don't want
    to change the permissions of winreg. By doing this you
    can allow certain
    keys to be remotely accessible.

    I have 2 computers that are in the same domain. Both are
    NT Servers.


    On machine A, I have only local administrators access to
    the winreg key.
    This would mean that only administrators of machine A
    would be allowed to
    remotely access the registry on that machine. Under the
    winreg key, there
    is the AllowedPaths key. For the value of Machine under
    this key, I added
    the path to the following key "Software\test" which is a
    key on machine A
    that has everyone access to it.


    Now, on machine B, I am logged onto the machine as a
    domain user, who is not
    an administrator of machine A. According to MS
    documentation, since
    "Software\test" is listed in the AllowedPaths key, I
    should be able to
    access it remotely. Unfortunately, I cannot, I can
    connect to the registry
    on machine A using regedt32 but can only open the HKLM
    key. Everything
    under there, is greyed out and I cannot access it.


    Can anyone help me with this? I am trying to access a key
    on the remote
    machine without changing the permissions on the winreg key.


    Thanks,
    sam
     
    Dave Berry, Aug 30, 2004
    #1
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mark
    Replies:
    8
    Views:
    426
    Torgeir Bakken (MVP)
    Oct 25, 2003
  2. Mr. Debrosse

    Execute a registry key into a remote user's registry via a login script

    Mr. Debrosse, Jan 28, 2004, in forum: Microsoft Windows 2000 Registry Archive
    Replies:
    2
    Views:
    447
    Jerold Schulman
    Jan 30, 2004
  3. Paul King

    Restricting Date / Time

    Paul King, Jul 22, 2004, in forum: Microsoft Windows 2000 Registry Archive
    Replies:
    3
    Views:
    141
    Paul King
    Jul 22, 2004
  4. Mark
    Replies:
    0
    Views:
    352
  5. Mr. Debrosse

    Execute a registry key into a remote user's registry via a login script

    Mr. Debrosse, Jan 28, 2004, in forum: Microsoft Windows 2000 Registry Archive
    Replies:
    0
    Views:
    428
    Mr. Debrosse
    Jan 28, 2004
Loading...

Share This Page