Cannot run FILEMON or REGMON

[Adam Leinss]

We are using an ultra secure workstation security template
and AD policies to restrict what users can do on their
workstations. To do complete application testing, we need
to run programs like Filemon and Regmon to find
file/registry permission problems. Even if I am logged in
as a local or domain administrator Windows 2000 refuses to
allow me to run these two utilities! From what I can tell
administrators have full control over C:\winnt and all
registry hives. I tried disconnecting the PC from the
network and importing the basic workstation policy, but it
still refuses to run.

Does anyone have any ideas? I can run these utilites on a
plain jane Windows 2000 workstation, but I'm trying to
evaluate the applications in the closest possible
production-like environment as possible.

Thanks,
Adma

 

[Steven L Umbach]

Make sure that you [administrator] have read/list/execute permissions to
those executables where you installed them. I would check the permissions on
the executables themselves [regmon and filemon]. Maybe try installing them
into the \winnt\system32 directory. When you import a template I am not sure
that file/registry permissions are imported but if you run the Security
Configuration and Analysis snapin tool against that template and then use
configure after the analysis it should implement those settings. --- Steve

http://www.lokbox.net/SecureWin2k/secAnalysis.asp -- how to use Security
Configuration and Analysis tool.

 

[Adam Leinss]

Make sure that you [administrator] have read/list/execute
permissions to those executables where you installed them. I would
check the permissions on the executables themselves [regmon and
filemon]. Maybe try installing them into the \winnt\system32
directory. When you import a template I am not sure that
file/registry permissions are imported but if you run the Security
Configuration and Analysis snapin tool against that template and
then use configure after the analysis it should implement those
settings. --- Steve

http://www.lokbox.net/SecureWin2k/secAnalysis.asp -- how to use
Security Configuration and Analysis tool.

Thanks Steven.

The consultant that helped with our AD migration found the problem:
Under "User Rights Assignment" in Group Policy, the membership of the
option "Debug programs" was empty. I could swear on my life that I
enabled this feature in the LSS on my test box, but as soon as he added
Administrators to that group, regmon and filemon ran.

Adam