Remote Registry - Requested registry access is not allowed.

[JB]

I am trying to access a registry key on computer like so:

key = RegistryKey.OpenRemoteBaseKey(RegistryHive.LocalMachine,
computerName).OpenSubKey(Subkey);

There are two keys I am trying to read, 1 works, and the other gives
me the "Requested registry access is not allowed."
i've narrowed it down to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office
It doesnt let me access that path, but the permissions are the same.
I can access it alright on my own machine (passing my machine name
into OpenRemoteBaseKey) but not anyone's remote machine.

It lets me access HKLM\Software\Microsoft\Windows NT
but not
HKLM\Software\Microsoft\Office

Although I get the same error "Requested registry access is not
allowed" if i enter an incorrect path, eg HKLM\Software\fdjkhfjkh

Any ideas where i may be going wrong?

 

[Rotsey]

this could a CAS (code access security) issue....but not sure

 

[Shine Xavier]

You would need the right permissions for accessing the registry on the
remote PC.
Please verify (Registry Editor>Edit>Permissions)

Hope this helps!
Thanks -

 

[JB]

Cheers, that does seem to be why it is encountering problems.
I can run the app fine as 'Administrator', but, the permissions are
set so all users should have read access.

I want a few key users to be able to run the app, how would i go about
authenticating on a remote machine and not using my current login as
authentication?

Or related: Is there a way of reading the registry through WMI? I'm
already connecting to each machine through wmi as admin, if i could
read the registry somehow through there it would make it much easier.
I couldn't find a method of doing it though.

 

[Shine Xavier]

Yes, you can do this by the folllowing 3 steps:

Step 1:
Create a domain user (say application user)

Step2:
Assign Registry "Read Access" on the remote pc/server for just the "required
key" (Right click on the respective key and assign permissions) for "this
user".
This will tighten the security.

Step3:
Now run the application using the identity of the application user created
in Step 1.
You could spawn a separate process and run the application that accesses the
remote registry using this user role.

-------
Now as for using WMI, please check out this link -
http://msdn2.microsoft.com/en-us/library/aa394600.aspx

Hope this helps!
Thanks -

 

[JB]

Cheers for the help.
I was with you all the way upto step 3.
How do i run the application 'as the user created in step 1'? Run-as..
in XP doesnt work, i'd rather not have to log out and log in as the
user (which works) because thats quite a hassle.
Ideally i'd like to just give the application administrator
priveledges, it has to read a few registry keys on ~100 PC's on the
network, unless i can assign permissions using Group Policy.