JSI Tip 0277 - Remote access to the NT 4.0 Registry.

In Windows NT 4.0, only members of the Administrators group have access to the registry.

You can alter this default by editing the registry at:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg

If the SecurePipeServers key does not exist, add it with a Class of REG_SZ

If the winreg key does not exist, add it with a Class of REG_SZ

Add value of Description as type REG_SZ and set the String to Registry Server

Select the winreg key and choose Security / Permissions from the Regedt32 menu. Grant the users and groups Read access. I would grant Full Control to Administrators.

It is possible to bypass these access permissions. Some services such as Directory Replicator and Spooler require remote access to the Registry. You can grant access to the account that runs these services or you can edit the registry at:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg

Add a key of AllowedPaths with a empty Class. Select HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowedPaths

and add a value name of Machine as type REG_MULTI_SZ with the following String values, one per line:

System\CurrentControlSet\Control\ProductOptions
System\CurrentControlSet\Control\Print\Printers
System\CurrentControlSet\Services\Eventlog
Software\Microsoft\Windows NT\CurrentVersion
System\CurrentControlSet\Services\Replicator

If you wish, you can grant users access to listed locations in the registry by adding a value name of Users as type REG_MULTI_SZ and listing the registry locations, one per line.

See tip 840.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish