Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Block use of Regedit in XP Pro

Status
Not open for further replies.
DEI4ever

DEI4ever

Technical User
Sep 3, 2003
32
0
0
US
I have a client that needs admin rights for everything but regedit..and he seems to like to go into the registry and play around. i need to stop this because he is creating more work for me
Is there anyway to block an admin account from using regedit?
thanks for the help
 
Sort by date Sort by votes
Couldn't you just rename the regedit.exe to something that the user won't think of? The only other way I can think of is to change their user status to a power user etc. Unfortunately there isn't any way of preventing the user doing something if he has admin rights. If you install a 3rd party app, to disable reg edit, then they can just uninstal the app, and so on.
 
Upvote 0 Downvote
I tried renaming the regedit tool but Win XP just recreates it almost immediately after you rename it..
that was my first idea
any other ideas...
where does windows find the regedit.exe when you rename the old one?
 
Upvote 0 Downvote
Either assign a Group Policy for that specific user on your DC or on the users PC edit the local policy by typing gpedit.msc at the run command ( Local Computer Policy>User Configuration>Administrative Templates).
 
Upvote 0 Downvote
This computer is not on a network or domain. It is a stand alone computer. The local policy has no option to block use of the regedit command..how can I add this in?
 
Upvote 0 Downvote
Or,

********* Begin cut and past Disable_regedit.reg ****
Code: 
Windows Registry Editor 5.0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000001

***************  end Disable_regedit.reg *********
***************  end cut and paste area **********

Note: change both dword values to 0 to remove the restriction.


 
Upvote 0 Downvote
The local policy does have an option to block use of the regedit command. Local Computer Policy> User Configuration> Administrative Templates> System> Disable Registry Editing Tools - double click and check enabled
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pjw001
  • Question
Latest Windows Update - End of Service
Replies
2
Views
456
pjw001
pjw001
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
1
Views
195
pjw001
pjw001
Miluis
  • Locked
  • Question
What application do you use
Replies
8
Views
264
2ffat
2ffat
bobadams52
  • Locked
  • Question
error 12 program swcocx in mas90
Replies
0
Views
165
bobadams52
bobadams52
johncp
  • Locked
  • Question
W10 Defender blocking installation of uTorrent
Replies
9
Views
341
mikrom
mikrom

Part and Inventory Search

Sponsor

Back
Top