Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

NT Registry Permissions

Status
Not open for further replies.
dkehoe

dkehoe

IS-IT--Management
Aug 21, 2001
3
GB
When installing an application (using the Wise Install Program) logged on as the local administrator to the local NT machine

We have the problem that certain active X components (created in VB6) are registered but with the permissions in the registry only giving access to the local administrator.

When a user logs in they get error messages (can't create active X component etc.)

Using the regmon tool we have identified that this is due to ACCESS DENINED on the registry

There are lots of registry settings so identifying these manually is a pain especially since we are installing on many machines

We know that if we give the user full access to all the registry it's OK but this is not acceptable from a security point of view


Are there any NT setting (policy etc.) that could effect the way the registry is updated?

 
Sort by date Sort by votes
make the user(s) a member of the local power user group.
use regedt32 and assign poweruser group 'change' permissions to the HKLM and HKCU.
 
Upvote 0 Downvote
We have had similar problems for certain software and have used the following methods to resolve them:

1) For simple software such as Autocad 2002, we would get "Error Accessing Registry" messages. This was solved by adding the PC name to the Power User Group (Win2K Control Panel-> Administrative Tools -> Group -> Add User name)

2) More complex software required providing "READ" permission to the registry key "Winreg" (on dbase server for example). (Note: Deleting this key allows anyone to READ/WRITE to the registry of the server. So don't delete it, just add user permissions to it).

The steps are:
Run regedt32
HKEY_LOCAL_MACHINE -> System -> CurrentControlSet -> Control -> SecurePipeServers
Select "winreg" and goto top menu Security->Permissions
Add the user name with READ permission.

Good Luck,

Sultan

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

spamjim
  • Locked
  • Question
Sanitizing illegal filenames on NTFS volumes
Replies
2
Views
352
spamjim
spamjim
BloodFeastMan
  • Locked
  • Question
Running a "dir" command from "Scheduled Tasks" returns entire registry
Replies
3
Views
182
strongm
strongm
BobMCT
  • Locked
  • Question
Anyone have advice with permissions error on local NAS access from Windows 10?
Replies
6
Views
155
Rick998
Rick998
basball
  • Locked
  • Question
GPO or Registry mod to remove File and Folders Task (Common Tasks Side Bar)
Replies
1
Views
100
strongm
strongm
AndyH1
  • Locked
  • Question
What is the default value of Notification Packages in registry on Windows 10 Pro 1
Replies
3
Views
4K
linney
linney

Part and Inventory Search

Sponsor

Back
Top