|
|
Our Hot Pick: Rising Antivirus 2006 - Certified by TUV & Checkmark! Get 10% discount by entering this coupon code: ONDISCOUNT10
I am trying to load a user hive from a UNC path. When I do this I get access
denied. I can do this from a Windows XP machine. If I copy the file locally
I can the load the hive. What is preventing me from loading it through a UNC
path?
|
|
If you are running this on the command prompt make sure you are using either
the Run As command, or run the command prompt with admin privlileges. UAC
will not appear during the command prompt.
"Mike" wrote:
[Quoted Text] > I am trying to load a user hive from a UNC path. When I do this I get access
> denied. I can do this from a Windows XP machine. If I copy the file locally
> I can the load the hive. What is preventing me from loading it through a UNC
> path?
|
|
I am running this with admin privileges. I turned off UAC as well. This
problem is even reproduced with Regedit.
Open Regedit and select HKLM
Click File and Load Hive
Navigate to a NTUSER.DAT file located on a network share
Give the key a name and select OK.
Access denied.
Is this a new security feature with Vista and if so how do you undo it?
"Spenceation" wrote:
[Quoted Text] > If you are running this on the command prompt make sure you are using either
> the Run As command, or run the command prompt with admin privlileges. UAC
> will not appear during the command prompt.
>
> "Mike" wrote:
>
> > I am trying to load a user hive from a UNC path. When I do this I get access
> > denied. I can do this from a Windows XP machine. If I copy the file locally
> > I can the load the hive. What is preventing me from loading it through a UNC
> > path?
|
|
Try running this command with the actual administrator account, this account
bypasses alot of UAC and vista restrictions.
"Mike" wrote:
[Quoted Text] > I am running this with admin privileges. I turned off UAC as well. This
> problem is even reproduced with Regedit.
>
> Open Regedit and select HKLM
> Click File and Load Hive
> Navigate to a NTUSER.DAT file located on a network share
> Give the key a name and select OK.
> Access denied.
>
> Is this a new security feature with Vista and if so how do you undo it?
>
> "Spenceation" wrote:
>
> > If you are running this on the command prompt make sure you are using either
> > the Run As command, or run the command prompt with admin privlileges. UAC
> > will not appear during the command prompt.
> >
> > "Mike" wrote:
> >
> > > I am trying to load a user hive from a UNC path. When I do this I get access
> > > denied. I can do this from a Windows XP machine. If I copy the file locally
> > > I can the load the hive. What is preventing me from loading it through a UNC
> > > path?
|
|
UAC is turned off
"Spenceation" wrote:
[Quoted Text] > Try running this command with the actual administrator account, this account
> bypasses alot of UAC and vista restrictions.
>
> "Mike" wrote:
>
> > I am running this with admin privileges. I turned off UAC as well. This
> > problem is even reproduced with Regedit.
> >
> > Open Regedit and select HKLM
> > Click File and Load Hive
> > Navigate to a NTUSER.DAT file located on a network share
> > Give the key a name and select OK.
> > Access denied.
> >
> > Is this a new security feature with Vista and if so how do you undo it?
> >
> > "Spenceation" wrote:
> >
> > > If you are running this on the command prompt make sure you are using either
> > > the Run As command, or run the command prompt with admin privlileges. UAC
> > > will not appear during the command prompt.
> > >
> > > "Mike" wrote:
> > >
> > > > I am trying to load a user hive from a UNC path. When I do this I get access
> > > > denied. I can do this from a Windows XP machine. If I copy the file locally
> > > > I can the load the hive. What is preventing me from loading it through a UNC
> > > > path?
|
|
For lack of a better idea, try this. Navigate to C:\Windows\ and
right-click on regedit.exe. Choose Run as Administrator.
"Mike" <Mike[ at ]discussions.microsoft.com> wrote in message
news:C83D2887-F1A2-4CF1-9008-C7F155E09582[ at ]microsoft.com...
[Quoted Text] > UAC is turned off
>
> "Spenceation" wrote:
>
>> Try running this command with the actual administrator account, this
>> account
>> bypasses alot of UAC and vista restrictions.
>>
>> "Mike" wrote:
>>
>> > I am running this with admin privileges. I turned off UAC as well.
>> > This
>> > problem is even reproduced with Regedit.
>> >
>> > Open Regedit and select HKLM
>> > Click File and Load Hive
>> > Navigate to a NTUSER.DAT file located on a network share
>> > Give the key a name and select OK.
>> > Access denied.
>> >
>> > Is this a new security feature with Vista and if so how do you undo it?
>> >
>> > "Spenceation" wrote:
>> >
>> > > If you are running this on the command prompt make sure you are using
>> > > either
>> > > the Run As command, or run the command prompt with admin privlileges.
>> > > UAC
>> > > will not appear during the command prompt.
>> > >
>> > > "Mike" wrote:
>> > >
>> > > > I am trying to load a user hive from a UNC path. When I do this I
>> > > > get access
>> > > > denied. I can do this from a Windows XP machine. If I copy the
>> > > > file locally
>> > > > I can the load the hive. What is preventing me from loading it
>> > > > through a UNC
>> > > > path?
|
|
Same result.
I think it has something to do with a policy from somewhere. What I mean.
I have a Vista and XP machine in the same OU with the same policy being
applied to them both. I can load a registry hive under XP but not Vista. I
then made a RDP connection to a Vista machine off our domain. Opened Regedit
and repeated the same steps and I can load the registry hive. Do you think
it has anything to do with a trusted path that Vista looks at more closely
than XP did?
"dean-dean" wrote:
[Quoted Text] > For lack of a better idea, try this. Navigate to C:\Windows\ and
> right-click on regedit.exe. Choose Run as Administrator.
>
>
> "Mike" <Mike[ at ]discussions.microsoft.com> wrote in message
> news:C83D2887-F1A2-4CF1-9008-C7F155E09582[ at ]microsoft.com...
> > UAC is turned off
> >
> > "Spenceation" wrote:
> >
> >> Try running this command with the actual administrator account, this
> >> account
> >> bypasses alot of UAC and vista restrictions.
> >>
> >> "Mike" wrote:
> >>
> >> > I am running this with admin privileges. I turned off UAC as well.
> >> > This
> >> > problem is even reproduced with Regedit.
> >> >
> >> > Open Regedit and select HKLM
> >> > Click File and Load Hive
> >> > Navigate to a NTUSER.DAT file located on a network share
> >> > Give the key a name and select OK.
> >> > Access denied.
> >> >
> >> > Is this a new security feature with Vista and if so how do you undo it?
> >> >
> >> > "Spenceation" wrote:
> >> >
> >> > > If you are running this on the command prompt make sure you are using
> >> > > either
> >> > > the Run As command, or run the command prompt with admin privlileges.
> >> > > UAC
> >> > > will not appear during the command prompt.
> >> > >
> >> > > "Mike" wrote:
> >> > >
> >> > > > I am trying to load a user hive from a UNC path. When I do this I
> >> > > > get access
> >> > > > denied. I can do this from a Windows XP machine. If I copy the
> >> > > > file locally
> >> > > > I can the load the hive. What is preventing me from loading it
> >> > > > through a UNC
> >> > > > path?
>
>
|
|
Are you trying to load this hive over the network? Vista does restrict
certain registry paths from being editted remotely.
System\CurrentControlSet\Control\Print\Printers
System\CurrentControlSet\Services\Eventlog
Software\Microsoft\OLAP Server
Software\Microsoft\Windows NT\CurrentVersion\Print
Software\Microsoft\Windows NT\CurrentVersion\Windows
System\CurrentControlSet\Control\ContentIndex
System\CurrentControlSet\Control\Terminal Server
System\CurrentControlSet\Control\Terminal Server\UserConfig
System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
Software\Microsoft\Windows NT\CurrentVersion\Perflib
System\CurrentControlSet\Services\SysmonLog
These paths are allowed to be remotely accessible and their sub-paths. These
settings are stored in the security settings of group poilicy under:
Network Access: Remotely accessible registry paths and sub-paths
Since the machines share the same OU try running a Result of Policies to see
if any settings differ. Also open Regedit and right click on the hive that
you are editting and select permissions. The default permissions might be
different on this machine due to the OUs or other reasons. If your account
has permissions and you are locally logged in, you should be able to edit the
registry without error.
"Mike" wrote:
[Quoted Text] > Same result.
>
> I think it has something to do with a policy from somewhere. What I mean.
> I have a Vista and XP machine in the same OU with the same policy being
> applied to them both. I can load a registry hive under XP but not Vista. I
> then made a RDP connection to a Vista machine off our domain. Opened Regedit
> and repeated the same steps and I can load the registry hive. Do you think
> it has anything to do with a trusted path that Vista looks at more closely
> than XP did?
>
> "dean-dean" wrote:
>
> > For lack of a better idea, try this. Navigate to C:\Windows\ and
> > right-click on regedit.exe. Choose Run as Administrator.
> >
> >
> > "Mike" <Mike[ at ]discussions.microsoft.com> wrote in message
> > news:C83D2887-F1A2-4CF1-9008-C7F155E09582[ at ]microsoft.com...
> > > UAC is turned off
> > >
> > > "Spenceation" wrote:
> > >
> > >> Try running this command with the actual administrator account, this
> > >> account
> > >> bypasses alot of UAC and vista restrictions.
> > >>
> > >> "Mike" wrote:
> > >>
> > >> > I am running this with admin privileges. I turned off UAC as well.
> > >> > This
> > >> > problem is even reproduced with Regedit.
> > >> >
> > >> > Open Regedit and select HKLM
> > >> > Click File and Load Hive
> > >> > Navigate to a NTUSER.DAT file located on a network share
> > >> > Give the key a name and select OK.
> > >> > Access denied.
> > >> >
> > >> > Is this a new security feature with Vista and if so how do you undo it?
> > >> >
> > >> > "Spenceation" wrote:
> > >> >
> > >> > > If you are running this on the command prompt make sure you are using
> > >> > > either
> > >> > > the Run As command, or run the command prompt with admin privlileges.
> > >> > > UAC
> > >> > > will not appear during the command prompt.
> > >> > >
> > >> > > "Mike" wrote:
> > >> > >
> > >> > > > I am trying to load a user hive from a UNC path. When I do this I
> > >> > > > get access
> > >> > > > denied. I can do this from a Windows XP machine. If I copy the
> > >> > > > file locally
> > >> > > > I can the load the hive. What is preventing me from loading it
> > >> > > > through a UNC
> > >> > > > path?
> >
> >
|
|
Not to be dense here but I can't find Computer Configuration\Windows
Settings\Security Settings\Network Access Protection
Under Security Settings
-Account Policies
-Local Policies
-Windows Firewall with Advanced Security
-Public Key Policies
-Software Restriction Policies
-IP Security Policies on Local Computer
What am I missing?
"Spenceation" wrote:
[Quoted Text] > Are you trying to load this hive over the network? Vista does restrict
> certain registry paths from being editted remotely.
>
> System\CurrentControlSet\Control\Print\Printers
> System\CurrentControlSet\Services\Eventlog
> Software\Microsoft\OLAP Server
> Software\Microsoft\Windows NT\CurrentVersion\Print
> Software\Microsoft\Windows NT\CurrentVersion\Windows
> System\CurrentControlSet\Control\ContentIndex
> System\CurrentControlSet\Control\Terminal Server
> System\CurrentControlSet\Control\Terminal Server\UserConfig
> System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
> Software\Microsoft\Windows NT\CurrentVersion\Perflib
> System\CurrentControlSet\Services\SysmonLog
>
> These paths are allowed to be remotely accessible and their sub-paths. These
> settings are stored in the security settings of group poilicy under:
> Network Access: Remotely accessible registry paths and sub-paths
> Since the machines share the same OU try running a Result of Policies to see
> if any settings differ. Also open Regedit and right click on the hive that
> you are editting and select permissions. The default permissions might be
> different on this machine due to the OUs or other reasons. If your account
> has permissions and you are locally logged in, you should be able to edit the
> registry without error.
>
>
> "Mike" wrote:
>
> > Same result.
> >
> > I think it has something to do with a policy from somewhere. What I mean.
> > I have a Vista and XP machine in the same OU with the same policy being
> > applied to them both. I can load a registry hive under XP but not Vista. I
> > then made a RDP connection to a Vista machine off our domain. Opened Regedit
> > and repeated the same steps and I can load the registry hive. Do you think
> > it has anything to do with a trusted path that Vista looks at more closely
> > than XP did?
> >
> > "dean-dean" wrote:
> >
> > > For lack of a better idea, try this. Navigate to C:\Windows\ and
> > > right-click on regedit.exe. Choose Run as Administrator.
> > >
> > >
> > > "Mike" <Mike[ at ]discussions.microsoft.com> wrote in message
> > > news:C83D2887-F1A2-4CF1-9008-C7F155E09582[ at ]microsoft.com...
> > > > UAC is turned off
> > > >
> > > > "Spenceation" wrote:
> > > >
> > > >> Try running this command with the actual administrator account, this
> > > >> account
> > > >> bypasses alot of UAC and vista restrictions.
> > > >>
> > > >> "Mike" wrote:
> > > >>
> > > >> > I am running this with admin privileges. I turned off UAC as well.
> > > >> > This
> > > >> > problem is even reproduced with Regedit.
> > > >> >
> > > >> > Open Regedit and select HKLM
> > > >> > Click File and Load Hive
> > > >> > Navigate to a NTUSER.DAT file located on a network share
> > > >> > Give the key a name and select OK.
> > > >> > Access denied.
> > > >> >
> > > >> > Is this a new security feature with Vista and if so how do you undo it?
> > > >> >
> > > >> > "Spenceation" wrote:
> > > >> >
> > > >> > > If you are running this on the command prompt make sure you are using
> > > >> > > either
> > > >> > > the Run As command, or run the command prompt with admin privlileges.
> > > >> > > UAC
> > > >> > > will not appear during the command prompt.
> > > >> > >
> > > >> > > "Mike" wrote:
> > > >> > >
> > > >> > > > I am trying to load a user hive from a UNC path. When I do this I
> > > >> > > > get access
> > > >> > > > denied. I can do this from a Windows XP machine. If I copy the
> > > >> > > > file locally
> > > >> > > > I can the load the hive. What is preventing me from loading it
> > > >> > > > through a UNC
> > > >> > > > path?
> > >
> > >
|
|
Go to Local Policies then Security Options. the User Rights Assignment folder
will assign rights to users and Security Options enables or disables computer
security settings.
"Mike" wrote:
[Quoted Text] > Not to be dense here but I can't find Computer Configuration\Windows
> Settings\Security Settings\Network Access Protection
>
> Under Security Settings
> -Account Policies
> -Local Policies
> -Windows Firewall with Advanced Security
> -Public Key Policies
> -Software Restriction Policies
> -IP Security Policies on Local Computer
>
> What am I missing?
>
>
> "Spenceation" wrote:
>
> > Are you trying to load this hive over the network? Vista does restrict
> > certain registry paths from being editted remotely.
> >
> > System\CurrentControlSet\Control\Print\Printers
> > System\CurrentControlSet\Services\Eventlog
> > Software\Microsoft\OLAP Server
> > Software\Microsoft\Windows NT\CurrentVersion\Print
> > Software\Microsoft\Windows NT\CurrentVersion\Windows
> > System\CurrentControlSet\Control\ContentIndex
> > System\CurrentControlSet\Control\Terminal Server
> > System\CurrentControlSet\Control\Terminal Server\UserConfig
> > System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
> > Software\Microsoft\Windows NT\CurrentVersion\Perflib
> > System\CurrentControlSet\Services\SysmonLog
> >
> > These paths are allowed to be remotely accessible and their sub-paths. These
> > settings are stored in the security settings of group poilicy under:
> > Network Access: Remotely accessible registry paths and sub-paths
> > Since the machines share the same OU try running a Result of Policies to see
> > if any settings differ. Also open Regedit and right click on the hive that
> > you are editting and select permissions. The default permissions might be
> > different on this machine due to the OUs or other reasons. If your account
> > has permissions and you are locally logged in, you should be able to edit the
> > registry without error.
> >
> >
> > "Mike" wrote:
> >
> > > Same result.
> > >
> > > I think it has something to do with a policy from somewhere. What I mean.
> > > I have a Vista and XP machine in the same OU with the same policy being
> > > applied to them both. I can load a registry hive under XP but not Vista. I
> > > then made a RDP connection to a Vista machine off our domain. Opened Regedit
> > > and repeated the same steps and I can load the registry hive. Do you think
> > > it has anything to do with a trusted path that Vista looks at more closely
> > > than XP did?
> > >
> > > "dean-dean" wrote:
> > >
> > > > For lack of a better idea, try this. Navigate to C:\Windows\ and
> > > > right-click on regedit.exe. Choose Run as Administrator.
> > > >
> > > >
> > > > "Mike" <Mike[ at ]discussions.microsoft.com> wrote in message
> > > > news:C83D2887-F1A2-4CF1-9008-C7F155E09582[ at ]microsoft.com...
> > > > > UAC is turned off
> > > > >
> > > > > "Spenceation" wrote:
> > > > >
> > > > >> Try running this command with the actual administrator account, this
> > > > >> account
> > > > >> bypasses alot of UAC and vista restrictions.
> > > > >>
> > > > >> "Mike" wrote:
> > > > >>
> > > > >> > I am running this with admin privileges. I turned off UAC as well.
> > > > >> > This
> > > > >> > problem is even reproduced with Regedit.
> > > > >> >
> > > > >> > Open Regedit and select HKLM
> > > > >> > Click File and Load Hive
> > > > >> > Navigate to a NTUSER.DAT file located on a network share
> > > > >> > Give the key a name and select OK.
> > > > >> > Access denied.
> > > > >> >
> > > > >> > Is this a new security feature with Vista and if so how do you undo it?
> > > > >> >
> > > > >> > "Spenceation" wrote:
> > > > >> >
> > > > >> > > If you are running this on the command prompt make sure you are using
> > > > >> > > either
> > > > >> > > the Run As command, or run the command prompt with admin privlileges.
> > > > >> > > UAC
> > > > >> > > will not appear during the command prompt.
> > > > >> > >
> > > > >> > > "Mike" wrote:
> > > > >> > >
> > > > >> > > > I am trying to load a user hive from a UNC path. When I do this I
> > > > >> > > > get access
> > > > >> > > > denied. I can do this from a Windows XP machine. If I copy the
> > > > >> > > > file locally
> > > > >> > > > I can the load the hive. What is preventing me from loading it
> > > > >> > > > through a UNC
> > > > >> > > > path?
> > > >
> > > >
|
|
Found it. XP does not contain Network access: Remotely accessible registry
paths and subpaths. So this is probably blocking me. So if I understand
this correctly, this list provides which keys can be editted when you load a
hive. When a user's hive is loaded (NTUSER.DAT), is it then scanned to see
if there isn't anything violating the list? If so, you get access denied?
"Spenceation" wrote:
[Quoted Text] > Go to Local Policies then Security Options. the User Rights Assignment folder
> will assign rights to users and Security Options enables or disables computer
> security settings.
>
> "Mike" wrote:
>
> > Not to be dense here but I can't find Computer Configuration\Windows
> > Settings\Security Settings\Network Access Protection
> >
> > Under Security Settings
> > -Account Policies
> > -Local Policies
> > -Windows Firewall with Advanced Security
> > -Public Key Policies
> > -Software Restriction Policies
> > -IP Security Policies on Local Computer
> >
> > What am I missing?
> >
> >
> > "Spenceation" wrote:
> >
> > > Are you trying to load this hive over the network? Vista does restrict
> > > certain registry paths from being editted remotely.
> > >
> > > System\CurrentControlSet\Control\Print\Printers
> > > System\CurrentControlSet\Services\Eventlog
> > > Software\Microsoft\OLAP Server
> > > Software\Microsoft\Windows NT\CurrentVersion\Print
> > > Software\Microsoft\Windows NT\CurrentVersion\Windows
> > > System\CurrentControlSet\Control\ContentIndex
> > > System\CurrentControlSet\Control\Terminal Server
> > > System\CurrentControlSet\Control\Terminal Server\UserConfig
> > > System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
> > > Software\Microsoft\Windows NT\CurrentVersion\Perflib
> > > System\CurrentControlSet\Services\SysmonLog
> > >
> > > These paths are allowed to be remotely accessible and their sub-paths. These
> > > settings are stored in the security settings of group poilicy under:
> > > Network Access: Remotely accessible registry paths and sub-paths
> > > Since the machines share the same OU try running a Result of Policies to see
> > > if any settings differ. Also open Regedit and right click on the hive that
> > > you are editting and select permissions. The default permissions might be
> > > different on this machine due to the OUs or other reasons. If your account
> > > has permissions and you are locally logged in, you should be able to edit the
> > > registry without error.
> > >
> > >
> > > "Mike" wrote:
> > >
> > > > Same result.
> > > >
> > > > I think it has something to do with a policy from somewhere. What I mean.
> > > > I have a Vista and XP machine in the same OU with the same policy being
> > > > applied to them both. I can load a registry hive under XP but not Vista. I
> > > > then made a RDP connection to a Vista machine off our domain. Opened Regedit
> > > > and repeated the same steps and I can load the registry hive. Do you think
> > > > it has anything to do with a trusted path that Vista looks at more closely
> > > > than XP did?
> > > >
> > > > "dean-dean" wrote:
> > > >
> > > > > For lack of a better idea, try this. Navigate to C:\Windows\ and
> > > > > right-click on regedit.exe. Choose Run as Administrator.
> > > > >
> > > > >
> > > > > "Mike" <Mike[ at ]discussions.microsoft.com> wrote in message
> > > > > news:C83D2887-F1A2-4CF1-9008-C7F155E09582[ at ]microsoft.com...
> > > > > > UAC is turned off
> > > > > >
> > > > > > "Spenceation" wrote:
> > > > > >
> > > > > >> Try running this command with the actual administrator account, this
> > > > > >> account
> > > > > >> bypasses alot of UAC and vista restrictions.
> > > > > >>
> > > > > >> "Mike" wrote:
> > > > > >>
> > > > > >> > I am running this with admin privileges. I turned off UAC as well.
> > > > > >> > This
> > > > > >> > problem is even reproduced with Regedit.
> > > > > >> >
> > > > > >> > Open Regedit and select HKLM
> > > > > >> > Click File and Load Hive
> > > > > >> > Navigate to a NTUSER.DAT file located on a network share
> > > > > >> > Give the key a name and select OK.
> > > > > >> > Access denied.
> > > > > >> >
> > > > > >> > Is this a new security feature with Vista and if so how do you undo it?
> > > > > >> >
> > > > > >> > "Spenceation" wrote:
> > > > > >> >
> > > > > >> > > If you are running this on the command prompt make sure you are using
> > > > > >> > > either
> > > > > >> > > the Run As command, or run the command prompt with admin privlileges.
> > > > > >> > > UAC
> > > > > >> > > will not appear during the command prompt.
> > > > > >> > >
> > > > > >> > > "Mike" wrote:
> > > > > >> > >
> > > > > >> > > > I am trying to load a user hive from a UNC path. When I do this I
> > > > > >> > > > get access
> > > > > >> > > > denied. I can do this from a Windows XP machine. If I copy the
> > > > > >> > > > file locally
> > > > > >> > > > I can the load the hive. What is preventing me from loading it
> > > > > >> > > > through a UNC
> > > > > >> > > > path?
> > > > >
> > > > >
|
|
Correct. Any other registry hives will be blocked if it isn't listed or a
sub-path of a hive on that list remotely. If you are applying this to
multiple machines, try one first and then see the results. Hopefully this
will fix it. Let me know, I'm curious if that is what is blocking it.
"Spenceation" wrote:
[Quoted Text] > Go to Local Policies then Security Options. the User Rights Assignment folder
> will assign rights to users and Security Options enables or disables computer
> security settings.
>
> "Mike" wrote:
>
> > Not to be dense here but I can't find Computer Configuration\Windows
> > Settings\Security Settings\Network Access Protection
> >
> > Under Security Settings
> > -Account Policies
> > -Local Policies
> > -Windows Firewall with Advanced Security
> > -Public Key Policies
> > -Software Restriction Policies
> > -IP Security Policies on Local Computer
> >
> > What am I missing?
> >
> >
> > "Spenceation" wrote:
> >
> > > Are you trying to load this hive over the network? Vista does restrict
> > > certain registry paths from being editted remotely.
> > >
> > > System\CurrentControlSet\Control\Print\Printers
> > > System\CurrentControlSet\Services\Eventlog
> > > Software\Microsoft\OLAP Server
> > > Software\Microsoft\Windows NT\CurrentVersion\Print
> > > Software\Microsoft\Windows NT\CurrentVersion\Windows
> > > System\CurrentControlSet\Control\ContentIndex
> > > System\CurrentControlSet\Control\Terminal Server
> > > System\CurrentControlSet\Control\Terminal Server\UserConfig
> > > System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
> > > Software\Microsoft\Windows NT\CurrentVersion\Perflib
> > > System\CurrentControlSet\Services\SysmonLog
> > >
> > > These paths are allowed to be remotely accessible and their sub-paths. These
> > > settings are stored in the security settings of group poilicy under:
> > > Network Access: Remotely accessible registry paths and sub-paths
> > > Since the machines share the same OU try running a Result of Policies to see
> > > if any settings differ. Also open Regedit and right click on the hive that
> > > you are editting and select permissions. The default permissions might be
> > > different on this machine due to the OUs or other reasons. If your account
> > > has permissions and you are locally logged in, you should be able to edit the
> > > registry without error.
> > >
> > >
> > > "Mike" wrote:
> > >
> > > > Same result.
> > > >
> > > > I think it has something to do with a policy from somewhere. What I mean.
> > > > I have a Vista and XP machine in the same OU with the same policy being
> > > > applied to them both. I can load a registry hive under XP but not Vista. I
> > > > then made a RDP connection to a Vista machine off our domain. Opened Regedit
> > > > and repeated the same steps and I can load the registry hive. Do you think
> > > > it has anything to do with a trusted path that Vista looks at more closely
> > > > than XP did?
> > > >
> > > > "dean-dean" wrote:
> > > >
> > > > > For lack of a better idea, try this. Navigate to C:\Windows\ and
> > > > > right-click on regedit.exe. Choose Run as Administrator.
> > > > >
> > > > >
> > > > > "Mike" <Mike[ at ]discussions.microsoft.com> wrote in message
> > > > > news:C83D2887-F1A2-4CF1-9008-C7F155E09582[ at ]microsoft.com...
> > > > > > UAC is turned off
> > > > > >
> > > > > > "Spenceation" wrote:
> > > > > >
> > > > > >> Try running this command with the actual administrator account, this
> > > > > >> account
> > > > > >> bypasses alot of UAC and vista restrictions.
> > > > > >>
> > > > > >> "Mike" wrote:
> > > > > >>
> > > > > >> > I am running this with admin privileges. I turned off UAC as well.
> > > > > >> > This
> > > > > >> > problem is even reproduced with Regedit.
> > > > > >> >
> > > > > >> > Open Regedit and select HKLM
> > > > > >> > Click File and Load Hive
> > > > > >> > Navigate to a NTUSER.DAT file located on a network share
> > > > > >> > Give the key a name and select OK.
> > > > > >> > Access denied.
> > > > > >> >
> > > > > >> > Is this a new security feature with Vista and if so how do you undo it?
> > > > > >> >
> > > > > >> > "Spenceation" wrote:
> > > > > >> >
> > > > > >> > > If you are running this on the command prompt make sure you are using
> > > > > >> > > either
> > > > > >> > > the Run As command, or run the command prompt with admin privlileges.
> > > > > >> > > UAC
> > > > > >> > > will not appear during the command prompt.
> > > > > >> > >
> > > > > >> > > "Mike" wrote:
> > > > > >> > >
> > > > > >> > > > I am trying to load a user hive from a UNC path. When I do this I
> > > > > >> > > > get access
> > > > > >> > > > denied. I can do this from a Windows XP machine. If I copy the
> > > > > >> > > > file locally
> > > > > >> > > > I can the load the hive. What is preventing me from loading it
> > > > > >> > > > through a UNC
> > > > > >> > > > path?
> > > > >
> > > > >
|
|
I removed the entries from the list. Thinking this would disable the
setting. Same result. I then added back to the list the top most keys of
the hive (AppEvents, Console, Control Panel, Environment, Identities,
Keyboard Layout, Printers, Software, UNICODE Program Groups) and again the
same result. I still don't know if the setting is actually blocking me or
not. I did do a gpupdate /force and restart between changes.
"Spenceation" wrote:
[Quoted Text] > Correct. Any other registry hives will be blocked if it isn't listed or a
> sub-path of a hive on that list remotely. If you are applying this to
> multiple machines, try one first and then see the results. Hopefully this
> will fix it. Let me know, I'm curious if that is what is blocking it.
>
> "Spenceation" wrote:
>
> > Go to Local Policies then Security Options. the User Rights Assignment folder
> > will assign rights to users and Security Options enables or disables computer
> > security settings.
> >
> > "Mike" wrote:
> >
> > > Not to be dense here but I can't find Computer Configuration\Windows
> > > Settings\Security Settings\Network Access Protection
> > >
> > > Under Security Settings
> > > -Account Policies
> > > -Local Policies
> > > -Windows Firewall with Advanced Security
> > > -Public Key Policies
> > > -Software Restriction Policies
> > > -IP Security Policies on Local Computer
> > >
> > > What am I missing?
> > >
> > >
> > > "Spenceation" wrote:
> > >
> > > > Are you trying to load this hive over the network? Vista does restrict
> > > > certain registry paths from being editted remotely.
> > > >
> > > > System\CurrentControlSet\Control\Print\Printers
> > > > System\CurrentControlSet\Services\Eventlog
> > > > Software\Microsoft\OLAP Server
> > > > Software\Microsoft\Windows NT\CurrentVersion\Print
> > > > Software\Microsoft\Windows NT\CurrentVersion\Windows
> > > > System\CurrentControlSet\Control\ContentIndex
> > > > System\CurrentControlSet\Control\Terminal Server
> > > > System\CurrentControlSet\Control\Terminal Server\UserConfig
> > > > System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
> > > > Software\Microsoft\Windows NT\CurrentVersion\Perflib
> > > > System\CurrentControlSet\Services\SysmonLog
> > > >
> > > > These paths are allowed to be remotely accessible and their sub-paths. These
> > > > settings are stored in the security settings of group poilicy under:
> > > > Network Access: Remotely accessible registry paths and sub-paths
> > > > Since the machines share the same OU try running a Result of Policies to see
> > > > if any settings differ. Also open Regedit and right click on the hive that
> > > > you are editting and select permissions. The default permissions might be
> > > > different on this machine due to the OUs or other reasons. If your account
> > > > has permissions and you are locally logged in, you should be able to edit the
> > > > registry without error.
> > > >
> > > >
> > > > "Mike" wrote:
> > > >
> > > > > Same result.
> > > > >
> > > > > I think it has something to do with a policy from somewhere. What I mean.
> > > > > I have a Vista and XP machine in the same OU with the same policy being
> > > > > applied to them both. I can load a registry hive under XP but not Vista. I
> > > > > then made a RDP connection to a Vista machine off our domain. Opened Regedit
> > > > > and repeated the same steps and I can load the registry hive. Do you think
> > > > > it has anything to do with a trusted path that Vista looks at more closely
> > > > > than XP did?
> > > > >
> > > > > "dean-dean" wrote:
> > > > >
> > > > > > For lack of a better idea, try this. Navigate to C:\Windows\ and
> > > > > > right-click on regedit.exe. Choose Run as Administrator.
> > > > > >
> > > > > >
> > > > > > "Mike" <Mike[ at ]discussions.microsoft.com> wrote in message
> > > > > > news:C83D2887-F1A2-4CF1-9008-C7F155E09582[ at ]microsoft.com...
> > > > > > > UAC is turned off
> > > > > > >
> > > > > > > "Spenceation" wrote:
> > > > > > >
> > > > > > >> Try running this command with the actual administrator account, this
> > > > > > >> account
> > > > > > >> bypasses alot of UAC and vista restrictions.
> > > > > > >>
> > > > > > >> "Mike" wrote:
> > > > > > >>
> > > > > > >> > I am running this with admin privileges. I turned off UAC as well.
> > > > > > >> > This
> > > > > > >> > problem is even reproduced with Regedit.
> > > > > > >> >
> > > > > > >> > Open Regedit and select HKLM
> > > > > > >> > Click File and Load Hive
> > > > > > >> > Navigate to a NTUSER.DAT file located on a network share
> > > > > > >> > Give the key a name and select OK.
> > > > > > >> > Access denied.
> > > > > > >> >
> > > > > > >> > Is this a new security feature with Vista and if so how do you undo it?
> > > > > > >> >
> > > > > > >> > "Spenceation" wrote:
> > > > > > >> >
> > > > > > >> > > If you are running this on the command prompt make sure you are using
> > > > > > >> > > either
> > > > > > >> > > the Run As command, or run the command prompt with admin privlileges.
> > > > > > >> > > UAC
> > > > > > >> > > will not appear during the command prompt.
> > > > > > >> > >
> > > > > > >> > > "Mike" wrote:
> > > > > > >> > >
> > > > > > >> > > > I am trying to load a user hive from a UNC path. When I do this I
> > > > > > >> > > > get access
> > > > > > >> > > > denied. I can do this from a Windows XP machine. If I copy the
> > > > > > >> > > > file locally
> > > > > > >> > > > I can the load the hive. What is preventing me from loading it
> > > > > > >> > > > through a UNC
> > > > > > >> > > > path?
> > > > > >
> > > > > >
|
|
|