My guess is that you are not launching REGEDT32.EXE
It should have 5 cascaded windows within the program when you launch it. Taken directly from the article: In Windows 2000 and later, only Administrators and Backup Operators have default network access to the registry. How severe a security risk this is depends on a number of other factors. I'd take a look at your whole security structure not just this one aspect of it. Chris Bodnar, MCSE Sr. Systems Engineer Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: [email protected] Phone: 610-807-6459 Fax: 610-807-6003 -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Sunday, August 16, 2009 1:53 PM To: NT System Admin Issues Subject: log parsing Hi, I'm trying to run a script that uses logparser.exe and send by email changes seen in the event viewer in a Windows 2K machine. The scripts fails to connect to the registry getting "Error connecting to registry on server XXXXX". If I manually start the service remote registry, then the script works. However this is a critical machine and I've read around that allowing the remote registry service can be risky. So I came across this article from Microsoft: http://support.microsoft.com/kb/153183/EN-US/ and I tried to add the Users entry in the registry using regedit. Unfortunately adding an entry for the administrator didn't work (neither using administrator nor capitalizing using Administrator). Also the article states "Select "winreg". Click Security and then click Permissions. Add users or groups to which you want to grant access." I don't where I can "click" on security on this version of regedit. Questions: - Is really a security risk running the remote registry service? - How can I bypass and allow just certain users (administrators for instance) to access the registry? thanks in advance, Miguel ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
