I have an application, running on a client Win2K workstation, that needs
access to a specific Win2K Server's HKLM/Software/<aplication> Registry key.
I have added the domain user via REGEDT32's Security to the key giving both
Read and Full Control permissions but still cannot access the key. If I log
onto the Win2K workstation as the domain's Administrator, I can access it.
I've even tried adding the user at the HKLM/Software level and at the HKLM
level. No luck.

What is getting in the way (besides a lack of knowledge)?

Hi,

You can download the tool called RegMon from www.sysinternals.com.

Once you have it running on your computer - run the application and it will
show you what registries are getting called and if there are any access
denied on these registries... This should help you troubleshoot the
problem...

--
Mike
Microsoft MVP - Windows Security

"MyndPhlyp" <nobody@homeright.now> wrote in message
news:OhjvW1F6GHA.4620@TK2MSFTNGP02.phx.gbl...
>I have an application, running on a client Win2K workstation, that needs
> access to a specific Win2K Server's HKLM/Software/<aplication> Registry
> key.
> I have added the domain user via REGEDT32's Security to the key giving
> both
> Read and Full Control permissions but still cannot access the key. If I
> log
> onto the Win2K workstation as the domain's Administrator, I can access it.
> I've even tried adding the user at the HKLM/Software level and at the HKLM
> level. No luck.
>
> What is getting in the way (besides a lack of knowledge)?
>
>

Hmm. Lots of Registry chatter.

Run it from the workstation or the server?

How do I determine when the workstation is attempting to access the server's
key? (RTFM didn't help.)



"Miha Pihler [MVP]" <mihap-news@atlantis.si> wrote in message
news:%23OcuU%23F6GHA.3572@TK2MSFTNGP06.phx.gbl...
> Hi,
>
> You can download the tool called RegMon from www.sysinternals.com.
>
> Once you have it running on your computer - run the application and it
will
> show you what registries are getting called and if there are any access
> denied on these registries... This should help you troubleshoot the
> problem...

Hi,

Under Options you can find a Filter where you enter only name of your
application (e.g. application.exe) instead of *. Now Regmon will only show
registry access done by application.exe

You have to run regmon on a computer where application will be run.

--
Mike
Microsoft MVP - Windows Security


"MyndPhlyp" <nobody@homeright.now> wrote in message
news:%23%23ds5UG6GHA.4112@TK2MSFTNGP04.phx.gbl...
> Hmm. Lots of Registry chatter.
>
> Run it from the workstation or the server?
>
> How do I determine when the workstation is attempting to access the
> server's
> key? (RTFM didn't help.)
>
>
>
> "Miha Pihler [MVP]" <mihap-news@atlantis.si> wrote in message
> news:%23OcuU%23F6GHA.3572@TK2MSFTNGP06.phx.gbl...
>> Hi,
>>
>> You can download the tool called RegMon from www.sysinternals.com.
>>
>> Once you have it running on your computer - run the application and it
> will
>> show you what registries are getting called and if there are any access
>> denied on these registries... This should help you troubleshoot the
>> problem...
>
>

Okay, that's one of the two questions. <G>

How 'bout what types of entries I'm looking for that would signify an
attempt to access the remote registry?



"Miha Pihler [MVP]" <mihap-news@atlantis.si> wrote in message
news:eBNqguH6GHA.3732@TK2MSFTNGP05.phx.gbl...
> Hi,
>
> Under Options you can find a Filter where you enter only name of your
> application (e.g. application.exe) instead of *. Now Regmon will only show
> registry access done by application.exe
>
> You have to run regmon on a computer where application will be run.
>
> --
> Mike
> Microsoft MVP - Windows Security
>
>
> "MyndPhlyp" <nobody@homeright.now> wrote in message
> news:%23%23ds5UG6GHA.4112@TK2MSFTNGP04.phx.gbl...
> > Hmm. Lots of Registry chatter.
> >
> > Run it from the workstation or the server?
> >
> > How do I determine when the workstation is attempting to access the
> > server's
> > key? (RTFM didn't help.)
> >
> >
> >
> > "Miha Pihler [MVP]" <mihap-news@atlantis.si> wrote in message
> > news:%23OcuU%23F6GHA.3572@TK2MSFTNGP06.phx.gbl...
> >> Hi,
> >>
> >> You can download the tool called RegMon from www.sysinternals.com.
> >>
> >> Once you have it running on your computer - run the application and it
> > will
> >> show you what registries are getting called and if there are any access
> >> denied on these registries... This should help you troubleshoot the
> >> problem...
> >
> >
>
>

Well, I've been able to determine that the Domain User does indeed have Full
Access permission to the particular HKLM/Software/<application> key in
question when logged on at the server (that also happens to be the DC). The
Domain User cannot access anything, other than the HKLM root, using REGEDT32
from the workstation though. (Okay, not the total truth. The Domain user can
also access HKU/.DEFAULT.) All the rest of the keys are grayed out.

Anybody have a clue to share?

Although the user may have permissions to that registry key, they may
not have permissions to access the remote registry.

Maybe because you log in as administrator you are able to access the
remote registry whereas the user may not have the same permissions.

I don't know if this works in Win2000 but try opening regedit (not
regedt32 for this test) as the user, then choose File --> Connect
network registry and put in the remote server name. This should tell
you whether they can even connect remotely.

HTH


"MyndPhlyp" <nobody@homeright.now> wrote:

>I have an application, running on a client Win2K workstation, that needs
>access to a specific Win2K Server's HKLM/Software/<aplication> Registry key.
>I have added the domain user via REGEDT32's Security to the key giving both
>Read and Full Control permissions but still cannot access the key. If I log
>onto the Win2K workstation as the domain's Administrator, I can access it.
>I've even tried adding the user at the HKLM/Software level and at the HKLM
>level. No luck.
>
>What is getting in the way (besides a lack of knowledge)?
>


Ha®®y

HarryKrishna.nospam@online.ie