Allow remote registry access windows server 2008
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support. This security policy reference topic for the IT professional describes the best practices, location, values, and security considerations for this policy setting.
This policy setting determines which registry paths and subpaths are accessible when an application or process references the WinReg key to determine access permissions. The registry is a database for computer configuration information, much of which is sensitive. A malicious user can use it to facilitate unauthorized activities. This assumes, however, that different accounts are being used to log on. In other words, the same user may not log on locally and remotely simultaneously. As mentioned previously, remote desktop functionality on the server is provided by Remote Desktop Services.
It is important to note, however, that Remote Desktop Services do not have to be explicitly enabled on the server in order to support Remote Desktop Administration. In fact, all that needs to be done is to enable Remote Desktop Administration.
This is configured by opening the Control Panel from the Start menu and selecting the System and Security icon followed by the System icon. In the section in the top left hand corner of the System page select Remote settings to display the following properties window:. The Remote properties dialog provides a number of options.
The default setting is to disallow remote connections to the computer system. The second option allows remote desktop connections from any version of the Remote Desktop client. The third, and most secure option, will only allow connections from Remote Desktop clients with Network Level Authentication support.
This typically will only allow access to systems providing secure network authentication such as Windows Vista, Windows 7 and Windows Server This default port can be changed by changing this setting in the Registry key:.
In the resulting list, scroll down until you reach the PortNumber entry and double click on it to change the current value. Active Directory also contains a Remote Desktop Users group to which users may be added to provide Remote Desktop access privileges.
Note that users with administrative privileges do not need to be added to this list; by default they already have Remote Desktop access. To add additional users click on the Add Enter the name of the user in the text box entitled Enter object names to select and click on Check names to list names that match the name entered. Select the appropriate name from the list. The following example shows user Bill on server winserver Click on OK to apply the change.
Active 10 years, 5 months ago. Viewed 24k times. Thanks very much!! Improve this question. Elitecoder Elitecoder 45 1 1 gold badge 1 1 silver badge 7 7 bronze badges. If so then none of what BCV says is necessary, you have another issue.
Add a comment. Active Oldest Votes. Under Access Permissions, click Edit Limits. Click the Security tab. Select the Root namespace and then click Security.
In the Security dialog box, click Add. In the Select Users, Computers, or Groups dialog box, enter the user account. Click the Check Names button to verify your entry and then click OK. Ensure the permissions propagate to all subnamespaces.
Ima Geekah Ima Geekah 13 1 1 silver badge 3 3 bronze badges. Add a comment. Active Oldest Votes. C Class to establish a network connection with credentials By the way, we use this to do exactly what you are asking, access remote registry.
Improve this answer. Rhyous Rhyous 6, 1 1 gold badge 39 39 silver badges 49 49 bronze badges. How do you access registry from that point? This is completly different of what I've been doing and dont see how to mix this. Maybe you could tell me how you do it so I can change my part of the code?
Once authenticated, your already existing code, probably using RegistryKey. OpenRemoteBaseKey, should work. I went ahead and made a more complete post: rhyous.