jaeb
asked on
[Q] Registry Access rights...
Hi..
I want to know how to change registry access rights in Windows XP...
I create some keys in HKEY_LOCAL_MACHINES, my account is administrator.
I Change my account which is not administrator..
So I can't modify some values in HKEY_LOCAL_MACHINES,
because I don't have access rights in HKEY_LOCAL_MACHINES..
If I want to access, I have to run REGEDIT,
and then I append writing access right..
However I don't want to use REGEDIT...
I change access right programmably..
How can I do???
I want to know how to change registry access rights in Windows XP...
I create some keys in HKEY_LOCAL_MACHINES, my account is administrator.
I Change my account which is not administrator..
So I can't modify some values in HKEY_LOCAL_MACHINES,
because I don't have access rights in HKEY_LOCAL_MACHINES..
If I want to access, I have to run REGEDIT,
and then I append writing access right..
However I don't want to use REGEDIT...
I change access right programmably..
How can I do???
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
jkr, Do above code work well in Windows XP????
I tested your code, but it doesn't work...
Administrator account executes the code,
and then I switch user to limited user account.
And I modified the registry value,
But a error message appears,
the message is I can't change registry value...
I'm using Windows XP professional, VC++ 6.0.
I tested your code, but it doesn't work...
Administrator account executes the code,
and then I switch user to limited user account.
And I modified the registry value,
But a error message appears,
the message is I can't change registry value...
I'm using Windows XP professional, VC++ 6.0.
Don't know about XP, but it should work on W2k/NT...
In this case, Win2000 == WinXP == WinNT. They all share the same thing w.r.t. registry security.
I think your problem is that you are missing the point that in order to CHANGE SECURITY you must be AUTHORIZED to change it, regardless of whether or not it is from REGEDT32 or from a program.
If your user account lacks rights on a registry object to change that object's security, no amount of trying or programming will change that.
Either give your user account the privilege it needs or change the security on the object (from a privileged account) to permit your user account to modify the object's security.
I think your problem is that you are missing the point that in order to CHANGE SECURITY you must be AUTHORIZED to change it, regardless of whether or not it is from REGEDT32 or from a program.
If your user account lacks rights on a registry object to change that object's security, no amount of trying or programming will change that.
Either give your user account the privilege it needs or change the security on the object (from a privileged account) to permit your user account to modify the object's security.
ASKER
I use 2 accounts.
One is miru.
Two is jaeb.
miru and administrator have same privilege...
jae is limited user.
I want to change registry value using two accounts..
firstly using miru, everything is OK.
However using jaeb, I can't change registry value...
so I log on miru then I execute above execute program.
and I switch user from miru to jaeb.
Now My account is jaeb.
If jaeb try to change registry, a error message appears.
If I use REGEDT32 or REGEDIT to change access permission,
miru and jaeb can change registry values..
But using my program(it is execute file of aboce code),
jaeb can't change...
In my opinion, miru is enough privileged account.
So miru may change access rights about registry...
One is miru.
Two is jaeb.
miru and administrator have same privilege...
jae is limited user.
I want to change registry value using two accounts..
firstly using miru, everything is OK.
However using jaeb, I can't change registry value...
so I log on miru then I execute above execute program.
and I switch user from miru to jaeb.
Now My account is jaeb.
If jaeb try to change registry, a error message appears.
If I use REGEDT32 or REGEDIT to change access permission,
miru and jaeb can change registry values..
But using my program(it is execute file of aboce code),
jaeb can't change...
In my opinion, miru is enough privileged account.
So miru may change access rights about registry...
ASKER
If I execute REGEDT32 after executin my program,
jaeb can change registry value..
But If I don't execute REGEDT32,
jaeb can't change value....
I don't want to execute REGEDT32.
How can I do that?
jaeb can change registry value..
But If I don't execute REGEDT32,
jaeb can't change value....
I don't want to execute REGEDT32.
How can I do that?
I use the above snippet to adjust the registry rights on NT/W2k during an InstallShield setup, and it works for me...
ASKER
Can I adjust registry right in InstallShield???
How Can I??
If it is possible, every problem will solve..
How Can I??
If it is possible, every problem will solve..
This Q is answered
ASKER
What I want to know is how to do programmatically...
I already tried to test using RegSetKeySecurity().
But This don't work...
A below is my code.
-------------------
HKEY hKey;
SECURITY_DESCRIPTOR SecurityDescriptor;
if(RegOpenKeyEx(HKEY_LOCAL
::MessageBox(NULL, "Error1", "as", MB_OK);
if(RegSetKeySecurity(hKey,
::MessageBox(NULL, "Error2", "as", MB_OK);
RegCloseKey(hKey);
-------------------------
I saw Error2 messagebox...
How can I use RegSetKeySecurity()?