?
Solved

Accessing another user registry on Win2k prof.

Posted on 2003-02-28
13
Medium Priority
?
700 Views
Last Modified: 2013-12-04
I have a Win2k prof. stand-alone PC with 3 users (A, B and C) and me (D) as the admin. I want to modify A's registry values while being logged in as D (admin). How can I do that?

That is, how can I edit another user's registry (the equivalent on my own HKEY_CURRENT_USER hive)?

This, for instance, to forbid only user A to run program foo.exe. Or to lock only user A's desktop bitmap, etc.
0
Comment
Question by:dncmrc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
  • +3
13 Comments
 
LVL 9

Expert Comment

by:MSGeek
ID: 8042903
You would not accomplish this through policy modifications directly, but through a local security policy.  Start - Settings - Control Panel - Administrative Tools - Local Security Policy. There are a number of templates that may be imported here.

You may want to read this KB article so your changes do not apply to the administrator: http://support.microsoft.com/default.aspx?scid=kb;en-us;293655
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 150 total points
ID: 8042944
Fairly easy
1. run RegEdt32
2. select the HKEY_USERS window
3. select Registry>>Load Hive
4. navigate to c:\documents and settings\<username>
5. select ntuser.dat (you may need to use the "show hidden files" and "show system files" options in folder setup, or you can just type it into the box
6. give it a key name of <username>
7. repeat for the other user

HKEY_USERS should now have an extra two entries in the root - which are your two user's HKEY_CURRENT_USER hives.
0
 
LVL 2

Expert Comment

by:NEOsporin
ID: 8045923
open "regedit" or even "regedt32" for regedt32 go to Registry, select computer, either navigate to it, or type \\computername or even \\IP_of_remote_pc. If your logged in as admin that will be no problem. for "regedit" go to Registry, connect to remote registry. Then you just navigate down the registry as if you were on your own machine, settings are changed and added just the same.
-NEO
0
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

 
LVL 9

Expert Comment

by:MSGeek
ID: 8047616
NEOsporin.. your losing your touch  :)  Read his question again.  It's one workstation :)
0
 
LVL 7

Expert Comment

by:Goldwing
ID: 8050531
/me is looking at NEOsporin, and thinking... this is why your parents said... "stay off the booze"
0
 
LVL 7

Expert Comment

by:Goldwing
ID: 8050534
<grin>
0
 
LVL 1

Expert Comment

by:NT_XP_Godfather
ID: 8051007
MSGeek is right. Your only way out is a template. Unfortunately the template is native to Windows XP but not Windows 2000. I am not sure if copying the Reg keys from Windows XP registry to a Win2K registry would help.
Also, I have used the appsec.exe utility from the resource kit on a windows 2000 server but not workstation. You may want to give that a try also.
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8052050
NT_XP_Godfather..

>> Unfortunately the template is native to Windows XP but not Windows 2000

FYI, XP policy templates (adm files) are fully backward compatible with Win2k.
0
 
LVL 2

Expert Comment

by:NEOsporin
ID: 8053095
Yeah- i didn't have my coffee... oops. Next Time Gadget...Next time.
-NEO
0
 

Author Comment

by:dncmrc
ID: 8055401
Thanks Dave. And then I guess SaveAs...NTUSER.DAT.
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8057038
dncmrc.. Dave definitely provided the direct response too your question, I am just curious as to whether a local security policy would have accomplished what you are attempting to do?  I know for the examples you cited it would, perhaps there are other tasks you are trying to accomplish?
0
 

Author Comment

by:dncmrc
ID: 8062513
MSGeek, in my understanding local security policy allows only for a admin. vs all_other_users dichotomy. What I am looking for is a user_by_user differentiation.

I want to prevent just one of my "users" (i.e. kids) to run mIRC and hang there for hours every day. I want also to configure for the same "user" the Poweroff utility (http://users.pandora.be/jbosman/applications.html) to limit his logon time.
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8064235
Thanks for the great feedback.  I recently configured policies for a large school district so I know what your up against.  Best of luck, hopefully you can get them on a domain where you can afford seperate policies for Technicians, Adults and Students.
0

Featured Post

Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses
Course of the Month12 days, 13 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question