[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

URGENT - FIND REGDMP.EXE

Posted on 2006-04-19
9
Medium Priority
?
6,733 Views
Last Modified: 2011-08-18
Hi All,

Windows keeps eluding to a regdmp.exe utility that can be used with regini to change registry permissions.  500 points to the first one who can find it (or the resource kit).  SEE: http://support.microsoft.com/?kbid=245031


I've already tried http://www.microsoft.com/ntserver/nts/downloads/recommended/ntkit/ but to no avail.

Basically I'm trying to script a way to set local users group (read) and system (full)  to a reg key (call it HKLM for now).  I've found regini, but they don't document a way to add local users group.  So I figured with regdmp I can get the binary number and just throw them in there.  

Thanks.
0
Comment
Question by:Kyle Abrahams
  • 5
  • 3
9 Comments
 
LVL 85

Expert Comment

by:oBdA
ID: 16488847
Instead of regdmp, install the W2k3 Resource Kit Tools (for the help), then the updated version of subinacl.exe (the original is buggy).
Then use subinacl.exe to change the registry permissions; syntax examples are in the ResKit help for subinacl.

Windows Server 2003 Resource Kit Tools
http://www.microsoft.com/downloads/details.aspx?FamilyID=9D467A69-57FF-4AE7-96EE-B18C4790CFFD&displaylang=en

SubInACL (SubInACL.exe)
http://www.microsoft.com/downloads/details.aspx?FamilyID=E8BA3E56-D8FE-4A91-93CF-ED6985E3927B&displaylang=en
0
 
LVL 33

Expert Comment

by:NJComputerNetworks
ID: 16488873
i believe you have to buy the resource kit to get this tool.
0
 
LVL 41

Author Comment

by:Kyle Abrahams
ID: 16500688
oBdA

how do you set inheritance to proprogate?  I'm having a tough time with the tool, but it looks like it's what I need.  

(eg: Permissions -> advanced -> the two checkboxes at the bottom)

Can you give me an example?  

What about to add local users for read only access to a key. (can be hklm or some other key)

thanks very much.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 85

Expert Comment

by:oBdA
ID: 16501616
I don't think you can change the inheritance flags, but you can use /subkeyreg instead of /keyreg if you want the changes to apply to subkeys as well.
So a command like
subinacl.exe /keyreg "HKEY_LOCAL_MACHINE\Software\Acme" /grant=SomeDomain\SomeGroup:R
would give the domain group SomeGroup Read permissions on the Acme key and the subkeys.
And just on case: don't use built-in groups or single user accounts for that; create dedicated groups and assign the permissions to that group.
0
 
LVL 41

Author Comment

by:Kyle Abrahams
ID: 16501635
it's an explicit thing, it's there for a minute, and then it's gone.

Will checkinto it.

0
 
LVL 41

Author Comment

by:Kyle Abrahams
ID: 16501698
Getting an error:

The security structure is invalid?

Trying to add administrator to a group.  (I'm logged in as local admin, but admin doesn't have permissions yet to the key.  I'm trying to add it to the key.)  

EG:

subinacl.exe /keyreg "SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings" /grant=.\Administrators:r

0
 
LVL 85

Accepted Solution

by:
oBdA earned 2000 total points
ID: 16501903
Sorry, syntax error; replace the ":" in front of the permissions with a "="
subinacl.exe /keyreg "SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings" /grant=.\Administrators=r
0
 
LVL 41

Author Comment

by:Kyle Abrahams
ID: 16502360
subinacl.exe /keyreg "SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings" /grant=.\Administrator=R


LookupAccountName : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings:.\administrator 1337 The security ID structure is invalid.

Current object SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings will not be processed


Elapsed Time: 00 00:00:00
Done:        0, Modified        0, Failed        0, Syntax errors        1
Last Syntax Error:WARNING : /grant=.\administrator=r : Error when checking arguments - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
0
 
LVL 41

Author Comment

by:Kyle Abrahams
ID: 16502369
nevermind . . . has to be at group level . . . eg: administrators.

0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question