Solved

RegUnLoadKey Fails with error code 1314 even with correct privs

Posted on 2009-04-05
5
1,120 Views
Last Modified: 2013-12-14
Hello,

I have a function that successfully grants me the SeRestorePrivilege and SeBackupPrivilege privileges.
 I can successfully load an offline registry hive with the following code:

hiveLoaded = RegLoadKey(HKEY_LOCAL_MACHINE, L"ABOH_HIVE", L"H:\WINDOWS\system32\config\software");

and then I revoke the privileges, without errors.

Next, I grant myself the same privileges, and try to unload the registry hive, as follows:

hiveUnloaded = RegUnLoadKey(HKEY_LOCAL_MACHINE, L"ABOH_HIVE");

but it always fails with an error code of 1314, which says that I am lacking some privileges.
I have the same two privileges that I used to load.  According to MS documentation, they
should be all I need, so I am at a loss as to what to try next and would really appreciate
your help.
 

The environment is VS2008 C++, Vista Ultimate 32-bit, and everything is current. I have a solution
that contains two projects: A CLR DLL and a VB.NET application for testing the DLL. Although it
sounds complex, the registry code is in an unmanaged class that I've created.  I have another
managed class, which I am using in a VB.NET application to test this code.  The final product
will be a CLR DLL.  I have enabled adminstrator in the VB.NET manifest.  I don't have a manifest
for the DLL, but I don't think that it needs one. I am running VS2008 as Administrator.
All of this stuff is working properly and is based
upon templates that I've created for mixing managed and unmanaged code.  Help!  :)


Thanks,

Mike
0
Comment
Question by:mjgardne
  • 2
  • 2
5 Comments
 
LVL 39

Accepted Solution

by:
itsmeandnobodyelse earned 500 total points
ID: 24078214
>>>> L"H:\WINDOWS\system32\config\software"
I wonder why that should work? You need double backslashes in the path for  the location.

>>>> and then I revoke the privileges, without errors.
Did you try without revoking priviliges between loading and unloading?

AFAIK, there are security attributes stored with any registry key. I don't know how you do the 'granting' and 'revoking', but if you would revoke some more privileges by accident (e. g. priviliges which were dependent on SeRestorePrivilege and SeBackupPrivilege) then the situation before RegLoadKey and RegUnLoadKey actually is not the same.

If that doesn't help, you might try to have a longer pause between loading and unloading.

Note, the registry has some deferred actions on operations, e. g. a deferred refresh of the cache used for starting new processes. These pending operations could prevent you from unloading, similar to that you can't delete a file while the  filesystem still has access to it.


0
 
LVL 86

Expert Comment

by:jkr
ID: 24079585
>>Next, I grant myself the same privileges, and try to unload the registry hive

How are you doing that? If you grant privileges to an account, the account needs to log off and back on in order for these privileges to take effect.
0
 

Author Closing Comment

by:mjgardne
ID: 31566712
Wow!  Thank you for your help!  I corrected the file path and then removed the revoking of privs until the end of working on the hive... and all is well!  So, I think that the issue is probably what you've mentioned...  In my test code, I loaded and then immediately unloaded the hive, which may have been happening too quickly.  Anyway, my application will work properly with these changes.  Thanks again for your help!

Mike
0
 

Author Comment

by:mjgardne
ID: 24081997
Oh, by the way...  When I only changed the fle path, it did not affect this issue, but it did affect what was loaded into the hive.  With the incorrect path, the key was made in the hive, but no subkeys were loaded from the file.  With the correct path, the key and subkeys were properly loaded.
0
 
LVL 39

Expert Comment

by:itsmeandnobodyelse
ID: 24082171
>>>> With the incorrect path, the key was made in the hive

Yes, the key was the only information left when loading from file failed ...

I am glad that I could have helped ;-)

Regards, Alex
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
GUI: DIalog Stacking and Popping in MS C++ 4 65
How to debug Angular JS in Visual Studio 2013 2 110
sumHeights  challenge 17 66
unix example issues 18 75
With most software applications trying to cater to multiple user needs nowadays, the focus is to make them as configurable as possible. For e.g., when creating Silverlight applications which will connect to WCF services, the service end point usuall…
A theme is a collection of property settings that allow you to define the look of pages and controls, and then apply the look consistently across pages in an application. Themes can be made up of a set of elements: skins, style sheets, images, and o…
The viewer will learn how to use and create new code templates in NetBeans IDE 8.0 for Windows.
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now