sayadi
asked on
registry editing has been disabled by your administrator
Hi,
I have a domain user (%USER%) that is set as local administration on a specific server(W2K3 R2 std) in my domain.
This user is in a separate OU in the AD. This OU contains a policy that grand the user RDP rights. This works fine.
Now I want the user to be able to edit the registry. Run>regedit
The following error accurse:
"registry editing has been disabled by your administrator"
I have made a new policy for this OU
set:
“Prevent access to registry editing tools” to disable
ran gpupdate & even rebooted the system.
This does not work!
Can anyone help me out?
I have a domain user (%USER%) that is set as local administration on a specific server(W2K3 R2 std) in my domain.
This user is in a separate OU in the AD. This OU contains a policy that grand the user RDP rights. This works fine.
Now I want the user to be able to edit the registry. Run>regedit
The following error accurse:
"registry editing has been disabled by your administrator"
I have made a new policy for this OU
set:
“Prevent access to registry editing tools” to disable
ran gpupdate & even rebooted the system.
This does not work!
Can anyone help me out?
You stated the User is in the OU. Is the server also in this OU? If the Server is in an OU that denies editing registry via the Computer Configuration of Group Policy then in the case of conflicting policies Computer Configuration takes precedence over User Policy.
Check higher GP objects, because if registry editing is disabled there it gets preference.
In case you have it disabled on root domain GP object you should filter this GP for admins to be able to edit registry.
In case you have it disabled on root domain GP object you should filter this GP for admins to be able to edit registry.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Under %myDomain.local% there is a OU for the server & a OU for the users on both OU's now I have set this policy and it still does not work!
ASKER
The only other policy that is implemented is to prevent the user from a shutdown. they can only logout.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
try to set a new ou and disable enharit
ASKER
It was a confilicting Policy