Link to home
Start Free TrialLog in
Avatar of Pau Lo
Pau Lo

asked on

SAM and SYSTEM hive

With local  ladmin rights - can the admin copy the SAM and SYSTEM registry hives from a windows server? If not how can copies be obtained?
ASKER CERTIFIED SOLUTION
Avatar of Joseph Daly
Joseph Daly
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Pau Lo
Pau Lo

ASKER

I wondered if ntbackup would work
SOLUTION
Avatar of Ashok Dewan
Ashok Dewan
Flag of India image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Ashok Dewan
Ashok Dewan
Flag of India image
sorry you also cannot copy registry hives.
Avatar of Joseph Daly
Joseph Daly
Flag of United States of America image
Another option you can try is this.

1. Create a restore point.
2. Open C:\System Volume Information\_restore{0145FC50-D40A-42A0-A56A-275EF2B2493B} folder and locate the latest restore folder starting with RP**.
3. In RP** folder, open snapshot folder. Where u can find all 5 OS hives restored.

Original posting here.
http://www.firewall.cx/ftopicp-21828.html
SOLUTION
Avatar of nobus
nobus
Flag of Belgium image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Pau Lo
Pau Lo

ASKER

Its a live (v important server) so powering it down is out the equation or taking drives out.

I am suprised you cant just ntbackup the config folder :( then access them from a restored backup