?
Solved

registry editor could not set secuirty in the key currently selected, or some of its subkeys

Posted on 2012-03-19
6
Medium Priority
?
3,032 Views
Last Modified: 2016-11-23
I have a Dell Latitude XT2 tablet that I am trying to put Symantec Endpoint Full Disk Encryption on.
After Install and restart I get an error that says " cannot export settings to client database from settings" and " update settings failed please contact administrator".

I contacted Support at Symantec and they said the issue was that I needed to do the following
1.      Right click on HKLM\SOFTWARE\Encryption Anywhere, select Permissions.
2.      Click the Advanced button.
3.      Make sure "Inherit from parent..." and "Replace permission entries..." are checked.
4.      Click the Apply button.
5.      Respond "Yes" to question "This will remove explicitly defined permissions on all child objects..."
6.      Click OK twice.
 When I try to change thie key I get the following error.
registry editor could not set secuirty in the key currently selected, or some of its subkeys

Can anyone help me fix this problem.
0
Comment
Question by:Randy Madej
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 10

Expert Comment

by:CSI-Windows_com
ID: 37738427
Try Setacl.exe - you can list permissions and perhaps see if there are some keys that even admins are locked out of.

At the very least you could set permissions on everything else using the "-ignoreerr"  switch.

http://helgeklein.com/setacl/documentation/command-line-version-setacl-exe/
0
 

Author Comment

by:Randy Madej
ID: 37738991
I installed setacl.exe  On the interface  I can not find where to set The Replace all child object permissions with inheritable permissions from this object.

I ran this SetACL.exe -on c:\Windows -ot file -actn list from the command line and the run window with no luck.
0
 
LVL 10

Assisted Solution

by:CSI-Windows_com
CSI-Windows_com earned 1500 total points
ID: 37739198
If you need to restore default permissions to the entire OS - you can use the subsystem that does this during an actual workstation build.

Here is the command:

secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose

And here are some more details: http://support.microsoft.com/kb/313222
0
Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

 

Author Comment

by:Randy Madej
ID: 37739442
The use of “secedit /configure” to import the default security template, dfltbase.inf, is unsupported nor is it a viable method to restore default security permissions on Windows Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2 computers.

Beginning with Windows Vista, the method to apply the security during operating system setup changed. Specifically, security settings consisted of settings defined in deftbase.inf augmented by settings applied by the operating installation process and server role installation. Because there is no supported process to replay the permissions made by the operating system setup, the use of the “secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose” command line is no longer capable of resetting all security defaults and may even result in the operating system becoming unstable.
0
 
LVL 10

Accepted Solution

by:
CSI-Windows_com earned 1500 total points
ID: 37739472
Sorry about that!  The rest of the article details "icacls /restore" and the other commands required to restore your configuration.
0
 

Author Comment

by:Randy Madej
ID: 37766073
Icacls/restore did not work either. I ended up reloading the machine from scratch.

Thank you for trying .
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question