Solved

Need a script to change the value of Registry Dword

Posted on 2014-02-19
7
1,122 Views
Last Modified: 2014-02-25
I am looking for a script to modify the Reg_Dword value for the following registry Key as 2:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Lsa\restrictanonymous
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Lsa\restrictanonymoussam

Thnx
0
Comment
Question by:jmohan0302
  • 4
  • 3
7 Comments
 
LVL 83

Accepted Solution

by:
oBdA earned 500 total points
ID: 39871702
Plain batch (save as Whatever.cmd); and the correct key btw is ...\CurrentControlSet\Control\Lsa:
reg.exe add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa" /v "restrictanonymous" /t REG_DWORD /d 2 /f
reg.exe add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa" /v "restrictanonymoussam" /t REG_DWORD /d 2 /f

Open in new window

0
 

Author Comment

by:jmohan0302
ID: 39872326
I ran the above command, but the value didnt change....
Also want to know how to do this by vbscript
Thnx
0
 
LVL 83

Expert Comment

by:oBdA
ID: 39872552
Works just fine here. Any error message?
Note that as this is in HKLM, you need to run this elevated if UAC is active.
What's the output of
reg.exe query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa"

Open in new window

0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 

Author Comment

by:jmohan0302
ID: 39872981
Below is the output of the reg query, you could see the value of DWORD is not changed. Thnx

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\Mohan>cd\

C:\>reg.exe query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
    auditbaseobjects    REG_DWORD    0x0
    auditbasedirectories    REG_DWORD    0x0
    crashonauditfail    REG_DWORD    0x0
    fullprivilegeauditing    REG_BINARY    00
    Bounds    REG_BINARY    0030000000200000
    LimitBlankPasswordUse    REG_DWORD    0x1
    NoLmHash    REG_DWORD    0x1
    Notification Packages    REG_MULTI_SZ    DPPassFilter\0scecli
    Security Packages    REG_MULTI_SZ    kerberos\0msv1_0\0schannel\0wdigest\0ts
pkg\0pku2u
    Authentication Packages    REG_MULTI_SZ    msv1_0
    LsaPid    REG_DWORD    0x270
    SecureBoot    REG_DWORD    0x1
    ProductType    REG_DWORD    0x6
    disabledomaincreds    REG_DWORD    0x0
    everyoneincludesanonymous    REG_DWORD    0x0
    forceguest    REG_DWORD    0x0
    restrictanonymous    REG_DWORD    0x0
    restrictanonymoussam    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache

C:\>
0
 
LVL 83

Expert Comment

by:oBdA
ID: 39873203
Any error message when running the "reg add" commands?
Did you run the "reg add" commands from an elevated prompt?
0
 

Author Comment

by:jmohan0302
ID: 39873573
No error message. Yes ran from elevated command prompt
0
 
LVL 83

Expert Comment

by:oBdA
ID: 39873615
Can you please repost the exact command you ran to set the values?
Note that in your question, you had an incorrect registry path; check if the values appear directly under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Lsa (note that there's no key "Control" between "CurrentControlSet" and "Lsa"). If so, correct the path and try again.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Over the years I have built up my own little library of code snippets that I refer to when programming or writing a script.  Many of these have come from the web or adaptations from snippets I find on the Web.  Periodically I add to them when I come…
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
Learn the basics of if, else, and elif statements in Python 2.7. Use "if" statements to test a specified condition.: The structure of an if statement is as follows: (CODE) Use "else" statements to allow the execution of an alternative, if the …
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now