Command line tool for Restricting Registry hive in windows Vista?

  • Thread starter Thread starter ashapadmanabhan
  • Start date Start date
A

ashapadmanabhan

Hi,

Please tell me whether any command line tool available for restricting
users from accessing registry hive in windows Vista.

Before I was using Subinacl.exe for windows XP. The following registry
hive is specified with subinacl to restrict registry from users.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon" /revoke="USERS" .

The same registry hive I want to restrict in Windows Vista.
I have used Icacls for folder restrictions.
Please let me know is there any tool available for registry
restrictions through command line.

Thanks in Advance,
Regards,
Asha.
 
There is really no need to do this on Windows Vista. From the root of HKM,
only SYSTEM and local administrators have full access; everyone else has
read-only access. Removing read-only access will put the system in an
unsupported state -- meaning we haven't tested this configuration, and can't
predict how the computer will behave.

Also, you say that you've used lcacls for folder restriction. What changes
have you made? Again, there is no reason to change the default ACLs; doing
so will create the same potential problems for you.
 
Back
Top