Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Remote Reg Editing

Status
Not open for further replies.
Boxalld

Boxalld

Technical User
Apr 20, 2004
42
GB
Guys,
Were currently putting together a GPO to lock down a bunch of servers. Currently the design is to lock down the reg and open up where needed. A suggestion was made to unlock reg and stop the regedit and regedt32 tools from working, however this was done and people could still connect remotely to the reg and edit it...

Is there a way to keep the reg open and stop people from attaching remotely and editing the reg????
 
Sort by date Sort by votes
Have you tried disabling the Remote Registry service (it can be set in group policy). This will disable users ability to remotely connect to registries on other machines. Hope this helps.
 
Upvote 0 Downvote
Will this not cause problems with apps ????
 
Upvote 0 Downvote
Has no bearing on apps. If you read the description, if this service is stopped only users local to the machine can modify the registry and not remote users.
 
Upvote 0 Downvote
That isn't strictly true and you will need to test this. Any utilities that you use to collect remote configuration information 'may' not work. We found that Netdiag didn't work and we couldn't remotly deploy the Netsupport RDP package after disabling this service.





When you are the IT director, it's your job to make sure the IT works. If it does work they know already and if it doesn't, they don't want to hear your pathetic excuses.
 
Upvote 0 Downvote
If you are deploying a package, it should be able to run with administrative privileges on the machine that it's being pushed to and the registry changes as far as I know are being run local to the machine (and not remotely)
I haven't run a test with Netdiag, but it sounds strange that disabling Remote Registry would have a bearing on successfully running this util.
I'll concur with porkchopexpress, the only way to know is to test it in your environment.
 
Upvote 0 Downvote
Netsupport a bit like some versions of VNC are deployed on demand via RPC they aren't packages that are deployed by GPO they seem to require remote registry. I took me a while to figure that out as i didn't use them for a while after disabling the service.

Most things should continue to work just fine.





When you are the IT director, it's your job to make sure the IT works. If it does work they know already and if it doesn't, they don't want to hear your pathetic excuses.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
519
MaioMaio
MaioMaio
StevenFromSouth
  • Locked
  • Question
VPN Connects but cannot access remote network computers or folders
Replies
1
Views
321
StevenFromSouth
StevenFromSouth
ADB100
  • Locked
  • Question
Single Windows 7 Ultimate workstation not applying Registry, Drive Map or Printers GPO settings
Replies
1
Views
411
technome
technome
iCDT
  • Locked
  • Question
Remote Desktop Web Access ( No application available)
Replies
2
Views
307
hairlessupportmonkey
hairlessupportmonkey
demetrio
  • Locked
  • Question
Remote Desktop Gateway server is temporarily unavailable
Replies
1
Views
273
technome
technome

Part and Inventory Search

Sponsor

Back
Top