none
modify Regedit Permissions in Win 10 Pro 64-bit RRS feed

  • Question

  • I found a Win 7 IT Pro discussion that essentially cited (per AAWahoo) Run > psexec -i -d -s c:\windows\regedit.exe as a solution to gaining control over modification of Permissions for registry keys ...

    (FYI - my purpose is rather innocuous, all I'm doing is changing the FriendlyName value of a disk device)

    I tried both psexec & psexec64, with and without quotes around the target path, however, all of these failed to open Regedit as expected ... or allow Regedit Permissions changes ...

    i.e.

    C:\Users\<my Admin account>\Downloads\Microsoft\PsExec v2.11\PSTools\psexec -i -d -s c:\windows\regedit.exe

    C:\Users\<my Admin account>\Downloads\Microsoft\PsExec v2.11\PSTools\psexec64 -i -d -s c:\windows\regedit.exe

    C:\Users\<my Admin account>\Downloads\Microsoft\PsExec v2.11\PSTools\psexec -i -d -s "c:\windows\regedit.exe"

    C:\Users\<my Admin account>\Downloads\Microsoft\PsExec v2.11\PSTools\psexec64 -i -d -s "c:\windows\regedit.exe"

    I have toyed around with adding users / changing ownership / modifying Permissions for:

    'HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WD_My_Bo&Prod_ok\5&2c956c21&0&000000'

    without success ... there must be a simpler way of gaining Full Control Permission (by the sole member of the Administrators group) of an individual key than the psexec approach ...

    Thanks for any help offered, K_Mc


    Thursday, February 16, 2017 9:42 PM

All replies

  • there must be a simpler way of gaining Full Control Permission (by the sole member of the Administrators group) of an individual key than the psexec approach ...


    See what you can do with  Enter-PSSession

    PS>(Get-Help Enter-PSSession).Description | Out-string -width '80'
    The Enter-PSSession cmdlet starts an interactive session with a single remote
    computer. During the session, the commands that you type run on the remote
    computer, just as if you were typing directly on the remote computer. You can
    have only one interactive session at a time.



    Robert Aldwinckle
    ---

    Friday, February 17, 2017 4:42 AM
  • OK, got Full Control Permissions in regedit by:

    - right-clicking on (Start /) Windows (button) and opening a 'Command Prompt (Admin)' window ...

    - then changing directories ('cd') to where PsExec64.exe was extracted to by me ...

    <begin C & P from 'Administrator: Command Prompt' window>

    Microsoft Windows [Version 10.0.14393]
    (c) 2016 Microsoft Corporation. All rights reserved.

    C:\Windows\system32>cd C:\Users\<my Admin account>\Downloads\Microsoft\PsExec v2.11\PSTools

    C:\Users\<my Admin account>\Downloads\Microsoft\PsExec v2.11\PSTools>psexec64 -i -d -s "c:\windows\regedit.exe"

    PsExec v2.2 - Execute processes remotely
    Copyright (C) 2001-2016 Mark Russinovich
    Sysinternals - www.sysinternals.com

    c:\windows\regedit.exe started on LENOVO_P70_W10P with process ID 8524.

    C:\Users\<my Admin account>\Downloads\Microsoft\PsExec v2.11\PSTools>

    <end C & P from 'Administrator: Command Prompt' window>

     ... 'regedit' opens and I was able to navigate to registry keys:

    'HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WD_My_Bo&Prod_ok\5&2c956c21&0&000000' & ' ... 5&2c956c21&0&000100'

     ... and edit the 'Value data:' in the 'Value name:' 'FriendlyName' from 'WD My Bo ok SCSI Disk Device' to 'WD My Book SCSI Disk Device' for two identical disk devices with untidy mfgr f/w entries.

    Remember, you have opened regedit in the SYSTEM account and can do a lot of damage if you don't know what you're doing or are careless.  BE CAREFUL.

    FFF

    Friday, February 17, 2017 5:30 AM
  • Hi Kevin L. McIntosh,

    As far as I know, the "Psexec" tool is mainly a tool to like Telnet and remote control programs to let you excute programs on remote system. I not sure why you want to use this tool.
    Anyway, I tried to use that tool to open the registry key successfully. Please run it as administrator.

    " all I'm doing is changing the FriendlyName value of a disk device"
    If the main purpose is to change a disk`s name, we could try "diskpart" command.
    Diskpart
    https://technet.microsoft.com/en-us/library/cc766465(v=ws.10).aspx

    For changing the permission of the registry key, we could try "subacl" tool. I have tested that tool on Windows 10. It could work well.
    For example:"subinacl.exe /subkeyreg HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WD_My_Bo&Prod_ok\5&2c956c21&0&000000".

    Here is the tool:

    SubInACL (SubInACL.exe)
    https://www.microsoft.com/en-us/download/details.aspx?id=23510

    Here is a link for reference:

    Solving setup errors by using the SubInACL tool to repair file and registry permissions
    https://blogs.msdn.microsoft.com/astebner/2006/09/04/solving-setup-errors-by-using-the-subinacl-tool-to-repair-file-and-registry-permissions/

    Best regards


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, February 17, 2017 6:01 AM
    Moderator