none
UNC Hardened Paths - No Registry Entries

    Question

  • reference: https://support.microsoft.com/en-us/kb/3000483 

    I am trying to determine under what circumstances the UNC Hardened Paths GPO would not leave registry entries corresponding to the enabled paths.

    Context:

    I have applied the recommended minimum settings and enforced the GPO of UNC Hardened Paths (with the \\*\SYSVOL, \\*\NETLOGON) paths.

    For some hosts, I will see registry entries under HKLM/SOFTWARE/Policies/Microsoft/Windows/NetworkProvider/HardenedPaths corresponding to both of the set hardened paths.

    Unfortunately for a large number of hosts (primarily Windows 7 SP1) I see no registry entries, despite the GPO showing up in their resultant set of policy.

    I am trying to use these registry entries to validate that the GPO is applying successfully/that the hardened paths have actually been enabled, but I cannot figure out why some hosts would not have the registry entries.

    If anyone has any info/insight I would much appreciate it.

    Wednesday, August 31, 2016 2:55 PM

Answers

  • Hi,

    For some hosts, I will see registry entries under HKLM/SOFTWARE/Policies/Microsoft/Windows/NetworkProvider/HardenedPaths corresponding to both of the set hardened paths.

    Unfortunately for a large number of hosts (primarily Windows 7 SP1) I see no registry entries, despite the GPO showing up in their resultant set of policy.

    >>>Do you mean that there is no HardenedPaths entry in registry?

    If yes, according to my test, you need install KB 3000483 for Windows 7.

    For more information about KB 300483 for different Windows OS, please refer to the article below.

    Microsoft Security Bulletin MS15-011 – Critical

    https://technet.microsoft.com/en-us/library/security/ms15-011.aspx?f=255&MSPPError=-2147217396

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, September 02, 2016 8:28 AM
    Moderator

All replies

  • Hi,

    Thanks for your post.

    I am testing for the thread. I will post my reply as soon as possible.

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, September 01, 2016 1:49 PM
    Moderator
  • Hi,

    For some hosts, I will see registry entries under HKLM/SOFTWARE/Policies/Microsoft/Windows/NetworkProvider/HardenedPaths corresponding to both of the set hardened paths.

    Unfortunately for a large number of hosts (primarily Windows 7 SP1) I see no registry entries, despite the GPO showing up in their resultant set of policy.

    >>>Do you mean that there is no HardenedPaths entry in registry?

    If yes, according to my test, you need install KB 3000483 for Windows 7.

    For more information about KB 300483 for different Windows OS, please refer to the article below.

    Microsoft Security Bulletin MS15-011 – Critical

    https://technet.microsoft.com/en-us/library/security/ms15-011.aspx?f=255&MSPPError=-2147217396

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, September 02, 2016 8:28 AM
    Moderator
  • Hi Jay,

    Thanks for the response!

    The KB had already been installed, which was adding to my confusion as to why the registry entries would not show (despite being in the RSoP).

    Still trying to figure this one out :/

    Monday, September 12, 2016 6:01 PM