locked
Restrict .exe through Icacls RRS feed

  • Question

  •  

    Hi,

     

    I want to restrict users, from accessing regedt32.exe.

    How can I specify using Icacls.exe.

     

    Thanks in Advance,

    Regards,

    Asha

    Friday, October 10, 2008 12:38 PM

Answers

  •  

    Hi Asha, I'd like to inform you that icacls cannot be used on registry entry. If you want to set permission on registry keys, we can use regini. For detailed information, please check the following KB article:

     

    How to Use Regini.exe to Set Permissions on Registry Keys

    http://support.microsoft.com/kb/237607

     

    If you want to block the access to regedit, we can try the following command:

     

    Code Snippet
    icacls C:\Windows\system32\regedt32.exe /deny *SID:(R,RC)

     

     

     

    You can also user other suffix instead of (R,RC).   

    Tuesday, October 14, 2008 6:34 AM
    Moderator

All replies

  •  

    Hi Asha, if you want to prevent user from using regedit32.exe, you can install Windows SteadyState on the computer, select the user, then add regedit32.exe to block program list. You can download latest version of Windows SteadyState via the link:

     

    http://www.microsoft.com/downloads/details.aspx?familyid=D077A52D-93E9-4B02-BD95-9D770CCDB431&displaylang=en

     

    Hope this helps!

    Monday, October 13, 2008 9:28 AM
    Moderator
  • Thank you for your reply Sean Zhu.

     

    I want to do it through command line.

     

    I did in the following way:

     

    I have taken the ownership of the folder using Takeown.exe command, and then I run Icacals.exe command to deny the permission of the regedit32.exe.

     

    It worked. But I am not sure whether I Can use this.

     

    I tried this just few minutes before, but I dont know whether it is right or wrong.

     

    Please give your guidance.

     

    Thanks in Advance,

    Regards,

    Asha

     

    Monday, October 13, 2008 9:51 AM
  •  

    Hi Asha, I'd like to inform you that icacls cannot be used on registry entry. If you want to set permission on registry keys, we can use regini. For detailed information, please check the following KB article:

     

    How to Use Regini.exe to Set Permissions on Registry Keys

    http://support.microsoft.com/kb/237607

     

    If you want to block the access to regedit, we can try the following command:

     

    Code Snippet
    icacls C:\Windows\system32\regedt32.exe /deny *SID:(R,RC)

     

     

     

    You can also user other suffix instead of (R,RC).   

    Tuesday, October 14, 2008 6:34 AM
    Moderator