Remove From My Forums

Registry editing has been disabled by your Administrator

Question
0

Sign in to vote

Win7 Enterprise edition.
64Bit.
In a workgroup setting.
Logged in as local ADMIN.

GPO SETTING - USER CONFIGURATION/Administrative Templates/System - Prevent Access to Registry Editing Tools
Prevent Access to the Registry is ENABLED
Disable regedit from running silently? Is set to NO.

I have a batch file that looks like this below. It is a tool that we use to support the NBC software in use in over a 1000 computers some on a domain some off.
----------------------------------------------------------------------------------------------------------------------------------------------

@echo off
cls
echo NBC values:
REM note: "findstr ." removes blank lines
REG QUERY "HKLM\System\NBC\Software\CurrentConfig" /s | find /v "REG.EXE" | findstr .

echo Done.
pause
-----------------------------------------------------------------------------------------------------------------------------------------------

This BAT file worked without any issues in XP using the settings at the top BUT in Win7 I receive the message "Registry editing has been disabled by your Administrator" message.

By setting the GPO setting to "Not Configured" the BAT file works but we do not want to give users any access to the Registry.

Why does the /s setting not work in Win7 but works in XP?

Monday, February 24, 2014 5:22 PM

Answers

0

Sign in to vote
Hi,

I think I confused Computer Configuration with User Configuration in XP, so yes, this policy does exist in Windows XP, sorry for my negligence.

And I am still confused with the silent switch you mentioned, do you mean the /s in the following command

REG QUERY "HKLM\System\NBC\Software\CurrentConfig" /s | find /v "REG.EXE" | findstr .

It doesn’t mean a silent switch but specifies to query subkeys

/s

-------Specifies to query all subkeys and value names recursively.

You can find detailed information in this link:

Reg query

http://technet.microsoft.com/en-us/library/cc742028.aspx

To silently run the .reg file (with the /s switch) from a login script batch file, use the following syntax:

regedit.exe /s path of .reg file

so I suggest you re-edit the bat file use the above syntax for a test.

Regards
Yolanda Zhu
TechNet Community Support
- Marked as answer by BG_CSD Thursday, February 27, 2014 3:08 PM
Wednesday, February 26, 2014 2:00 AM

All replies

0

Sign in to vote
Hi,

As a workaround, you can use the runas command to use another user to launch the bat file

Runas

http://technet.microsoft.com/en-us/library/cc771525.aspx

Yolanda Zhu
TechNet Community Support
- Edited by Yolanda Zhu Wednesday, February 26, 2014 2:03 AM wrong information in the original reply
Tuesday, February 25, 2014 8:25 AM
0

Sign in to vote

This is what I have in our current XP machines:

And this is what I have with our current Win7 Image:

I noticed that the verbiage is different. "Disable the command prompt script processing also?" versus "Disable regedit from running silently"

So this is where I am confused. Yes prevent access to registry editing tools BUT should Disable regedit from running silently, set to NO, allow regedit.exe to run just using the silent switch???

Thanks.

Tuesday, February 25, 2014 4:37 PM
0

Sign in to vote
Hi,

I think I confused Computer Configuration with User Configuration in XP, so yes, this policy does exist in Windows XP, sorry for my negligence.

And I am still confused with the silent switch you mentioned, do you mean the /s in the following command

REG QUERY "HKLM\System\NBC\Software\CurrentConfig" /s | find /v "REG.EXE" | findstr .

It doesn’t mean a silent switch but specifies to query subkeys

/s

-------Specifies to query all subkeys and value names recursively.

You can find detailed information in this link:

Reg query

http://technet.microsoft.com/en-us/library/cc742028.aspx

To silently run the .reg file (with the /s switch) from a login script batch file, use the following syntax:

regedit.exe /s path of .reg file

so I suggest you re-edit the bat file use the above syntax for a test.

Regards
Yolanda Zhu
TechNet Community Support
- Marked as answer by BG_CSD Thursday, February 27, 2014 3:08 PM
Wednesday, February 26, 2014 2:00 AM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

Registry editing has been disabled by your Administrator

Question

Answers

All replies