Restrict access to the registry over the network

By default it is possible to access another computer registry remote. One can control who has remote access to the registry.

Start RegEdt32.exe and create the following registry-value, then select the winreg-key and set the wanted permissions for those who should have remote access:

[HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Control \SecurePipeServers \winreg]
Description = “Registry Server”

Note to access the remote registry service over the network, just open your registry editor, and in the menu select “Registry” -> “Connect Network Registry”

Note Windows 2003 blocks for accessing the registry remotely, to remove this block one have to change permissions for “winreg” to allow “Administrators” to have “Full Control” and give “Local Service” access to “Read”. More Info MS KB555335

More Info MS KB153183
More Info MS KB185873
More Info MS KB310426
More Info MS KB314837