Reg command

Found it. XP does not contain Network access: Remotely accessible registry
paths and subpaths. So this is probably blocking me. So if I understand
this correctly, this list provides which keys can be editted when you load a
hive. When a user's hive is loaded (NTUSER.DAT), is it then scanned to see
if there isn't anything violating the list? If so, you get access denied?

"Spenceation" wrote:

> Go to Local Policies then Security Options. the User Rights Assignment folder
> will assign rights to users and Security Options enables or disables computer
> security settings.
>
> "Mike" wrote:
>
> > Not to be dense here but I can't find Computer Configuration\Windows
> > Settings\Security Settings\Network Access Protection
> >
> > Under Security Settings
> > -Account Policies
> > -Local Policies
> > -Windows Firewall with Advanced Security
> > -Public Key Policies
> > -Software Restriction Policies
> > -IP Security Policies on Local Computer
> >
> > What am I missing?
> >
> >
> > "Spenceation" wrote:
> >
> > > Are you trying to load this hive over the network? Vista does restrict
> > > certain registry paths from being editted remotely.
> > >
> > > System\CurrentControlSet\Control\Print\Printers
> > > System\CurrentControlSet\Services\Eventlog
> > > Software\Microsoft\OLAP Server
> > > Software\Microsoft\Windows NT\CurrentVersion\Print
> > > Software\Microsoft\Windows NT\CurrentVersion\Windows
> > > System\CurrentControlSet\Control\ContentIndex
> > > System\CurrentControlSet\Control\Terminal Server
> > > System\CurrentControlSet\Control\Terminal Server\UserConfig
> > > System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
> > > Software\Microsoft\Windows NT\CurrentVersion\Perflib
> > > System\CurrentControlSet\Services\SysmonLog
> > >
> > > These paths are allowed to be remotely accessible and their sub-paths. These
> > > settings are stored in the security settings of group poilicy under:
> > > Network Access: Remotely accessible registry paths and sub-paths
> > > Since the machines share the same OU try running a Result of Policies to see
> > > if any settings differ. Also open Regedit and right click on the hive that
> > > you are editting and select permissions. The default permissions might be
> > > different on this machine due to the OUs or other reasons. If your account
> > > has permissions and you are locally logged in, you should be able to edit the
> > > registry without error.
> > >
> > >
> > > "Mike" wrote:
> > >
> > > > Same result.
> > > >
> > > > I think it has something to do with a policy from somewhere. What I mean.
> > > > I have a Vista and XP machine in the same OU with the same policy being
> > > > applied to them both. I can load a registry hive under XP but not Vista. I
> > > > then made a RDP connection to a Vista machine off our domain. Opened Regedit
> > > > and repeated the same steps and I can load the registry hive. Do you think
> > > > it has anything to do with a trusted path that Vista looks at more closely
> > > > than XP did?
> > > >
> > > > "dean-dean" wrote:
> > > >
> > > > > For lack of a better idea, try this. Navigate to C:\Windows\ and
> > > > > right-click on regedit.exe. Choose Run as Administrator.
> > > > >
> > > > >
> > > > > "Mike" <Mike@discussions.microsoft.com> wrote in message
> > > > > news:C83D2887-F1A2-4CF1-9008-C7F155E09582@microsoft.com...
> > > > > > UAC is turned off
> > > > > >
> > > > > > "Spenceation" wrote:
> > > > > >
> > > > > >> Try running this command with the actual administrator account, this
> > > > > >> account
> > > > > >> bypasses alot of UAC and vista restrictions.
> > > > > >>
> > > > > >> "Mike" wrote:
> > > > > >>
> > > > > >> > I am running this with admin privileges. I turned off UAC as well.
> > > > > >> > This
> > > > > >> > problem is even reproduced with Regedit.
> > > > > >> >
> > > > > >> > Open Regedit and select HKLM
> > > > > >> > Click File and Load Hive
> > > > > >> > Navigate to a NTUSER.DAT file located on a network share
> > > > > >> > Give the key a name and select OK.
> > > > > >> > Access denied.
> > > > > >> >
> > > > > >> > Is this a new security feature with Vista and if so how do you undo it?
> > > > > >> >
> > > > > >> > "Spenceation" wrote:
> > > > > >> >
> > > > > >> > > If you are running this on the command prompt make sure you are using
> > > > > >> > > either
> > > > > >> > > the Run As command, or run the command prompt with admin privlileges.
> > > > > >> > > UAC
> > > > > >> > > will not appear during the command prompt.
> > > > > >> > >
> > > > > >> > > "Mike" wrote:
> > > > > >> > >
> > > > > >> > > > I am trying to load a user hive from a UNC path. When I do this I
> > > > > >> > > > get access
> > > > > >> > > > denied. I can do this from a Windows XP machine. If I copy the
> > > > > >> > > > file locally
> > > > > >> > > > I can the load the hive. What is preventing me from loading it
> > > > > >> > > > through a UNC
> > > > > >> > > > path?
> > > > >
> > > > >

Correct. Any other registry hives will be blocked if it isn't listed or a
sub-path of a hive on that list remotely. If you are applying this to
multiple machines, try one first and then see the results. Hopefully this
will fix it. Let me know, I'm curious if that is what is blocking it.

"Spenceation" wrote:

> Go to Local Policies then Security Options. the User Rights Assignment folder
> will assign rights to users and Security Options enables or disables computer
> security settings.
>
> "Mike" wrote:
>
> > Not to be dense here but I can't find Computer Configuration\Windows
> > Settings\Security Settings\Network Access Protection
> >
> > Under Security Settings
> > -Account Policies
> > -Local Policies
> > -Windows Firewall with Advanced Security
> > -Public Key Policies
> > -Software Restriction Policies
> > -IP Security Policies on Local Computer
> >
> > What am I missing?
> >
> >
> > "Spenceation" wrote:
> >
> > > Are you trying to load this hive over the network? Vista does restrict
> > > certain registry paths from being editted remotely.
> > >
> > > System\CurrentControlSet\Control\Print\Printers
> > > System\CurrentControlSet\Services\Eventlog
> > > Software\Microsoft\OLAP Server
> > > Software\Microsoft\Windows NT\CurrentVersion\Print
> > > Software\Microsoft\Windows NT\CurrentVersion\Windows
> > > System\CurrentControlSet\Control\ContentIndex
> > > System\CurrentControlSet\Control\Terminal Server
> > > System\CurrentControlSet\Control\Terminal Server\UserConfig
> > > System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
> > > Software\Microsoft\Windows NT\CurrentVersion\Perflib
> > > System\CurrentControlSet\Services\SysmonLog
> > >
> > > These paths are allowed to be remotely accessible and their sub-paths. These
> > > settings are stored in the security settings of group poilicy under:
> > > Network Access: Remotely accessible registry paths and sub-paths
> > > Since the machines share the same OU try running a Result of Policies to see
> > > if any settings differ. Also open Regedit and right click on the hive that
> > > you are editting and select permissions. The default permissions might be
> > > different on this machine due to the OUs or other reasons. If your account
> > > has permissions and you are locally logged in, you should be able to edit the
> > > registry without error.
> > >
> > >
> > > "Mike" wrote:
> > >
> > > > Same result.
> > > >
> > > > I think it has something to do with a policy from somewhere. What I mean.
> > > > I have a Vista and XP machine in the same OU with the same policy being
> > > > applied to them both. I can load a registry hive under XP but not Vista. I
> > > > then made a RDP connection to a Vista machine off our domain. Opened Regedit
> > > > and repeated the same steps and I can load the registry hive. Do you think
> > > > it has anything to do with a trusted path that Vista looks at more closely
> > > > than XP did?
> > > >
> > > > "dean-dean" wrote:
> > > >
> > > > > For lack of a better idea, try this. Navigate to C:\Windows\ and
> > > > > right-click on regedit.exe. Choose Run as Administrator.
> > > > >
> > > > >
> > > > > "Mike" <Mike@discussions.microsoft.com> wrote in message
> > > > > news:C83D2887-F1A2-4CF1-9008-C7F155E09582@microsoft.com...
> > > > > > UAC is turned off
> > > > > >
> > > > > > "Spenceation" wrote:
> > > > > >
> > > > > >> Try running this command with the actual administrator account, this
> > > > > >> account
> > > > > >> bypasses alot of UAC and vista restrictions.
> > > > > >>
> > > > > >> "Mike" wrote:
> > > > > >>
> > > > > >> > I am running this with admin privileges. I turned off UAC as well.
> > > > > >> > This
> > > > > >> > problem is even reproduced with Regedit.
> > > > > >> >
> > > > > >> > Open Regedit and select HKLM
> > > > > >> > Click File and Load Hive
> > > > > >> > Navigate to a NTUSER.DAT file located on a network share
> > > > > >> > Give the key a name and select OK.
> > > > > >> > Access denied.
> > > > > >> >
> > > > > >> > Is this a new security feature with Vista and if so how do you undo it?
> > > > > >> >
> > > > > >> > "Spenceation" wrote:
> > > > > >> >
> > > > > >> > > If you are running this on the command prompt make sure you are using
> > > > > >> > > either
> > > > > >> > > the Run As command, or run the command prompt with admin privlileges.
> > > > > >> > > UAC
> > > > > >> > > will not appear during the command prompt.
> > > > > >> > >
> > > > > >> > > "Mike" wrote:
> > > > > >> > >
> > > > > >> > > > I am trying to load a user hive from a UNC path. When I do this I
> > > > > >> > > > get access
> > > > > >> > > > denied. I can do this from a Windows XP machine. If I copy the
> > > > > >> > > > file locally
> > > > > >> > > > I can the load the hive. What is preventing me from loading it
> > > > > >> > > > through a UNC
> > > > > >> > > > path?
> > > > >
> > > > >

I removed the entries from the list. Thinking this would disable the
setting. Same result. I then added back to the list the top most keys of
the hive (AppEvents, Console, Control Panel, Environment, Identities,
Keyboard Layout, Printers, Software, UNICODE Program Groups) and again the
same result. I still don't know if the setting is actually blocking me or
not. I did do a gpupdate /force and restart between changes.

"Spenceation" wrote:

> Correct. Any other registry hives will be blocked if it isn't listed or a
> sub-path of a hive on that list remotely. If you are applying this to
> multiple machines, try one first and then see the results. Hopefully this
> will fix it. Let me know, I'm curious if that is what is blocking it.
>
> "Spenceation" wrote:
>
> > Go to Local Policies then Security Options. the User Rights Assignment folder
> > will assign rights to users and Security Options enables or disables computer
> > security settings.
> >
> > "Mike" wrote:
> >
> > > Not to be dense here but I can't find Computer Configuration\Windows
> > > Settings\Security Settings\Network Access Protection
> > >
> > > Under Security Settings
> > > -Account Policies
> > > -Local Policies
> > > -Windows Firewall with Advanced Security
> > > -Public Key Policies
> > > -Software Restriction Policies
> > > -IP Security Policies on Local Computer
> > >
> > > What am I missing?
> > >
> > >
> > > "Spenceation" wrote:
> > >
> > > > Are you trying to load this hive over the network? Vista does restrict
> > > > certain registry paths from being editted remotely.
> > > >
> > > > System\CurrentControlSet\Control\Print\Printers
> > > > System\CurrentControlSet\Services\Eventlog
> > > > Software\Microsoft\OLAP Server
> > > > Software\Microsoft\Windows NT\CurrentVersion\Print
> > > > Software\Microsoft\Windows NT\CurrentVersion\Windows
> > > > System\CurrentControlSet\Control\ContentIndex
> > > > System\CurrentControlSet\Control\Terminal Server
> > > > System\CurrentControlSet\Control\Terminal Server\UserConfig
> > > > System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
> > > > Software\Microsoft\Windows NT\CurrentVersion\Perflib
> > > > System\CurrentControlSet\Services\SysmonLog
> > > >
> > > > These paths are allowed to be remotely accessible and their sub-paths. These
> > > > settings are stored in the security settings of group poilicy under:
> > > > Network Access: Remotely accessible registry paths and sub-paths
> > > > Since the machines share the same OU try running a Result of Policies to see
> > > > if any settings differ. Also open Regedit and right click on the hive that
> > > > you are editting and select permissions. The default permissions might be
> > > > different on this machine due to the OUs or other reasons. If your account
> > > > has permissions and you are locally logged in, you should be able to edit the
> > > > registry without error.
> > > >
> > > >
> > > > "Mike" wrote:
> > > >
> > > > > Same result.
> > > > >
> > > > > I think it has something to do with a policy from somewhere. What I mean.
> > > > > I have a Vista and XP machine in the same OU with the same policy being
> > > > > applied to them both. I can load a registry hive under XP but not Vista. I
> > > > > then made a RDP connection to a Vista machine off our domain. Opened Regedit
> > > > > and repeated the same steps and I can load the registry hive. Do you think
> > > > > it has anything to do with a trusted path that Vista looks at more closely
> > > > > than XP did?
> > > > >
> > > > > "dean-dean" wrote:
> > > > >
> > > > > > For lack of a better idea, try this. Navigate to C:\Windows\ and
> > > > > > right-click on regedit.exe. Choose Run as Administrator.
> > > > > >
> > > > > >
> > > > > > "Mike" <Mike@discussions.microsoft.com> wrote in message
> > > > > > news:C83D2887-F1A2-4CF1-9008-C7F155E09582@microsoft.com...
> > > > > > > UAC is turned off
> > > > > > >
> > > > > > > "Spenceation" wrote:
> > > > > > >
> > > > > > >> Try running this command with the actual administrator account, this
> > > > > > >> account
> > > > > > >> bypasses alot of UAC and vista restrictions.
> > > > > > >>
> > > > > > >> "Mike" wrote:
> > > > > > >>
> > > > > > >> > I am running this with admin privileges. I turned off UAC as well.
> > > > > > >> > This
> > > > > > >> > problem is even reproduced with Regedit.
> > > > > > >> >
> > > > > > >> > Open Regedit and select HKLM
> > > > > > >> > Click File and Load Hive
> > > > > > >> > Navigate to a NTUSER.DAT file located on a network share
> > > > > > >> > Give the key a name and select OK.
> > > > > > >> > Access denied.
> > > > > > >> >
> > > > > > >> > Is this a new security feature with Vista and if so how do you undo it?
> > > > > > >> >
> > > > > > >> > "Spenceation" wrote:
> > > > > > >> >
> > > > > > >> > > If you are running this on the command prompt make sure you are using
> > > > > > >> > > either
> > > > > > >> > > the Run As command, or run the command prompt with admin privlileges.
> > > > > > >> > > UAC
> > > > > > >> > > will not appear during the command prompt.
> > > > > > >> > >
> > > > > > >> > > "Mike" wrote:
> > > > > > >> > >
> > > > > > >> > > > I am trying to load a user hive from a UNC path. When I do this I
> > > > > > >> > > > get access
> > > > > > >> > > > denied. I can do this from a Windows XP machine. If I copy the
> > > > > > >> > > > file locally
> > > > > > >> > > > I can the load the hive. What is preventing me from loading it
> > > > > > >> > > > through a UNC
> > > > > > >> > > > path?
> > > > > >
> > > > > >

Can you tell me what the error says word for word. And are there any events
that popup in the event viewer? Try loading another NTUser.dat file,
preferably one that is new and almost blank.

"Mike" wrote:

> I removed the entries from the list. Thinking this would disable the
> setting. Same result. I then added back to the list the top most keys of
> the hive (AppEvents, Console, Control Panel, Environment, Identities,
> Keyboard Layout, Printers, Software, UNICODE Program Groups) and again the
> same result. I still don't know if the setting is actually blocking me or
> not. I did do a gpupdate /force and restart between changes.
>
> "Spenceation" wrote:
>
> > Correct. Any other registry hives will be blocked if it isn't listed or a
> > sub-path of a hive on that list remotely. If you are applying this to
> > multiple machines, try one first and then see the results. Hopefully this
> > will fix it. Let me know, I'm curious if that is what is blocking it.
> >
> > "Spenceation" wrote:
> >
> > > Go to Local Policies then Security Options. the User Rights Assignment folder
> > > will assign rights to users and Security Options enables or disables computer
> > > security settings.
> > >
> > > "Mike" wrote:
> > >
> > > > Not to be dense here but I can't find Computer Configuration\Windows
> > > > Settings\Security Settings\Network Access Protection
> > > >
> > > > Under Security Settings
> > > > -Account Policies
> > > > -Local Policies
> > > > -Windows Firewall with Advanced Security
> > > > -Public Key Policies
> > > > -Software Restriction Policies
> > > > -IP Security Policies on Local Computer
> > > >
> > > > What am I missing?
> > > >
> > > >
> > > > "Spenceation" wrote:
> > > >
> > > > > Are you trying to load this hive over the network? Vista does restrict
> > > > > certain registry paths from being editted remotely.
> > > > >
> > > > > System\CurrentControlSet\Control\Print\Printers
> > > > > System\CurrentControlSet\Services\Eventlog
> > > > > Software\Microsoft\OLAP Server
> > > > > Software\Microsoft\Windows NT\CurrentVersion\Print
> > > > > Software\Microsoft\Windows NT\CurrentVersion\Windows
> > > > > System\CurrentControlSet\Control\ContentIndex
> > > > > System\CurrentControlSet\Control\Terminal Server
> > > > > System\CurrentControlSet\Control\Terminal Server\UserConfig
> > > > > System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
> > > > > Software\Microsoft\Windows NT\CurrentVersion\Perflib
> > > > > System\CurrentControlSet\Services\SysmonLog
> > > > >
> > > > > These paths are allowed to be remotely accessible and their sub-paths. These
> > > > > settings are stored in the security settings of group poilicy under:
> > > > > Network Access: Remotely accessible registry paths and sub-paths
> > > > > Since the machines share the same OU try running a Result of Policies to see
> > > > > if any settings differ. Also open Regedit and right click on the hive that
> > > > > you are editting and select permissions. The default permissions might be
> > > > > different on this machine due to the OUs or other reasons. If your account
> > > > > has permissions and you are locally logged in, you should be able to edit the
> > > > > registry without error.
> > > > >
> > > > >
> > > > > "Mike" wrote:
> > > > >
> > > > > > Same result.
> > > > > >
> > > > > > I think it has something to do with a policy from somewhere. What I mean.
> > > > > > I have a Vista and XP machine in the same OU with the same policy being
> > > > > > applied to them both. I can load a registry hive under XP but not Vista. I
> > > > > > then made a RDP connection to a Vista machine off our domain. Opened Regedit
> > > > > > and repeated the same steps and I can load the registry hive. Do you think
> > > > > > it has anything to do with a trusted path that Vista looks at more closely
> > > > > > than XP did?
> > > > > >
> > > > > > "dean-dean" wrote:
> > > > > >
> > > > > > > For lack of a better idea, try this. Navigate to C:\Windows\ and
> > > > > > > right-click on regedit.exe. Choose Run as Administrator.
> > > > > > >
> > > > > > >
> > > > > > > "Mike" <Mike@discussions.microsoft.com> wrote in message
> > > > > > > news:C83D2887-F1A2-4CF1-9008-C7F155E09582@microsoft.com...
> > > > > > > > UAC is turned off
> > > > > > > >
> > > > > > > > "Spenceation" wrote:
> > > > > > > >
> > > > > > > >> Try running this command with the actual administrator account, this
> > > > > > > >> account
> > > > > > > >> bypasses alot of UAC and vista restrictions.
> > > > > > > >>
> > > > > > > >> "Mike" wrote:
> > > > > > > >>
> > > > > > > >> > I am running this with admin privileges. I turned off UAC as well.
> > > > > > > >> > This
> > > > > > > >> > problem is even reproduced with Regedit.
> > > > > > > >> >
> > > > > > > >> > Open Regedit and select HKLM
> > > > > > > >> > Click File and Load Hive
> > > > > > > >> > Navigate to a NTUSER.DAT file located on a network share
> > > > > > > >> > Give the key a name and select OK.
> > > > > > > >> > Access denied.
> > > > > > > >> >
> > > > > > > >> > Is this a new security feature with Vista and if so how do you undo it?
> > > > > > > >> >
> > > > > > > >> > "Spenceation" wrote:
> > > > > > > >> >
> > > > > > > >> > > If you are running this on the command prompt make sure you are using
> > > > > > > >> > > either
> > > > > > > >> > > the Run As command, or run the command prompt with admin privlileges.
> > > > > > > >> > > UAC
> > > > > > > >> > > will not appear during the command prompt.
> > > > > > > >> > >
> > > > > > > >> > > "Mike" wrote:
> > > > > > > >> > >
> > > > > > > >> > > > I am trying to load a user hive from a UNC path. When I do this I
> > > > > > > >> > > > get access
> > > > > > > >> > > > denied. I can do this from a Windows XP machine. If I copy the
> > > > > > > >> > > > file locally
> > > > > > > >> > > > I can the load the hive. What is preventing me from loading it
> > > > > > > >> > > > through a UNC
> > > > > > > >> > > > path?
> > > > > > >
> > > > > > >

Sorry for taking so long to get back to you. The error states: "Cannot Load
\\server\share\folder\NTUSER.DAT: Access is denied"

This is after trying to load the hive. I did use process monitor to see
what was happening and this is what it reports:

28547 8:46:25.4002811 AM reg.exe 4832 RegLoadKey HKLM\test ACCESS DENIED
Hive Path: UNC\Domain\Share\profiles\User\NTUSER.DAT
32293 8:46:26.0527129 AM reg.exe 4832 QuerySecurityFile
\\Domain\Share\Profiles\User\NTUSER.DAT ACCESS DENIED Information: DACL

There are no error messages in the event log

I will try and load another new NTUSER.DAT


"Spenceation" wrote:

> Can you tell me what the error says word for word. And are there any events
> that popup in the event viewer? Try loading another NTUser.dat file,
> preferably one that is new and almost blank.
>
> "Mike" wrote:
>
> > I removed the entries from the list. Thinking this would disable the
> > setting. Same result. I then added back to the list the top most keys of
> > the hive (AppEvents, Console, Control Panel, Environment, Identities,
> > Keyboard Layout, Printers, Software, UNICODE Program Groups) and again the
> > same result. I still don't know if the setting is actually blocking me or
> > not. I did do a gpupdate /force and restart between changes.
> >
> > "Spenceation" wrote:
> >
> > > Correct. Any other registry hives will be blocked if it isn't listed or a
> > > sub-path of a hive on that list remotely. If you are applying this to
> > > multiple machines, try one first and then see the results. Hopefully this
> > > will fix it. Let me know, I'm curious if that is what is blocking it.
> > >
> > > "Spenceation" wrote:
> > >
> > > > Go to Local Policies then Security Options. the User Rights Assignment folder
> > > > will assign rights to users and Security Options enables or disables computer
> > > > security settings.
> > > >
> > > > "Mike" wrote:
> > > >
> > > > > Not to be dense here but I can't find Computer Configuration\Windows
> > > > > Settings\Security Settings\Network Access Protection
> > > > >
> > > > > Under Security Settings
> > > > > -Account Policies
> > > > > -Local Policies
> > > > > -Windows Firewall with Advanced Security
> > > > > -Public Key Policies
> > > > > -Software Restriction Policies
> > > > > -IP Security Policies on Local Computer
> > > > >
> > > > > What am I missing?
> > > > >
> > > > >
> > > > > "Spenceation" wrote:
> > > > >
> > > > > > Are you trying to load this hive over the network? Vista does restrict
> > > > > > certain registry paths from being editted remotely.
> > > > > >
> > > > > > System\CurrentControlSet\Control\Print\Printers
> > > > > > System\CurrentControlSet\Services\Eventlog
> > > > > > Software\Microsoft\OLAP Server
> > > > > > Software\Microsoft\Windows NT\CurrentVersion\Print
> > > > > > Software\Microsoft\Windows NT\CurrentVersion\Windows
> > > > > > System\CurrentControlSet\Control\ContentIndex
> > > > > > System\CurrentControlSet\Control\Terminal Server
> > > > > > System\CurrentControlSet\Control\Terminal Server\UserConfig
> > > > > > System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
> > > > > > Software\Microsoft\Windows NT\CurrentVersion\Perflib
> > > > > > System\CurrentControlSet\Services\SysmonLog
> > > > > >
> > > > > > These paths are allowed to be remotely accessible and their sub-paths. These
> > > > > > settings are stored in the security settings of group poilicy under:
> > > > > > Network Access: Remotely accessible registry paths and sub-paths
> > > > > > Since the machines share the same OU try running a Result of Policies to see
> > > > > > if any settings differ. Also open Regedit and right click on the hive that
> > > > > > you are editting and select permissions. The default permissions might be
> > > > > > different on this machine due to the OUs or other reasons. If your account
> > > > > > has permissions and you are locally logged in, you should be able to edit the
> > > > > > registry without error.
> > > > > >
> > > > > >
> > > > > > "Mike" wrote:
> > > > > >
> > > > > > > Same result.
> > > > > > >
> > > > > > > I think it has something to do with a policy from somewhere. What I mean.
> > > > > > > I have a Vista and XP machine in the same OU with the same policy being
> > > > > > > applied to them both. I can load a registry hive under XP but not Vista. I
> > > > > > > then made a RDP connection to a Vista machine off our domain. Opened Regedit
> > > > > > > and repeated the same steps and I can load the registry hive. Do you think
> > > > > > > it has anything to do with a trusted path that Vista looks at more closely
> > > > > > > than XP did?
> > > > > > >
> > > > > > > "dean-dean" wrote:
> > > > > > >
> > > > > > > > For lack of a better idea, try this. Navigate to C:\Windows\ and
> > > > > > > > right-click on regedit.exe. Choose Run as Administrator.
> > > > > > > >
> > > > > > > >
> > > > > > > > "Mike" <Mike@discussions.microsoft.com> wrote in message
> > > > > > > > news:C83D2887-F1A2-4CF1-9008-C7F155E09582@microsoft.com...
> > > > > > > > > UAC is turned off
> > > > > > > > >
> > > > > > > > > "Spenceation" wrote:
> > > > > > > > >
> > > > > > > > >> Try running this command with the actual administrator account, this
> > > > > > > > >> account
> > > > > > > > >> bypasses alot of UAC and vista restrictions.
> > > > > > > > >>
> > > > > > > > >> "Mike" wrote:
> > > > > > > > >>
> > > > > > > > >> > I am running this with admin privileges. I turned off UAC as well.
> > > > > > > > >> > This
> > > > > > > > >> > problem is even reproduced with Regedit.
> > > > > > > > >> >
> > > > > > > > >> > Open Regedit and select HKLM
> > > > > > > > >> > Click File and Load Hive
> > > > > > > > >> > Navigate to a NTUSER.DAT file located on a network share
> > > > > > > > >> > Give the key a name and select OK.
> > > > > > > > >> > Access denied.
> > > > > > > > >> >
> > > > > > > > >> > Is this a new security feature with Vista and if so how do you undo it?
> > > > > > > > >> >
> > > > > > > > >> > "Spenceation" wrote:
> > > > > > > > >> >
> > > > > > > > >> > > If you are running this on the command prompt make sure you are using
> > > > > > > > >> > > either
> > > > > > > > >> > > the Run As command, or run the command prompt with admin privlileges.
> > > > > > > > >> > > UAC
> > > > > > > > >> > > will not appear during the command prompt.
> > > > > > > > >> > >
> > > > > > > > >> > > "Mike" wrote:
> > > > > > > > >> > >
> > > > > > > > >> > > > I am trying to load a user hive from a UNC path. When I do this I
> > > > > > > > >> > > > get access
> > > > > > > > >> > > > denied. I can do this from a Windows XP machine. If I copy the
> > > > > > > > >> > > > file locally
> > > > > > > > >> > > > I can the load the hive. What is preventing me from loading it
> > > > > > > > >> > > > through a UNC
> > > > > > > > >> > > > path?
> > > > > > > >
> > > > > > > >