The function of remote access to the registry is a convenient administration tool. However, in some cases, the ability to modify the system registry of a Windows-based computer can pose a serious security risk. In these cases, you need to disable this function.
Instructions
Step 1
Remote access rights to the registry of a computer running Windows are registered in the registry itself. By default, users who are members of the Administrators group have full access. Users in the Archive Operators and Local Service group have read-only rights.
Step 2
To disable the Remote Registry service, open the main system menu by clicking the "Start" button and go to the "Run" dialog. Type services.msc in the "Open" line and confirm the launch of the utility by clicking the OK button. Call the context menu of the Remote Registry item in the right part of the window by clicking the right mouse button and select the "Properties" item. Select the Disabled option in the drop-down list of the "Startup type" line and save the changes by clicking the OK button. Confirm the execution of the selected action by clicking the OK button.
Step 3
Return to the main Start menu to restrict remote access to the registry, and once again go to the Run dialog. Type regedit in the "Open" line and confirm the launch of the Registry Editor utility with the OK button. Expand the HKEY_LOCAL_MACHINESystemCurrentControlSetControlSecurePipeServers branch.
Step 4
Select the found key by clicking the left mouse button and use the "Change" command. Specify the "Permissions" section and click the "Add" button. Enter a value for the name of the user to restrict access and apply the check box in the Read line at the bottom of the Permissions dialog box. Confirm saving of the changes made by clicking OK.
Step 5
Pay attention to the possibility of granting rights to the required registry parameters to the selected user, even if there is no permission to change entries in the HKLMSystemCurrentControlSetControlSecurePipeServerswinregAllowedPathsMachine branch.
