This tip is to prevent someone from running the REGEDIT/REGEDT32 editor.
Using Regedt32 to edit:
- Select [Hkey_Users]. Then go to "Load Hive" from the registry Menu.
- Browse to the profile directory of the user you want to restrict and select NTUser.dat
- When prompted for Key Name, input their login UserID.
- Now, select the key name (UserID) you just put in, and browse to
- If no System sub-key exists, go to "Add Key" from the Edit Menu. Here, type System in the Key
name field and click "OK".
- Highlight System and go to "Add Value" from the Edit Menu. Here, type DisableRegistryTools,
using type REG_DWORD and set it to 1.
- Now, highlight the Key name (UserID) as in Step 3, and go to Unload Hive from the registry
menu. You should see the UserID disappear from the [Hkey_Users].
- Log in and verify that that user will not be able to run Regedt32 or Regedit.
This was first published in April 2001