This tip is to prevent someone from running the REGEDIT/REGEDT32 editor.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Using Regedt32 to edit:
- Select [Hkey_Users]. Then go to "Load Hive" from the registry Menu.
- Browse to the profile directory of the user you want to restrict and select NTUser.dat file.
- When prompted for Key Name, input their login UserID.
- Now, select the key name (UserID) you just put in, and browse to SoftwareMicrosoftWindowsCurrentVersionPolicies
- If no System sub-key exists, go to "Add Key" from the Edit Menu. Here, type System in the Key name field and click "OK".
- Highlight System and go to "Add Value" from the Edit Menu. Here, type DisableRegistryTools, using type REG_DWORD and set it to 1.
- Now, highlight the Key name (UserID) as in Step 3, and go to Unload Hive from the registry menu. You should see the UserID disappear from the [Hkey_Users].
- Log in and verify that that user will not be able to run Regedt32 or Regedit.