Windows

Remote registry administration in Windows XP Professional

Enabling remote registry access is easy in XP Pro, as long as the permissions are set up properly.

One of the great things about being an IT professional is having an expansive list of remote tools at your disposal. While we all need more exercise, walking (or worse) traveling to a troubled user is not the sort of sporting activity we typically enjoy. The more remote tools, the better, I always say. One tool sorely lacking in previous versions of Microsoft Windows was remote registry support. Since the registry does so much in Windows, it would be great to have control of it when a user needs help. For IT support pros looking to decrease wasteful walking or traveling time, Windows XP Professional offers an option that allows you to tweak a user's registry remotely.

Standard warning
Working with the registry (yours or theirs) is risky business. Always make a backup copy before you begin making changes.

Registry permissions
While the process for accessing a remote user's registry is fairly straightforward, enabling (or restricting) access is a bit trickier. For instance, before you begin, you might need to adjust some permission settings on the remote registry. Typically, the default Administrators group has the Full Control designation, so if you're in that group, you should not have a problem with remote access. In case you're not in that group, a registry permissions setting will need adjustment. Have the user open up the Registry Editor (Start | Run | regedit) and drill down to the following key on the machine:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg

Now have the user click on Edit | Permissions in the Registry Editor to see a complete picture of the permissions settings, as shown in Figure A.

Figure A
Use the Add or Remove button and the Permissions For Administrators' pane to adjust the computer's registry permission levels.


Remote access setup
Now that you have the user's permissions in order, it's time to connect. Run the regedit command again from your computer. Simply click on File | Connect Network Registry to arrive at the Select Computer dialog box, as shown in Figure B.

Figure B
You can browse locations and object types to further refine your search.


To find the user, enter the user's display name, object name, user name, or user domain name in the Enter The Object Name To Select (Examples) pane. Click the Check Names button, and hopefully your user's name will appear. If you do not see what you're looking for, click on the Advanced button to use less specific search criteria. When the user's name appears, simply highlight it and click OK. As Figure C shows, you now have the user's registry appearing right beneath your own, and you can troubleshoot any setting as if you were at the user's computer.

Figure C
Your registry should now have more hives to buzz around in.


Stopping the Remote Registry service
Logically, all this remote access to the registry might be disconcerting to some. For the security conscious out there, you can remove the possibility of malicious remote registry manipulation. Start | Administrative Tools | Services will bring you to the Services console, where you can stop or disable the Remote Registry service. Simply scroll down until you find the Remote Registry service and right-click it. From the resulting pop-up context menu, select Properties.

Figure D
Set the Startup Type to Manual if you want to control access to this service.


As you can see in Figure D, the Properties dialog box will allow you to stop the service as well as choose how you want the service to start at the next reboot. From the Startup Type drop-down box, you can choose from Automatic (the default), Manual, or Disabled. Disabling the service might cause problems with other systems that depend on the computer for replication and other such services. To avoid this disruption, perhaps the best setting is Manual. It requires manual intervention to enable the service, while any other services that depend on the computer will continue to start.

Access was never so easy
The registry controls so much of what goes on in Windows. As I noted above, it's important that this part of the system is protected from both malicious and unintentional changes. Regardless of your position on security, remote access to the registry will allow you greater support capabilities. The next time a user has a registry problem, you no longer have the tedious task of walking the person through each registry subkey and possibly breaking something during the process; or worse, walking over to the machine with the problem.
0 comments