Regsec.exe Gives Strange Results for Non-Administrator (160511)



The information in this article applies to:

  • Microsoft Windows NT Workstation 4.0
  • Microsoft Windows NT Server 4.0

This article was previously published under Q160511

SUMMARY

The Windows NT Server or Workstation 4.0 Resource Kit now includes a utility called Regsec.exe. This utility removes the Everyone group from the root of the HKEY_LOCAL_MACHINE, HKEY_USERS, HKEY_CURRENT_USER, and HKEY_CLASSES_ROOT registry hives. No online Help is available from the command line and typing "/?" from the command line carries out the changes of the permissions on the registry. Carrying out this command changes behavior for all users who logon locally (other than the Administrators group). Power Users are affected for computers running Windows NT Workstation. On computers running Windows NT Server, Account Operators, Server Operators, Print Operators, and all other non-Administrator accounts are affected.

MORE INFORMATION

The Resource Kit Help file states:

This command-line utility removes the Everyone group from a registry key. Removing the Everyone group can enable you to implement stricter and more specific security.

Some of the symptoms include desktop icons becoming plain yellow file folders, and not being able to double click on "My Computer" and other icons. If Windows NT Explorer is launched, all the file icons are the default Windows icon.

Remote network connections are not affected.

Normal behavior can be returned by adding the group Everyone to the root of each hive listed above with READ access.

Modification Type:MajorLast Reviewed:8/9/2001
Keywords:kbenv KB160511