SMS: How to Disable Remote Control Security Munger on Windows NT Clients (199922)


The information in this article applies to:

  • Microsoft Systems Management Server 2.0
This article was previously published under Q199922
IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry

SUMMARY

This article describes how to disable the Remote Control Security Munger on computers that are running Microsoft Windows NT that have been added as Microsoft Systems Management Server (SMS) clients. To do this, you can add a value to the client's registry.

MORE INFORMATION

WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

The Remote Control Security Munger determines the remote control security settings for an SMS client that belongs to more than one SMS site. In some situations, you might want to disable this feature on a computer that is running Windows NT.

To disable the Security Munger, add the following value to the SMS client's registry:

HKLM/Software/Microsoft/SMS/Client/MS Control

Value: UpdateEnabled
Type: REG_SZ Data: NO (this is not case sensitive)

If this value is set to NO, the Security Munger will exit without doing anything but will make an entry in the Remctrl.log noting that it was disabled. Note that as a result, the client will no longer respond to any changes in the administrator or client user interface. If this is the case, the user or administrator will have to alter the client registry to make any changes. If this registry entry is not present or if the value is anything other than NO, the Security Munger will operate as usual.

The UpdateEnabled value is removed when the Remote Control component is removed from the client, but not during Component Verify or Repair cycles or reinstallation of the client component.

For systems that have the UpdateEnabled value set to NO, the combined sites registry entry and the Remote Control registry entries must match. If they do not, and if UpdateEnabled is not set, when the next Client Configuration Installation Manager (CCIM) cycle or Remote Control Security Munger cycle runs, the combined site entries will take precedence over the remote control entries, and the remote control entries will be changed to the same as the combined site entries. This issue does not occur if you use the Remote Control tool in Control Panel to make the change. This information applies to the following registry key:

HKLM/Software/Microsoft/SMS/Client/Client Components/Remote Control/Combined Site

Modification Type:MinorLast Reviewed:6/14/2005
Keywords:kbinfo kbRemoteProg kbtshoot KB199922
©2004 Microsoft Corporation. All rights reserved.