Click here to Skip to main content
12,406,342 members (70,577 online)
Rate this:
 
Please Sign up or sign in to vote.
See more: Windows registry
I wanna read SAM subkeys on Windows 7 using this code
int retVal = RegLoadKey(HKEY_LOCAL_MACHINE, "SAM_AUX", @"E:\Auxiliar Registry\SAM");
    RegistryKey accountKeys = Registry.LocalMachine.OpenSubKey(@"SAM_AUX\SAM\Domains\Account\Users\Names", false);
But I always receive Acces Denied, and I can't view SAM subkeys using regedit. What could be the problem?

Thanks
Posted 24-Jun-13 7:28am
Comments
Ron Beyer 24-Jun-13 13:31pm
   
Is your application running with administrator privileges?
Gabi Cea 24-Jun-13 14:02pm
   
I think so. I had have a manifest to indicate that the application have to run with administrator privileges, but it doesn't work. Is normal that I can't view SAM subkeys on windows registry?
Andrew Cherednik 25-Jun-13 1:49am
   
What happens if you right click on your application and select "Run As Administrator"?
Gabi Cea 25-Jun-13 13:02pm
   
It happens the same. If I open regedit just after the error, and right click on SAM_AUX hive, I can change it the permissions, and then, re-execute the application and it working right. The problem if I load another SAM, the problem come back, and I have to change SAM permission every time I load it...
Andrew Cherednik 25-Jun-13 20:01pm
   
I have a chunk of code that I use in my application to change the permission of a registry key. It is Win32 C. If interested I can post it here
Gabi Cea 26-Jun-13 12:58pm
   
Of course. Maybe, your code could help me to solve my problem.

1 solution

Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 1

If you need to Add "Everyone" to a registry key's Permissions you can use the following chunk of code (this is a "very old code". It was written back in the ages where we had to support Win95/98 clients together with Win2k/WinXP clients. You may need to adjust the code to statically link to the functions that are used by GetProcAddress below):

typedef BOOL(WINAPI* AllocateAndInitializeSidType)(
  PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, // authority
  BYTE nSubAuthorityCount,                        // count of subauthorities
  DWORD dwSubAuthority0,                          // subauthority 0
  DWORD dwSubAuthority1,                          // subauthority 1
  DWORD dwSubAuthority2,                          // subauthority 2
  DWORD dwSubAuthority3,                          // subauthority 3
  DWORD dwSubAuthority4,                          // subauthority 4
  DWORD dwSubAuthority5,                          // subauthority 5
  DWORD dwSubAuthority6,                          // subauthority 6
  DWORD dwSubAuthority7,                          // subauthority 7
  PSID *pSid                                      // SID
);
 
typedef DWORD(WINAPI* SETENTRIESINACL)(
  ULONG cCountOfExplicitEntries,           // number of entries
  PEXPLICIT_ACCESS pListOfExplicitEntries, // buffer
  PACL OldAcl,                             // original ACL
  PACL *NewAcl                             // new ACL
);
 
typedef BOOL(WINAPI* InitializeSecurityDescriptorType)(
  PSECURITY_DESCRIPTOR pSecurityDescriptor, // SD
  DWORD dwRevision                          // revision level
);
 
typedef LONG(WINAPI* REGSETKEYSECURITY)(
  HKEY hKey,                                // handle to key
  SECURITY_INFORMATION SecurityInformation, // request
  PSECURITY_DESCRIPTOR pSecurityDescriptor  // SD
);
 
typedef BOOL(WINAPI* SetSecurityDescriptorDaclType)(
  PSECURITY_DESCRIPTOR pSecurityDescriptor, // SD
  BOOL bDaclPresent,                        // DACL presence
  PACL pDacl,                               // DACL
  BOOL bDaclDefaulted                       // default DACL
);
 
typedef PVOID(WINAPI* FreeSidType)(
  PSID pSid   // SID to free
);
 
BOOL SetRegFullAccessPermission(HKEY hKey)
{
  DWORD dwRes = ERROR_SUCCESS;
  BOOL bRet = TRUE;
  PSID pEveryoneSID = NULL;
  PACL pACL = NULL;
  PSECURITY_DESCRIPTOR pSD = NULL;
  EXPLICIT_ACCESS ea[1];
  SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY;
  TCHAR szErr[1024] = {0};
  int i = 0;
  TCHAR szSubKey[1024] = {0};
  HMODULE hDll = NULL;
  AllocateAndInitializeSidType AllocateAndInitializeSidFunc;
  SETENTRIESINACL SetEntriesInAclFunc;
  InitializeSecurityDescriptorType InitializeSecurityDescriptorFunc;
  REGSETKEYSECURITY RegSetKeySecurityFunc;
  SetSecurityDescriptorDaclType SetSecurityDescriptorDaclFunc;
  FreeSidType FreeSidFunc;
 
  OSVERSIONINFO versionInfo = {0};
  versionInfo.dwOSVersionInfoSize = sizeof(versionInfo);
 
  GetVersionEx(&versionInfo);
 
  if(versionInfo.dwPlatformId != VER_PLATFORM_WIN32_NT)
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }
 
  hDll = LoadLibrary(_T("advapi32.dll"));
 
  if(hDll == NULL)
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }
 
  if(!(AllocateAndInitializeSidFunc =(AllocateAndInitializeSidType)GetProcAddress(hDll, _T("AllocateAndInitializeSid"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }
 
  if(!(SetEntriesInAclFunc =(SETENTRIESINACL)GetProcAddress(hDll, _T("SetEntriesInAclA"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }
 
  if(!(InitializeSecurityDescriptorFunc =(InitializeSecurityDescriptorType)GetProcAddress(hDll, _T("InitializeSecurityDescriptor"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }
 
  if(!(SetSecurityDescriptorDaclFunc =(SetSecurityDescriptorDaclType)GetProcAddress(hDll, _T("SetSecurityDescriptorDacl"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }
 
  if(!(RegSetKeySecurityFunc =(REGSETKEYSECURITY)GetProcAddress(hDll, _T("RegSetKeySecurity"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }
 
  if(!(FreeSidFunc =(FreeSidType)GetProcAddress(hDll, _T("FreeSid"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }
 
  // Create a well-known SID for the Everyone group.
  if(!(*AllocateAndInitializeSidFunc)(&SIDAuthWorld, 1, SECURITY_WORLD_RID,
                  0, 0, 0, 0, 0, 0, 0, &pEveryoneSID))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }
 
  // Initialize an EXPLICIT_ACCESS structure for an ACE.
  // The ACE will allow Everyone read access to the key.
  ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
  ea[0].grfAccessPermissions = KEY_ALL_ACCESS;
  ea[0].grfAccessMode = SET_ACCESS;
  ea[0].grfInheritance= NO_INHERITANCE;
  ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
  ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
  ea[0].Trustee.ptstrName  =(LPTSTR) pEveryoneSID;
 
  dwRes =(*SetEntriesInAclFunc)(1, ea, NULL, &pACL);
  if(ERROR_SUCCESS != dwRes)
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }
 
  // Initialize a security descriptor.
  pSD =(PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
  if(pSD == NULL)
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }
 
  if(!(*InitializeSecurityDescriptorFunc)(pSD, SECURITY_DESCRIPTOR_REVISION))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }
 
  // Add the ACL to the security descriptor.
  if(!(*SetSecurityDescriptorDaclFunc)(pSD, TRUE, pACL,  FALSE))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }
 
  //Set the security descriptor
  dwRes =(*RegSetKeySecurity)(hKey, DACL_SECURITY_INFORMATION, pSD);
  if(dwRes == ERROR_SUCCESS)
    bRet = TRUE;
  else
  {
    ASSERT(FALSE);
    bRet = FALSE;
  }
 
SAFE_EXIT:
  if(pEveryoneSID)
    (*FreeSidFunc)(pEveryoneSID);
  if(pACL)
    LocalFree(pACL);
  if(pSD)
    LocalFree(pSD);
  if(hDll)
    FreeLibrary(hDll);
 
  return bRet;
}
  Permalink  
Comments
Gabi Cea 27-Jun-13 6:11am
   
A lot of thanks. I will test my code with your solution and I will tell you if it works or not.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month


Advertise | Privacy | Mobile
Web01 | 2.8.160730.1 | Last Updated 26 Jun 2013
Copyright © CodeProject, 1999-2016
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100