How to Disable/Restrict Remote Registry Access in Windows

How to Disable/Restrict Remote Registry Access in Windows

Windows 2000, Windows XP and Windows 2003 supports Remote Registry access using Remote Registry service. This allows a remote user or a remote administrator to connect to the PC or server systems registry remotely and view or modify it.

This is ideally a feature for Remote Administrator or Management Applications to efficiently manage systems without having to manally logging onto the system, but on the other hand this can be a potential security risk.

Hence, if this service is not used for any management purpose then needs to be disabled.

To disable the service,

1. Click Start – RUN and type “services.msc”
2. In the right-pane, right-click “Remote Registry” and select Propertes.
3. Select Startup type as “Disabled” and click “stop” if the service is running.
4. Click Apply and OK.

The above mentioned steps are needed, if there is no need for anyone to connect and modify the Windows Registry remotely. However, if this PC or a system is a part of a corporate network and is part of Active Directory domain then select list of admins or admin groups might need permission to control the registry. In this case, the alternate option to selectively restrict access to the registry remotely the following procedure will be of help to you:

1. Click Start – RUN.
2. Type “regedit” and press enter. This will open the Windows Registry Editor.
3. Navigate to
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurePipeServers\
4. Select “winreg” and click Edit, Select “Permissions”
5. Select appropriate users/groups & appropriate permission like “Read” or “full Control”.
6. Click OK and exit.

This should restrict Remote Registry access on your Windows Server or PC.