3

I am granting permission for NETWORK SERVICE to access a registry key that I need to access via a console application which I run as NETWORK SERVICE. Here is how I create the key and Grant permission.

Microsoft.Win32.RegistryKey key; key = Microsoft.Win32.Registry.LocalMachine.CreateSubKey("SOFTWARE", RegistryKeyPermissionCheck.ReadWriteSubTree); RegistrySecurity rs = new RegistrySecurity(); rs = key.GetAccessControl(); rs.AddAccessRule(new RegistryAccessRule("NETWORK SERVICE", RegistryRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow)); key.SetAccessControl(rs); key = key.CreateSubKey("RM", RegistryKeyPermissionCheck.ReadWriteSubTree); key = key.CreateSubKey("CSVExtraction", RegistryKeyPermissionCheck.ReadWriteSubTree); key.SetValue("Failure Tally", "0");

But when I try to setValue to the key using the following code I am getting error. The code that I use to set value is given below.

Microsoft.Win32.RegistryKey key; key = Microsoft.Win32.Registry.LocalMachine.CreateSubKey("SOFTWARE", Microsoft.Win32.RegistryKeyPermissionCheck.ReadWriteSubTree); key = key.CreateSubKey("RM", Microsoft.Win32.RegistryKeyPermissionCheck.ReadWriteSubTree); key = key.CreateSubKey("CSVExtraction", Microsoft.Win32.RegistryKeyPermissionCheck.ReadWriteSubTree); key.SetValue("Failure Tally, "1");

But Here I am getting an error saying access to HKLM/LOCAL MACHINE/SOFTWARE denied. But I have added access rule using the above code. But when I go and check the access manually the access is added to the WOW6432node.

Improve this question
2
  • Its mostly because, the application running with the logged in user is not a member of administrator group. Try to run the application as Run as Administrator and try again. Commented Jan 20, 2015 at 8:42
  • The first piece of code is run as Admin ie the granting permission part. I am granting permission to "NETWOR SERVICE". BUt when I try to access using second piece of code the error throws up. Commented Jan 20, 2015 at 8:47

1 Answer 1

Reset to default
3

The issue can be solved by making 2 changes 1) while granting permission Your Code: rs.AddAccessRule(new RegistryAccessRule("NETWORK SERVICE", RegistryRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow)); key.SetAccessControl(rs);

Edit it to be: 

rs.AddAccessRule(new RegistryAccessRule("NETWORK SERVICE", RegistryRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow)); key.SetAccessControl(rs);

This is made to ensure the permissiom you give is inge=herited to sub trees.

2) You dont need to open key by key, instead you can access your desired key by writing

string registryFolderStructure =@"SOFTWARE\RM\CSVExtraction"; key = Microsoft.Win32.Registry.LocalMachine.CreateSubKey(registryFolderStructure, Microsoft.Win32.RegistryKeyPermissionCheck.ReadWriteSubTree);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.