Asked By systinte
16-Mar-09 10:16 AM
We are attempting to load HKU hives for a number of users and set access
permissions via .NET 2.0 c#. Since wrapper classes do not expose the
RegLoadKey(), we used the DllImport directive and are able to successfully
load the user hive after adjusting our own token to add the backup and
restore privileges. By the way we are running under domain administrative
privilege. Without adjusting the process token we got error 1314 on
RegLoadKey. Now our attempts to set permission to another SID fails with
ACCESS DENIED error. I am suspecting I need to add more privileges beside
backup / restore. The code to set permission itself worked fine as tested. It
takes a HKEY_USERS\S-I-D subkey and a trustee name as
parameters and adds the trustee to the DACL successfully when run under
direct administrative privilege. But modifying the token to add backup /
restore has caused the code to now fail with ACCESS DENIED. Please advise
what set of privileges beside backup / restore will give us the ability to
both load hives and set permissions.
Thanks.