I want to allow read/write permissions to only administrators group for a registry key which is already created in the system. Other than administrators, no one should be able to access the key.
I have written code to enumerate all the registryaccess rules associated with the registry key and start removing each rule.
The problem i am facing here is i am not able to delete some of the registryaccess rules becuase these are inherited from its parent registry key. For example, i am not able to remove the access rules for the following windows groups as these rules are inherited from its parent registry key -
BUILTIN\Users BUILTIN\Power Users NT AUTHORITY\SYSTEM
Here is the code snippet which i am trying -
RegistryKey objReg = Registry.LocalMachine.OpenSubKey(GlobalValues.RegKey_Sample, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.FullControl); RegistrySecurity security = objReg.GetAccessControl();
foreach (RegistryAccessRule ar in security.GetAccessRules(true, true, typeof(NTAccount)))
{
MessageBox.Show(ar.IdentityReference.ToString());
if (ar.IdentityReference.ToString().CompareTo("BUILTIN\\Administrators") != 1)
{
MessageBox.Show("need not to be removed");
}
else
{
//Trying to reset the inheritance value and then removing the rule
RegistryAccessRule rule = new RegistryAccessRule(ar.IdentityReference, ar.RegistryRights, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow);
//try 1 - to remove inheritace flag
security.ResetAccessRule(rule);
objReg.SetAccessControl(security);
//try 2- to remove inheritace flag
security.AddAccessRule(rule);
objReg.SetAccessControl(security);
//Assuming now it is not inheriting rule for this identity, removing this rule for this registry key
security.RemoveAccessRuleAll(ar);
objReg.SetAccessControl(security);
}
}
Is there a way to create a rule for a registry key to not to inherit any rules from its parent registry key. Appreciate your help, thanks...