Remote Registry Service

Whilst developing Registry Manager I’ve routinely needed to tests its remote registry editing capabilities. This has never been straight forward to do, and has got progressively harder with each more secure release of Windows.

I thought that I should make a definitive document on how to enable remote registry editing of Windows XP from a Windows Vista machine.

For this example, I am using Windows XP Professional Service Pack 2 on a machine which is already accessible on the network via TCP/IP (correctly configured firewall etc).

The first most important thing to do to enable Remote Registry Editing is to give the primary user account a password. Windows XP security prevents or restricts remote access using blank passwords, so without a password you may encounter all kinds of resistance.

Having done that, we still will not able to browse to the computer using Windows Explorer in Vista (though I can successfully ping the IP address of course).

To enable the computer to be findable using Windows Explorer we need to turn off “Simple File Sharing” in Windows XP:

To turn off “Simple File Sharing”, open any explorer window and click the “Tools” menu and then click on the “Folder Options” menu item. In the dialog that appears click the “View” tab:

Scroll to the bottom of the “Advanced Settings” and un-tick “Use simple file sharing (Recommended)” then click “Apply”. You might be prompted in the following manor:

Choose “Just enable file sharing” and click “Ok”. It is worth noting that had we just enabled “File Sharing” on its own would be insufficient… To enable file sharing alone, we could just right click on a folder, and choose the option “Sharing and Security…”:

      

From the dialog that appears click “If you understand the security risks but want to share files without running the wizard, click here.”… This will enable the computer to be found using explorer in Windows Vista. You can test this by pressing the Windows Key and R together to summon the “Run” box and typing \\computername which should bring up an explorer window showing the remote computers:“Printers” folder so:

However, by just enabling file sharing you will not be able to properly access the remote registry, you will be able to connect to the remote computer registry but when you try to expand any of the branches you will receive an error similar to the following:

Therefore, to fully enable access to the remote system registry, we need to disable “Simple file sharing” and not just allowFile Sharing”.

Simple file sharing tries to protect the user by preventing most system administration activities. It allows access to the registry to retrieve the security settings of the root hives (HKEY_LOCAL_MACHINE etc), and even allows the viewing of values created directly under those hives (of which by default there are none) but every other operation (including editing) will result in an “Access Denied” error.

 Return to Latest Links