Access denied reading SAM subkeys on windows 7

Question

0.00/5 (No votes)

See more:

I wanna read SAM subkeys on Windows 7 using this code

C#

int retVal = RegLoadKey(HKEY_LOCAL_MACHINE, "SAM_AUX", @"E:\Auxiliar Registry\SAM");
    RegistryKey accountKeys = Registry.LocalMachine.OpenSubKey(@"SAM_AUX\SAM\Domains\Account\Users\Names", false);

But I always receive Acces Denied, and I can't view SAM subkeys using regedit. What could be the problem?

Thanks

Posted 24-Jun-13 7:28am

Gabi Cea

Add a Solution

Comments

Ron Beyer 24-Jun-13 13:31pm

Is your application running with administrator privileges?

Gabi Cea 24-Jun-13 14:02pm

I think so. I had have a manifest to indicate that the application have to run with administrator privileges, but it doesn't work. Is normal that I can't view SAM subkeys on windows registry?

chaau 25-Jun-13 1:49am

What happens if you right click on your application and select "Run As Administrator"?

Gabi Cea 25-Jun-13 13:02pm

It happens the same. If I open regedit just after the error, and right click on SAM_AUX hive, I can change it the permissions, and then, re-execute the application and it working right. The problem if I load another SAM, the problem come back, and I have to change SAM permission every time I load it...

chaau 25-Jun-13 20:01pm

I have a chunk of code that I use in my application to change the permission of a registry key. It is Win32 C. If interested I can post it here

Gabi Cea 26-Jun-13 12:58pm

Of course. Maybe, your code could help me to solve my problem.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

chaau · Answer 1 · 2013-06-26T16:25:00

If you need to Add "Everyone" to a registry key's Permissions you can use the following chunk of code (this is a "very old code". It was written back in the ages where we had to support Win95/98 clients together with Win2k/WinXP clients. You may need to adjust the code to statically link to the functions that are used by GetProcAddress below):

C++

typedef BOOL(WINAPI* AllocateAndInitializeSidType)(
  PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, // authority
  BYTE nSubAuthorityCount,                        // count of subauthorities
  DWORD dwSubAuthority0,                          // subauthority 0
  DWORD dwSubAuthority1,                          // subauthority 1
  DWORD dwSubAuthority2,                          // subauthority 2
  DWORD dwSubAuthority3,                          // subauthority 3
  DWORD dwSubAuthority4,                          // subauthority 4
  DWORD dwSubAuthority5,                          // subauthority 5
  DWORD dwSubAuthority6,                          // subauthority 6
  DWORD dwSubAuthority7,                          // subauthority 7
  PSID *pSid                                      // SID
);

typedef DWORD(WINAPI* SETENTRIESINACL)(
  ULONG cCountOfExplicitEntries,           // number of entries
  PEXPLICIT_ACCESS pListOfExplicitEntries, // buffer
  PACL OldAcl,                             // original ACL
  PACL *NewAcl                             // new ACL
);

typedef BOOL(WINAPI* InitializeSecurityDescriptorType)(
  PSECURITY_DESCRIPTOR pSecurityDescriptor, // SD
  DWORD dwRevision                          // revision level
);

typedef LONG(WINAPI* REGSETKEYSECURITY)(
  HKEY hKey,                                // handle to key
  SECURITY_INFORMATION SecurityInformation, // request
  PSECURITY_DESCRIPTOR pSecurityDescriptor  // SD
);

typedef BOOL(WINAPI* SetSecurityDescriptorDaclType)(
  PSECURITY_DESCRIPTOR pSecurityDescriptor, // SD
  BOOL bDaclPresent,                        // DACL presence
  PACL pDacl,                               // DACL
  BOOL bDaclDefaulted                       // default DACL
);

typedef PVOID(WINAPI* FreeSidType)(
  PSID pSid   // SID to free
);

BOOL SetRegFullAccessPermission(HKEY hKey)
{
  DWORD dwRes = ERROR_SUCCESS;
  BOOL bRet = TRUE;
  PSID pEveryoneSID = NULL;
  PACL pACL = NULL;
  PSECURITY_DESCRIPTOR pSD = NULL;
  EXPLICIT_ACCESS ea[1];
  SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY;
  TCHAR szErr[1024] = {0};
  int i = 0;
  TCHAR szSubKey[1024] = {0};
  HMODULE hDll = NULL;
  AllocateAndInitializeSidType AllocateAndInitializeSidFunc;
  SETENTRIESINACL SetEntriesInAclFunc;
  InitializeSecurityDescriptorType InitializeSecurityDescriptorFunc;
  REGSETKEYSECURITY RegSetKeySecurityFunc;
  SetSecurityDescriptorDaclType SetSecurityDescriptorDaclFunc;
  FreeSidType FreeSidFunc;

  OSVERSIONINFO versionInfo = {0};
  versionInfo.dwOSVersionInfoSize = sizeof(versionInfo);

  GetVersionEx(&versionInfo);

  if(versionInfo.dwPlatformId != VER_PLATFORM_WIN32_NT)
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  hDll = LoadLibrary(_T("advapi32.dll"));

  if(hDll == NULL)
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(AllocateAndInitializeSidFunc =(AllocateAndInitializeSidType)GetProcAddress(hDll, _T("AllocateAndInitializeSid"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(SetEntriesInAclFunc =(SETENTRIESINACL)GetProcAddress(hDll, _T("SetEntriesInAclA"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(InitializeSecurityDescriptorFunc =(InitializeSecurityDescriptorType)GetProcAddress(hDll, _T("InitializeSecurityDescriptor"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(SetSecurityDescriptorDaclFunc =(SetSecurityDescriptorDaclType)GetProcAddress(hDll, _T("SetSecurityDescriptorDacl"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(RegSetKeySecurityFunc =(REGSETKEYSECURITY)GetProcAddress(hDll, _T("RegSetKeySecurity"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(FreeSidFunc =(FreeSidType)GetProcAddress(hDll, _T("FreeSid"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  // Create a well-known SID for the Everyone group.
  if(!(*AllocateAndInitializeSidFunc)(&SIDAuthWorld, 1, SECURITY_WORLD_RID,
                  0, 0, 0, 0, 0, 0, 0, &pEveryoneSID))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  // Initialize an EXPLICIT_ACCESS structure for an ACE.
  // The ACE will allow Everyone read access to the key.
  ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
  ea[0].grfAccessPermissions = KEY_ALL_ACCESS;
  ea[0].grfAccessMode = SET_ACCESS;
  ea[0].grfInheritance= NO_INHERITANCE;
  ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
  ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
  ea[0].Trustee.ptstrName  =(LPTSTR) pEveryoneSID;

  dwRes =(*SetEntriesInAclFunc)(1, ea, NULL, &pACL);
  if(ERROR_SUCCESS != dwRes)
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  // Initialize a security descriptor.
  pSD =(PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
  if(pSD == NULL)
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(*InitializeSecurityDescriptorFunc)(pSD, SECURITY_DESCRIPTOR_REVISION))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  // Add the ACL to the security descriptor.
  if(!(*SetSecurityDescriptorDaclFunc)(pSD, TRUE, pACL,  FALSE))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  //Set the security descriptor
  dwRes =(*RegSetKeySecurity)(hKey, DACL_SECURITY_INFORMATION, pSD);
  if(dwRes == ERROR_SUCCESS)
    bRet = TRUE;
  else
  {
    ASSERT(FALSE);
    bRet = FALSE;
  }

SAFE_EXIT:
  if(pEveryoneSID)
    (*FreeSidFunc)(pEveryoneSID);
  if(pACL)
    LocalFree(pACL);
  if(pSD)
    LocalFree(pSD);
  if(hDll)
    FreeLibrary(hDll);

  return bRet;
}