INFO: Taking Ownership of Registry Keys

ID: Q111546

The information in this article applies to:
  • Microsoft Win32 Application Programming Interface (API), used with:
    • Microsoft Windows NT versions 3.1, 3.5, 4.0
    • Microsoft Windows 2000

SUMMARY

To take ownership of a registry key it is necessary to have a handle to the key. A handle to the key can be obtained by opening the key with a registry API (application programming interface) such as RegOpenKeyEx(). If the user does not have access to the registry key, the open operation will fail and this will in turn prevent ownership being taken (because a handle to the key is required to change the key[ASCII 146]s security).

The solution to this problem is to first enable the TakeOwnership privilege and then to open the registry key with WRITE_OWNER access as shown below: 


   RegOpenKeyEx(HKEY_CLASSES_ROOT,"Testkey",0,WRITE_OWNER,&hKey);
This function call will provide a handle to the registry, which can be used in the following call to take ownership: 

RegSetKeySecurity(hKey,OWNER_SECURITY_INFORMATION, &SecurityDescriptor);
Please note that you will need to initialize the security descriptor being passed to RegSetKeySecurity() and set the owner field to the new owner SID.

Taking ownership of a registry key is not a common operation. It is typically an operation that an administrator would use as a last resort to gain access to a registry key.

Additional query words:

Keywords : kbAPI kbKernBase kbWinOS2000 kbRegistry kbSecurity kbDSupport kbGrpKernBase
Version : winnt:3.1,3.5,4.0
Platform : winnt
Issue type : kbinfo


Last Reviewed: January 5, 2000
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.