Windows – Change Permissions on Registry key via Command line

windowswindows-registry

I am trying to edit this registry key via the command line – been searching around for ages but can't find anything.

Really stuck at the moment so any help would be appreciated a lot. I do not mind using PowerShell or anything that calls a third party tool – just want to change it via the command line.

The reason is that local Administrators have Read only rights by default. I want to change this to Full Control. I can do it in the GUI in 2 seconds but command line is another matter.

HKEY_CLASSES_ROOT\CLSID\{323CA680-C24D-4099-B94D-446DD2D7249E}\ShellFolder

Best Answer

There is an excellent rundown of how to do it in PowerShell here.

Essentially, you can use Get-Acl and Set-Acl in PowerShell like you would for any other path.

$acl = Get-Acl HKLM:\SOFTWARE\stuff
$rule = New-Object System.Security.AccessControl.RegistryAccessRule ("Domain\user","FullControl","Allow")
$acl.SetAccessRule($rule)
$acl |Set-Acl -Path HKLM:\SOFTWARE\stuff
Related Topic