Network access: Remotely accessible registry paths and sub-paths

Network access: Remotely accessible registry paths and subpaths

This security setting determines which registry paths and subpaths can be accessed over the network, regardless of the users or groups listed in the access control list (ACL) of the winreg registry key.

Default:

System\\CurrentControlSet\\Control\\Print\\Printers
System\\CurrentControlSet\\Services\\Eventlog
Software\\Microsoft\\OLAP Server
Software\\Microsoft\\Windows NT\\CurrentVersion\\Print
Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows
System\\CurrentControlSet\\Control\\ContentIndex
System\\CurrentControlSet\\Control\\Terminal Server
System\\CurrentControlSet\\Control\\Terminal Server\\UserConfig
System\\CurrentControlSet\\Control\\Terminal Server\\DefaultUserConfiguration
Software\\Microsoft\\Windows NT\\CurrentVersion\\Perflib
System\\CurrentControlSet\\Services\\SysmonLog
System\\CurrentControlSet\\Services\\CertSvc
System\\CurrentControlSet\\Services\\Wins

Caution

Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.

Note: On Windows XP, this security setting was called "Network access: Remotely accessible registry paths." If you configure this setting on a member of the Windows Server 2003 family that is joined to a domain, this setting is inherited by computers running Windows XP, but will appear as the "Network access: Remotely accessible registry paths" security option. For more information, see Network access: Remotely accessible registry paths and subpaths.

Policy path: 

Computer Configuration\Windows Settings\Local Policies\Security Options

Comments: 

Important: On Windows XP, this security setting was called "Network access: Remotely accessible registry paths." If you configure this setting on a member of the Windows Server 2003 family that is joined to a domain, this setting is inherited by computers

Supported on: 

At least Windows XP SP2, Windows Server 2003

Registry settings: 

MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedPaths\Machine

Reboot required: 

No