Hi, I want to restrict users, from accessing regedt32.exe. How can I specify using Icacls.exe. Thanks in Advance, Regards, Asha

Hi Asha, if you want to prevent user from using regedit32.exe, you can install Windows SteadyState on the computer, select the user, then add regedit32.exe to block program list. You can download latest version of Windows SteadyState via the link: http://www.microsoft.com/downloads/details.aspx?familyid=D077A52D-93E9-4B02-BD95-9D770CCDB431&displaylang=en Hope this helps!

Thank you for your reply Sean Zhu. I want to do it through command line. I did in the following way: I have taken the ownership of the folder using Takeown.exe command, and then I run Icacals.exe command to deny the permission of the regedit32.exe. It worked. But I am not sure whether I Can use this. I tried this just few minutes before, but I dont know whether it is right or wrong. Please give your guidance. Thanks in Advance, Regards, Asha

Hi Asha, I'd like to inform you that icacls cannot be used on registry entry. If you want to set permission on registry keys, we can use regini. For detailed information, please check the following KB article: How to Use Regini.exe to Set Permissions on Registry Keys http://support.microsoft.com/kb/237607 If you want to block the access to regedit, we can try the following command: Code Snippeticacls C:\Windows\system32\regedt32.exe /deny *SID:(R,RC) You can also user other suffix instead of (R,RC).