Hello,
I am writing a powershell script to configure a W2008-R2 Server. In one of the steps, I need to take ownership of an existing registry key, and then give full control permissions to the administrators.
I have done this:
$acl= Get-Acl $key$me=[System.Security.Principal.NTAccount]"$env:userdomain\$env:username"$acl.SetOwner($me)$person=[System.Security.Principal.NTAccount]"Administrators"$access=[System.Security.AccessControl.RegistryRights]"FullControl"$inheritance=[System.Security.AccessControl.InheritanceFlags]"None"$propagation=[System.Security.AccessControl.PropagationFlags]"None"$type=[System.Security.AccessControl.AccessControlType]"Allow"$rule= New-Object System.Security.AccessControl.RegistryAccessRule($person,$access,$inheritance,$propagation,$type)$acl.AddAccessRule($rule) Set-Acl $key$acl
But it fails in "set-acl" command, with the message "Set-Acl : Requested registry access is not allowed."
Any ideas of how to do this? or if it is even possible?
Thank you!