Take Ownership of a Registry Key And Assign Full Permissions

Certain areas of the Windows registry cannot be accessed due to the Permissions assigned (or lack thereof) for those keys. For instance, some registry keys are owned by the LocalSystem account, and some are owned by TrustedInstaller.

There are legitimate cases where you need to access a registry key to modify or retrieve a setting, and receive Access is Denied or similar errors when doing so. Some of the errors you may encounter are:

Error Creating Key

<key name> cannot be opened. An error is preventing this key from being opened.
Details: Access is denied.

Cannot create key: You do not have the requisite permissions to create a new key under <key name>.

When dealing with a Malware infested PC, you may have to delete several registry entries manually in case the cleanup tool you use does not remove all of them. In most cases, you would get an error (“Error Deleting Key”) stating that you don’t have the permission to delete the specified branch. In that case, additional steps are required to reset the registry ACL permissions before removing the key.

To get access to a protected registry key, you have two options.

  • Option 1 is to run the Registry Editor under SYSTEM or under TrustedInstaller rights and change the necessary modifications in the registry.
  • Option 2 would be to change or take ownership of that registry key and then assign full control (or the required) permissions for your user account.

tips bulb iconOption 1 is preferred if you need to modify or delete a registry value or a key without changing the permission entries for that branch. Option 2 is preferred especially if you need to add necessary permissions for your user account for a specific registry key.



In this article, let’s see Option 2 — changing the ownership of the registry keys and assigning full permissions for your user account. Here are the instructions to do that in any version of Windows.

(The screenshots are from a Windows 10 computer, but the steps are exactly the same in Windows 8 and 8.1. In Windows Vista & 7, there is a slight change in the permission dialog boxes, where ownership can be set by clicking the Owner tab in the Advanced Security dialog. Owner tab has been removed in Windows 8 and higher.)

Take Ownership of a Registry Key

  1. Open the Registry Editor by running regedit.exe
  2. Navigate to the branch for which you want to modify the permissions.
  3. Right-click on the branch, and choose Permissions…
  4. Click the Advanced button.
  5. In the Advanced Security Settings dialog, note down the owner. If it says Unable to display current owner, or if your account isn’t the current owner, click Change
  6. Type your user account name and click OK.
  7. Your user account is showing up as the owner, but the change wouldn’t be applied until you click Apply.
  8. If you also want to take ownership of the subkeys under the selected branch, click Replace owner on subcontainers and objects, and then click Apply. Don’t close the dialog yet.
    (If using Windows Vista or 7, click the Permissions tab in the Advanced Security Settings dialog, and follow the rest of the instructions. The dialog boxes would be different in Windows Vista & 7 after Step 7, but it’s not that difficult to follow.)

Assigning Full Control Permissions for your User Account

You’ve just changed the ownership of the key, but that’s not enough. You’ll need to assign necessary Permissions (usually, Full Control) to the specific branch in order to write to it.

  1. Click the Add button in the Advanced Security settings dialog.
  2. Click Select a principal

  3. Type in your user account name, and click OK.
  4. Click Full Control checkbox to enable it.

    You’ve now granted your user account Full Control permissions.

That’s it. Add as many entries as you need, such as for Administrators, SYSTEM, etc. as required.

RELATED: Take Ownership of Registry Key & Assign Permissions Using Command-line


One small request: If you liked this post, please share this?

One "tiny" share from you would seriously help a lot with the growth of this blog. Some great suggestions:
  • Pin it!
  • Share it to your favorite blog + Facebook, Reddit
  • Tweet it!
So thank you so much for your support. It won't take more than 10 seconds of your time. The share buttons are right below. :)

Ramesh Srinivasan is passionate about Microsoft technologies and he has been a consecutive ten-time recipient of the Microsoft Most Valuable Professional award in the Windows Shell/Desktop Experience category, from 2003 to 2012. He loves to troubleshoot and write about Windows. Ramesh founded Winhelponline.com in 2005.

7 thoughts on “Take Ownership of a Registry Key And Assign Full Permissions”

  1. Thanks a lot… after a long time I found the solution and its very simple too. A prefect solution I must say, I was about to reinstall windows

    Reply
  2. Ramesh, YOU ARE THE MAN! I can’t believe it really worked. I can’t believe how many Bozos are out there pretending to know, spewing the same old crap, which none of it worked. What you were saying about the System being a high privileged account. This makes perfect sense, and it’s the first time I have heard anyone mention it. Thank you very much, this is awesome information!

    Reply

Leave a Comment