How to Read Registry HKLM\SAM and HKLM\SECURITY Hives

Author | May 31, 2017 | How To | No Comments

This article explains how you can use psexec.exe to execute registry editor to explore SAM and SECURITY registry hives.

The Registry Editor will not allow you to navigate through HKEY_LOCAL_MACHINE\SAM and HKEY_LOCAL_MACHINE\SECURITY hives. These hives are protected by the System Account and currently logged on user or member of Administrators Group do not have permissions to view them.

To view the the registry entries under SAM or SECURITY hive, you need to run the Registory Editor under the security context of System Account. To run Registry Editor under the security context of System Account, use the following command with psexec.exe:

psexec.exe –s –i regedit.exe

1	psexec.exe –s –i regedit.exe

psexec.exe can be downloaded from: http://technet.microsoft.com/en-us/sysinternals/bb896649.aspx.

Tags:psexec, pstools

About The Author

Author

This site was created to host various server related settings and instructions that have been useful with some of my past projects. Maybe this stuff will be helpful to you too.

Related Posts

About The Author

Author