Reading a windows registry from linux

Matt Cobb mattc at lockdownnetworks.com
Wed Jan 26 16:22:50 GMT 2005 

So I tried samba4 regshell to read the registry against a Win2003 domain
controller.  It seems to be able to log in, do the SMB Signing and get
keys.  However all the Values show up as REG_NONE and null.  Anyone else
seeing this?  I did a svn update yesterday and made everything again
using the instructions in howto.txt.  Here is the output from regshell.

mattc-deb:/usr/local/samba/bin# ./regshell -b rpc -R
"ncacn_np:lab-server-1" -U "administrator"
Password for [TESTLAB\administrator]:
HKEY_CLASSES_ROOT:> predefined HKEY_LOCAL_MACHINE
HKEY_LOCAL_MACHINE:> ck "SYSTEM\CurrentControlSet\Services\lanmanserver"
Current path is: SYSTEM\CurrentControlSet\Services\lanmanserver
HKEY_LOCAL_MACHINE:SYSTEM\CurrentControlSet\Services\lanmanserver> ck
parametersCurrent path is:
SYSTEM\CurrentControlSet\Services\lanmanserver\parameters
HKEY_LOCAL_MACHINE:SYSTEM\CurrentControlSet\Services\lanmanserver\parame
ters> ls
V "autodisconnect" REG_NONE (null)
V "enableforcedlogoff" REG_NONE (null)
V "enablesecuritysignature" REG_NONE (null)
V "requiresecuritysignature" REG_NONE (null)
V "restrictnullsessaccess" REG_NONE (null)
V "NullSessionPipes" REG_NONE (null)
V "NullSessionShares" REG_NONE (null)
V "ServiceDll" REG_NONE (null)
V "Lmannounce" REG_NONE (null)
V "Size" REG_NONE (null)
V "Guid" REG_NONE (null)

I took an ethereal trace and it shows a WINREG EnumKey request getting a
response with error:  0x0414000a.  However all the WINREG EnumValues
have successful responses and I can see the correct values from the
entries on the ethereal.

-Matt



-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org] 
Sent: Thursday, January 13, 2005 5:14 PM
To: Matt Cobb
Cc: samba-technical at lists.samba.org
Subject: Re: Reading a windows registry from linux

On Thu, 2005-01-13 at 16:36 -0800, Matt Cobb wrote:
> Is there a way to use samba to read windows registry values remotely
> from a linux box? 

With Samba4, the gregedit binary provides a remote registry editor, and
the underlying library can also be used.

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net

More information about the samba-technical mailing list