Auditing Windows NT Base Objects

by Wayne Maples [Published on 20 April 2004 / Last Updated on 20 April 2004]

To enable stronger protection on base objects, the following registry setting informs the Windows NT Session Manager that security on the base system objects should be at C2 security level. Impacts of this change are varied and information is sparse. Q218473 To setup Windows NT base objects auditing, use the following Windows NT registry hack:

Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Control\SessionManager
Name: ProtectionMode
Type: REG_DWORD
Value: 1

See Also

Featured Links