Issue "Error on Initialization Exception: Requested registry access is not allowed"

Feb 12, 2010 at 2:49 PM

When i add ilovesharepoint (power web part v3.0) on the site it is giving an error “Error on Initialization Exception: Requested registry access is not allowed” for non-admin user. It is giving the error for plain web part, which is downloded from http://ilovesharepoint.codeplex.com/releases/view/18883
And it is running for server administrator fine.

Could you update me on this ASAP. It is little urgent.

Thanks,

Murali.

Coordinator
Feb 13, 2010 at 8:26 AM

Hello Murali,

as you suggested it seems to be a lack of permission. PowerShell is installed and have you done the changes in the asp.config as described in the readme.txt?

You can check the user it will run under with $identiy1 = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name

Have you take a look in the systems event log and in the sharepoint log? Will the error be rendered to webpart output or do you see the ASP.NET/SharePoint error page?

Any stack trace?

In general you should not be admin to run PowerWebPart. Hope we can find the issue...

Bye,

Christian

 

 

Feb 16, 2010 at 12:59 PM

Christian,

I have updated the asp.config file as specified in readme.txt. Still it is not working and giving the same below error. It is not an ASP.NET/SharePoint page error, it is simply showing the error message on the webpart itself. It is

Error on Initialization Exception: Requested registry access is not allowed.

However it is working fine for sharepoint server administrators, So it could be definitely a permission issue. Do we have any setting/option somewhere to specify the permissions for powershell access.

Let me know if you need any more details regarding this issue.

Thanks,

Murali.

Feb 16, 2010 at 1:08 PM

Christian,

My Asp.config file looks like below after updating it according to readme.txt file

version="1.0" encoding="UTF-8" ?>
<configuration>
    <runtime>
        <legacyUnhandledExceptionPolicy enabled="false" />
        <legacyImpersonationPolicy enabled="false"/>
        <alwaysFlowImpersonationPolicy enabled="true"/>

        <SymbolReadingPolicy enabled="1" />
    </runtime>
</configuration>

Thanks, Murali

 

Coordinator
Feb 17, 2010 at 8:08 AM

Hi,

I'm not sure, but can you check that the app pool user has write permission to the registry: http://support.microsoft.com/?scid=kb%3Ben-us%3B329291&x=13&y=13

Bye, Christian

Jun 18, 2010 at 10:10 AM

Hi Christian,

I have the same problem as Murali, also Asp.config is also same as him.

could you please help me resolving this, i'll really appreatiate. I am getting following error

Error on Initialization
Exception:
Requested registry access is not allowed.
Also getting an error in PowerShell eventlog.
Settings: Requested registry access is not allowed.

Details:
    ExceptionClass=SecurityException
    ErrorCategory=
    ErrorId=
    ErrorMessage=Requested registry access is not allowed.

    Severity=Error

    SequenceNumber=

    HostName=Default Host
    HostVersion=2.0
    HostId=d0b3d967-e2b8-4f56-9b45-1321138d6768
    EngineVersion=2.0
    RunspaceId=f45cd457-d20d-43aa-9dfd-363cc2368336
    PipelineId=
    CommandName=
    CommandType=
    ScriptName=
    CommandPath=
    CommandLine=

AdditionalInfo:
    Name=;Value=
    Name=;Value=
    Name=;Value=
Bye, Himanshu
Coordinator
Jun 18, 2010 at 11:03 AM

Hello,

this caused through insufficient privlieges to the registry of the app pool user or the actual user, depending on the settings in asp.net config. Not many people report this problem and I can't reproduce it.  

I suggest monitoring the registry fro example with Proccess Monitor http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx to figure out which regsitry request fails and after that grant the appropriate permissions.

When you found the solution would be create if you share it here.

Bye, Christian

Coordinator
Jun 23, 2010 at 1:37 PM

thanks for the reply

 

Jul 8, 2010 at 7:10 AM
Edited Jul 8, 2010 at 7:13 AM

In my case I granted ReadOnly permissions for group Domain Users (AD environment) to HKEY_USERS\S-1-5-20\Environment. It is NT Authority, Network Service account hive.

May 6, 2011 at 9:10 PM

HKEY_USERS\{SID of SharePoint Service Account}\Environment

I granted read access and it worked. Wonderful tool! Thanks!