IMPORTANT: This procedure requires a client system reboot.
CAUTION: This article contains information about opening or modifying the registry.
- The following information is intended for System Administrators. Registry modifications are irreversible and could cause system failure if done incorrectly.
- Before proceeding, Technical Support strongly recommends that you back up your registry and understand the restore process. For more information, see the Microsoft Windows registry information for advanced users article.
- Do not run a REG file that is not confirmed to be a genuine registry import file.
Use the following steps to enable ACC protection in Windows Safe Mode:
- Enable the Safe Mode protection feature view in the features list:
- Open a command window: Click Start, All Programs, Accessories, Command Prompt.
NOTE: You might need to run the command prompt as an administrator.
- Unlock the command-line interface (CLI) using the following command: sadmin recover
- Type your console password.
- Verify whether Safe Mode protection is in the features list using the following command: sadmin features –d
This command displays a detailed list of features.
- If the feature is listed, continue to step 3.
- If the feature isn't listed, continue to step 1e.
- Place the client system in Update Mode using the following command: sadmin bu
- Start the registry editor: Click Start, Run, type regedit, and click OK.
- In the registry, browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swin\Parameters\FeaturesInstalled
- Note the existing hexadecimal DWORD value for FeaturesInstalled in the Value data field. You might need this value if a failure occurs or if you need to revert the value.
- Calculate the new hexadecimal DWORD value for FeaturesInstalled:
- Open Windows Calculator.
- Set the calculator to Programmer view: Click View, Programmer.
- Select the Hex option.
- Type the original hexadecimal DWORD value that you noted in step 1h.
- Add 80000000 to the original value.
NOTE: The actual value varies depending on your specific operating system.
Example: Original value = 71ffafff
Example: New value = 71ffafff + 80000000 = f1ffafff
- Note your new calculated value.
- In the FeaturesInstalled Value data field, replace the existing DWORD value with the new value that you noted in the previous step.
- Save and close the registry editor.
- Return to the CLI.
- Stop and start the Solidcore service using the following commands:
net stop scsrvc - A message displays when the service stops.
net start scsrvc - A message displays when the service starts.
- Confirm that Safe Mode protection is now in the features list using the following command: sadmin features –d
- Enable Safe Mode protection:
- Enable the safe-mode-protect feature using the following command: sadmin features enable safe-mode-protect
- Exit Update Mode using the following command: sadmin eu
- Lock down the Solidcore CLI using the following command: sadmin lockdown
- Confirm that the CLI is locked down using the following command: sadmin status
- Reboot the client system. A reboot must occur.
- After the reboot, unlock the Solidcore CLI again via the sadmin recover command and confirm that the safe-mode-protect feature is now Enabled using the following command:
sadmin features -d
safe-mode-protect Enabled
- Lock down the Solidcore CLI again via sadmin lockdown.
- On ACC 6.1.3 and later, verify if the following registry keys exist on the system. If they don't, create them manually.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\scsrvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\scsrvc
NOTE: To create these registry keys via command line, open a Windows administrator command prompt, and run the following commands:
reg add HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\scsrvc
reg add HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\scsrvc
- Create a registry String Value (REG_SZ) entry with value Service under the following registry keys:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\scsrvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\scsrvc
NOTE: To create these registry values via command line, open a Windows administrator command prompt, and run the following commands:
reg add HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\scsrvc /v Service /t REG_SZ
reg add HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\scsrvc /v Service /t REG_SZ
- Confirm that Safe Mode protection is working:
- Reboot the client system into Safe Mode.
- Try to run an unauthorized / unsolidified application (putty.exe). The application is prevented from running while in Safe Mode.
- Try to change the registry setting listed above back to its original value. The change is denied while in Safe Mode.
