The keys that I am interested are under
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles
These keys give full access to system user, and only read access to administrator. I am logged in administrator account. I am using 2012 R2.
I can change the owner through regedit by
right click -> Advanced -> Change onwer -> type "Administrator" -> OK -> Apply
Here are the API in c# that I have tried. Both failed as access denied
key = Registry.LocalMachine.OpenSubKey(test, RegistryKeyPermissionCheck.ReadSubTree, RegistryRights.TakeOwnership);
RegistrySecurity rs = new RegistrySecurity();
rs.SetOwner(new NTAccount("Administrator"));// Set the securitys owner to be Administrator
key.SetAccessControl(rs);
Also tried win32 APIs:
SetSecurityInfo(getRegistryKeyHandle(key), SE_OBJECT_TYPE.SE_REGISTRY_KEY, SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION, ownerSid, groupSid, dacl, sacl);
Thanks to @HarryJohnston. Your method works.
I first enable SeTakeOwnershipPrivilege, then I'm able to take owner with my code.