# ProtectedRoots Permission



## nickong (Mar 17, 2011)

I had configured one GPO for the registry permission using the GPMC tool and apply to the member server. The Setting as below: 

HKU\.Default\Software\Microsoft\SystemCertificates\Root\ProtectedRoots 

Permissions. Administrators-Full, System-Full, Users-read

The server had applied the policy successfull after i perform the gpupdate /force

After i restart the server, i found the Administrators permission had been removed from that registry.

Anyone can advice on this? Thanks


----------

