How do I restrict access to REGEDIT to regular User?

Yes, the changes would (should) only apply to the local account but I'm guessing the OP doesn't want those changed as well.

To prevent unauthorized persons from running certain programs, just change the name of the program.
I've used that many times in the past, even on my Commodore 64. :)

Cheers Mates!
TechnoMage

PS: To change a file's name, you will probably have to "Take Ownership" of that file.
The program "Grant Admin Full Control" will do that for you. It's FREE!

macster2075 said:

So nobody knows why Windows 10 is allowing for a regular user account to have access to the registry?
--- If we could call on the MSFT gods, I'm sure they know but I doubt they'd let us know.
I mean, this was not the case in previous Windows OS..access to the registry has always been Admin access ONLY.
--- I believe you are correct but I don't know which was the last version it worked that way.

According to this article "Running commands like Regedit as a standard user"
Running commands like Regedit as a standard user
it states "I can view and change values under "Current User", but only can view values under "Local Machine" (cannot change)."
--- Although it's for Windows 7, test it out on your Windows 10.
--- Look for values in hives other than Local Machine and see if that statement is true.
--- Determine whether or not viewing and changing values are only possible under Current User.
BTW, Ix07 & sygnus21 have mentioned those items (maybe also others on previous pages but I don't know how to go back to double-check while posting this information).
--- So hopefully a standard user really is has limited capabilities
--- If you do evaluate what that article points out, please let us know what you find out.

EDIT: I just created a local account and the statement "it states "I can view and change values under "Current User", but only can view values under "Local Machine" (cannot change)." appears to be true. I really didn't want to make changes since I don't know what I would want to experiment with on what to change.
--- However, the ability to change values under "Current User" makes sense
--- Delving into Local Machine brought "xxx cannot be opened" which amounts to being unable to make changes.
Checking the remaining hives, it appears to be able to modify some of the folder contents but I wasn't about to play with any of them.
--- If you find something in the remaining hives to modify an entry your way: please let us know how it goes.

macster2075 said:

My problem is that if I log into the regular user account.. I can go straight into regedit without any prompts at all and it has full access.. however, if I try to access gpedit.msc, I am prompted to enter admin password.
Thank you.

Although this is an old post, there is a definite need for this solution in regards to Parental Controls.

I should point out that although a Standard User can open the Registry Editor by default, they DO NOT have full access. They can make changes that they normally could using the GUI. For example, try accessing the HKEY_LOCAL_MACHINE and you'll find yourself being denied access.

Aside from setting up my eldest sons profile as a Standard User and setting up the Family Group in order to leverage the limited parental controls Microsoft currently is capable of for Windows 10, I disabled the Registry Editor as well to thwart any attempts to bypass my restrictions. https://account.microsoft.com/family/about

How to disable the Registry Editor in Windows 10?

Assuming you have an Admin account or the built-in Administrator enabled and password protected [highly recommended]...

The easiest way is using the Local Group Policy Editor.

1. Sign in using the Standard Account you wish to restrict
2. Press the Windows logo key (or click the Start button) and type gpedit.msc
3. Right-click on gpedit.msc and select Run as administrator
   
   • ​Enter your Admin credentials when prompted
   
   
4. Navigate to and select Local Computer Policy > User Configuration > Administrative Templates > System
5. in the right pane, double-click on Prevent access to registry editing tools
   
   • Click the Enabled radio button
   • Verify under Options that the drop-down has Yes selected and then click OK
   
   
6. ​Press the Windows logo key (or click the Start button) and type reg
   
   • ​Click Registry Editor from the search results and you should be presented with a message indicating the "Registry editing has been disabled by your administrator".
   • Now you can close the Local Group Policy Editor and log off of the Standard User account.

When you need to manage the Registry under the Standard User account, you need only run it as an administrator like you would anything else.

Keep an eye out for any related issues that might occur under normal User related usage. If you identify that the User cannot make User related changes, this may be due to this policy restriction. It's a good idea to test it out by making some simple changes like display settings, folder viewing options and so forth.

zero,

All discussion is worthwhile but -

zero269 said:

How to disable the Registry Editor in Windows 10?

Your procedure only applies to Windows 10 Pro

zero269 said:

...or the built-in Administrator enabled and password protected [highly recommended]...

No, enabling the BuiltIn Admin account is not highly recommended but should only be done when necessary and never when connected to the internet.
No, password protecting, or making any other changes to, the BuiltIn Admin account is not highly recommended

Denis

@macster2075 -

Might I suggest these resources...

How to Disable Access to the Windows Registry

How to block access to Windows 10's Registry | Windows Central

How to Enable or Prevent access to Registry Editor in Windows 10

HTH