When using "reg.exe" on the command line, when using the "reg.exe save" subcommand, i get the error message...
"FEHLER: Dem Client fehlt ein erforderliches Recht."
which most probably in english would read:
"ERROR: The Client is missing a necessary right."
When i use other subcommands, for example "reg.exe query", the thing works correctly. When i write files in the destination directory, for example by "copy x y", the thing works correctly (the user account has "full access" in the destination directory). When i do the same action via the "regedit.exe" user interface, the thing works correctly.
Circumstances: The usage of said "reg.exe save" command occurs in certain batch files on my system. The errorneous behavior was not always there. It startet sometimes in the frame of one year ago. I didn't realize this error until today in the context of errorneous behavior of some other program that i could backtrack to this errorneous "reg.exe" behavior. The last date the affected reg file was written is 2022-04-19. Since i didn't used the affected batch file daily, i assume the onset shortly after that date.
Circumstances II: The onset of the errorneous behavior is probably connected with some administrative work on the operating system. This system is (always was) highly hardened against malware and accidental misconduct of users: Strict rights control, most ease-of-use automatisms switched off, WXE policy, minimized attack surface. Sometimes around the onset of the problem at hand, there were reports of some new attack vectors reported on the internet, which i took seriously reducing vulnerable points in this system.
Sadly, i do not recall the exact security matter, the exact time and the exact measures i took at that time, since those looked as only having secondary impact. Which... well... is just as it turned out. Only this very secondary action of "reg.exe save" is obviously what does not work anymore, and only coming to my focus after half a year or so.
===================
Thus, the resulting question is: What circumstance leads to the error message of "missing right" in "reg.exe", subcommand "save", when it is NOT caused by missing rights for reading the registry and NOT by missing rights in the file system at the destination. And NOT by the action of writing some registry trees to files as such, since "regedit.exe" does work perfectly well and is able to do the action via the user gui.
Most probably - judging from my usual measurements on vulnerabilities in the operating system - some system service or some file in the windows directory could have been restricted, which under the hood are required by the "reg.exe save" subcommand AND NOT, for example, by the "reg.exe query" or "reg.exe load" subcommand.
