Home Page Icon
Home Page
Table of Contents for
Managing the Windows 2000 Registry
Close
Managing the Windows 2000 Registry
by Paul Robichaux
Managing The Windows 2000 Registry
Managing the Windows 2000 Registry
Preface
Keys and Values and Classes, Oh My!
Who’s This Book For?
How This Book Is Organized
Conventions Used in This Book
Comments and Questions
Acknowledgments
1. A Gentle Introduction to the Registry
A Brief History of the Registry
Windows 3.0
The First Registry: Windows 3.1
Windows NT 3.1, 3.5, and 3.51
Windows 95 and 98
Windows NT 4.0
Windows 2000
What Does the Registry Do?
It Holds Lots of Important Stuff
Hardware configuration data
Driver parameters and settings
Dynamic data
User profiles and user-specific settings
System and group policies
OLE, ActiveX, and COM
Application settings
Advantages Offered by the Registry
It Keeps Everything Tidy
It Provides Security
It Allows Remote Management
Registry Zen
2. Registry Nuts and Bolts
How the Registry Is Structured
The Basics
Root keys
Subkeys
Values
Hives
Links
Registry road map
The Big Six
HKEY_LOCAL_MACHINE
HKEY_USERS
HKEY_CURRENT_USER
HKEY_CLASSES_ROOT
HKEY_PERFORMANCE_DATA
HKEY_CURRENT_CONFIG
Hives and Files
Access Controls and Security
Control via Registry APIs
Remote-access control
OS-level security controls
System Key Security (SYSKEY)
Major Datatypes
REG_DWORD
REG_SZ
REG_MULTI_SZ
REG_EXPAND_SZ
REG_BINARY
REG_LINK
REG_QWORD
Minor Datatypes
REG_NONE
REG_DWORD_BIG_ENDIAN
REG_FULL_RESOURCE_DESCRIPTOR
REG_RESOURCE_LIST
What Goes in the Registry
Major Subkeys of HKLM
HARDWARE
SECURITY
SOFTWARE
SOFTWAREPolicies
SYSTEM
SYSTEMCurrentControlSet
Major Subkeys of HKCU
AppEvents
Console
Control Panel
Environment
Identities
Keyboard Layout
Printers
Remote Access
Software
SYSTEM
Other
Major Subkeys of HKCC
What About the Other Root Keys?
Getting Data In and Out
3. In Case of Emergency
Don’t Panic!
Safety Strategies
Make Backups
Be Prudent
All About Emergency Repair Disks
What Is an ERD?
What ERDs Can and Can’t Do
How to Make an ERD
Using Windows 2000 Backup
Using NT’s RDISK utility
How to Repair Your Registry with an ERD
Using the Windows 2000 setup utility
Using the Windows 2000 recovery console
Using RegEdt32
Using NT ’s setup application
Backing Up the Registry
But What Needs Backing Up?
The Old-Fashioned Way
Using Windows 2000 Backup
Using Windows NT Backup
Using REGBACK
Using RegEdt32
Using Text Files
Using RegEdt32
Using REGDUMP
Using RegEdit
Restoring a Backed-up Registry
The Old-Fashioned Way
Using Windows 2000 Backup
Using REGREST
Using RegEdt32 and RegEdit
Loading hives
Reloading saved keys
Using RegEdit files
4. Using RegEdit
Know Your Limitations
Learning the RegEdit Interface
Don’t I Know You from Somewhere?
Interface Trivia
“Just Browsing, Thanks”
Navigating with the Keyboard
Using the Context Menu
Connecting to Other Machines’ Registries
Searching for Keys and Values
Printing Registry Contents
Working with Keys and Values
A Word About the Clipboard
Modifying Values
Modifying a string value
Modifying a DWORD value
Modifying a binary value
Adding New Keys or Values
Deleting Keys or Values
Renaming Keys or Values
What Were They Thinking, or, the Favorites Menu
Exporting and Importing Data
What’s in a .REG File?
Exporting Registry Data
Importing Registry Data
Creating Your Own .REG Files
A concrete example
Safely experimenting with .REG files
RegEdit Command-Line Options
Exporting Data
Importing Data
5. Using RegEdt32
How RegEdt32 and RegEdit Differ
Learning the RegEdt32 Interface
Manipulating Windows
Controlling What You See
Setting Session Options
Browsing with RegEdt32
Navigating with the Keyboard
Remote Registry Editing
Connecting to Remote Computers
Searching for Keys
Saving and Loading Registry Keys
Saving Keys
Restoring Keys
Loading Saved Keys as Hives
Saving as Text
Providing an Improvised Clipboard
A True Story
Printing Registry Contents
Editing Keys and Values
Viewing Values as Binary Data
Modifying Values
Modifying a string value
Modifying a DWORD value
Modifying a multiple-string value
Modifying a binary value
Modifying a value of a different type
Adding New Keys or Values
Adding new keys
Adding new values
Deleting Keys and Values
Registry Security Fundamentals
Basic Registry Permissions
Applying ACLs
Securing Registry Keys in Windows 2000
Setting Permissions
Adding, removing, and changing ACE entries
Seeing and controlling permission inheritance
Auditing Registry Activity
Adding, removing, and changing auditing entries
Seeing and controlling audit control inheritance
Changing Key Ownership
Securing Registry Keys in Windows NT
Setting Permissions
Auditing Registry Key Activity
Enabling auditing on an NT machine
Telling RegEdt32 what to audit
Reviewing the audit records
Changing Key Ownership
6. Using the System Policy Editor
All About System Policies
Why Is This in a Windows 2000 Book?
What’s a Policy?
Categories contain one or more policies
Policies are made of parts
How are policies defined?
User versus machine policies
How Are Policies Stored?
How Are Policies Applied?
The default policy
Applying computer and user policies
Applying group policies
Introducing the System Policy Editor
Learning the System Policy Editor Interface
Controlling what you see
Navigating in the policy window
Managing Policies with POLEDIT
Attaching Policy Templates
Creating Policies
Creating a new policy file
Creating a new user policy
Creating a new computer policy
Creating a new group policy
Editing Policies
Setting user, group, and computer policy options
Removing user policies
Policies and the clipboard
Setting group policy priorities
Saving and Loading Policies
Creating Your Own Policy Templates
Distributing Policies
Applying Policies to One Machine at a Time
Setting policies on the local machine
Setting policies on other computers
Applying Policies to Many Machines
Enabling automatic policy updates
Windows NT policies
Windows 95/98 policies
Windows 2000 policies
Supporting multiple domain controllers
Preventing Policy Problems
Make sure the files are in the right place
Is automatic updating on?
Implement policies in all domains or none
Check group membership and names
Verify which policies are in effect
What’s in the Standard Policy Templates
WINNT.ADM
COMMON.ADM
WINDOWS.ADM
Picking the Right Policies
Policies for Anybody
Policies for a Lab Network
Policies for an “Ordinary” Office
7. Using Group Policies
What Are Group Policies?
Elements of a Group Policy
User Versus Machine Policies
Defining Group Policy Objects
The local GPO
Policies and the Active Directory
How Are Policies Stored?
The structure of the Group Policy Template
How Are Policies Applied?
Applying computer and user policies
Order of policy file application
Introducing the Group Policy Snap-in
Adding the Group Policy Snap-in
Learning the Group Policy Snap-in Interface
Controlling what you see
Navigating the console tree
Viewing policy properties
Managing Policies
What Is an Administrative Template?
Adding Administrative Templates
Editing Policies
Creating Your Own Administrative Templates
Distributing Policies
Understanding How Effective Policies Are Calculated
Policy Inheritance
Managing Dispersal Through Group Policy Policies
Setting Single Computer Group Policies
Setting Nonlocal Group Policies
What’s in the Standard Policy Templates?
8. Programming with the Registry
The Registry API
API Concepts and Conventions
Input and output parameters
Registry error codes
Why some calls have names ending in “Ex”
“Happy families are all alike”
New and exciting datatypes
New routines = new datatypes
User-specific keys
An extremely brief example
Opening and Closing Keys
Opening keys
Opening a key while impersonating another user
Opening the user’s class data
Closing keys
Creating Keys
Getting Information About Keys
Enumerating Keys and Values
Enumeration strategies
Enumerating keys
Enumerating values
Getting Registry Data
Getting a single value
Getting multiple values
Adding and Modifying Values
Deleting Keys and Values
Deleting a key
Deleting a value
Using Registry Security Information
Setting an item’s security information
Connecting to Remote Computers
Moving Keys to and from Hives
Saving keys
Loading keys
Replacing a loaded key
Unloading a key
Getting Notification When Something Changes
Flushing Registry Changes
The Shell Utility API Routines
Working with File Associations
Getting a file association key from the Registry
Getting a pointer to the IQueryAssociations interface
Copying and Deleting Keys and Values
Getting Key and Value Information
Querying keys and values
Getting and setting values
Enumerating Keys and Values
Working with User-Specific Keys
Creating and removing keys
Opening and closing keys
Getting key and value information
Reading values
Writing and deleting values
Leftovers
Programming with C/C++
Example: Watching a Key for Changes
How the code works
Possible enhancements
Example: A Stack-Based Wrapper Class
How the code works
Possible enhancements
Example: Loading a Control with a Set of Values
Programming with Perl
The Win32API::RegXXX Functions
When to use them
The Win32::TieRegistry Module
A few Perl-isms
The code in detail
Opening and closing keys and retrieving values
Creating, adding, and modifying keys and values
Enumerating keys and values
Deleting keys and values
Saving and loading keys
Mixing Win32API::Registry and Win32::TieRegistry
Example: Walking the Registry
Programming with Visual Basic
Talking with the Outside World in VB
DLL interfaces
A few more subtleties
Using the Registry with VB
The VBA functions
Using WINREG.BAS
Example: A RegEdit Clone
Creating the initial tree
Expanding the tree
Displaying values
9. Administering the Registry
Setting Defaults for New User Accounts
Under Windows 2000
Under Windows NT
Using Initialization File Mapping
How Does Mapping Work?
Setting Up Your Own Mappings
Adding the mapping key
Mapping key tricks
A mapping sample
Limiting Remote Registry Access
Turning Off Remote Access Entirely
Limiting Access to Authorized Users
Creating the restriction key
Setting permissions on the restriction key
Allowing exceptions
Fixing Registry Security ACLs in Windows NT
Adding Registry ACLs to Group Policy Objects
Encrypting HKLMSAM with SYSKEY
What SYSKEY Does
Before You Enable SYSKEY on Windows NT
“What I tell you three times is true”
Upgrading domain controllers
Turning On SYSKEY Protection
Changing the Key Storage Method
Restoring a SYSKEY-Protected NT Registry
Restore SYSTEM and SAM hives
Get the right system components
Which ERD should I use?
Miscellaneous Good Stuff
Changing the Registry Size
Auditing Registry Access
Making sense of the audit log
Tracking software installations or reinstallations
Guarding against Trojan horses
Using the Resource Kit Registry Utilities
The Windows 2000 Resource Kit
The Windows NT Resource Kit
reg: The One-Size-Fits-All Registry Tool
Using the Windows 2000 Version of reg
Querying keys
Adding keys and values
Deleting keys and values
Copying keys and values
Saving and restoring keys
Loading and unloading hives
Comparing keys and values
Exporting and importing Registry data
Using the Windows NT Version of reg
Querying keys
Adding new keys
Updating existing keys
Removing a key
Copying keys and values
Saving and restoring keys
Loading and unloading hives
Comparing Keys and Values with COMPREG
Searching for Keys with regfind
Spying on the Registry with RegMon
Learning the RegMon Interface
Controlling what you see
Some other useful Edit menu commands
Capturing and Filtering
Turning capture on and off
Using capture filters
Saving your captured data
Logging boot-to-boot activity
10. Registry Tweaks
User Interface Tweaks
Add Your Own “Tip of the Day”
Disable Window Animations
Speed Up the Taskbar
Enable Tab for Filename Completion
Run a Different Screen Saver While Waiting for a Logon
Enable X Window-Style “Auto Raise”
Enable “Snap to Default Button”
Suppress Error Messages During Boot and Logon
Set NUMLOCK Key During Startup
Display Version Number
Filesystem Tweaks
Change Low Disk Space Warning Threshold
Use Longer File Extensions
Turn Off CD-ROM AutoRun
Suppress “Last Access” Timestamp on NTFS Volumes
Security Tweaks
Clear the System Pagefile at Shutdown
Prevent Caching of Logon Credentials
Turn Off “Save Password” Option in Dial-Up Networking
Prevent Users from Changing Network Drive Mappings
Control Who Can See Performance Monitor Data
Control Which Drives Are Visible Throughout the System
Change When the Password Expiration Warning Appears
Allow Members of the Printer Operators Group to Add Printers
Set the Number of Authentication Retries for Dial-Up Connections
Keep Users from Changing Video Resolutions
Set the Authentication Timeout for Dial-Up Connections
Keep Remote Users from Sharing a Mounted CD-ROM or Floppy
Keep Users from Customizing “My Computer”
Performance Tweaks
Automatically Delete Cached User Profiles
Enable Automatic Reboot After a Crash
Record Evidence of a Crash
Enabling Automatic Logon After Boot
Power Off at Shutdown
Force Hung Tasks to End When Logging Off
Set a Time Limit for Shutting Down Tasks
Speed Up System Shutdowns
Automatically Try to Detect Slow Network Connections
Don’t Automatically Create 8.3 Names on NTFS Volumes
Disable the Printer Browse Thread
Forcibly Recover a Crashed PDC
Hiding Servers from Network Computers
Network Tweaks
Create a Shared Favorites Folder for All Network Users
Automatically Use Dial-Up Networking to Log On
Enable the WINS Proxy Agent
Set the Number of Rings for Answering Incoming Dial-Up Networking Calls
Turn On Logging for Dial-Up Networking
Keep a Dial-Up Networking Connection up After You Log Out
Set the Dial-Up Networking Automatic Disconnect Timer
Printing Tweaks
Keep the Print Spool Service from Popping Up Dialogs
Change the Print Spool Directory
Stop Print Job Logging in Event Log
11. The Registry Documented
What’s Here and What’s Not
HKLMHARDWARE
HARDWAREDESCRIPTION
HARDWAREDEVICEMAP
HARDWARERESOURCEMAP
HKLMSOFTWARE
SOFTWAREClassesCLSID
SOFTWAREMicrosoft
MicrosoftActiveSetup
MicrosoftCryptography
Microsoft NtBackup
MicrosoftRAS
SOFTWAREMicrosoftWindows NT
CurrentVersion AeDebug
Multimedia driver stuff
CurrentVersionNetwork Cards
CurrentVersion ProfileList
CurrentVersion Shutdown
CurrentVersionWinlogon
HKLMSYSTEM
SYSTEMCurrentControlSetHardware Profiles
SYSTEMCurrentControlSetControl
ControlBackupRestore
ControlBootVerificationProgram
ControlClass
ControlCrashControl
ControlEnum
ControlFileSystem
ControlHivelist
ControlLSA
ControlPrint
ControlSecurePipeServers
ControlSession Manager
ControlSession Manager Memory Management
SYSTEMCurrentControlSetServices
ServicesBrowser
ServicesDHCPServer
ServicesEventLog
ServicesLanmanServer
ServicesNetBt
ServicesNetlogon
ServicesRasMan
ServicesReplicator
ServicesTcpip
HKU
HKU.DEFAULT
HKUsid
HKCR
HKCRext
HKCR fileType
HKCRCLSID
HKCU
HKCU AppEvents
HKCUConsole
HKCUControl Panel Items
HKCUEnvironment
HKCUPrinters
HKCUSoftwareMicrosoft
Microsoft NtBackup
Microsoft RAS Autodial
MicrosoftRAS Monitor
MicrosoftRAS Phonebook
MicrosoftWindowsCurrentVersion
MicrosoftWindows NTCurrentVersion
HKCUMicrosoftWindows NTCurrentVersion
HKCC
HKDD
A. User Configuration Group Policy Objects
Administrative Templates
Windows Components
NetMeeting
Internet Explorer
Internet Control Panel
Offline Pages
Browser Menus
Toolbars
Persistance Behavior
Administrator Approved Controls
Windows Explorer
Common Open File Dialog
Microsoft Management Console
Restricted/Permitted snap-ins
Task Scheduler
Windows Installer
Start Menu & Taskbar
Desktop
Active Directory
Active Desktop
Control Panel
Add/Remove Programs
Display
Printers
Regional Options
Network
Offline Files
Network and Dial-up Connections
System
Logon/Logoff
Group Policy
B. Computer Configuration Group Policy Objects
Windows Settings
Security Settings
Restricted Groups
System Services
Registry
File System
Account Policies
Password Policies
Account Lockout Policy
Kerberos Policy
Local Policies
Audit Policy
User Rights Assignment
Security Options
Event Log
Settings for Event Logs
Administrative Templates
Windows Components
NetMeeting
Internet Explorer
Task Scheduler
Windows Installer
System
Logon
Disk Quotas
DNS Client
Group Policy
Windows File Protection
Network
Offline Files
Network & Dial-Up Connections
Printers
Index
Colophon
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Cover
Next
Next Chapter
Preface
Managing the Windows 2000 Registry
Paul Robichaux
Editor
Robert Denn
Copyright © 2000 O'Reilly Media, Inc.
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset