Windows IT Pro
Windows IT Library
  - Advertise        
Windows IT Pro Logo

  Home  |   Books  |   Chapters  |   Topics  |   Authors  |   Book Reviews  |   Whitepapers  |   About Us  |   Contact Us

search for  on    power search   help
 






Understanding and Using the NT Registry
View the book table of contents
Author: Beth Sheresh
Doug Sheresh
Robert Cowart
Published: April 1999
Copyright: 1999
Publisher: IDG Books
 


Abstract This chapter introduces you to the dangers and benefits of working with the Windows NT registry. You will learn how to examine and modify the registry using the Registry Editor utility.

Did you ever try to build a house of cards? If so, I’ll bet you paid lots of attention to creating the most solid foundation possible to support the upper levels. Each card on the lower deck essentially became a load-bearing wall of your 52-card masterpiece. By making these cards lean and depend on each other, you created a structure that might even withstand a curious poke from the paw of your cat.

Now, imagine removing just one of the cards on the lowest level. With a combination of luck and skill, you can get away with it, perhaps only causing the structure to lean a bit. However, dislodge or take away another card, and you’ll probably play “52-Pickup.” Because all of the cards that make up the foundation play critical roles in supporting the overall structure, and because many of them depend on each other to function properly, the whole house comes tumbling down.

Windows NT Server is a very stable, robust operating system. Just as any other structure, it has a foundation—called the registry (or more formally, the registry database or registration database). If you start pulling individual parts out of that foundation or replacing pieces with inferior elements, you can make NT lose its balance and even come crashing down. Parts of the registry depend on each other. If you remove one value, it can have a cascading, ill effect on many others. For example, a seemingly innocent change or deletion in your network adapter configuration can cause the transport protocols, server, redirector, and numerous other services to fall over dead.

Most of the configuration changes that you’ll make to the operating system will be through Control Panel, described in Chapter 8, and other administrative tools. These applications offer a relatively safe way to make changes to the registry. However, there will be times when you must change the registry in order to modify settings that aren’t handled by the standard user interface, alter configurations of remote computers, or fix a problem under the direction of a product support specialist. Doing so without totally destroying your computer’s configuration requires a combination of knowledge, practice, and contingency planning.

In this chapter, you’ll learn about the Windows NT Server registry, where virtually all of the operating system and application configuration data is stored. I’ll show you how to examine and modify it using the Registry Editor utility. You’ll read so many warnings about the risks of editing your registry that you’ll begin to believe it’s as bad as a combination of tobacco, alcohol, fatty foods, caffeine, tornadoes, and swimming right after eating.

Caution: Whenever possible, use tools such as Control Panel and User Manager for Domains, rather than the Registry Editor, to change your computer’s configuration. Even the most experienced Windows NT Server administrator sometimes renders his or her computer completely unbootable by editing the NT registry directly. The key to success is planning to allow for quick recovery from a registry misstep. Make frequent backups of the registry (as discussed in Chapter 9), update your Emergency Repair Disk (as discussed in Chapter 8), and know how to quickly recover a computer that won’t boot (as discussed in Chapter 3).

Caution: I can’t adequately emphasize the point that making changes to the registry can render your computer unbootable. In the worst case, you’ll have to completely reinstall Windows NT Server to recover. If you plan properly, you won’t need to take this drastic step. Perform all registry editing at your own risk.

You’ll find that working with the registry is a necessary evil if you want to be an expert NT administrator. Microsoft’s own online Help files, product support personnel, and technical notes for sidestepping common problems all point you to specific locations in the registry. Without registry skills, you won’t be able to take advantage of these important resources. So take a few deep breaths, and let’s get started.


INTRODUCING THE WINDOWS NT REGISTRY

So what exactly is this registry? It’s a hierarchical database containing virtually all of the configuration information that used to be CONFIG.SYS, AUTOEXEC.BAT, WIN.INI, SYSTEM.INI, CONTROL.INI, PROTOCOL.INI, LANMAN.INI, and other configuration files. Microsoft has rolled all of this information under one roof and has provided a single database editor to deal with it. (I show you how to use the Registry Editor utility later in this chapter.)

Note: As with many other parts of NT 4.0, the registry approach has evolved over time. It was first introduced with Windows 3.1, in which some information was stored in INI files and some in the registry. Today, NT stores everything in the registry but provides physical manifestations of a few INI files for those older Windows applications that need them to run. Writing to these INI files automatically changes the registry.

Both Windows NT and Windows 95 use registry databases to store most of their configuration information. Although the underlying format of the two databases is the same, the contents differ.

Caution: Since NT 4.0 can’t be installed as an upgrade from Windows 95, you may be tempted to copy the Windows 95 registry database to NT. Don’t do it. It won’t work. Even though there are similarities between the two registries, there are plenty of critical differences. If you want your Windows 95 applications to show up when running NT, reinstall them while running NT.

The registry database has some fault tolerance built into it. If the computer loses power or crashes while the registry is being edited, log files are maintained that allow NT to recover it to a good state by fixing any damage. (Of course, it doesn’t recover itself from an invalid change that you might make to the registry. That’s up to you to avoid.)

The structure of the registry is probably most closely related to what you’ve seen in Windows INI files. It contains sections that describe all of the details of your hardware configuration, desktop settings, application settings, your user account, and a bunch of other things. The registry goes beyond the INI file concept by allowing a hierarchical structure, similar to folders and files on disk. In fact, you refer to paths to the elements in the registry just like folders and files, as you’ll see later in this chapter. What’s more, the registry itself contains multiple versions of this information, allowing you to recover a previous version if you make a wrong move and render your computer unbootable.

If you’ve worked with DOS and Windows before, you’ve probably often wished that you had an easy way of saving copies of all your configuration files before installing new drivers or applications. Perhaps you’ve created an elaborate scheme to do this, only to find that you didn’t include all of the configuration files that you needed. The NT registry simplifies your life, at least in this respect.


INTRODUCING THE REGISTRY EDITOR

The Registry Editor is a graphical utility that enables you to view, search, modify, and save the NT registry database. You can think of Registry Editor as playing the same role for the registry as Notepad plays for text files. Notepad is an objective facilitator; it allows you to view, search, modify, and save text files but never examines or makes judgments about the content of the text that you’re editing. With Registry Editor, you can do the same for the registry database. In addition, just as Notepad can open and edit a file on a remote computer over the network, Registry Editor can open and edit a registry database on a remote computer.

To start Registry Editor, log on with administrator privileges and click Start Run. Type REGEDT32 and click OK. In the Registry Editor window, on the Options menu, click to select Read Only Mode. Figure 11-1 shows the resulting window.

Caution: This point is very simple but vitally important. Registry Editor doesn’t understand, recognize, or enforce rules on the values that you type. It blindly does exactly what you ask it to do, as long as you have the privileges to make the change. Be extremely careful about what you change, since you won’t be warned when you make a mistake. And be prepared to restore the old registry in case you render your computer unbootable.

Tip: Get into the habit of placing Registry Editor into read-only mode whenever you run it. Doing this will ensure that you (or someone else who walks by and uses your computer) won’t inadvertently make a catastrophic change to the registry. Take it out of read-only mode only when you are sure that you’re ready to make a correct modification. To do this, click to clear Read Only Mode on the Options menu, then make your change.

As added protection, make sure the Confirm on Delete command is always checked on the Options menu. Since it’s easy to delete certain items from the registry simply by pressing the DELETE key, requiring this confirmation avoids accidental deletions.

When you first start Registry Editor, you’ll see the five windows shown in Figure 11-1, the significance of which I explain later in this chapter. Each window represents a view of a different part of the registry database. Switch between the different windows by clicking them. You can also minimize and maximize the windows within the main Registry Editor window.

Caution: If you’ve used Windows 3.x, you may be tempted to start REGEDIT instead of REGEDT32. NT includes the 16-bit REGEDIT application purely for compatibility purposes. It allows you to edit the REG.DAT file used by WOW (Win16 on Win32 support) and Win16 applications. However, REGEDIT won’t let you edit the NT registry. REGEDT32 is required for this. You can tell if you’ve inadvertently started the 16-bit version if you see the window shown in Figure 11-2.

The windows are split down the middle. The left half displays the hierarchical structure of the database including subtrees and keys (I define these later in this chapter) and enables you to navigate easily through it. The right half provides a view of entries containing actual data values. You’ll see examples of this split later in this chapter.

Note: Folder icons are used throughout this chapter and in the Registry Editor interface itself to express the hierarchy within the registry database. Although the registry itself is actually stored in files on disk (which I discuss later), the folder icons represent a hierarchy organization within the registry files. It’s helpful to think of this database hierarchy in terms of folders, but keep in mind that these folder icons don’t represent actual folders on disk.

You expand and collapse folder icons in Registry Editor the same as you do in NT Explorer. The only real difference is that the plus and minus signs in Registry Editor appear on the folder icons, as shown in Figure 11-1. A plus (+) sign indicates that there are more items inside the folder. Double-click the + sign to expand it, and double-click the minus (–) sign to collapse it.


UNDERSTANDING NT REGISTRY STRUCTURE

Much of the terminology in the NT registry world describes the hierarchical structure of the registry database. The entire database is considered a tree, whose root is at the top. The database tree is divided into several subtrees, which I discuss in detail in the next section.


Note: Think of the registry database in terms of a folder structure. The root folder represents the entire database. A subfolder (and all of its contents) within the root folder represents a subtree.

A subtree is a tree in its own right but acts as a component of the overall database tree. Since subtrees can be nested, one subtree can contain another subtree, just as–one folder can contain another folder. Because this is a database, each node (or folder) in the tree is also called a key. Keys can have subkeys, and subkeys can have their own subkeys. Typically, the root of a subtree is called a key, and the nodes below it are called subkeys.



Page: 1, 2, 3, 4

next page



Windows IT Pro Marketplace
Measuring the ROI of Monitoring Software
Are you getting the most bang for your buck? Find out now.
Argent versus MOM 2005
Experts Pick the Best Windows Monitoring Solution
FREE Download – New Diskeeper® 2007
Your fastest computers can run even faster—try now & see for yourself!
VeriSign SSL Encryption
VeriSign SSL Certificates secure e-commerce transactions.
Featured Links
Become a Scripting Pro!
Scripting Pro VIP is committed to being your primary source for tools, techniques and downloadable code! Sign up today!
The Essential Guide to Infrastructure Consolidation
Learn the essentials about how consolidation and selected technology updates build an infrastructure that can handle change effectively.
February Special Offer
Save over $20 off Windows IT Pro magazine!
Spam Fighting and Email Security for the 21st Century
This free eBook gives you the knowledge required to understand the real threat that email-borne attacks pose, and how to address those attacks in a way that reduces risk while ensuring users aren't impacted.
Make Your Mark On The IT Community!
Nominate yourself or a peer to be the next "IT Pro of the Month." You could win over $600 in IT resources!
Beyond the Buzzword - Demystifying Virtualization TCO Improvements
Ben Smith explains how your organization can use virtualization technology to measurably improve the total cost of ownership (TCO) for servers and clients.

Windows IT Pro   |   SQL Magazine   |   Microsoft Training and Certification   |   Connected Home   |   JSI FAQ   |   IT Library/eBooks   |   Supersite for Windows   |   Windows FAQ
WinInfo News   |   Windows IT Pro Europe   |   IT Community Research   |   MSD2D   |   Windows Excavator

Subscribe / Register   |   About Us   |   Contact Us / Customer Service   |   Affiliates / Licensing   |   Press Room   |   Media Kit

Copyright © 2007 Penton Media, Inc., All rights reserved. Legal | Terms and Conditions