1
|
- Working with the Windows XP Registry
|
2
|
- Understand the function and structure of the Registry
- Describe the purpose of each of the five Registry keys and the hive
files to which some of them map
- Use the Registry editor and various other Registry
|
3
|
- Understand default Registry sizing techniques and limits on Registry
size
- Understand the fault-tolerance mechanisms for the Registry
- Back up and restore the Registry
|
4
|
- Registry
- The hierarchical database of system configuration data essential to the
health and operation of a Windows XP system
- Contains most of the control and functional settings for Windows XP
core elements, services, and native applications
|
5
|
- The Registry is divided into keys and subkeys
- Each Registry key is similar to a bracketed heading in an .ini file and
represents a top-level container in the Registry hierarchy
- Each key must contain at least one or more lower-level keys called subkeys
|
6
|
- Value entry
- Named parameter or placeholder for a control setting or configuration
data
- Value
- Actual piece of data held by a value entry
|
7
|
- Hive
- Discrete body of Registry keys, subkeys, and values stored in a file
|
8
|
- The data type of a value entry informs the Registry how store the value
- Data type
- Setting on a Registry value that defines the data format of the stored
information
|
9
|
|
10
|
- The data types supported by windows 2000:
- REG_BINARY
- REG_DWORD
- REG_SZ
- REG_MULTI_SZ
- REG_EXPAND_SZ
|
11
|
- The data types supported by windows 2000 (cont.):
- REG_FULL_RESOURCE_DESCRIPTOR
- REG_DWORD_LITTLE_ENDIAN
- REG_DWORD_BIG_ENDIAN
- REG_LINK
|
12
|
- Important concepts to keep in mind about the Registry:
- Keys are the top-level, or root, divisions of the Registry
- Keys contain one or more subkeys
- Any subkey can contain one or more subkeys
- Any subkey can contain one or more value entries
|
13
|
- Contains the value entries that control the local computer
|
14
|
- HKEY_LOCAL_MACHINE\HARDWARE
- Container for data related directly to physical devices installed on a
computer
- HKEY_LOCAL_MACHINE\SAM
- Hive that contains data related to security
- The Security Accounts Manager (SAM) database is stored in this key
|
15
|
- HKEY_LOCAL_MACHINE\SECURITY
- Container for the local security policy
- HKEY_LOCAL_MACHINE\SOFTWARE
- Container for data about installed software and mapped file extensions
- HKEY_LOCAL_MACHINE\SYSTEM
- Container for the information required to boot Windows XP
|
16
|
|
17
|
- Container for data pertaining to hardware profile currently in use
|
18
|
|
19
|
|
20
|
- In some Registries, you may occasionally run across this other main key
- Appears only on machines with either:
- Windows 95
- Windows 98 applications that use older versions of Plug and Play to
detect and track hardware devices as they enter or leave a system
|
21
|
- Regedit
- Reg
- Special command-line utility that users, programs, or the operating
system can use to access, inspect, create, or modify Registry keys
|
22
|
|
23
|
|
24
|
- Precautions when making changes to in the Registry:
- Back up all important data on the computer before editing the Registry
- Making a distinct backup of all or part of the Registry
- Reboot the machine before editing the Registry
|
25
|
- Precautions when making changes to in the Registry (cont.):
- Perform only a single Registry modification at a time
- Reboot immediately after each change to force full system compliance
- Always test changes on a nonproduction system hosting noncritical
services before deploying on production systems
|
26
|
- The Registry is stored in active memory for quick and easy accessibility
while the operating system is functioning
- Resides in the paged pool portion of memory
- This means it can be swapped out to disk when not in use
|
27
|
- As your system ages and configurations evolve over time, many changes
will accumulate in the Registry, causing its size to increase
- The initial size of the Registry on a Windows XP Professional system is
around 10 MB
- To prevent the Registry from consuming too much memory, Windows XP
imposes the Registry Size Limit (RSL)
|
28
|
|
29
|
|
30
|
- Four extensions used by the Registry storage files to identify the
purpose or function of the file:
- No extension
- .alt
- .log
- .sav
|
31
|
- If the Registry becomes corrupted or destroyed, Windows XP cannot
function or even boot
- Several mechanisms have been established to prevent the Registry from
becoming damaged or to repair minor problems automatically
- The fault tolerance of the Registry is sustained by its structure,
memory residence, and transaction logs
|
32
|
- Flush
- Copy procedure to update the files on the hard drive with the new
settings stored in the memory-resident version of the Registry
- Transaction logs
- Files wherein the systems records edits, changes, and alterations to
the Registry
|
33
|
- Most Windows XP backup applications include support for full Registry
backups
- Regedit can be used to save all or part of the Registry to distinct
files
- Make a copy of the %systemroot%\WINDOWS-\system32\config and
%systemroot%\WINDOWS-\repair directories manually
- Employ the Microsoft Windows XP Professional Resource Kit tools Reg.exe
or Regback.exe
|
34
|
- You have several options for restoring the Registry, depending on the
method used to make a backup
- Windows XP itself attempts to maintain a functional Registry
- Last Known Good Configuration (LKGC)
- State of the Registry stored in one of the control sets when the last
successful user logon occurred
|
35
|
- If the LKGC fails to restore normal system functions, you have only two
options:
- Use your backup software to restore the Registry files
- Reinstall Windows XP, either fully or as an upgrade
|
36
|
- Some of the key utilities include:
- Regdump.exe
- Regfind.exe
- Compreg.exe
- Regini.exe
|
37
|
- Some of the key utilities include (cont.):
- Regback.exe
- Regrest.exe
- Scanreg.exe
|
38
|
- The Windows XP Registry is a complex structure consisting of keys,
subkeys, values, and value entries
- The Registry should be manipulated with extreme caution
- Windows XP maintains a functional registry through several
fault-tolerant measures
- The Registry is divided into five main keys
|
39
|
- Windows XP includes two Registry editors:
- The graphical Regedit.exe
- The command-line Reg.exe utility
- As part of your normal system maintenance and administration, you should
create copies of the registry
|