1 / 29

The Registry

The Registry. 4 February 2004. The Registry. A hierarchical database containing information Hardware Software Device drivers Network protocols User configuration needed by the OS and applications. Components That Use Windows XP Registry. Setup programs for devices and applications

dara
Download Presentation

The Registry

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Registry 4 February 2004

  2. The Registry • A hierarchical database containing information • Hardware • Software • Device drivers • Network protocols • User configuration needed by the OS and applications

  3. Components That UseWindows XP Registry • Setup programs for devices and applications • User profiles maintained/used by OS • Files active when Ntldr loading the OS • Device drivers • Hardware profiles • Application programs

  4. Setup Programs For Devices/Apps • Record configuration information in the registry • Query registry for information needed to install drivers and applications

  5. User Profiles Maintained &Used by the OS • Maintains user profiles that determines environment • Kept in files but written to registry when user logs on • Changes recorded to profile and rewritten to file when user logs off • OS uses this information to control user settings and other configuration settings for this specific user

  6. Files Active When Ntldr IsLoading The OS • During boot process, NTDetect.com surveys hardware devices present • Records the information in registry • Ntldr uses info from registry to load & initialize drivers for these devices • Includes the order in which to load them

  7. Device Drivers • Read & write info to and from registry each time they load • Drivers write HW configuration info to the registry • Read it to determine proper way to load

  8. Hardware Profiles • Windows can maintain multiple sets of HW configuration info called hardware profiles on one PC • Data kept in the registry • Example: Notebook with docking station • Two profiles: one docked & one undocked

  9. Application Programs • Many apps read registry for info about the location of files the program uses • Various other parameters that were stored in the .ini files under Windows 9x

  10. How The Registry Is Organized • Two ways to look at the registry • Physical Organization • Logical Organization

  11. Logical Organization of the Registry • Looks like upside-down tree • Five branches called keys or subtrees • See Fig. 10-11 p. 433. • Categories of information stored in registry • Each key made up of subtrees • Those subtrees made up of other subtrees • Last subtrees made up of values

  12. Logical Organization of the Registry • Values are lowest level on the tree • Each value has a name and data assigned to it • Data in registry always stored in values

  13. Registry Editor • Opens a Windows Explorer-type window • Shows you five keys in the registry • HKEY_CURRENT_USER • HKEY_CLASSES_ROOT • HKEY_CURRENT_CONFIG • HKEY_USERS • HKEY_LOCAL_MACHINE

  14. HKEY_CURRENT_USER • Information about the currently logged-on user • Printer settings • Desktop settings • Anything set for the current user

  15. HKEY_CLASSES_ROOT • Information about software and the way software is configured • Points to data stored in HKEY_LOCAL_MACHINE

  16. HKEY_CURRENT_CONFIG • Information about the active hardware configuration • Extracted from data stored in HKEY_LOCAL_MACHINE subkeys SOFTWARE and SYSTEM

  17. HKEY_USERS • Information used to build the logon screen and ID of currently logged-on user

  18. HKEY_LOCAL_MACHINE • All configuration data about the computer • Information about device drivers and devices used at startup • Information in this key does not change when different users are logged on

  19. Physical Organization of the Registry • Quite different from logical organization • Physically stored in five files called hives • No one-to-one relation to the subtrees, even though there are five of each • See Fig. 10-13 p. 425.

  20. HKEY_LOCAL_MACHINE • Stored in four hives • SAM hive • Security hive • Software hive • System hive

  21. HKEY_CURRENT_CONFIG • Data kept in portions of two hives • Software hive • System hive • Subtree uses data stored in the HKEY_LOCAL_MACHINE subtree

  22. HKEY_CLASSES_ROOT • Data kept in a portion of the Software hive • Subtree uses data stored in the HKEY_LOCAL_MACHINE subtree

  23. HKEY_USERS • Kept in the default hive

  24. HKEY_CURRENT_USER • Kept in a portion of the default hive • Is a subset of the data in HKEY_USERS subtree

  25. Physical vs. Logical • Don’t let physical configuration cloud view of the logical organization • Even though some data is subset of other data, no subkey is subordinate to another in the five subkeys • Registry hives stored as a group of files in \%SystemRoot%\system32\config folder • Physically, each hive is a file, backed up with logfile in same folder

  26. Editing The Registry • Registry is modified automatically when changes made in • Control Panel • Device Manager • Many other places in Windows NT/2000/XP • Usually that is all the change ever needed • Rarely, at the direction of Microsoft tech support, manual changes are necessary

  27. Editing The Registry • This might include removing references to viruses or worms • Changes are immediate and permanent • Always back up the registry before you make any changes, in case something goes wrong! • When you do a backup of the system state after an installation, you also make a copy of the registry

  28. Editing The Registry • Two editors • Regedit32.exe • Each key shown in separate window • Used to edit the registry • Regedit.exe • All keys shown in same window • Used to view the registry • Similar look and feel as Explorer

More Related