Working with the Registry: An Example

Working with the Registry: An Example

Now, I know you want to get in there and try it out despite the warnings, so here’s an innocuous example. Remember, it’s only innocuous if you follow the example to the letter; otherwise, it will soon be time to get out your installation disks.

That’s not just boilerplate. Don’t get mad at me if you blow up your server because you didn’t pay attention. Actually, you may be able to avoid a reinstallation if the thing that you modified was in the

CurrentControlSet _{key; Server 2003 knows that you often mess around in there, and so it keeps a}

spare. In that case, you can reboot the server and, when the boot menu prompts “Please select the operating system to start:,” press F8 for the Windows Advanced Options menu. (If you don’t have a boot menu—as would be the case if Server 2003 is the only OS on your disk—then it’s a bit of a video game, I’m afraid; try to press F8 just as the initial power-on screen for your computer appears. With a little practice it becomes easier.) One of the options you’ll get will be Last Known Good Configuration (Your Most Recent Settings That Worked). That doesn’t restore the entire Registry; it just restores the control set. Fortunately, the current control set is a lot of the Registry. It doesn’t include user-specific settings, however, like, “What color should the screen be?” Thus, if you were to set all of your screen colors to black, rendering the screen black on black (and therefore less than readable), rebooting and choosing Last Known Good Configuration wouldn’t help you.

In any case, let’s try something out, something relatively harmless. Let’s change the name of the company that you gave Server 2003 when you installed it. Suppose I decided to change my company’s name from MR&D to Bigfirm, the example that I use in much of this book. Suppose I’d already installed a bunch of Server 2003 machines and filled in MR&D when prompted for an organization. Suppose also that I want to change that so the Help/About dialog boxes say that I’m Mark Minasi of Bigfirm, but I don’t feel like reinstalling. Fortunately, the Registry Editor lets me change company names without reinstalling:

1. Open the Registry Editor. From the Start menu, choose Run.

TABLE 4.3: DATA TYPESAS DEFINEDBYTHE REGISTRY EDITOR Data Type Description

REG_BINARY Raw binary data. Data of this type usually doesn’t make sense when you look at it with the Registry Editor. Binary data shows up in hardware setup information. If there is an alternative way to enter this data other than via the Registry Editor—and I’ll discuss that in a page or two—then do it that way. Editing binary data can get you in trouble if you don’t know what you’re doing. The data is usually represented in hex for simplicity’s sake.

REG_DWORD Another binary data type, but it is 4 bytes long.

REG_EXPAND_SZ A character string of variable size, it’s often information understandable by humans, like path statements or messages. It is “expandable” in that it may contain information that will change at runtime, like %username%—a system batch variable that will be of different sizes for different people’s names.

REG_MULTI_SZ Another string type, but it allows you to enter a number of parameters in this one value entry. The parameters are separated by binary zeroes (nulls).

86 CHAPTER 4 CONFIGURING WINDOWS SERVER: THE WINDOWS SERVER 2003 REGISTRY

2. In the command line, type regedit and press Enter.

3. Open the HKEY_LOCAL_MACHINE _{folder. Inside that you’ll find a folder called} SOFTWARE_{; open}

that. Inside that you’ll find a folder named Microsoft_{; open that. Inside the} Microsoft

folder you’ll find a folder named WindowsNT_{; open that and you will see a folder named} CurrentVersion_{. Click it and you’ll see something like Figure 4.3.}

FIGURE 4.3 HKEY_LOCAL_ MACHINE\SOFTWARE\ Microsoft\ Windows NT\ CurrentVersion

4. In HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion _{you can see,}

among other things, value entries named RegisteredOrganization _and RegisteredOwner_.

Mine say MR&D and Mark, but yours will say different things.

5. Double-click RegisteredOrganization_{, and a String Editor screen appears. You’ll see some-}

thing like Figure 4.4. FIGURE 4.4

Registry string editor

6. Highlight the old value and replace it with Bigfirm. Click OK, and close up the Registry

EVEN MORE CAUTIONS ABOUT EDITING THE REGISTRY 87

Now click Help/About for any program—even the Registry Editor will do—and you’ll see that your organization is now MR&D.

Warning I remind you again: click all you like; you will not find a Save button or an Undo button. When you edit

the Registry, it’s immediate and it’s forever. So, once again, be careful when you mess with the Registry.

How Do You Find Registry Keys?

How did I know to go to HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion

in order to change my organization name? I found it by poking around the Registry. Regedit let me do it with its neat Find feature.

I figured that the word “Name” would appear a lot in the Registry, so looking for a field with my name called “Name” didn’t sound promising. But “Organization” isn’t as common, so I figured I’d try it. Here’s how you can, too:

1. Start Regedit if you haven’t already. 2. Click the My Computer icon in Regedit.

3. Click Edit/Find and a Find dialog box will appear that looks like Figure 4.5.

FIGURE 4.5 Regedit’s Find dialog box

4. In the Find What text field, type in organization. Note that Regedit will search key names,

value entry names, and the actual data in value entries. There is a lot more data in the Registry than there are key and value entry names, so skip searching data whenever possible; uncheck the Data check box and click Find Next.

On my system the first hit I got was for a key called MSExtOrganization_{, which was clearly not}

what I wanted, so I pressed F3 to tell Regedit to find the next match. Several false hits later, I found RegisteredOrganization_.

But how else can I find Registry keys? Microsoft’s Knowledge Base and white papers are great sources of useful Registry keys. Random Web searches can sometimes turn up some pretty neat stuff—or, as is usually the case with random Web searches, neat-sounding stuff that doesn’t work.

Even More Cautions about Editing the Registry

If you’re just learning about the Registry, you’re probably eager to wade right in and modify a value entry. Before you do, however, let me just talk a bit about using caution when you manipulate the Registry. (I know I’ve mentioned it before, but it’s important, so I’m mentioning it again.)

88 CHAPTER 4 CONFIGURING WINDOWS SERVER: THE WINDOWS SERVER 2003 REGISTRY

The vast majority of Registry items correspond to some setting in the Control Panel, Active Direc- tory Users and Computers, or some MMC snap-in. For example, you just saw how you can change the

RegisteredOrganization _{directly via the Registry Editor. I only picked that example, however,}

because it was fairly illustrative and simple to understand. In general, don’t use the Registry Editor to modify a value that can be modified in some other way.

For example, suppose I choose to set a background color on my screen to medium gray. That color is represented as a triplet of numbers: 128 128 128. How did I know what those color values meant? Because they’re the same as Windows 3.x color values. Color values in Windows are expressed as number triplets. Each number is an integer from 0 to 255. If I input a value greater than 255, the Registry Editor would neither know nor care that I was punching in an illegal color value. Now, in the case of colors, that probably wouldn’t crash the system. In the case of other items, however, the system could easily be rendered unusable. For example, I’m running Server 2003 on a system with just a single Pentium III processor, so the Registry reflects that, noting in one of the HARDWARE _{keys that}

2003 is running in a “uniprocessor” mode. Altering that to a multiprocessor mode wouldn’t be a very good idea.

Why, then, am I bothering to tell you about the Registry Editor? Three reasons.

First, there are settings—important ones—that can only be altered via the Registry Editor, so there’s no getting around the fact that a Server 2003 expert has to be proficient in the Editor.

Second, you can use the Registry Editor to change system value entries on remote computers. To use a very simple example: I’m at location A and I want to change the background color on the server at location B. To do that I have to physically travel to location B in order to run the Control Panel on the computer at that location. Instead of doing that, however, I can just start up the Registry Editor, choose Registry/Select Computer, and edit the Registry of the remote computer. (This is a lot less true than it once was with earlier versions of Server, as 2000 Server and Server 2003 have some very good remote control tools; but I’m sure that there will be instances where this is still useful advice.) This assumes that you have the security access to change the Registry of the remote computer— that is, you’re a member of the Administrators group on that computer.

Third, Server 2003 comes with a couple of programs named regini.exe _and reg.exe _{that let}

you write scripts to modify Registries. Such a tool is quite powerful; in theory, you could write a REGINI script to completely reconfigure a Server setup. Again, however, before you start messing with that program, please be sure that you have become proficient with the Registry. I’ve explained the various kinds of mischief that you can cause working by hand with the Registry Editor. Imagine what kinds of automated disasters you could start at 2.5GHz with a bad REGINI script!

And while I’ve mentioned REG, I should mention that it does a whole bunch of things—it will search your Registry, do automated search-and-replace (think how quickly you could destroy a Registry with that!), automate creating and deleting keys and value entries, and import and export Registry data. Do a reg/? _{for more info.}

By the way, there’s another way to automate Registry changes through REGEDIT. You can create an ASCII text file with the desired Registry changes, then use an undocumented /s _{(for “silent”)}

switch to introduce the changes.

The file has a particular format. The first line must be WindowsRegistryEditorVersion5.00_,

followed by a blank line. Then you enter a line with the full name of the Registry key that contains the value that you want to modify, surrounded by square brackets. Then type a line for each value that you want to modify, with the name of the value, an equal sign, and the desired value. Strings