Data Network Resource
       Earn on the Web

4. NT Environment

The Registry provides a secure set of records containing hardware and software configurations. The components that use the registry are the NT kernel (Ntoskrnl.exe), device drivers, setup programs, hardware data, hardware profiles and user profiles.

The registry hierarchy is as follows:

  • Subtree
  • Hive - a body of keys, subkeys and values
  • Keys and subkeys
  • Values - containing name, data type and value
  • Value data types - e.g. REG_DWORD which can be up to 8 hexadecimal digits.

There are 5 subtrees:

  • HKEY_LOCAL_MACHINE - device drivers, services, applications, some boot data
  • HKEY_USERS - two subkeys the SID and the default system settings for the logon screen
  • HKEY_CURRENT_USER - interactive data of user
  • HKEY_CLASSES_ROOT - contains software configuration data
  • HKEY_CURRENT_CONFIG - active hardware data

The following are sub-keys in HKEY_LOCAL_MACHINE:

  • HARDWARE - built each time the computer starts containing the type and state of devices. Important subkeys are DESCRIPTION, DEVICEMAP, OWNERMAP and RESOURCEMAP.
  • SAM - directory database, security information for user and group accounts.
  • SECURITY - local security policy, e.g. user rights.
  • SOFTWARE - software information such as manufacturer and version.
  • SYSTEM - device driver, service information and operating system behaviour, the most important subkeys are Clone, ControlSet001, ControlSet002, CurrentControlSet and DISK. The big one here is CurrentControlSet which you will see referred to many times throughout this document.

Use different hardware profiles for different hardware configurations such as a laptop in a docking station. In Control Panel Devices and Services can access the hardware profiles. Be aware that creating a 'network-disabled' hardware profile is not picked up by the Services program or net start.

The registry editor can be used to determine which device is using an unlisted serial port (since this does not appear in the Ports program in Control Panel. The key is HKEY_LOCAL_MACHINE\HARDWARE\Description\System\MultifunctionAdapter

Display program is used for the display, the SCSI Adapters program for both SCSI and IDE devices and the Tape Devices program for tape devices. Addition of a tape driver does NOT require a system restart.

The UPS program in Control Panel is used to set up a UPS via a specially pinned out serial cable on the COM port. The /NoSerialMice switch may need to be used in the Boot.ini file to stop the UPS switching off when sends a detection signal.

The following options exist for UPS setup:

  • Power Failure Signal
  • Low Battery signal at least 2 minutes before shutdown
  • Remote UPS shutdown
  • Execute command File
  • Expected Battery Life
  • Battery recharge time per minute of run time
  • Time between power failure and initial warning message
  • Delay between warning messages

PC cards require the machine to be turned off before NT recognises them.

In System Properties the Startup/Shutdown tab allows you to reorder the choice of Operating Systems and how long the boot menu appears for. Also, if there is a fatal system error you can write an event to the system log, send an alert, write debugging information to a specified file and automatically reboot.

The Performance tab in the System Properties program is where the virtual memory is configured. The minimum paging file size is 2Mb, the default for NT Workstation is the total RAM plus 12Mb. For NT Server the default paging file is the amount of RAM down to a minimum of 22Mb. Best performance is achieved by moving the paging file off the boot partition and having a paging file for each physical disk, provided that the controller can read/write multiple hard disks simultaneously.

Environment variables such as TEMP are strings containing drives, paths and filenames. These are set in the Environment tab of System Properties.

*.ini files are used just for 16-bit applications, they contain duplicate information in the registry.

You can prevent NT from searching the Autoexec.bat file by setting the registry parameter: \HKEY_CURRENT_USER\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\ParseAutoexec REG_SZ=0

Regedit32.exe (located in winnt_root\System32) is the recommended registry editor as it can look at security and auditing and has a read only mode. It can only search for a KEY. Regedit.exe (located in winnt_root) cannot do the aforementioned items but it can search for KEY, VALUES and DATA. Regedit.exe is the Windows 95 version of regedit.

The winreg subkey which is located in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg is optional and determines remote access to the registry.

The registry help file Regentry.hlp helps you with value ranges and instructions for setting values.

NT Server Resource kit provides Remote Command Service (Rcmd.exe) allows remote administration and running of command line programs. The client end is a command-line program (Rcmd.exe) whilst the server end is a service (Rcmdsvc.exe).

Valid HTML 4.01 Transitional

Earn on the Web    

All rights reserved. All trademarks, logos, and copyrights are property of their respective owners.