INSTALL WINDOWS XP PROFESSIONAL FROM A MASTER IMAGEIN THIS EXERCISE, Y...

4 - - MICROSOFT PRESS MCSA MCSE SELF PACED TRAINING KIT EXAM 70 270 PHẦN 2 PPSX 4 - - MICROSOFT PRESS MCSA MCSE SELF PACED TRAINING KIT EXAM 70 270 PHẦN 2 PPSX
MICROSOFT PRESS MCSA MCSE SELF PACED TRAINING KIT EXAM 70 270 PHẦN 2 PPSX
4-17Lesson 2 Editing the Registry

Table 4-7 describes the components that make up the hierarchical structure of the Registry.

Table 4-7

Components That Make Up the Registry

Component Description

Subtree A subtree (or subtree key) is analogous to the root folder of a disk. The Win-

dows XP Professional Registry has two subtrees: HKEY_LOCAL_MACHINE and

HKEY_USERS. However, to make the information in the Registry easier to find

and view, there are five predefined subtrees that can be seen in the editor:

HKEY_CLASSES_ROOT

HKEY_CURRENT_USER

HKEY_LOCAL_MACHINE

HKEY_USERS

HKEY_CURRENT_CONFIG

Keys Keys, which are analogous to folders and subfolders, correspond to hardware or

software objects and groups of objects. Subkeys are keys within higher-level keys.

Entries Keys contain one or more entries. An entry has three parts: name, data type, and

value (data or configuration parameter).

Hive A hive is a discrete body of keys, subkeys, and entries. Each hive has a corre-

sponding Registry file and .log file located in %systemroot%\System32\Config.

Windows XP Professional uses the .log file to record changes and ensure the

integrity of the Registry.

Data types Each entry’s value is expressed as one of these data types:

REG_SZ (String value). One value; Windows XP Professional

interprets it as a string to store.

REG_BINARY (Binary value). One value; it must be a string of

hexadecimal digits. Windows XP Professional interprets each pair as

a byte value.

REG_DWORD (DWORD value). One value; must be a string of 1–8

hexadecimal digits.

REG_MULTI_SZ (Multistring value). Multiple values allowed;

Windows XP Professional interprets each string as a component of

MULTI_SZ separate entries.

REG_EXPAND_SZ (Expandable string value). Similar to REG_SZ,

except the text can contain a replaceable variable. For example, in the

string %systemroot%\NTVDM.EXE, Windows XP Professional replaces

the systemroot environmental variable with the path to the Windows XP

Professional System32 folder.

REG_FULL_RESOURCE_DESCRIPTOR. Stores a resource list for hard-

ware components or drivers. You cannot add or modify an entry with

this data type.

Registry Subtrees

Understanding the purpose of each subtree can help you locate specific keys and val-

ues in the Registry. The following five subtrees or subtree keys are displayed in the

Registry Editor (refer to Figure 4-2):

HKEY_CLASSES_ROOT Contains software configuration data: object linking and

embedding (OLE) and file-class association data. This subtree points to the Classes

subkey under HKEY_LOCAL_MACHINE\SOFTWARE.

HKEY_CURRENT_USER Contains data about the current user. Retrieves a copy of

each user account used to log on to the computer from the NTUSER.DAT file and

stores it in the %systemroot%\Profiles\username key. This subkey points to the

same data contained in HKEY_USERS\SID_currently_logged_on_user. This sub-

tree takes precedence over HKEY_LOCAL_MACHINE for duplicated values.

HKEY_LOCAL_MACHINE Contains all configuration data for the local computer,

including hardware and operating system data such as bus type, system memory,

device drivers, and startup control data. Applications, device drivers, and the oper-

ating system use this data to set the computer configuration. The data in this sub-

tree remains constant regardless of the user.

HKEY_USERS Contains the .DEFAULT subkey, which holds the system default set-

tings (system default profile) used to display the C

TRL

+A

LT

+D

ELETE

logon screen,

and the Security Identifier (SID) of the current user.

HKEY_CURRENT_CONFIG Contains data on the active hardware profile extracted

from the SOFTWARE and SYSTEM hives. This information is used to configure set-

tings such as the device drivers to load and the display resolution to use.

The HKEY_LOCAL_MACHINE Subtree

HKEY_LOCAL_MACHINE provides a good example of the subtrees in the Registry for

two reasons:

The structure of all subtrees is similar.

HKEY_LOCAL_MACHINE contains information specific to the local computer and

is always the same, regardless of the user who is logged on.

The HKEY_LOCAL_MACHINE root key has five subkeys, which are explained in Table 4-8.

Table 4-8

HKEY_LOCAL_MACHINE Subkeys

Subkey Description

HARDWARE The type and state of physical devices attached to the computer. This subkey is

volatile, meaning that Windows XP Professional builds it from information gath-

ered during startup. Because the values for this subkey are volatile, it does not

map to a file on the disk. Applications query this subkey to determine the type

and state of physical devices attached to the computer.