A helpful addition to any NT administrator's bookshelf

The list of books available about the Windows NT Registry continues to grow. O'Reilly & Associates' latest addition to this list is Paul Robichaux's Managing the Windows NT Registry. The book describes Registry editing tools and how to write programs to access the Registry.

In Chapter 1, "A Gentle Introduction to the NT Registry," Robichaux provides a brief history of the Registry and discusses its advantages. He also describes Registry hives, which are part of the Registry key structure. Chapter 2, "NT Registry Nuts and Bolts," describes the Registry's structure and the information you can store in and retrieve from the Registry.

Backing up the Registry is the area that systems administrators probably have the most trouble with. Chapter 3, "In Case of Emergency," discusses how to back up Registry data. This chapter also introduces Registry editing tools and the utilities available in the Microsoft Windows NT Server 4.0 Resource Kit.

Chapter 4, "Using RegEdit," and Chapter 5, "Using RegEdt32," explain how to add keys and values to the Registry and create .reg files. These chapters are brief, but the author thoroughly covers the basics about these tools and explains how you can use .reg files to change the Registry on remote computers. Chapter 5 also explains how to secure the Registry.

Chapter 6, "Using the Policy Editor," is actually about NT policies. Policies are groups of related settings that control what users can do. These policies are typically Registry key settings. However, most users prefer to use the System Policy Editor interface than to edit the Registry directly. Editing the Registry manually is dangerous, and if done incorrectly, can damage the system. Changes you make with the System Policy Editor interface are actually Registry updates. Using the System Policy Editor lets you create policies and control them centrally. The four tables in Chapter 6 list the .adm file policy template settings and the Registry keys they affect.

If you are a programmer, you probably need to read from, write to, and query the Registry. Chapter 7, "Programming with the Registry," covers the Registry API and explains how you can manipulate the Registry from within a program. Robichaux also provides C language and Visual Basic (VB) example source code to explain how to write a program that accesses the Registry. He also covers the little known RegNotifyChangeKeyValue API, which notifies you when a specific key changes.

Chapter 8, "Administering the NT Registry," might interest advanced NT administrators because it explains how to set defaults for new user accounts, limit remote Registry access, and encrypt the Security Accounts Manager (SAM) database. The chapter also discusses Regmon for Windows NT, a third-party utility. (In the book, the author refers to the utility as NTREGMON.) You can use Regmon to find out if any unauthorized users have tried to access the Registry.

Chapter 9, "Registry Tweaks," describes how to make changes to the Registry to modify the NT user interface, file systems, security, system performance, the network, and printing. Using a utility (e.g., Control Panel or System Policy Editor) to implement system changes is ideal; however, sometimes the only way to make a change is to manually edit the Registry. I learned how to prevent users from customizing the My Computer icon. A policy setting that prevents users from changing this icon exists on the desktop. Robichaux explains how to change the HKLM\Software\Classes\CLSID\20D04FE0-3AEA-1069-08002B30309D permissions from full control to read-only, which disables the users' ability to modify the icon.

Chapter 10, "The Registry Documented," describes the documented Registry keys (i.e., what you can use them for). However, the list provided isn't complete because it includes keys only from the core NT 4.x operating system (OS). Chapter 10 also provides information about Registry layout.

Robichaux provides information (e.g., about securing the Registry and using .reg files to update the Registry) that I haven't seen documented anywhere else, at least not together in one source. This book would be a helpful addition to any NT administrator's bookshelf.

Windows NT Registry
Managing the Windows NT Registry
Author: Paul Robichaux
Publisher: O'Reilly & Associates
Sebastapol, 1998
ISBN 1-56592-378-2
Price: $34.95; 341 pages