I-255 We all know that Windows NT lets programs
register themselves for later removal. If you ever want to
remove a program from the list (and not actually remove the
program), this registry entry is for you.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
Software\Microsoft\Windows\CurrentVersion\Uninstall |
The programs that are registered show under the uninstall key.
I use the example of Internet Information Server, but you can
substitute any program.
| SubKey: |
MSIIS |
| Value Name: |
DisplayName |
| Data Type: |
REG_SZ |
| Value: |
Microsoft Internet Information Server
|
| I-256 |
Value Name: |
UninstallString |
| � |
Data Type: |
REG_SZ |
| � |
Value: |
C:\NTS40\System32\Inetsrv\Setup.exe
|
I-257 Problem: On your dual-boot system, the DOS
variables are set up when you boot Windows NT. This setup is
causing problems, and you want to eliminate it. Changing this
registry entry does the trick.
| Hive: |
HKEY_CURRENT_USER |
| Key: |
Software\Microsoft\WindowsNT\CurrentVersion\WinLogon |
| Value Name: |
ParseAutoexec |
| Data Type: |
REG_SZ |
| Value: |
0
|
The default value is 1. Remember, you need to disable autoexec
parsing for each user separately.
DIAL-UP
I-258 To enable or disable autodialing for remote
connections for individual users, try the following registry
entry.
| Hive: |
HKEY_CURRENT_USER |
| Key: |
Software\Microsoft\RAS Autodial\Control |
| Value Name: |
DisableConnectionQuery |
| Data Type: |
REG_DWORD |
| Value: |
0
|
Setting this value to 0 requires NT to prompt you before it
autodials. Restart the machine for these values to take
effect.
SYSTEM RECOVERY
I-259 If you have ever lost the administrative password
on a Domain controller, you probably thought it was impossible
to recover your system. However, if you follow these steps and
use the registry, it is possible to regain control of your
system.
- Power down the primary domain controller.
- Using the Windows NT installation disks, install Windows
NT to a different directory than you�re currently using.
For example, if the current installation uses c:\winnt,
install this version into c:\winntA.
- Copy SrvAny.exe from the resource kit to
C:\Temp.
- Using Regedt32.exe, open the HKEY_LOCAL_MACHINE hive and
highlight the root.
- Select the Load Hive option and type the following line:
C:\WINNT\ SYSTEM32\CONFIG\SYSTEM. (You must include the
period.)
- Now click Open and type domain controller at the
key name prompt.
- Go to the following key and record its value:
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
DomainSystem\ControlSet001\Services\Spooler
\ImagePath<
/TD>
|
| Value Name: |
ImagePath |
| Data Type: |
REG_SZ |
| Value: |
c:\Temp\Srvany.exe
|
The default value is
%SystemRoot%\System32\Spoolss.exe.
- Go the following key and add this key:
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
DomainController\ControlSet001\Services\Spooler\
Parameters
|
Add the following two values:
| Value Name: |
Application |
| Data Type: |
REG_SZ |
| Value: |
C:\WinNT\System32\Net.exe |
| Value Name: |
AppParameters |
| Data Type: |
REG_SZ |
| Value: |
user Administrator forgotten
|
This value sets the administrator password to
�forgotten.� You can, of course, substitute any
password of your liking. Power down the system and reboot
using the original configuration (c:\winnt). After the logon
screen comes up, wait a few minutes and log on as the domain
admin.
- Using Regedt32.exe, remove the values you added. Remove
the following keys:
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
SYSTEM\CurrentControlSet\Services\Spooler\
Parameters
|
Delete the following two values:
| Value Name: |
Application |
| Data Type: |
REG_SZ |
| Value: |
C:\Winnt\System32\Net.exe
|
| Value Name: |
AppParameters |
| Data Type: |
REG_SZ |
| Value: |
user Administrator forgotten
|
- Now change the ImagePath key back to its original
value:
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
DomainController\ControlSet001\Services\Spooler\ImagePath
|
Change the value to c:\Temp\Srvany.exe
| Value Name: |
ImagePath |
| Data Type: |
REG_SZ |
| Value: |
%SystemRoot%\system32\spoolss.exe
|
You can now edit the Boot.ini file and remove the reference to
the c:\winntA installation of Windows NT. When you reboot your
machine, all is as it was before, except now you know the
Domain administrator password again.
UNINSTALLATION
I-260 Have you ever installed some trial software and
removed it at the end of the demo period, only to be plagued
by the annoying message �Cannot find file
C:\filename� (or one of its components)? Try this
registry entry to correct the problem.
| Hive: |
HKEY_CURRENT_USER |
| Key: |
Software\Microsoft\Windows\CurrentVersion |
| Value Name: |
Run |
| Data Type: |
REG_SZ |
| Value: |
|
REGISTRY
I-261 Problem: Windows NT 4.0 Server requires that
people who can remotely access the registry on a given machine
belong to the Administrator group. However, someone is still
tampering with your registry. To change the permissions,
modify this registry entry.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
System\CurrentControlSet\Control\ SecurePipeServers\winreg
|
Change the permissions on this key to whomever you wish to
give access to. The default is Administrators Full Control.
I-262 In Windows NT Workstation, the Winreg key is not
in the registry by default. If you add this key to the
registry, you must also add the subkey Allowedpaths. Here is
the AllowedPaths key under a clean install of Windows NT
Server 4.0
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
System\CurrentControlSet\Control\SecurePipeServers\
winreg\AllowedPaths |
| Value Name: |
MACHINE |
| DataType: |
REG_MULTI_SZ
|
| Value: |
System\CurrentControlSet\Control\ProductOptions
|
| I-263
| Value: |
System\CurrentControlSet\Control\Print\Printers
|
| I-264
| Value: |
System\CurrentControlSet\Services\Eventlog
|
| I-265
| Value: |
Software\Microsoft\Windows NT\CurrentVersion
|
Restart your machine for these new values to take effect.
I-266 Did you ever wonder where the registry files are
stored? Well, where else would you expect to find the answer
but in the registry itself?
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
System\CurrentControlSet\Control\Hivelist
|
| Value Name: |
Registry\MACHINE\Clone
|
| Data Type: |
REG_SZ |
| Value: |
|
This registry entry stores the clone hive information.
| I-267 |
Value Name: |
Registry\MACHINE\Hardware |
| � |
Data Type: |
REG_SZ |
| � |
Value: |
� |
This registry entry stores hardware hive information.
| I-268 |
Value Name: |
Registry\MACHINE\SAM |
| � |
Data Type: |
REG_SZ |
| � |
Value: |
Device\Harddisk0\Partition1\NTS40\System32\Config\SAM
|
This registry entry stores all the SAM information.
| I-269 |
Value Name: |
Registry\MACHINE\Security |
| � |
Data Type: |
REG_SZ |
| � |
Value: |
Device\Harddisk0\Partition1\NTS40\System32\Config\Security
|
This file stores information for the grayed-out Security hive.
| I-270 |
Value Name: |
Registry\MACHINE\Software |
| � |
Data Type: |
REG_SZ |
| � |
Value: |
Device\Harddisk0\Partition1\NTS40\System32\Config\
Software
|
This file contains the value for the Software hive.
| I-271 |
Value Name: |
Registry\MACHINE\System |
| � |
Data Type: |
REG_SZ |
| � |
Value: |
Device\Harddisk0\Partition1\NTS40\System32\Config\System
|
This entry shows where the System hive is stored.
| I-272 |
Value Name: |
Registry\User\Default |
| � |
Data Type: |
REG_SZ |
| � |
Value: |
Device\Harddisk0\Partition1\NTS40\System32\Config\Default
|
This entry shows where the default values for the user hive
are stored.
| I-273 |
Value Name: |
Registry\User\ |
| � |
Data Type: |
REG_SZ |
| � |
Value: |
Device\Harddisk0\Partition1\NTS40\Profiles\
;\ Ntuser.dat
|
This entry shows the user data for the current logged-on
user.
DEFAULT SECURITY PERMISSIONS
You can use many combinations of Windows NT security measures.
These entries represent the default permissions on a brand-new
installation. They are helpful when you need to reset your
registry.
| I-274 |
Hive: |
HKEY_CURRENT_USER |
| � |
User: |
Guest |
| � |
Permissions: |
Full Control
|
| � |
User: |
Administrator |
| � |
Permissions: |
Full Control
|
| � |
User: |
System |
| � |
Permissions: |
Full Control
|
| I-275 |
Hive: |
HKEY_USERS |
| � |
User: |
Guest |
| � |
Permissions: |
Read-Only
|
| � |
User: |
Administrator |
| � |
Permissions: |
Full Control
|
| � |
User: |
System |
| � |
Permissions: |
Full Control
|
| I-276 |
Hive: |
HKEY_CLASSES_ROOT |
| � |
User: |
Guest |
| � |
Permissions: |
Full Control
|
| � |
User: |
Administrator |
| � |
Permissions: |
Full Control
|
| � |
User: |
System |
| � |
Permissions: |
Full Control
|
| I-277 |
Hive: |
HKEY_LOCAL_MACHINE |
| � |
Key: |
Security |
| � |
User:
| Guest |
| � |
Permissions: |
None
|
| � |
User: |
Administrator |
| � |
Permissions: |
Special Access
|
| � |
User: |
System |
| � |
Permissions: |
Full Control
|
| I-278 |
Hive: |
HKEY_LOCAL_MACHINE |
| � |
Key: |
SAM |
| � |
User: |
Guest |
| � |
Permissions: |
None
|
| � |
User: |
Administrator |
| � |
Permissions: |
None
|
| I-279 |
Hive: |
HKEY_LOCAL_MACHINE |
| � |
Key: |
System |
| � |
User: |
Guest |
| � |
Permissions: |
Read-Only
|
| � |
User: |
Administrator |
| � |
Permissions: |
Full Control
|
| I-280 |
Hive: |
HKEY_LOCAL_MACHINE |
| � |
Key: |
Software |
| � |
User:
| Guest |
| � |
Permissions: |
Full Control
|
| � |
User: |
Administrator |
| � |
Permissions: |
Full Control
|
| I-281 |
Hive: |
HKEY_LOCAL_MACHINE |
| � |
Key: |
Software\Secure |
| � |
User: |
Guest |
| � |
Permissions: |
Read-only
|
| � |
User: |
Administrator |
| � |
Permissions: |
Full Control
|
| I-282 |
Hive: |
HKEY_LOCAL_MACHINE |
| � |
Key: |
Software\Microsoft\Secure |
| � |
User: |
Guest |
| � |
Permissions: |
Full Control
|
| � |
User: |
Administrator |
| � |
Permissions: |
Full Control
|
| I-283 |
Hive: |
HKEY_LOCAL_MACHINE |
| � |
Key: |
Software\Microsoft\WindowsNT |
| � |
User: |
Guest |
| � |
Permissions: |
Creation Only
|
| � |
User: |
Administrator |
| � |
Permissions: |
Full Control
|
| I-284 |
Hive: |
HKEY_LOCAL_MACHINE |
| � |
Key: |
Software\Microsoft\ProgramGroup |
| � |
User: |
Guest |
| � |
Permissions: |
Read-Only
|
| � |
User: |
Administrator |
| � |
Permissions: |
Full Control
|
| I-285 |
Hive: |
HKEY_LOCAL_MACHINE |
| � |
Key: |
Software\Microsoft\Windows |
| � |
User: |
Guest |
| � |
Permissions: |
Full Control
|
| � |
User: |
Administrator |
| � |
Permissions: |
Full Control
|
GENERAL NETWORKING
I-286 Windows NT automatically disconnects idle
sessions after a set number of minutes. To disable this
feature (or at least set it to a ridiculously high number of
minutes), use the following registry setting.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
System\CurrentControlSet\Services\LanmanServer\ Parameters
|
Add the following value
| Value Name: |
Autodisconnect |
| Data Type: |
REG_DWORD |
| Value: |
Oxffffffff
|
Restart the system for this value to take effect.
I-287 If you continually get the dreaded error 3013,
�The redirector has timed out to Servername,� in
your system log, fix this problem with this registry
entry.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
System\CurrentControlSet\Services\LanmanWorkstation\
Parameters
|
Increase the following value under the Parameters key or add
it if it doesn�t already exist.
| Value Name: |
SessTimeOut |
| Data Type: |
REG_DWORD |
| Value: |
1
|
I-288 Your 3COM fast Ethernet card is hanging when you
perform a soft reset, and the event log says something about
bus mastering. This registry entry fixes your problem.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
System\CurrentControlSet\Services\EL59X1\Parameters
|
Add the following value under the Parameters key.
| Value Name: |
BusMaster |
| Data Type: |
REG_SZ |
| Value: |
no
|
This change disables bus mastering on the network card.
Restart the machine for these changes to take effect.
I-289 If your Windows NT workstation maintains a
browser list and you want to disable this feature, change this
registry entry.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
System\CurrentControlSet\Services\Browser\Parameters
|
Add the following value under the Parameters key.
| Value Name: |
MaintainServerList |
| Data Type: |
REG_SZ |
| Value: |
no
|
I-290 Problem: You receive the following error
repeatedly in the Server event log:
Event ID: 2022
Source: srv
Detail: The server was unable to find free connection
xx times in the last xx seconds.
The actual number represented by xx varies depending on
your circumstances. Changing this registry entry helps you
work around the problem.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
System\CurrentControlSet\Services\LanmanServer\ Parameters
|
- Add the following two values under the Parameters key.
| Value Name: |
MaxFreeConnections |
| Data Type: |
REG_DWORD |
| Value: |
8
|
| Value Name: |
MaxWorkItems |
| Data Type: |
REG_DWORD |
| Value: |
255
|
- Next, modify this registry parameter to turn off
AutoDisconnect.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
System\CurrentControlSet\Services\LanmanServer\ Parameters
|
Add the following value under the Parameters key:
| Value Name: |
AutoDisconnect |
| Data Type: |
REG_DWORD |
| Value: |
FFFFFFFF
|
Reboot your system for these changes to take effect.
I-291 You�re trying to set up a connection to your
ISP so that your workstation lets other computers on the
network access the Internet. The problem is that you can see
your machine but nothing else. Try this registry modification
to solve the problem.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
System\CurrentControlSet\Services\RASARP\Parameters
|
Add the following value under the Parameters key:
| Value Name: |
DisableOtherSourcePackets |
| Data Type: |
REG_DWORD |
| Value: |
0
|
I-292 Are you tired of your server flooding you with
alert messages? You don�t want to turn them off; you just
don�t want them sent as frequently. This registry entry
lets you specify how often Windows NT checks alert conditions
and sends appropriate messages.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
System\CurrentControlSet\Services\LanmanServer\ Parameters
|
Add the following value:
| Value Name: |
AlertSched |
| Data Type: |
REG_DWORD |
| Value: |
5
|
Valid values are from 1 to 65,535, and they are in minutes.
The default is 5 minutes. Restart your machine for these
values to take effect.
I-293 Are your users
leaving open connections to the server and using up resources
you don�t have? To disconnect idle users after a certain
length of time, change this registry entry.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
System\CurrentControlSet\Services\LanmanServer\
Parameters |
| Value Name: |
AutoDisconnect |
| Data Type: |
REG_DWORD |
| Value: |
15
|
Valid numbers are from 0 to 0xFFFFFFF in minutes. The default
is 15 minutes. Restart your machine for these values to take
effect.
I-294 If you have lots of servers on your network and
your users get confused, use this registry entry to specify a
comment that is displayed with the server name.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
System\CurrentControlSet\Services\LanmanServer\Parameters<
/TD>
|
| Value Name: |
Srvcomment |
| Data Type: |
REG_SZ |
| Value: |
|
The default is no message. Restart the computer for this
change to take effect.
I-295 Are you tired of slow connections making you wait
to access your roaming profiles? Do you want to speed things
up? These registry entries let you set the time NT waits
before timing out and letting you use a local profile.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
Software\Microsoft\Windows NT\CurrentVersion\Winlogon |
| Value Name: |
SlowLinkDetectEnabled |
| Data Type: |
REG_DWORD |
| Value: |
1
|
| I-296 |
Hive: |
HKEY_LOCAL_MACHINE |
| � |
Key: |
Software\Microsoft\Windows NT\CurrentVersion\Winlogon |
| � |
Value Name |
SlowLinkTimeOut |
| � |
Data Type: |
REG_DWORD |
| � |
Value: |
2000
|
If SlowLinkDetectEnabled is set to 1, the value in
SlowLinkTimeOut determines how long in milliseconds until
users are prompted to choose between Local or Server-based
profiles. The default value is 2000 milliseconds.
|
