The registry is a binary database that organizes all of a system's configuration settings into a hierarchy. Applications, system components, device drivers, and the Microsoft Windows 2000 kernel all use the registry to store their own preferences, read them back again, and obtain information about the system's hardware configuration, the current user's preferences, and the default settings that should be used when no predefined settings exist (such as when a new user logs on to the machine for the first time.)
Back in the days of Microsoft Windows 3.1, applications and Windows stored their configuration information in .INI files. These files were simple to edit, which was both a blessing and a curse—users could easily make changes when needed, but they could also easily make changes when they weren't needed. The proliferation of Windows applications soon meant that machines were littered with dozens of .INI files, each with its own combination of settings—not all of which were documented or even understood by anyone other than the application programmers.
Windows NT 3.1 largely eliminated .INI files; it introduced the predecessor to what is now known as the Windows 2000 Registry. The Microsoft Windows NT 3.1 Registry has some important features that have continued on more or less unchanged to Windows 2000.
Some of these features made it into Windows 95/98, which shares the organizing principles of the Windows NT registry without its security or remote access features. The two OS families use different internal formats for their registry databases even though their registries look similar to registry-editing tools; their files aren't interchangeable or interoperable.
Perhaps the most remarkable aspect of the Windows 2000 registry is how little it has changed from the Windows NT 4 version. The binary structures used to store the data remain the same, as do the structural underpinnings discussed later in this chapter.
Now that you have a general understanding of what the registry's data is used for, it's time to get more specific. Registry data is used in six different areas:
Note that during the boot, kernel, and device driver phases, the system can't use the disk—until the device drivers are loaded, the system can't "talk" to the disk. You'll learn how the system works around this seemingly severe limitation in the section "Volatile Keys" later in the chapter.
REAL WORLD Being on Your Best Behavior
Microsoft continually warns us that editing the registry is dangerous—is it really, or are they just covering themselves? The answer is somewhere between the two extremes. Because the registry is used by virtually every part of Windows 2000, and because most programmers are lazy when it comes time to write code to check the validity of values that come from the registry, making an improper or ill-advised registry change can certainly harm your machine. Having said that, however, if you're careful and attentive, you don't need to be afraid of the registry. A few simple rules will keep you out of trouble:
- Don't edit a part of the registry for fun. If you don't know how a certain change will affect your system, don't make it unless you can live with the consequences.
- Be careful about adding new values or keys. Software will pay attention only to keys that have names it understands. Adding a new key or value in the hope that some component will recognize it and change its behavior is like adding a new switch labeled "Jet Boost" to your car's dashboard and expecting it to increase your car's speed. The exception to this rule is that Microsoft often uses code that can recognize hidden (or at least under documented) keys and change its behavior accordingly.
- Maintain a current backup of your system state.