



 |
Troubleshooting and Configuring the Windows NT/95 Registry
-1-
The Role of the Registry
The Registry is a set of data files used to help Windows control hardware, software,
the user's environment, and the "look and feel" of the Windows interface.
Formerly, these functions were performed by WIN.INI, SYSTEM.INI,
and .INI files that are associated with applications.
The evolution of application and operating system control has three distinct levels:
- In Legacy Windows systems, SYSTEM.INI and WIN.INI held all
the control functions for the operating systems and applications. Essentially, SYSTEM.INI
controlled the hardware while WIN.INI controlled the desktop and applications.
All changes to drivers, fonts, settings, and preferences would be stored in the .INI
files. Any new application that was installed added pointers to the .INI
files. Those pointers would then be referenced in the application's code.
- Additional .INI files that controlled the applications were added by
programmers who needed more control than was available because of the limited size
of the WIN.INI and SYSTEM.INI files. For example, Microsoft included
with Excel a file called EXCEL.INI, which held the options, settings, defaults,
and other information critical to making Excel work correctly. The only pointer that
was then required in WIN.INI was to the EXCEL.INI path and filename.
- The Registry was initially developed as a reference file for data-file associations
to applications. It was expanded to include all functions for 32-bit operating systems
and applications. Though some 32-bit applications still have .INI files,
it is quite rare. The Registry has no absolute maximum size, but a setting controls
the maximum size in the System section of the Control Panel. The larger size allows
users to have more complex operating systems and more installed applications.
Originally, SYSTEM.INI and WIN.INI controlled all Windows and
application features and access. It worked well when average users used only a few
applications. As the number and complexity of applications grew, so did the number
of entries to the .INI files. The downside of this approach, in a growing
environment, is that everyone would make changes to the .INI files when
applications were added to the system. However, no one ever removed references from
their .INI files when they removed applications, so SYSTEM.INI
and WIN.INI continued to get larger and larger. Each incremental size increase
meant slower performance. Even upgrading applications presented its challenges. The
upgrade would add entries but never take the old ones away, presumably to ensure
compatibility if another program was to access the settings.
Because the maximum size of an .INI file is 64KB, an obvious problem
arose. To counter the problem, vendors started supplying .INI files of their
own, with just pointers to the specific .INI files in WIN.INI and
SYSTEM.INI. The downside of this approach was the proliferation of .INI
files throughout the system and the hierarchical nature of access. (If WIN.INI
made a particular setting, and an application's .INI file overrode that
setting, who was responsible and where should--or could--a system-wide setting that
had priority be made?)
Another potential problem arose because of the .INI files. Because any
user could easily edit the files with any text editor, the .INI files were
always at risk. Users could try to edit the files and make mistakes, which might
make the files useless, and the applications that they controlled non-functional.
Also, there could also be a security problem because of the ease of access to the
files and the information they contained.
The Registry is a set of files that control all aspects of the operating system
and how it works with outside events. Those "events" range from accessing
a hardware device directly to how the interface will react to a specific user to
how an application will be run and much more. It was designed to work exclusively
with 32-bit applications, and file size is limited to a whopping 40MB. That should
be sufficient for most users, and usually the ones who do have a problem with it
are only those with a very large number of users on an NT network. It would be nearly
impossible to fill 40MB of Registry with application information alone. (Whenever
you say some-thing "is more than we'll ever need," just remember that IBM
said that about the meager 16KB of RAM on the original IBM PC). Because Windows 95
networking is peer-to-peer, each system controls only itself, and has no Registry
information on other systems. A Windows NT system may hold user information on thousands
of people, dramatically increasing the Registry size.
Fortunately, if more space is required for the Registry because of the number
of users, the network can be split up into multiple domains.
The Registry is complex by its very nature, and on purpose.
What the Registry Does
The Registry is the data file for all 32-bit hardware/driver combinations and
32-bit applications in both Windows NT and Windows 95. Sixteen-bit drivers do not
work in NT, so all devices are controlled through the Registry, even those normally
controlled by the BIOS. In Windows 95, 16-bit drivers will continue to work as real-mode
devices, and they use SYSTEM.INI for control.
Sixteen-bit applications will work in either NT or 95, and the applications still
refer to WIN.INI and SYSTEM.INI files for information and control.
Without the Registry, the operating system would not have the necessary information
to run, to control attached devices, to launch and control applications, and to respond
correctly to user input.
Data File for OS to Hardware/Drivers
The Registry is a database of all the settings and locations of 32-bit drivers
in the system. Figure 1.1 illustrates the positioning of the Registry in relation
to Windows NT and the drivers.
Figure
1.1. Windows uses
the Registry to control hardware.
When the OS needs to access hardware devices, it uses drivers, even if the device
is a BIOS-supported device.
With Windows NT, the appropriate drivers are loaded, based on the information
the BIOS supplies to NT. From that point on, NT never looks to the BIOS for information
again, unless the system is restarted. Windows 95 also utilizes drivers for BIOS-supported
devices, but continues to interact with the BIOS for some items.
NOTE: The utilization
of BIOS information in Windows 95 allows greater backward compatibility with hardware
than is available with Windows NT. Windows 95 has the capability to use both older
and newer hardware than is usable with Windows NT, because new drivers are easier
to write for 95, and 95 can still use real-mode drivers. This makes 95 more flexible
than NT on the one hand, and more unstable on the other.
Non-BIOS-supported devices that are installed must also have a driver. The drivers
are independent of the OS, but the OS needs to know where to find them, the filename,
the version, and other settings and information. Depending on the device, the driver
may be different for NT and 95. Some devices, like modems, use exactly the same drivers
for both NT 4.0 and Windows 95. Without Registry entries for each of the devices,
they would not be usable. Likewise, any problems with the Registry may also make
them unusable. Obviously, if a programmer makes a mistake in the setup files that
affect the Registry settings, the device may not work at all.
SOLUTIONS: If
I have a bad driver, how can I get a new one? If the driver you have is not working
correctly, first try reinstalling the driver from the original disk. If the device
still doesn't work, get a new driver from the manufacturer. Many times, the driver
that ships with a device will be prepared before the final touches are made to the
product. Inevitably, there will then be differences that may make the driver incompatible,
or it may contain a bug. The best place today to get a new driver from a manufacturer
is to download it from the company's Internet Web site. Usually, the device documentation
will contain the address to the site, and you can then download the driver directly.
Another alternative is to download it from the manufacturer's technical bulletin
board (BBS) directly. Again, many manufacturers put a number in the documentation.
If you have no addresses available to get the file directly, call the technical support
phone number and ask for a new driver. Most of the time, they will ask you for the
date or version number of the driver, which you can get from the Control Panel, Windows
NT Diagnostics, or other utilities such as Norton Utilities.
Data File for OS to Applications
When a user attempts to launch an application, the Registry supplies application
information to the OS so the application can be found, the correct data file locations
are set, and other settings are available. The relationship between Windows, the
Registry, and applications is shown in Figure 1.2.
Figure
1.2. Windows uses the Registry to control applications.
The Registry holds information about default data and auxiliary file locations, menus,
button bars, window status, and other options. It also holds installation information
such as the date
of installation, the user who installed the software, the version number and date,
and sometimes the serial number. Depending on the actual software installed, it may
contain other application-specific information.
Two Types of Control
Although, in general, the Registry controls all 32-bit applications and drivers,
the type of control it exercises is based on users and computers, not on applications
or drivers. Every Registry entry controls a user function or a computer function.
User functions would include the desktop appearance and home directory, for example.
Computer functions are related to installed hardware and software, items that are
common to all users.
Some application functions affect users, and others affect the computer and are
not specifically set for an individual. Similarly, drivers may be user-specific,
but, most of the time, they are for general use by the computer. All of the settings
discussed in the rest of the book are separated by user and computer.
Some examples of user-type functions controlled by the Registry are
- Control Panel functions
- Desktop appearance and icons
- Network preferences
- Explorer functionality and features
Some of those functions are the same regardless of user; others are user-specific.
Computer-related control items are based on the computer name, without respect
to the logged-in user. An example of this type of control would be installing an
application. The availability and access to the application is constant, regardless
of the user; however, icons to launch the application are dependent on the user logging
in to the network. Network protocol availability and priority is based on the computer,
but current connections are based on user information.
Here are some examples of computer-based control items in the Registry:
- Access control
- Login validation
- File and print sharing
- Network card settings and protocols
- System performance and virtual memory settings
Because every system has a set of Registry files for itself, any user who uses
that machine will be bound by those settings. The settings are unique to that system.
This is one of the reasons that every system should have its
Registry protected through secure backups (see Chapter 4, "Protecting the NT
Registry," and Chapter 6, "Protecting the
Windows 95 Registry").
By default, Windows 95 user information is stored at each individual machine.
Because
Windows NT was designed as a network-connected (rather than a stand-alone) system,
the Registry information for NT users can be stored in the domain controller (the
primary information in the primary domain controller, and a copy of it in each of
the backup domain controllers). Placing the user information in the domain controller
for centralized use is called roaming profiles. If roaming profiles are used, as
a user logs in to the network, the Registry settings for that user are transferred
or mapped to the system where the user has logged in and are used there.
If the NT system is not part of a domain, but is used as a stand-alone system
or part of a workgroup, the user's information is stored at the local machine (just
as it is with 95), will not be transferred to another system, and is not available
to any other system on the network. Each machine is fully independent of the others.
If you created a "perfect" desktop setting on one system in the workgroup's
network, it would not be available to any other system. On a domain, on the other
hand, it is possible to transfer those settings from system to system.
Summary
Without the Registry, Windows 95 and Windows NT would not be possible. They are
too complex to be controlled by the older .INI files, and their expansion
capabilities allow almost unlimited installation and use of applications. The Registry
is, however, much more complex than the .INI files, and understanding how
it works, what it does, and how to work with it is critical for effective system
administration.
The Registry controls all 32-bit applications and their functions on the system,
plus the interaction between multiple applications, such as copying and pasting.
It also controls all the hardware and drivers. Though most of the settings are made
during installation and through the Control Panel, understanding the Registry is
fundamental to reliable and capable management of Windows NT and Windows 95 systems.
|