1001 Secrets for Windows NT Registry
(Publisher: 29th Street Press)
Author(s): Tim Daniels
ISBN: 1882419685
Publication Date: 12/01/97
I-255 We all know that Windows NT lets programs register themselves for later removal. If you ever want to remove a program from the list (and not actually remove the program), this registry entry is for you.
Hive:
| HKEY_LOCAL_MACHINE
|
Key:
| Software\Microsoft\Windows\CurrentVersion\Uninstall
|
The programs that are registered show under the uninstall key. I use the example of Internet Information Server, but you can substitute any program.
SubKey:
| MSIIS
|
Value Name:
| DisplayName
|
Data Type:
| REG_SZ
|
Value:
| Microsoft Internet Information Server
|
I-256
| Value Name:
| UninstallString
|
| Data Type:
| REG_SZ
|
| Value:
| C:\NTS40\System32\Inetsrv\Setup.exe
|
I-257 Problem: On your dual-boot system, the DOS variables are set up when you boot Windows NT. This setup is causing problems, and you want to eliminate it. Changing this registry entry does the trick.
Hive:
| HKEY_CURRENT_USER
|
Key:
| Software\Microsoft\WindowsNT\CurrentVersion\WinLogon
|
Value Name:
| ParseAutoexec
|
Data Type:
| REG_SZ
|
Value:
| 0
|
The default value is 1. Remember, you need to disable autoexec parsing for each user separately.
Dial-Up
I-258 To enable or disable autodialing for remote connections for individual users, try the following registry entry.
Hive:
| HKEY_CURRENT_USER
|
Key:
| Software\Microsoft\RAS Autodial\Control
|
Value Name:
| DisableConnectionQuery
|
Data Type:
| REG_DWORD
|
Value:
| 0
|
Setting this value to 0 requires NT to prompt you before it autodials. Restart the machine for these values to take effect.
System Recovery
I-259 If you have ever lost the administrative password on a Domain controller, you probably thought it was impossible to recover your system. However, if you follow these steps and use the registry, it is possible to regain control of your system.
- 1. Power down the primary domain controller.
- 2. Using the Windows NT installation disks, install Windows NT to a different directory than youre currently using. For example, if the current installation uses c:\winnt, install this version into c:\winntA.
- 3. Copy SrvAny.exe from the resource kit to C:\Temp.
- 4. Using Regedt32.exe, open the HKEY_LOCAL_MACHINE hive and highlight the root.
- 5. Select the Load Hive option and type the following line: C:\WINNT\ SYSTEM32\CONFIG\SYSTEM. (You must include the period.)
- 6. Now click Open and type domain controller at the key name prompt.
- 7. Go to the following key and record its value:
Hive:
| HKEY_LOCAL_MACHINE
|
Key:
| DomainSystem\ControlSet001\Services\Spooler \ImagePath
|
Value Name:
| ImagePath
|
Data Type:
| REG_SZ
|
Value:
| c:\Temp\Srvany.exe
|
The default value is %SystemRoot%\System32\Spoolss.exe.
- 8. Go the following key and add this key:
Hive:
| HKEY_LOCAL_MACHINE
|
Key:
| DomainController\ControlSet001\Services\Spooler\ Parameters
|
Add the following two values:
Value Name:
| Application
|
Data Type:
| REG_SZ
|
Value:
| C:\WinNT\System32\Net.exe
|
Value Name:
| AppParameters
|
Data Type:
| REG_SZ
|
Value:
| user Administrator forgotten
|
This value sets the administrator password to forgotten. You can, of course, substitute any password of your liking. Power down the system and reboot using the original configuration (c:\winnt). After the logon screen comes up, wait a few minutes and log on as the domain admin.
- 9. Using Regedt32.exe, remove the values you added. Remove the following keys:
Hive:
| HKEY_LOCAL_MACHINE
|
Key:
| SYSTEM\CurrentControlSet\Services\Spooler\ Parameters
|
Delete the following two values:
Value Name:
| Application
|
Data Type:
| REG_SZ
|
Value:
| C:\Winnt\System32\Net.exe
|
Value Name:
| AppParameters
|
Data Type:
| REG_SZ
|
Value:
| user Administrator forgotten
|
- 10. Now change the ImagePath key back to its original value:
Hive:
| HKEY_LOCAL_MACHINE
|
Key:
| DomainController\ControlSet001\Services\Spooler\ImagePath
|
Change the value to c:\Temp\Srvany.exe
Value Name:
| ImagePath
|
Data Type:
| REG_SZ
|
Value:
| %SystemRoot%\system32\spoolss.exe
|
You can now edit the Boot.ini file and remove the reference to the c:\winntA installation of Windows NT. When you reboot your machine, all is as it was before, except now you know the Domain administrator password again.