The Windows NT Registry
is similar to the Windows 95
version, but there are important differences.
The NT Registry contains the hardware database information, the system software data, the user security information, information about the currently logged on user, application configuration data and all of the information viewable under the Control Panel.
Windows NT retains the CONFIG.SYS, AUTOEXEC.BAT, SYSTEM.INI and WIN.INI for compatability.
When WinNT begins the startup routing, NTDETECT.COM runs to check for changes to the hardware configuration, and this information is recorded in the Registry. The Kernel uses the Registry to determine what drivers to load, and to determine the order to load each driver.
Windows NT has two registry editors available, where Win95 had one.
The standard REGEDIT program is the same as that supplied with Win95. REGEDIT shows the unified tree structure on the left and the key data on the right. Changes made to the Registry are incorporated immediately.
Note that REGEDT32 has no "I" in it, which is a common mistake. REGEDT32 allows administrators to make changes to the security system. REGEDT32 also allows you to cancel a series of changes, something not available with REGEDIT. Unfortunately, REGEDT32 does not have a search feature, so to find keys and data, you must use REGEDIT.
The Registry has similar keys and a similar structure.
This key contains the information for OLE and file associations. This subtree also helps to maintain the backward compatability with the Win3.1 registration database.
This key contains information about the user currently logged in to the system.
This key contains two important subkeys. The first is the DEFAULT subkey, which contains information about the default settings of the machine and is used during the logon process. The other important subkey contains the information for that users SID.
This key contains information about the current configuration of the machine.
This key contains the hardware and software configurations for the machine that do not change between user logons. This key also has several very important subkeys:
This subkey holds the information that is provided to the system during the boot process.
- Security Account Manager (SAM)
The SAM holds the local user and group account information. Applications that wish to view the SAM subkey must go through an appropriate API. This subkey also holds the domain user account database if the operating system is Windows NT Server.
This subkey contains all of the security for the local machine. To make any changes to the SECURITY subkey, you must use an application that uses an appropriate API.
This subkey contains information about the software that is installed which is user-independent (not attached to one user profile).
The SYSTEM subkey contains information about the devices and services on the local machine.