Database Search
TechHome
 |
- A definitve source of Registry info
- Accessing Alternate Registry View
- Additional Key Handles
- Backing up the Registry
- Basic Registry Info and Utilities
- Change Registry Permissions and Modify Read-Only Subkeys
- Changing Registry as Administrator in NT4
- Compare Registry - Before and After
- Connecting to a Registry on a Remote Computer
- Convert Qword
- Converting a Hex DWord Value into Four Octets
- DataItem or Subkey - Does Key Exist and RegQueryValue
- Determine All Extensions Associated with an Application
- Edit a REG File
- Error 5 Opening Registry Key
- Export Color Scheme from Registry
- How to Find a Particular Hive
- How to Make Registry Key Dump to a Text File
- How to Restore Registry in Win95
- How to Save Hive Files in Windows 95
- Importing 64 bit Registry Settings
- Modify Users Registry with Elevated Privileges
- PATH Information and RegApp
- Problem Closing RegConnect Connections Using WntCancelCon
- RegCreateKey Creating Key in Wrong Reg Hive
- RegDeleteKey failing from 64bit to 32-bit server
- RegEdit and Merging Databases
- RegEdit Command Line Options Syntax
- RegEdit Merge Into 64-bit Registry
- Registry Compare
- Registry Editing Permissions and Winbatch
- Registry Entry for WBTs
- Registry Keys additional for NT and 95
- Registry Run Keys - Run and Runonce
- RegLoadHive - RegUnloadHive - and Running REG Files
- RegOpenKeyEx Notes
- RegQueryEx for REG_EXPAND_SZ
- RegQueryKeys and Counting Subkeys
- RegQueryMulSz Problem
- RegSetBin and Hex7 Value
- RegSetDword and Hex
- RegSetDword and Setting Last Bit to 0
- Renaming Registry Keys
- Replace all Occurrences of a String
- Retain Percent Signs in SystemRoot
- Setting Binary Values Greater than 255 Chars
- Setting Unknown Registry Type
- SYSDIFF and other Registry Utilities
- Updating the Registry and Broadcast Message
- Utility to Monitor Registry
Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.
How to Find a Particular Hive
Question:
I need to find a hives that is different everytime I install the same Operative System ( Windows 2000 server ). I saw that there are some hives that changes on every installation; for example one is this: S-1-5-21-1220945662-839522115-725345543-500 I need to know ( automatically ) this name because I need to make a program that access to some keys and data under that hive.Answer:
That SID value is for the Administrator account. Please read the help topic "About SID [Security Identifier] values..." in the Win32 Network extender help file. It will explain thing for you.The wntLsaPolGet() function can be used to retrieve either "PrimaryDomain" or "AccountDomain" names & SID values for a computer. The primary domain is the domain to which the computer belongs if it is a part of a domain. The account domain is the local system's name for its local accounts. If you get the account domain SID value, then you know the local system SID value that can be used to build SID values for local accounts by appending on "-" and the RID value for the local accounts.
If you have a series of "ntuser.dat" files in various user profiles on the system, you can retrieve the ownership information for the hive file via wntOwnerGet(), which should tell you how owns it. Converting the owner account's name into a SID value will allow you to compare the value with the SID value you are interested in so that you can determine if the hive needs to be loaded or not intot he registry. Please note this last step is only necessary if there are no processes running under that user's credentials, as having even one process running under the user's credentials usually results in their registry hive being loaded by the system.
Article ID: W17206
File Created: 2007:07:03:14:28:46
Last Updated: 2007:07:03:14:28:46