The structure of the 2000 registry is very large, and the registry must quickly access to avoid system performance, so the information in the Windows 2000 registry is saved in binary format, not like Windows 3.x INI file or MS - DOS system file Save in text format. In order to get the least time from a huge database, the organization's organizational structure is more like a file system on a hard disk. Windows 2000 registration table is divided into four layers, and laminated structure: • Configuration unit: There are five system-defined configuration units, the first part of their name is: H k e y.
• Item: Divided into user-defined items and system definitions. These items do not have a special naming convention that exists in subdirectory in the primary HKEY_ configuration unit. Items and child do not have a data - they are only responsible for organizing access to data. • Child: Divided into user-defined sub-items and system definitions. These children do not have special naming conventions, which are existing as a subdirectory as a user-defined or a system-defined item. Items and child do not have related data - they are just access to data (note, some documents are not distinguished and sub-items).
• Value: These elements are located at the end of the structural chain, just like the files in the file system. They contain actual data used when the computer and its application are executed. They can be divided into several data types, which will be introduced later in this chapter. Now let's take a look at the information contained in each configuration unit and how they interact with Windows 2000. 1. HKEY_LOCAL_MACHINEH K E Y _ L O C A L _ M A C H i N E (H K L M) is a configuration unit including operating system and hardware related information (such as computer bus type, system availability memory, currently loaded on which device drivers, and start control data, etc.). In fact, H k L m stores most of the information in the registry, because the other four configuration units are alias of their child. Tip Configuration Unit is typically abbreviated as HK plus the first letters of the following scriberability. 2. HKEY_CURRENT_USERH K E Y _ C U R R E N T _ U S E R (H K C U) The configuration unit contains the configuration file currently logged in to the user on the computer by this registry service. Its child includes environmental variables, personal program groups, desktop settings, network connection, printers, and application preferences (environment variables are used in Windows 2000 to allow scripts, registry entries, and other applications to use wildcards) Important system information that will change will occur. This information is the mapping of the HKEY_USERS configuration unit currently logs in to the user's security ID (SID) child. 3. HKEY_CLASSES_ROOTH K E Y _ CL A S S_R O O T (HK C R) The sub items included in the configuration unit list all the CO O M servers currently registered on the computer and all file extensions associated with the application. This information is a mapping of the child of H k e y _ l o c a l _m a c H i n E / S O f T WA R E / C L A S S e s. 4. HKEY_USERSH K E Y _ U S E R S (HK u) The subtology containing the sub-item contains all user profiles on the current computer. One of the children is always mapped to H k E Y _ C U R R E N T _ U S E R (via the user's S i D value). Another child h k e y _U s e R S / D E FA u LT contains information used before the user logs in. 5. HKEY_CURRENT_CONFIGH K E Y _ C U R RE N T _ C O N F I g (H K C C) The sub items included in the configuration unit list all hardware configuration information of the current session of the computer. The hardware profile appears in Windows NT version 4, which allows you to choose which device drivers supported in a specified session of the machine. This information is a mapping of H k E y _ L O c a l _ m a c H i n E / S Y S t e m / c u R R E N TET sub item. Because the registry is a small relational database, there is a need to have a mode that can define its organizational structure. In addition to the above introduction, this structure should also provide a limited data type set to include the registry value. Windows 2000 registry entry has 11 identifiable data types, and Table 1 - 1 provides its name and function. Each original data format type (name is D Wo R d, binary, string, multi-string), has a special editor in R E G E D T 3 2. E X E. These editors will be introduced in the Direct Solution section.
Windows 2000 Registry Recognizable Data Type Data Type Original Data Type Function REG _ NONE Unknown Encrypted Data REG _ SZ String Text Character REG _ EX PA ND _ SZ String Broughte Variable Text Reg_Bina RY Binary Binary Data REG _ DWORD value numerical data REG _ DWORD _ BIG _ endian Numerical Non I ntel value REG _LINK string file path REG _ MU LT i _ SZ multi-string strings array REG _ FULL _ RESOURCE _ DESCRIP TO R string hardware resources I Dr EG _ resource _ requirements _ list string hardware resource ID to be continued