For a user losing access to their key, support for recovery agents that can decrypt files is built in to EFS. A Recovery Agent is a user who is authorized by a public key recovery certificate to decrypt files belonging to other users using a special private key.
By default, local administrators are recovery agents however they can be customized using Group Policy.. Windows introduced the Logical Disk Manager and the diskpart command line tool for dynamic storage.
All versions of Windows support three types of dynamic disk volumes along with basic disks : simple volumes , spanned volumes and striped volumes :. In addition to these disk volumes, Windows Server , Windows Advanced Server , and Windows Datacenter Server support mirrored volumes and striped volumes with parity :.
With Windows , Microsoft introduced the Windows 9x accessibility features for people with visual and auditory impairments and other disabilities into the NT-line of operating systems. It also has support for many different locales. Windows included version 7. Microsoft published quarterly updates to DirectX 9. The majority of games written for versions of DirectX 9.
The Windows Computer Management console can perform many system tasks. It is pictured here starting a disk defragmentation. Windows introduced the Microsoft Management Console MMC , which is used to create, save, and open administrative tools.
Each of these is called a console , and most allow an administrator to administer other Windows computers from one centralized computer. Each console can contain one or many specific administrative tools, called snap-ins. These can be either standalone with one function , or an extension adding functions to an existing snap-in. In order to provide the ability to control what snap-ins can be seen in a console, the MMC allows consoles to be created in author mode or user mode.
Author mode allows snap-ins to be added, new windows to be created, all portions of the console tree to be displayed and consoles to be saved. User mode allows consoles to be distributed with restrictions applied. User mode consoles can grant full access to the user for any change, or they can grant limited access, preventing users from adding snapins to the console though they can view multiple windows in a console.
Alternatively users can be granted limited access, preventing them from adding to the console and stopping them from viewing multiple windows in a single console. The main tools that come with Windows can be found in the Computer Management console in Administrative Tools in the Control Panel.
It contains Disk Management and Removable Storage snap-ins, a disk defragmenter as well as a performance diagnostic console, which displays graphs of system performance and configures data logs and alerts. It also contains a service configuration console, which allows users to view all installed services and to stop and start them, as well as configure what those services should do when the computer starts.
REGEDIT has a left-side tree view of the Windows registry , lists all loaded hives and represents the three components of a value its name, type, and data as separate columns of a table. REGEDT32 has a left-side tree view, but each hive has its own window, so the tree displays only keys and it represents values as a list of strings.
It is a command line utility that scans system files and verifies whether they were signed by Microsoft and works in conjunction with the Windows File Protection mechanism. It can also repopulate and repair all the files in the Dllcache folder.
The Recovery Console is run from outside the installed copy of Windows to perform maintenance tasks that can neither be run from within it nor feasibly be run from another computer or copy of Windows It is usually used to recover the system from problems that cause booting to fail, which would render other tools useless, like Safe Mode or Last Known Good Configuration, or chkdsk.
Windows introduced Windows Script Host 2. Screenshot of Windows Server When users try to access a network share off the DFS root, the user is really looking at a DFS link and the DFS server transparently redirects them to the correct file server and share.
Domain-based DFS roots exist within Active Directory and can have their information distributed to other domain controllers within the domain — this provides fault tolerance to DFS. DFS roots that exist on a domain must be hosted on a domain controller or on a domain member server. A new way of organizing Windows network domains , or groups of resources, called Active Directory, is introduced with Windows to replace Windows NT's earlier domain model.
Active Directory's hierarchical nature allowed administrators a built-in way to manage user and computer policies and user accounts, and to automatically deploy programs and updates with a greater degree of scalability and centralization than provided in previous Windows versions. It is one of the main reasons many corporations migrated to Windows User information stored in Active Directory also provided a convenient phone book-like function to end users. Active Directory domains can vary from small installations with a few hundred objects, to large installations with millions.
Active Directory can organise and link groups of domains into a contiguous domain name space to form trees. Groups of trees outside of the same namespace can be linked together to form forests. Active Directory services could always be installed on a Windows Server , Advanced Server , or Datacenter Server computer, and cannot be installed on a Windows Professional computer. However, Windows Professional is the first client operating system able to exploit Active Directory's new features.
As part of an organization's migration, Windows NT clients continued to function until all clients were upgraded to Windows Professional, at which point the Active Directory domain could be switched to native mode and maximum functionality achieved. There should be one or more domain controllers to hold the Active Directory database and provide Active Directory directory services.
Along with support for simple, spanned and striped volumes, the server family of Windows also supports fault-tolerant volume types. The types supported are mirrored volumes and RAID-5 volumes :. Windows can be deployed to a site via various methods. It can be installed onto servers via traditional media such as CD or via distribution folders that reside on a shared folder. Installations can be attended or unattended.
During a manual installation, the administrator must specify configuration options. Unattended installations are scripted via an answer file , or a predefined script in the form of an INI file that has all the options filled in. INI files had to be smaller than 64 KB in length; in addition, the Windows profile API calls blissfully ignores all but the first instance of settings with the same name within one section of the file. Both features required an up-to-date, correct database of program locations and capabilities.
For example, object embedding could only work if the source and destination applications had some way to communicate exactly what type of data was being embedded, and the File Manager required access to a database of mappings to associate files with the applications that created them.
To provide this information, Windows 3. This Registry offered solutions to several of the problems posed by INI files:. Instead of segregating data into separate INI files, both system and application-specific configuration data could be stored in the Registry.
In the original Windows 3. Keeping system and application settings in one place reduced both the number and complexity of INI files; in addition, having a one-stop system for storing preferences and setting data made it possible to better share information such as font lists between different applications. INI files were plain text, so it was easy to edit them.
This was both a blessing and a curse; users could make changes when necessary, but they were often prone to making unnecessary or instability-causing changes.
The data in reg. The structure of INI files was haphazard at best: sections could appear in any order within the file, and values could appear anywhere in the section. There was no good way to group related settings, especially when they might appear in different files! However, the Windows 3. It supported only a single hierarchy for storing all system and application settings, and the reg.
In addition, Windows 3. Finally, the Windows 3. Despite these shortcomings, the Windows 3. In a filesystem, the topmost item is a root directory, which can contain any number of files and folders.
All other keys in the Registry are children of one of the root keys although Windows 3. Each key can contain either values the Registry equivalent of a data file or nested subkeys , equivalent to nested folders.
Just as with files and folders, you can uniquely identify a Registry key by building a full path to it. If you look at the actual contents of the folder see Figure 5 , you can see several files with different extensions.
Files without extensions contain the actual data for a root node. The content of the various registry root nodes are also known as hives see Figure 6. Files with a. During the Windows startup you can distinguish two distinct stages: the text-mode stage and the graphics stage. When the system is about to leave the text-mode procedure, it saves the hives to the respective.
If problems occur during the next graphic-mode step, the system restarts, but it doesn't repeat the whole setup procedure. It skips the text-mode step and reads the content of the registry hives from the respective.
Files with the. Despite the extension that might make you think this is a text file, the content of the. The registry folder also contains one file with an extension of. Windows utilizes only one ALT file, system. Figure 7 shows how the hives that are visible from the Registry Editor map to physical files. The content of HKCU and the content of the hives for other users are stored in different folders.
In particular, you'll find files called ntuser. The Knowledge Base articles Q and Q describe in detail how to get and set the registry size limit programmatically.
Don't forget, however, that you need to restart the machine for the changes to take effect. Registry data is grouped into root nodes roughly following the schema depicted in Figure 8. In most cases, the same information can be set and read through API functions without directly accessing the registry. However, this is not necessarily true of all the information you might want to access.
Knowing where to search for useful information can save you time and allow you to better integrate with the rest of the system. All the available information about registered file types and system objects is stored in the HKCR hive. This is also the hive to explore if you need to verify whether a certain COM object exists and is correctly installed. In the remainder of the article, I'll examine a few stumbling blocks and provide tips to accomplish tasks that would be impossible without modifying the registry.
In doing so, I'll discuss little-known keys and entries. I'll talk about access to file classes, current settings for system objects, infotips, and regedit's lastkey behavior. This has not changed since Windows Due to limitations inherent in the file system architecture, the only way to group files into classes is by the file extension. All the files with a given extension belong to a certain class, regardless of their actual content.
Not all the class information for bitmaps is stored under the. For a more flexible programming interface, an extension node points to another node that gathers all the information about the file class. The name of the file class for a certain file extension is stored in the unnamed default entry for the file type. For example, the file class for bitmap files is usually Paint.
This is where you should search for information about bitmap images such as the icon, description, context menu, and shell extensions. The decoupling of extension and class allows different programs to register as the default handler for those files by changing a single entry and without overriding other programs' settings. Along with file classes and COM objects, the HKCR hive also contains the current settings for a number of system objects such as folders, directories, drives, and printers.
You can update the standard configuration of any of these objects individually, but you can also apply the same changes to groups of objects. The Folder key includes both folders and file system directories. The Directory key refers only to file system directories. Windows introduces a new system object called AllFileSystemObjects, under which you can enter configuration information for both files and directories.
You've probably noticed that infotips abound in the Windows Explorer, and not only for those file classes for which an infotip shell extension has been registered. Explorer, in fact, provides standard infotips for any file that appears in the shell view.
The text displayed doesn't come from a systemwide infotip extension; it's read from various locations within the registry. Figure 9 shows the standard infotip for a VBScript file. For more details and source code about infotip shell extensions, please refer to my article " Enhance Your User's Experience with New Infotip and Icon Overlay Shell Extensions " in the March issue.
Once the Windows shell detects the file type, it attempts to locate and load an infotip shell extension for that class. If it fails, it then searches for an Infotip entry under the file class node. For example, the default file class for ASP files is aspfile. If it fails again, the standard infotip is used.
Figure 11Simple Infotip. Interestingly, the standard infotip is customizable. Its text looks like this:. Figure 12Extended Infotip. On an NTFS volume, extra fields such as Author and Subject are stored through multiple data streams for any type of file that doesn't contain a SummaryInformation block in its own body. In particular, you can alter the order in which the information is rendered and you can add new fields as well.
For example,. Figure 13New Custom Infotip. If you use the Registry Editor on a daily basis there's another feature that you might find annoying over time: the automatic selection of the last accessed key. The name of the last key is stored in the LastKey entry under the Regedit node. Deleting this key is of no help since the key is overwritten or created upon exit. A partial solution is using regedt In particular, you can deny write access to the key to any users or groups you want, as shown in Figure Make sure you apply the restriction to the Regedit key only, not to all of its subkeys.
If you restrict the subkeys, you'll be unable to add and delete items to and from the favorites list. Figure 14Regedit Permissions. At this point, you've successfully stopped the Registry Editor from selecting the last accessed key, but you also introduced a couple of predictable side effects.
Since write permissions to the registry can be granted or denied only at the key level, there's no way to lock individual registry entries. Blocking the Regedit node also prevents the application from using the other two entries defined at the same level of LastKey: FindFlags and, more importantly, View. FindFlags maintains the state of the Find dialog, whereas View remembers the size and position of the program's window. This information will become unavailable once you deny writing permissions to the Regedit node.
Henceforth, the program can't reopen where you closed it, nor can it remember the last find settings. You'll have to decide if these settings are important for you to maintain. In this section I'll explain how to selectively set the visibility of file extensions show or hide , set default behavior for double-clicking, control the Open With menu behavior, and manage connected HTML files, which I'll define later.
As you know, there are folder properties to hide or show the extension for known file types. There might be circumstances, however, in which you don't want the same setting to apply to all file classes. For example, suppose you want to hide the extension for the majority of files, but not for a couple of classes, say,. By defining an AlwaysShowExt entry in the class node, you force the shell to override the current setting and always show the extension for those files.
Conversely, if you always want to show the file extension except in a few instances, create a NeverShowExt entry in the appropriate class node. For a practical demonstration of this feature, consider shortcut files. By design, Explorer never shows the. In Figure 15 you can see that if you remove the entry, the. Figure 15Start Menu. Another way to use registry entries to set behavior is to define the action of a double mouse click. The Windows Application Specification documentation recommends that you always associate an action for double clicking on a file.
Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions. All rights reserved. This chapter is from the book. NOTE This subsection can be helpful when troubleshooting boot problems and when optimizing your system. NOTE It is recommended that only advanced users and system administrators change these settings.
Overview Pearson Education, Inc. Collection and Use of Information To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including: Questions and Inquiries For inquiries and questions, we collect the inquiry or question, together with name, contact details email address, phone number and mailing address and any other additional information voluntarily submitted to us through a Contact Us form or an email.
Surveys Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Contests and Drawings Occasionally, we may sponsor a contest or drawing. Newsletters If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information informit.
Service Announcements On rare occasions it is necessary to send out a strictly service related announcement. Customer Service We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form. Other Collection and Use of Information Application and System Logs Pearson automatically collects log data to help ensure the delivery, availability and security of this site.
Web Analytics Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. Cookies and Related Technologies This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising.
Security Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.
Children This site is not directed to children under the age of Marketing Pearson may send or direct marketing communications to users, provided that Pearson will not use personal information collected or processed as a K school service provider for the purpose of directed or targeted advertising. Such marketing is consistent with applicable law and Pearson's legal obligations. Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn. Sale of Personal Information Pearson does not rent or sell personal information in exchange for any payment of money.
Supplemental Privacy Statement for California Residents California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. Sharing and Disclosure Pearson may disclose personal information, as follows: As required by law. Links This web site contains links to other sites.
Requests and Contact Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.
Last Update: November 17,
0コメント