Guy’s Best Practice and Litmus Test Ezine #6 – Registry Tips
This week’s newsletter is in two halves; the first half features Registry Tips and stories, while the second half has follow up on last week’s Exchange Tips.
Contents for Ezine #6
Hacking the registry is an emotive term. It brings to mind thoughts of expert knowledge, with a dash of bravado and more than a hint of forbidden fruit.
How Dangerous is editing the registry? In my opinion everyone goes through 5 stages before they master the registry.
Automatic Logon has all the ingredients of a registry hack: a security risk, specialist business use and most of all AutoAdminLogon is fun to implement.
AutoAdminLogon creates a huge security loophole by allowing a machine to start without requiring anyone to logon. So what can be the justification? The answer is installation scripts, especially where you apply service packs immediately after the main install. If the script turns on AutoAdminLogon, then the installation engineer does not have to visit the machine midway through the job. A clever script will then reset AutoAdminLogon to zero, meaning off one the task has completed.
Instructions to set AutoAdminLogon
First Objective – Open Regedit then drill down to:
Second Objective – Create DefaultPassword
In regedit, you need to go to the EDIT menu, New, String Value type DefaultPassword.
Guy Recommends: The Free IP Address Tracker (IPAT)
Calculating IP Address ranges is a black art, which many network managers solve by creating custom Excel spreadsheets. IPAT cracks this problem of allocating IP addresses in networks in two ways:
For Mr Organized there is a nifty subnet calculator, you enter the network address and the subnet mask, then IPAT works out the usable addresses and their ranges.
For Mr Lazy IPAT discovers and then displays the IP addresses of existing computers. Download the Free IP Address Tracker
Damon Runyan had character in his book who was always giving horse racing tips. He had a catch phrase ‘ and a Tale goes with it’ meaning there was always an interesting story behind the ‘Tip’. Well I have ‘ and a Tale goes with it’, for my next registry tip.
Evans Twp – RegisteredOwner
In my homeland of Wales, Twp (pronounced Tupp) means a stupid person. The IT manager of a company I was working with was called Evans and in common with many mangers he was not very IT literate. So one of the techies, Dai ‘eighteen months’, nicknamed the manager Evans Twp. (Dai lost half of one ear in a Rugby scrum so he only had an ear and a half!).
The IT department took on a new lad called Peter. Now practical jokes are often part of initiation for new workers and this company was no exception. Peter’s first job was to install 5 new servers. During the set-up he came to the Organization Menu and he asked Dai ‘eighteen months’ what he should enter. Dai said "Put Evans Twp in the box". When Peter proudly showed off the new server he was taken aback when Mr Evans went ballistic and accused Peter of undermining his authority. What had happened was Mr Evans saw that the ‘Registered To’ in the System Icon said: – Evans Twp! (Meaning: Evans the stupid one!)
I was visiting the company doing other work when I heard of Peter’s distress. Poor lad was told that he had to come in a the weekend and reinstall the servers with proper company name as the ‘Registered Owner’. I took him aside and showed him how to find RegisteredOwner using Regedit. We found Evans Twp and changed it to a more appropriate value. Peter was thrilled as it only took a moment and he did not have to sacrifice his weekend.
INSTRUCTIONS TO SET REGISTEREDOWNER
Method Drill down to: HKEY_Local_Machine\Software\Microsoft\Windows NT\CurrentVersion\RegisteredOwner
Double Click RegisteredOwner then change the value to what you want. Re-open the System Icon and check your new value
Here are my latest views on the 5 stages on mastering the registry.
Two readers wrote in to make some valuable points about Exchange 2003 migration.
C.H. Pointed out that one Migration Path would be Exchange 2003 on an Exchange 2003 member server in a Windows 2000 domain.
B.G. Emphasised that it is ‘Best Practice’ to run deployment tool = exeploy.hta from the Wizard at the Startup screen. Do not run exdeploy.exe directly.
Circular Logging SOUNDS like a good idea, but it does not get the Guy seal of approval.
Professionals: Think of disaster recovery, they disable circular logging 99% of the time
Why is Circular Logging not best practice?
What is Circular Logging?
Exchange, SQL and Active Directory databases all rely on transaction or write-ahead logs. Events can be quickly written to the logs, then later ‘committed’ to the main database file. Circular logging over-writes these transaction logs to save disk space.
Where do you check the circular logging setting?
a) Open the Exchange Administrator, double-click Servers.
Why does such a potentially harmful setting exist?
Windows 8 Registry