Remote Registry Service in Windows Server 2003
Trust me, one day the Windows Server 2003 Remote Registry service will save your bacon. This page provides a tutorial to exploit the Remote Registry service. If the service has not started, no problem; I have a script, which will start the Remote Registry service on any machine on your network.
Topics for Remote Registry
- Updated Windows 7 Version of Remote Registry
- See Vista Version of Remote Registry
- Remote Registry – Connection
- Psycho and the Keyboard
- Remote Registry – Starting the Service
- Programs and Utilities that Depend on Remote Registry
- Summary of Remote Registry Service
Connecting to the Registry on another computer is easy, just launch Regedit and click on the File menu, next select, Connect Network Registry and type in the first few letters, finally press enter.
The first time I thanked Remote Registry for getting me out of a pickle was when a Psycho disabled his mouse and keyboard and then set AutoAdminLogon =1. The problem surfaced when Psycho rebooted, AutoAdminLogon let him logon without entering his username and password. The full horror became apparent when we tried to use Last Known Good to revert to the previous setting. AutoAdminLogon had overwritten the old control set. His machine was as they, ‘stuffed’, a condition I would like to have extended to Psycho. Well you’ve guessed the happy outcome, Connect Remote Registry, find the Keyboard and mouse setting in this path: HKLM, System, CurrentControlSet Services, i8042prt, Start =1 (not 4).
Like Alerter, DNS and SMTP, Microsoft implement Remote Registry as a Windows Server 2003 Service. One potential ‘gotcha’ is that the Remote Registry service is not started on the machine with which you want to connect. Fortunately, I am not going to be beaten, the answer is the following VBScript.
Instructions for starting the Remote Registry Service.
- Copy and paste the script below into notepad.
- Save the file with a .vbs extension e.g. RemoteRegistry.vbs.
- Double click the script, then enter the names of the server.
- Wait for a confirmation message.
Note 1: The name for this VBScript service has no space, what I mean is be careful and use RemoteRegistry and not Remote Registry.
Note 2: It may occur to you that you could amend the strService and so start other services such as System Attendant on an Exchange server.
The main reason to monitor your network is to check that your all your servers are available. If there is a network problem you want an interface to show the scope of the problem at a glance.
Even when all servers and routers are available, sooner or later you will be curious to know who, or what, is hogging your precious network’s bandwidth. A GUI showing the top 10 users makes interesting reading.
Another reason to monitor network traffic is to learn more about your server’s response times and the use of resources. To take the pain out of capturing frames and analysing the raw data, Guy recommends that you download a copy of the SolarWindsfree Real-time NetFlow Analyzer.
In addition to its obvious job, there other services and utilities that rely on the Remote Registry service. DCDiag, NetDiag, Terminal Services Licensing.
(There is a rumour that Remote Desktop requires the Remote Registry service, but on my machine I was able to get the XP Remote desktop even though Remote Registry was disabled on the target machine. Do email me if you can shed any light on this rumour, or indeed you know of other services that require Remote Registry.)
Practice with Remote Registry for that day when you need to remotely edit the registry of a sickly machine on your network. It’s easy to forget that Remote Registry is a service, which may not be started on the target machine. For that scenario, I have a VBScript which will restart the Remote Registry on any network machine.
If you like this page then please share it with your friends