Trust me, if you experiment with Windows 7’s regedit, then one day you are going to need, ‘Connect Network Registry’ to get you out of a mess.
This page explains how to control the Windows 7 Remote Registry service. If the service has not started, don’t worry; I have a script which will start this service on any machine on your network (firewall permitting).
Topics for Remote Registry Editing
- ‘Connect Network Registry’ Strategy
- Psycho and the Keyboard
- Remote Registry – Starting the Service
- Programs and Utilities that Depend on Remote Registry
- Summary of Remote Registry Service
Suppose you have a wounded machine that boots, but then hangs and the keyboard and mouse won’t respond. In this situation the best strategy would be to try to access the wounded machine using Remote Desktop. Only if that does not work, resort to this remote registry connection method. Moreover, I realize that success depends on how the remote machine is configured. Specifically, whether Remote Desktop is disabled, or whether the Remote Registry service has started on the ‘victim’ machine.
As an aside, if you have two machines, then the idea of comparing a healthy machine with the damaged machine, is an underused troubleshooting technique.
Instructions for ‘Connect Network Registry‘
Connecting to the Registry on another computer is straightforward, provided you meet the pre-requisites.
- The Remote Registry service has started on both machines.
- You logon as an administrator.
- You can connect to the other machine by typing the UNC path (\\ machine) in the Start Search dialog box.
- Launch Regedit, and click on the File menu
- Look for, Connect Network Registry.
- In the Select Computer dialog box, type the name of the machine you wish to connect. Click OK.
- Optionally, click ‘Check Names’
- If that does not work, investigate the Advanced settings.
SolarWinds’ Orion performance monitor will help you discover what’s happening on your network. This utility will also guide you through troubleshooting; the dashboard will indicate whether the root cause is a broken link, faulty equipment or resource overload.
What I like best is the way NPM suggests solutions to network problems. Its also has the ability to monitor the health of individual VMware virtual machines. If you are interested in troubleshooting, and creating network maps, then I recommend that you try NPM now.
Here is a scenario for remote registry editing. On a training course I had a Psycho user. He was nothing but trouble, arrived late, spilt coffee over his monitor and worse still, would not listen to instructions. As usual, I showed the delegates the AutoAdminLogon =1 setting. My purpose was to save them typing a difficult password, after each reboot required by the notes.
The problem started when for some bizarre reason, Psycho decided to disable his keyboard and mouse. After Psycho rebooted his machine, AutoAdminLogon, by design, let his account logon without entering a username and password. His machine was useless; you could use neither the keyboard nor the mouse. The full horror became apparent when we tried to use Last Known Good to revert to the previous setting. AutoAdminLogon had overwritten the old control set. His machine was as they say, ‘stuffed’ – a condition I would have liked to extend to Psycho.
Well, you’ve probably guessed the happy outcome, I logged on as administrator at another machine, launched regedit, and then selected ‘Connect Remote Registry’. Once I opened Psycho’s registry I drilled down to the keyboard and mouse setting using this path: HKLM, System, CurrentControlSet Services, i8042prt. Then it was a trivial task to change a REG_DWORD called Start from 4 to 1.
I don’t wish to spoil a good story, but I have to point out that the above rescue scenario was on a Windows Server 2003 machine. On Windows 7 the keyboard and mouse driver is configured differently, consequently it no longer supports the above registry settings. ‘No worries’, as my Australian cousin says, the remote registry principle is sound. No doubt Psycho will find a new way of breaking your machine, and it is quite likely that remote registry editing will be the only way to recover from his stupidity.
Windows 7 Remote Registry – Starting the Service
Like Spooler, DNS and SMTP, Microsoft implement Remote Registry as a Windows service. One potential ‘gotcha’ is that the Remote Registry service is not started on the ‘victim’ machine. Fortunately, I am not going to be beaten, the answer is the following VBScript.
To start the Remote Registry services manually
- Click on the Start Button, in the Start Search dialog box, type: ‘Services’.
- Scroll down the list of services until you come to those beginning with ‘R’, right-click Remote Registry, and select Start from the short-cut menu.
- One of my beliefs is that anything that you can do manually, you can do with PowerShell or VBScript.
To Start the Remote Registry Services Using PowerShell
WinRm – The Pre-requisite for Remote PowerShell
Stage One – Enable WinRm for PowerShell Remoting
Even with all the components installed correctly, (PowerShell v 2.0 CTP3, .Net Framework and WinRm), remoting still won’t work until you run this cmdlet from within PowerShell (not DOS):
Note 1: You need remoting setup on both computers.
Note 2: That unlike PSSession commands, this function only has one ‘S’ PSRemoting.
Stage Two – Create a Session Between the Machines
New-PSSession -computername testMachine2
# Or simply:
Enter-PSSession -computername testMachine2
Stage Three – Start the Remote Registry Service
# Check Status (and make sure you have the correct name).
# The business part of the script
Note 1: For scripting purposes, RemoteRegistry is all one word, even though it’s display name has a space:
The main reason to monitor your network is to check that your all your servers are available. If there is a network problem you want an interface to show the scope of the problem at a glance.
Even when all servers and routers are available, sooner or later you will be curious to know who, or what, is hogging your precious network’s bandwidth. A GUI showing the top 10 users makes interesting reading.
Another reason to monitor network traffic is to learn more about your server’s response times and the use of resources. To take the pain out of capturing frames and analysing the raw data, Guy recommends that you download a copy of the SolarWindsfree Real-time NetFlow Analyzer.
To Start the Remote Registry Services Using VBScript
- Copy and paste the script below into notepad.
- Save the file with a .vbs extension e.g. RemoteRegistry.vbs.
- Double click the script, then enter the names of the server.
- Wait for a confirmation message.
Note 1: The name for this service has no space, moreover you need to enclose " ‘ RemoteRegistry ‘ " in both double and single quotes.
Note 2: It may occur to you that you could amend the strService, and thus start other services such as, System Attendant on an Exchange server.
SolarWinds’ Config Generator is a free tool, which puts you in charge of controlling changes to network routers and other SNMP devices. Boost your network performance by activating network device features you’ve already paid for.
Guy says that for newbies the biggest benefit of this free tool is that it will provide the impetus for you to learn more about configuring the SNMP service with its ‘Traps’ and ‘Communities’. Try Config Generator now – it’s free!
In addition to its obvious registry function, there other services and utilities that rely on the Remote Registry service: DCDiag, NetDiag and Terminal Services Licensing.
(There is a rumour that Remote Desktop requires the Remote Registry service, but on my machine I was able open a session with an XP Remote desktop, even though Remote Registry was disabled on the target machine. Do email me if you can shed any light on this rumour, or indeed you know of other services that require Remote Registry.)
Practice with Remote Registry, keep in mind that day when you are going to need access to the registry of a sickly machine on your network – from afar. It’s easy to forget that the Remote Registry service may not be started on the target machine. For that scenario, I have a VBScript which will restart the Remote Registry on another network machine
If you like this page then please share it with your friends