Overview#

Windows registry is a hierarchical Data Store that stores low-level settings for the Microsoft Windows Operating System and for applications that opt to use the Windows registry. The Microsoft Windows kernel, device drivers, services, Security Account Manager (SAM), and user interface can all use the Windows registry.
Windows registry also allows access to counters for profiling system performance.

Keys and values#

Windows registry contains two basic elements:

• keys are Containers objects similar to folders.
• values are non-container objects similar to files.

Keys may contain values and subkeys. Keys are referenced with a syntax similar to Microsoft Windows' File System path names, using backslashes to indicate levels of hierarchy. Keys must have a Case-insensitive name without backslashes.The hierarchy of registry keys can only be accessed from a known root key handle (which is anonymous but whose effective value is a constant numeric handle) that is mapped to the content of a registry key preloaded by the kernel from a stored "hive", or to the content of a subkey within another root key, or mapped to a registered service or DLL that provides access to its contained subkeys and values.

There are seven predefined root keys, traditionally named according to their constant handles defined in the Win32 API, or by synonymous abbreviations (depending on applications)

More Information#

There might be more information for this subject on one of the following:

• Channel Binding
• Create a MAD Service To Run
• HIVE
• HKEY_CLASSES_ROOT
• HKEY_DYN_DATA
• HKEY_LOCAL_MACHINE
• LDAP Signing
• LDAPServerIntegrity
• LSA Protection
• Microsoft Active Directory Anomalies
• MsDS-SupportedEncryptionTypes
• Password Flow From Active Directory to eDirectory
• Securable object
• Service Control Manager
• Windows Authentication Package
• Windows Security Log Event
• Winlogon

---

• [#1] - Windows_Registry - based on information obtained 2018-10-18-
• [#2] - Registry - based on information obtained 2018-10-18-