[THIN] Re: Registry Redirect
- From: "Steve Greenberg" <steveg@xxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Sun, 17 Jul 2005 01:03:50 -0700
Rick,
That was a great explanation! This is really key to understanding
application behavior in the multi-user Windows environment....
Steve Greenberg
Thin Client Computing
34522 N. Scottsdale Rd D8453
Scottsdale, AZ 85262
(602) 432-8649
www.thinclient.net
steveg@xxxxxxxxxxxxxx
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Rick Mack
Sent: Saturday, July 16, 2005 1:15 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Registry Redirect
Hi,
In Windows 2000 and later, if you monitor an application with regmon,
one of the things you'll notice is that HKCU\Classes is always
accessed first before HKCR (HKEY_CLASSES_ROOT). As a note, HKCR is
linked to HKLM\Software\Classes and HKCU\Classes is linked with
HKCU\Software\Classes.
When you open regedit and go to HKEY_USERS, you'll see 2 entries for
each user, a key wih the user's SID and another one with the users
SID_Classes. The second key correspondes to HKCU\Classes and is
essentially a user's "virtual" HKCR. This exists as a separate profile
entity and file (%userprofile%\local settings\application
data\microsoft\usrclass.dat).
The important issue is that if a registry key/value exists under
HKCU\Software\Classes, it will be used instead of the equivalent
key/value under HKCR. So writes to HKCR can be easily redirected to
HKCU\classes.
Anyway, in Windows 2000 etc, using a script to create relevant
registry keys under HKCU\Software\Classes provides a nice way to:
1. override values in HKCR (eg per-user file associations) so, for
example some users can get word when they double click on a .doc file
while others got the word viewer.
2. have full machine registry security and still accommodate
applications that want full write access to keys/values. As an
example, running access 97 and 2002 on the same machine.
It's really not too difficult to have full registry security and still
have everything work.
If you use regmon to see what keys are being modified if an admin runs
an app, export the regmon log, and find all the setvalue commands,
it's not hard to translate them to a script that creates the
keys/values under HKCU\Software\Classes. You can also create the
keys/values using custom policy templates.
There are other alternatives that do this job: AIE in Presentation
Server 4, SoftGrid and of course the KB article Neil posted that takes
registry redirection and makes it fully automatic. The only bad news
about the KB article is that it states this behaviour is for 2003
enterprise and data center editions. :-(
And of course, some applications such as Office XP/2003 actually use
HKCU\Software\Classes already.
Regards,
Rick
Ulrich Mack
Volante Systems
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Dogers
Sent: Saturday, 16 July 2005 4:01 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Registry Redirect
On 15/07/05, Braebaum, Neil <Neil.Braebaum@xxxxxxxxxxxxxxxxx> wrote:
> Well indeed - I don't want to have my servers running like that.
Mmm.. me either, we're running full right now as you've probably guessed.
> For the scenarios where I have to have an app that can write to HKLM
> or HKCR, I'll use application isolation, or Softgrid.
Looks like I'll have to kick up my plans to go MPS4 a notch!
> However, Andrew asked the question, and I answered it.
Ta :)
Andrew
********************************************************
This Weeks Sponsor: Lakeside Software
SysTrack is the easiest to use, most complete way to monitor system and
application performance. SysTrack combines comprehensive monitoring
capabilities with hardware/software inventory, change management, user/web
auditing, and reporting to create a total management solution.
Evaluation at: http://www.LakesideSoftware.com
**********************************************************
Now available BriForum-The Video!
http://www.brianmadden.com/store/pc/viewPrd.asp?idproduct=idaffiliate=
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
ThinWiki community - Excellent SBC Search Capabilities!
http://www.thinwiki.com
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This Weeks Sponsor: Lakeside Software
SysTrack is the easiest to use, most complete way to monitor system and
application performance. SysTrack combines comprehensive monitoring
capabilities with hardware/software inventory, change management, user/web
auditing, and reporting to create a total management solution.
Evaluation at: http://www.LakesideSoftware.com
**********************************************************
Now available BriForum-The Video!
http://www.brianmadden.com/store/pc/viewPrd.asp?idproduct=1&idaffiliate=3
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
ThinWiki community - Excellent SBC Search Capabilities!
http://www.thinwiki.com
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
Other related posts:
