Quick Tips for Windows NT (November 1999)

Published: November 15, 1999

Archived content - No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

These time-saving tips on a variety of topics are contributed by experienced IT Pros, and take just a few minutes to learn and implement.

https://www.techrepublic.com/

On This Page

Restricting Registry Access
Maximum Size of the Registry
Deleting Registry Values from the Command Line
Disabling the DOS 8.3 Name Creation in NTFS
Changing Access Permissions with NTFS
Changing Directory Permissions from a Command Line or Batch File
Vulnerabilities in Unattended Installations of Windows NT
Troubleshooting TCP/IP Problems

Restricting Registry Access

Troy Thompson, MCSE+Internet

If you want to restrict certain users from editing the Registry, do the following:

1. Launch the Registry editor (select Start, Run, and type regedt32.exe).

2. Highlight the HKEY_USERS and select Load Hive from the Registry menu.

3. Go to the Users Profile directory of the user you want to restrict and select NTUser.dat.

4. Input the user's UserID when prompted for Key Name.

5. Go to \Software\Microsoft\Windows\CurrentVersion\Policies and add the System sub-key if it does not exist.

6. Add Value of DisableRegistryTools under the System key, using type REG_DWORD and set the binary value to 1.

7. Unload the Hive from the Registry menu.

Maximum Size of the Registry

Troy Thompson, MCSE+Internet

The maximum size of the Registry is 102 MB, which is 80 percent of the paged pool. The paged pool is an area of physical memory used for system data that can be written to disk when not in use. The paged pool has a maximum capacity of 128 MB—thus, 80 percent of that is 102 MB. You can create a registry entry for the maximum size by going to the HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Control key and selecting New, then Dword Value from the Edit menu and providing the name as RegistrySizeLimit. By default, this entry is not created. Double-click the new entry, enter a value in bytes, and choose decimal as the type. If no entry is entered, the maximum size is 25 percent of the paged pool. The RegistrySizeLimit is not an allocation of space, so setting a high value will not insure that the space will be reserved or available. The minimum size for RegistrySizeLimit is 4 MB.

Deleting Registry Values from the Command Line

Troy Thompson, MCSE+Internet

You can delete a Registry setting from a command line or batch file by using the Reg.exe utility that comes with the Windows NT Resource Kit Supplement 2. Typing reg delete HKLM\Software\regsetting deletes the HKEY_LOCAL_MACHINE \Software \regsetting value. This command requires confirmation unless the /f switch is used at the end.

Disabling the DOS 8.3 Name Creation in NTFS

Troy Thompson, MCSE+Internet

To disable the DOS 8.3 name creation on an NTFS partition, you must change the NtfsDisable8dot3NameCreation from 0 to 1. This value is found in the HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Control \FileSystem in the Registry. After doing this, you may experience problems while installing certain software packages, such as Office 97. You can always enable it during installation to get around the problem.

Changing Access Permissions with NTFS

Troy Thompson, MCSE+Internet

When a volume has been formatted as NTFS, you have an extra tab called Permissions in the Properties window. To change the permissions on an NTFS volume, start Windows Explorer, right-click a directory, and select Properties. Click the Security tab to access the Permissions button. At this point, you can change the existing permissions for the directory. You must already have rights to the directory before you can make changes to it.

Changing Directory Permissions from a Command Line or Batch File

Troy Thompson, MCSE+Internet

You can change access permissions for a file or directory from a command line or batch file by using the Cacls.exe utility that comes with Windows NT. Type Cacls /? at the command prompt to see the usage:

CACLS filename [/T] [/E] [/C] [/G user:perm] [/R user [...]]
 [/P user:perm [...]] [/D user [...]]
 filename Displays ACLs.
 /T Changes ACLs of specified files in
 the current directory and all subdirectories.
 /E Edit ACL instead of replacing it.
 /C Continue on access denied errors.
 /G user:perm Grant specified user access rights.
 Perm can be: R Read
 C Change (write)
 F Full control
 /R user Revoke specified user's access rights (only valid with /E).
 /P user:perm Replace specified user's access rights.
 Perm can be: N None
 R Read
 C Change (write)
 F Full control
 /D user Deny specified user access.

So the command Cacls UserDir /T /E /G UserName:F, would append the permissions of the directory UserDir and its subdirectories for the user UserName to Full Control.

Vulnerabilities in Unattended Installations of Windows NT

Troy Thompson, MCSE+Internet

When an unattended installation of Windows NT 4.0 is performed, the installation parameters are included in the Unattend.txt file. A vulnerability exists because the installation process copies the parameter file to a file in %windir%\system32 ($winnt$.inf for a normal unattended installation, or $nt4pre$.inf if Sysprep was used), but it will not be deleted when the installation is complete. By default, any user who can perform an interactive logon can read this file. If sensitive information such as account passwords were provided in the installation parameters file, the information could be compromised.

Troubleshooting TCP/IP Problems

Troy Thompson, MCSE+Internet

Ping is the first command you should use when testing TCP/IP connections. From a command line, you can ping the loopback address of 127.0.0.1 to see if TCP/IP has been properly installed on your computer. Type ping 127.0.0.1 at the command prompt and it should return a result that looks similar to the following:

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<10ms TTL=128
Reply from 127.0.0.1: bytes=32 time<10ms TTL=128
Reply from 127.0.0.1: bytes=32 time<10ms TTL=128
Reply from 127.0.0.1: bytes=32 time<10ms TTL=128

If you get a request timed out message, it indicates that TCP/IP was not set up correctly on your computer. You can also ping an IP address of another computer on the near side and far side of your router to see if the packets are getting passed to and through the router. There are also command line options that can be used with ping. These options include:

• -t: Ping the specified host until interrupted

• -a: Resolve addresses to hostnames

• -n: Count number of echo requests to send

• -l size: Send buffer size

• -f Set: Don't Fragment flag in packet

• -i TTL: Time To Live

• -v TOS: Type Of Service

• -r count: Record route for count hops

• -s count: Timestamp for count hops

• -j host-list: Loose source route along host-list

• -k host-list: Strict source route along host-list

• -w timeout: Timeout in milliseconds to wait for each reply

The above article is courtesy of TechRepublic<https://www.techrepublic.com>.

We at Microsoft Corporation hope that the information in this work is valuable to you. Your use of the information contained in this work, however, is at your sole risk. All information in this work is provided "as -is", without any warranty, whether express or implied, of its accuracy, completeness, fitness for a particular purpose, title or non-infringement, and none of the third-party products or information mentioned in the work are authored, recommended, supported or guaranteed by Microsoft Corporation. Microsoft Corporation shall not be liable for any damages you may sustain by using this information, whether direct, indirect, special, incidental or consequential, even if it has been advised of the possibility of such damages. All prices for products mentioned in this document are subject to change without notice.

International rights.