DOCSLIB.ORG

[MS-RRP]: Windows Remote Registry Protocol

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
[MS-RRP]: Windows Remote Registry Protocol [MS-RRP]: Windows Remote Registry Protocol Intellectual Property Rights Notice for Open Specifications Documentation . Technical Documentation. Microsoft publishes Open Specifications documentation (“this documentation”) for protocols, file formats, data portability, computer languages, and standards support. Additionally, overview documents cover inter-protocol relationships and interactions. Copyrights. This documentation is covered by Microsoft copyrights. Regardless of any other terms that are contained in the terms of use for the Microsoft website that hosts this documentation, you can make copies of it in order to develop implementations of the technologies that are described in this documentation and can distribute portions of it in your implementations that use these technologies or in your documentation as necessary to properly document the implementation. You can also distribute in your implementation, with or without modification, any schemas, IDLs, or code samples that are included in the documentation. This permission also applies to any documents that are referenced in the Open Specifications documentation. No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation. Patents. Microsoft has patents that might cover your implementations of the technologies described in the Open Specifications documentation. Neither this notice nor Microsoft's delivery of this documentation grants any licenses under those patents or any other Microsoft patents. However, a given Open Specifications document might be covered by the Microsoft Open Specifications Promise or the Microsoft Community Promise. If you would prefer a written license, or if the technologies described in this documentation are not covered by the Open Specifications Promise or Community Promise, as applicable, patent licenses are available by contacting [email protected]. License Programs. To see all of the protocols in scope under a specific license program and the associated patents, visit the Patent Map. Trademarks. The names of companies and products contained in this documentation might be covered by trademarks or similar intellectual property rights. This notice does not grant any licenses under those rights. For a list of Microsoft trademarks, visit www.microsoft.com/trademarks. Fictitious Names. The example companies, organizations, products, domain names, email addresses, logos, people, places, and events that are depicted in this documentation are fictitious. No association with any real company, organization, product, domain name, email address, logo, person, place, or event is intended or should be inferred. Reservation of Rights. All other rights are reserved, and this notice does not grant any rights other than as specifically described above, whether by implication, estoppel, or otherwise. Tools. The Open Specifications documentation does not require the use of Microsoft programming tools or programming environments in order for you to develop an implementation. If you have access to Microsoft programming tools and environments, you are free to take advantage of them. Certain Open Specifications documents are intended for use in conjunction with publicly available standards specifications and network programming art and, as such, assume that the reader either is familiar with the aforementioned material or has immediate access to it. Support. For questions and support, please contact [email protected]. 1 / 92 [MS-RRP] - v20170915 Windows Remote Registry Protocol Copyright © 2017 Microsoft Corporation Release: September 15, 2017 Revision Summary Revision Revision Date History Class Comments 3/2/2007 1.0 Major Updated and revised the technical content. 4/3/2007 1.1 Minor Clarified the meaning of the technical content. 5/11/2007 2.0 Major New format; Added content; Updated technical content 6/1/2007 2.0.1 Editorial Changed language and formatting in the technical content. 7/3/2007 3.0 Major Updated and revised the technical content. 8/10/2007 3.1 Minor Clarified the meaning of the technical content. 9/28/2007 3.2 Minor Clarified the meaning of the technical content. 10/23/2007 3.2.1 Editorial Changed language and formatting in the technical content. 1/25/2008 3.3 Minor Clarified the meaning of the technical content. 3/14/2008 3.3.1 Editorial Changed language and formatting in the technical content. 6/20/2008 4.0 Major Updated and revised the technical content. 7/25/2008 5.0 Major Updated and revised the technical content. 8/29/2008 6.0 Major Updated and revised the technical content. 10/24/2008 6.0.1 Editorial Changed language and formatting in the technical content. 12/5/2008 7.0 Major Updated and revised the technical content. 1/16/2009 8.0 Major Updated and revised the technical content. 2/27/2009 9.0 Major Updated and revised the technical content. 4/10/2009 10.0 Major Updated and revised the technical content. 5/22/2009 11.0 Major Updated and revised the technical content. 7/2/2009 12.0 Major Updated and revised the technical content. 8/14/2009 13.0 Major Updated and revised the technical content. 9/25/2009 14.0 Major Updated and revised the technical content. 11/6/2009 15.0 Major Updated and revised the technical content. 12/18/2009 16.0 Major Updated and revised the technical content. 1/29/2010 17.0 Major Updated and revised the technical content. 3/12/2010 18.0 Major Updated and revised the technical content. 4/23/2010 18.1 Minor Clarified the meaning of the technical content. 6/4/2010 19.0 Major Updated and revised the technical content. 7/16/2010 20.0 Major Updated and revised the technical content. 8/27/2010 21.0 Major Updated and revised the technical content. 2 / 92 [MS-RRP] - v20170915 Windows Remote Registry Protocol Copyright © 2017 Microsoft Corporation Release: September 15, 2017 Revision Revision Date History Class Comments 10/8/2010 22.0 Major Updated and revised the technical content. 11/19/2010 23.0 Major Updated and revised the technical content. 1/7/2011 24.0 Major Updated and revised the technical content. No changes to the meaning, language, or formatting of the 2/11/2011 24.0 None technical content. 3/25/2011 25.0 Major Updated and revised the technical content. 5/6/2011 26.0 Major Updated and revised the technical content. 6/17/2011 26.1 Minor Clarified the meaning of the technical content. No changes to the meaning, language, or formatting of the 9/23/2011 26.1 None technical content. 12/16/2011 27.0 Major Updated and revised the technical content. No changes to the meaning, language, or formatting of the 3/30/2012 27.0 None technical content. 7/12/2012 27.1 Minor Clarified the meaning of the technical content. 10/25/2012 28.0 Major Updated and revised the technical content. 1/31/2013 28.1 Minor Clarified the meaning of the technical content. 8/8/2013 29.0 Major Updated and revised the technical content. No changes to the meaning, language, or formatting of the 11/14/2013 29.0 None technical content. No changes to the meaning, language, or formatting of the 2/13/2014 29.0 None technical content. No changes to the meaning, language, or formatting of the 5/15/2014 29.0 None technical content. 6/30/2015 30.0 Major Significantly changed the technical content. No changes to the meaning, language, or formatting of the 10/16/2015 30.0 None technical content. No changes to the meaning, language, or formatting of the 7/14/2016 30.0 None technical content. No changes to the meaning, language, or formatting of the 6/1/2017 30.0 None technical content. 9/15/2017 31.0 Major Significantly changed the technical content. 3 / 92 [MS-RRP] - v20170915 Windows Remote Registry Protocol Copyright © 2017 Microsoft Corporation Release: September 15, 2017 Table of Contents 1 Introduction ............................................................................................................ 6 1.1 Glossary ........................................................................................................... 6 1.2 References ........................................................................................................ 7 1.2.1 Normative References ................................................................................... 7 1.2.2 Informative References ................................................................................. 8 1.3 Overview .......................................................................................................... 8 1.4 Relationship to Other Protocols ............................................................................ 8 1.5 Prerequisites/Preconditions ................................................................................. 9 1.6 Applicability Statement ....................................................................................... 9 1.7 Versioning and Capability Negotiation ................................................................... 9 1.8 Vendor-Extensible Fields ..................................................................................... 9 1.9 Standards Assignments ....................................................................................... 9 2 Messages ............................................................................................................... 11 2.1 Transport ........................................................................................................ 11 2.1.1 Server ....................................................................................................... 11 2.1.2 Client .......................................................................................................
Load more

Recommended publications
  • Powershell Delete Registry Key Remote Computer
    Powershell delete registry key remote computer In Use PowerShell to Edit the Registry on Remote Computers, I talked cmdlet to find and delete the registry key on all remote servers that are. There is a pre powershell registry tool called reg. It will perform registry operations on remote computers. REG DELETE /? REG DELETE. I am trying to create a PowerShell script that deletes two keys on a remote computer. (One key in the code below) I have successfully created a. The Remove-RegistryKey cmdlet is used to delete registry keys and values on the local or a remote computer. I'm working on remotely modifying an autologin key value on batches of {Remove-ItemProperty -Path "HKLM:\Software\Microsoft\Windows Solution: $Computers = Get-Content "C:\"$Path me with a powershell script that can modify registry key on a list of remote computers Basically, I need to modify a product name in add/remove programs list. Then I need to find out whether I got the admin permission on the remote machines. Lastly, remove the specified reg keys. #Read the machine. Deleting Specific Remote Registry Entry - Powershell playing about with trying to write a script to delete a specific software GPO deployed to a remote computer. $Items = $Keys | Foreach-Object {Get-ItemProperty $_. $RegistryKeyValue = $ue($RegistryKeyName) Write-output "Attempting to delete $RegistryKeyName on $Computer `r ". Powershell: Delete Registry Key On Remote Server To run a script on one or many remote computers, use the FilePath parameter of the. I am having trouble changing registry keys. I know the trouble is Set-ItemProperty does not support connections to remote computers.
    [Show full text]
  • JAWS® for Windows Training Bundle Outline
    JAWS® for Windows Training Bundle Outline Introduction to the Training • Overview of topics to be covered in the training • Introduction to the DAISY format and why it is being used PlexTalk® Pocket Introduction • Description of physical layout • Basic functions: play/pause audio, fast forward/rewind, navigate by heading, navigate to different books • Specifics on navigating through the training bundle • Inserting, deleting, and moving to bookmarks VictorReader Stream Introduction • Description of physical layout • Basic functions: play/pause audio, fast forward/rewind, navigate by heading, navigate to different books • Specifics on navigating through the training bundle • Inserting, deleting, and moving to bookmarks Meet the Trainers • Introduction by Ryan and Dan Introduction to JAWS • What is JAWS? • What kinds of things are people able to do with it? • Silencing JAWS • Working with different types of computer keyboards o Laptop and desktop keyboards o Changing the JAWS keyboard layout • The JAWS key • Pressing multikey keyboard commands • Keyboard help mode • Opening and closing JAWS Working with Windows® Controls • Menus o Navigating vertically and horizontally o Opening submenus • Dialog boxes and their various controls o Edit, combo, check, radio, button, and slider o Moving through various controls • The JAWS Startup Wizard o Speech rate, JAWS startup options, keyboard layout, virtual ribbon feature, etc. Introduction to Windows • What is Windows and what is an operating system? • Differences between Windows 7 and 8 and why we
    [Show full text]
  • Tracking Computer Use with the Windows® Registry Dataset Doug
    Tracking Computer Use with the Windows® Registry Dataset Doug White Disclaimer Trade names and company products are mentioned in the text or identified. In no case does such identification imply recommendation or endorsement by the National Institute of Standards and Technology, nor does it imply that the products are necessarily the best available for the purpose. Statement of Disclosure This research was funded by the National Institute of Standards and Technology Office of Law Enforcement Standards, the Department of Justice National Institute of Justice, the Federal Bureau of Investigation and the National Archives and Records Administration. National Software Reference Library & Reference Data Set The NSRL is conceptually three objects: • A physical collection of software • A database of meta-information • A subset of the database, the Reference Data Set The NSRL is designed to collect software from various sources and incorporate file profiles computed from this software into a Reference Data Set of information. Windows® Registry Data Set It is possible to compile a historical list of applications based on RDS metadata and residue files. Many methods can be used to remove application files, but these may not purge the Registry. Examining the Registry for residue can augment a historical list of applications or provide additional context about system use. Windows® Registry Data Set (WiReD) The WiReD contains changes to the Registry caused by application installation, de-installation, execution or other modifying operations. The applications are chosen from the NSRL collection, to be of interest to computer forensic examiners. WiReD is currently an experimental prototype. NIST is soliciting feedback from the computer forensics community to improve and extend its usefulness.
    [Show full text]
  • Operational and Administrative Guidance
    Operational and Administrative Guidance Microsoft Windows Server, Microsoft Windows 10 version 1909 (November 2019 Update), Microsoft Windows Server 2019 version 1809 Hyper-V Common Criteria Evaluation under the Protection Profile for Virtualization, including the Extended Package for Server Virtualization Revision date: January 15, 2021 © 2021 Microsoft. All rights reserved. Microsoft Windows Server and Windows 10 Hyper-V Administrative Guidance Copyright and disclaimer The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. This work is licensed under the Creative Commons Attribution-NoDerivs-NonCommercial VLicense (which allows redistribution of the work). To view a copy of this license, visithttp://creativecommons.org/licenses/by-nd-nc/1.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. The example companies, organizations, products, people and events depicted herein are fictitious.
    [Show full text]
  • Korean Style Guide
    Korean Style Guide Published: February, 2019 Microsoft Korean Style Guide Contents 1 About this style guide............................................................................................................................................... 4 1.1 Recommended style references .............................................................................................................. 4 2 Microsoft voice .............................................................................................................................................................. 5 2.1 Choices that reflect Microsoft voice ..................................................................................................... 6 2.1.1 Flexibility ........................................................................................................................................................ 6 2.1.2 Word choice................................................................................................................................................. 7 2.1.3 Word-to-word translation.................................................................................................................. 8 2.1.4 Words and phrases to avoid ............................................................................................................ 9 2.1.5 세요 instead of 십시오 ...................................................................................................................... 11 2.2 Sample Microsoft voice text...................................................................................................................
    [Show full text]
  • Oracle Database Platform Guide for Windows
    Oracle® Database Platform Guide 10g Release 1 (10.1) for Windows Part No. B10113-01 December 2003 Oracle Database Platform Guide, 10g Release 1 (10.1) for Windows Part No. B10113-01 Copyright © 1996, 2003 Oracle Corporation. All rights reserved. Primary Author: Craig B. Foch Contributing Author: Mark Kennedy and Helen Slattery Contributor: David Collelo The Programs (which include both the software and documentation) contain proprietary information of Oracle Corporation; they are provided under a license agreement containing restrictions on use and disclosure and are also protected by copyright, patent and other intellectual and industrial property laws. Reverse engineering, disassembly or decompilation of the Programs, except to the extent required to obtain interoperability with other independently created software or as specified by law, is prohibited. The information contained in this document is subject to change without notice. If you find any problems in the documentation, please report them to us in writing. This document is not warranted to be error-free. Except as may be expressly permitted in your license agreement for these Programs, no part of these Programs may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose. If the Programs are delivered to the U.S. Government or anyone licensing or using the programs on behalf of the U.S. Government, the following notice is applicable: Restricted Rights Notice Programs delivered subject to the DOD FAR Supplement are "commercial computer software" and use, duplication, and disclosure of the Programs, including documentation, shall be subject to the licensing restrictions set forth in the applicable Oracle license agreement.
    [Show full text]
  • Compressed Modes User's Guide
    Drivers for Windows Compressed Modes User’s Guide Version 2.0 NVIDIA Corporation August 27, 2002 NVIDIA Drivers Compressed Modes User’s Guide Version 2.0 Published by NVIDIA Corporation 2701 San Tomas Expressway Santa Clara, CA 95050 Copyright © 2002 NVIDIA Corporation. All rights reserved. This software may not, in whole or in part, be copied through any means, mechanical, electromechanical, or otherwise, without the express permission of NVIDIA Corporation. Information furnished is believed to be accurate and reliable. However, NVIDIA assumes no responsibility for the consequences of use of such information nor for any infringement of patents or other rights of third parties, which may result from its use. No License is granted by implication or otherwise under any patent or patent rights of NVIDIA Corporation. Specifications mentioned in the software are subject to change without notice. NVIDIA Corporation products are not authorized for use as critical components in life support devices or systems without express written approval of NVIDIA Corporation. NVIDIA, the NVIDIA logo, GeForce, GeForce2 Ultra, GeForce2 MX, GeForce2 GTS, GeForce 256, GeForce3, Quadro2, NVIDIA Quadro2, Quadro2 Pro, Quadro2 MXR, Quadro, NVIDIA Quadro, Vanta, NVIDIA Vanta, TNT2, NVIDIA TNT2, TNT, NVIDIA TNT, RIVA, NVIDIA RIVA, NVIDIA RIVA 128ZX, and NVIDIA RIVA 128 are registered trademarks or trademarks of NVIDIA Corporation in the United States and/or other countries. Intel and Pentium are registered trademarks of Intel. Microsoft, Windows, Windows NT, Direct3D, DirectDraw, and DirectX are registered trademarks of Microsoft Corporation. CDRS is a trademark and Pro/ENGINEER is a registered trademark of Parametric Technology Corporation. OpenGL is a registered trademark of Silicon Graphics Inc.
    [Show full text]
  • Windows Registry,Some Basic Understanding
    WINDOWS REGISTRY,SOME BASIC UNDERSTANDING For the peoples who use Windows, „Windows Registry‟ is not a new word at all. The registry is a central database of all configuration settings for most of the applications installed on the computer. Windows stores all its settings in this „Registry‟ itself. The „Windows Registry Editor‟ allows us to configure many hidden settings for windows and other applications installed, which are not accessible by the interface of the particular software itself. You can easily manipulate and modify the values of registry and improve the PC‟s performance. However, do it carefully, because modify the right setting and your computer gets a boost, modify the wrong one and you end up with a non-booting system. In my previous post I wrote about „Autoruns‟, it can also manipulate registry. (Read here) To edit registry, we can use „Windows Registry Editor‟, which is preinstalled in Windows itself. It can be launched by using the command „regedit‟ in the „RUN‟ dialog box, which can be launched by pressing “Windows key+R”. On start-up, „Windows Registry‟ will show up the following five root entries. HKEY_CLASSES_ROOT HKEY_CURRENT_USER HKEY_LOCAL_MACHINE HKEY_USERS HKEY_CURRENT_CONFIG All the settings given above are not stored in a single file. They are spread across multiple files in logical groups called „hives‟. The combination of hives makes „Windows Registry‟. The values are stored here in binary format. That means only “1” and “0” is used here. “1” means “yes”, whereas the value “0” represents “no”. Let us look into the details of these settings. 1. HKEY_CLASSES_ROOT: It is abbreviated as HKCR.
    [Show full text]
  • Older Operating Systems
    Older Operating Systems Class Notes # 18 Windows 9X Registry January 6, 2004 The windows 9x registry contains the operating system database. The data stored in the registry includes the following: system configuration, user settings, device manager information, application software settings, hardware settings, etc. The database has a hierarchical tree structure. See below: Figure 1: Registry editor Note that the right of the window are value name (e.g. ScreenSaveTime) and to the right of each value of each name is the value data assigned (e.g. 900). The registry is contained in two files which are hidden: System.dat and User.dat. The registry is organized in six major keys or branches of the registry tree and are described on table one: 1 Table one: Six major keys of the Windows 9x registry Key Description HKEY_CLASSES_ROOT Contains information about file associations and OLE data (This branch of the tree is a copy of HKEY_LOCAL_MACHINE\Software\Classes HKEY_USER Includes user preferences, including desktop configuration and network connections HKEY_CURRENT_USER If there is only one user of the system, this is a duplicate of HKEY_USERS, but for a multi-user system, this key contains information about the current user preferences. HKEY_LOCAL_MACHINE Contains information about hardware and installed software HKEY_CURRENT_CONFIG Contains the same information in HKEY_LOCAL_MACHINE\Config and has information about printers and display fonts HKEY_DYN_DATA Keeps information about Windows performance and Plug and Play information You can think of the six major keys in table one as root keys. Each root keys contains a number of subkeys as shown in figure one. A registry key can contain other keys.
    [Show full text]
  • Cataloging User's Guide
    Voyager® 9.2 Cataloging User’s Guide November 2015 Ex Libris Confidential CONFIDENTIAL INFORMATION The information herein is the property of Ex Libris Ltd. or its affiliates and any misuse or abuse will result in economic loss. DO NOT COPY UNLESS YOU HAVE BEEN GIVEN SPECIFIC WRITTEN AUTHORIZATION FROM EX LIBRIS LTD. This document is provided for limited and restricted purposes in accordance with a binding contract with Ex Libris Ltd. or an affiliate. The information herein includes trade secrets and is confidential. DISCLAIMER The information in this document will be subject to periodic change and updating. Please confirm that you have the most current documentation. There are no warranties of any kind, express or implied, provided in this documentation, other than those expressly agreed upon in the applicable Ex Libris contract. This information is provided AS IS. Unless otherwise agreed, Ex Libris shall not be liable for any damages for use of this document, including, without limitation, consequential, punitive, indirect or direct damages. Any references in this document to third-party material (including third-party Web sites) are provided for convenience only and do not in any manner serve as an endorsement of that third-party material or those Web sites. The third-party materials are not part of the materials for this Ex Libris product and Ex Libris has no liability for such materials. TRADEMARKS ʺEx Libris,ʺ the Ex Libris Bridge to Knowledge , Primo, Aleph, Voyager, SFX, MetaLib, Verde, DigiTool, Rosetta, bX, URM, Alma , and other marks are trademarks or registered trademarks of Ex Libris Ltd. or its affiliates.
    [Show full text]
  • Technical User's Guide
    Voyager® 7.2 Technical User’s Guide May 2011 CONFIDENTIAL INFORMATION The information herein is the property of Ex Libris Ltd. or its affiliates and any misuse or abuse will result in economic loss. DO NOT COPY UNLESS YOU HAVE BEEN GIVEN SPECIFIC WRITTEN AUTHORIZATION FROM EX LIBRIS LTD. This document is provided for limited and restricted purposes in accordance with a binding contract with Ex Libris Ltd. or an affiliate. The information herein includes trade secrets and is confidential. DISCLAIMER The information in this document will be subject to periodic change and updating. Please confirm that you have the most current documentation. There are no warranties of any kind, express or implied, provided in this documentation, other than those expressly agreed upon in the applicable Ex Libris contract. This information is provided AS IS. Unless otherwise agreed, Ex Libris shall not be liable for any damages for use of this document, including, without limitation, consequential, punitive, indirect or direct damages. Any references in this document to third-party material (including third-party Web sites) are provided for convenience only and do not in any manner serve as an endorsement of that third-party material or those Web sites. The third-party materials are not part of the materials for this Ex Libris product and Ex Libris has no liability for such materials. TRADEMARKS "Ex Libris," the Ex Libris bridge , Primo, Aleph, Alephino, Voyager, SFX, MetaLib, Verde, DigiTool, Preservation, URM, ENCompass, Endeavor eZConnect, WebVoyáge, Citation Server, LinkFinder and LinkFinder Plus, and other marks are trademarks or registered trademarks of Ex Libris Ltd.
    [Show full text]
  • The Windows Registry the Windows Registry
    Windows Registry CSC414 The Computer Windows System Fundamentals Registry Digital Forensics Center Department of Computer Science and Statics THINK BIG WE DO U R I http://www.forensics.cs.uri.edu Windows Registry Registry Hives Hardware & software information Top-level logical grouping of keys - Current and previously attached hardware - User preferences and configuration settings Hive Name Abbreviation Description - Program usage and timestamps Local system hardware, device drivers, services, and machine- HKEY_LOCAL_MACHINE HKLM Logical view specific application data information - Hierarchy of folders (keys) Pre-logon default user profile information for all users on the HKEY_USERS HKU system - Five top level categories (hives) Currently logged on user profile information- link to user key in - Viewed using regedit.exe, regedt32.exe or HKEY_CURRENT_USER HKCU HKU specialized programs AccessData Registry Viewer Link to subkey in HKLM that configuration and file associations for HKEY_CLASS_ROOT HKCR installed software Physical View Link to subkey in HKLM that contains current hardware HKEY_CURRENT_CONFIG HKCC - Actual files containing registry data configuration and some software per-computer application settings - Transaction log of changes Registry Keys Registry Keys Attributes Values - Reference path name - Name Type Name Meaning - Uses \ character for levels - (Default) is default value for the key REG_NONE No Type just raw bytes - Not the file name of a key - Type - Permissions REG_BINARY Binary binary data value - Used to interpret data
    [Show full text]