Monday, January 31, 2011

Replacing Registry hives

 

There are 5 registry hives , Namely

 

  1. SAM – Security accounts manager
  2. System
  3. Software
  4. Default
  5. Security

These are located in c:\windows\system32\config

When a system state backup is run on the computer, these hives are backed up and stored in c:\windows\repair.

If you made a change to the system or installed a new software , the server may go into a no-boot situation. This procedure is also helpful when your registry is corrupt. You may receive error on these lines:

“Windows  could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SOFTWARE or SYSTEM or its log.”

 

It is important to note that , once you have replaced the hives, your system will be pushed back to the configuration when you took the last backup. If you are not sure when you took the last backup, you must check the date on files in c:\windows\repair .

If you have not performed a backup since you promoted the server to Domain Controller, Do not use this procedure.

It is also possible to only replace one hive at a time , but since the hives are related , I would suggest replacing all in one go.

 

Steps to Follow

 

Boot with the Windows CD and go to recovery console

You need to enter the password , this is the first password that was entered when setting up the computer

type the following commands

cd windows

cd system32

cd config

This will take you to the following path

c:\windows\system32\config>

Now we need to rename the existing hives to .old so we can replace them with ones from repair folder

Run the following commands to rename the hives

 

ren system system.old

ren software software.old

ren sam sam.old

ren default default.old

ren security security.old

Once this is done , Navigate to c:\windows\repair , to do that , run these commands

cd ..

cd ..

cd repair

 

Once you are at c:\windows\repair>

 

run these commands to copy hives from repair folder to config folder

 

copy software c:\windows\system32\config

copy system c:\windows\system32\config

copy sam c:\windows\system32\config

copy default c:\windows\system32\config

copy security c:\windows\system32\config

 

Reboot the server to normal mode

 

If this does not work for you and you want to revert the changes, rename the files you copied from repair folder to hivename.old1 and rename the hivename.old  in config folder to hivename

2 comments:

  1. Thanks for this, it was a help. The only problem is that the windows has to be on the C drive for it to work. If it is not on the C drive check if you have any USB devices plugged in.

    ReplyDelete
  2. Hi there, I cannot find the repair folder on my system

    ReplyDelete