Manualshelf

Managing the System Registry Hive on Windows Server 2003 and Windows Server 2008 Integrity Systems

ManualsBrandsHP ManualsServerHP Integrity rx2660 Single Processor Server
11121314151617181920
Hotfix KB973817 provides a replacement for Reg.exe that enables compression of the hive
and allows the hive's true size to be ascertained from the command line (the graphical utility
RegEdit already has this functionality).
NOTE: Neither of these hotfixes can be installed on systems running Windows Server 2003
or Windows Server 2008 R2.
5. Perform the steps described in the section, “Creating a Pseudo LastKnownGood System
Registry Hive for Windows Server 2003 and Windows Server 2008” (page 16). Also carefully
review all of the section, “Proactive Avoidance” (page 20), to avoid the problem in the
future.
Creating a Pseudo LastKnownGood System Registry Hive for Windows Server 2003
and Windows Server 2008
The recovery procedures outlined in previous sections will remove LastKnownGood functionality
from the system. While rarely needed in modern servers, a pseudo LastKnownGood system
registry hive can still be created every time the system boots, should the need for one arise. This
involves scheduling a task to save the System hive to another location sixty seconds after boot,
which requires a batch task.
To create this batch task, complete the following steps:
1. Use Notepad.exe or a similar text editor to create a \Windows\System32\lkg.cmd file
with the following contents:
move /y %windir%\system32\config\system.lkg %windir%\system32\config\
system.plkg reg save hklm\system %windir%\system32\config\system.lkg
/c /y
This batch command creates a system.lkg file, which is a copy of the current hive after
successful boot. Two copies of it are kept, system.lkg (current) and system.plkg (past).
2. Create the Scheduled Task by going to Administrative Tools Task Scheduler.
3. In the General tab, change the following settings:
Name: change to “LKG system hive task”
Description: change to “Task to save Registry System Hive 60 seconds after successful
boot.”
Also select the following check boxes:
Run whether user is logged on or not
Run with highest privileges (select only if running Windows Server 2008)
When finished, the General tab should look like this:
16