Here are some things that I learned last night.
If you have other experiences and/or thoughts to add, drop me an email and I'll probably add it.
Can you guess what I was up all night doing?
To be done before you have a problem:
- Make a backup copy of your registry before making any changes. This is found in %SYSTEMROOT%/system32/config, and the important files are default, sam, security, software, and system. Depending on the version of windows, there may be a tool to set a restore point. This is helpful, but requires a little more work to get everything back to normal in the event of a catastrophic failure (BSOD, stupid reboot loop, etc.). I would suggest doing this any time you make a change (obviously before) so that you can easily roll back. Save these copies somewhere in the %SYSTEMROOT% directory--perhaps in a regbackup folder--you'll see why later.
- Install recovery console (XP, 2000(?), 2003, and so on), and verify that you can get into it--if it asks for the administrator password, it is the one the system was originally setup with, and not the current one, unless you have explicitly changed it for recovery console. To do this, use teh OS installation CD and in the i386 directory run
winnt /cmdcons
- Did I mention to make a backup copy of your registry?
In the event of a failure:
- In the order of preference, use the following recovery "tools":
- safe mode
- recovery console
- repair install
- last known good configuration
- To access safe mode, press <F8> immediately after the BIOS POST is done. If you get the OS splash screen, it's too late.
- If you installed the recovery console before this happened, good for you. If you didn't you aren't necessarily out of luck. If you have an official install cd (and not an OEM recovery cd), you can boot off of it, and as long as there isn't an unattended script on the cd, you can get to the recovery console, you just have to wait for the entire setup program to copy and load (a long time). The recovery console allows you to manipulate registry files and other things that windows may not let you do when it is running and has those files open.
Caveat: It only lets you operate in the %SYSTEMROOT% directory
If you suspect a registry corruption issue, save the files (locations above) to a tmp dir so that you can recover them, just in case, and copy your backups over--you did make backups, right? If you didn't make backups, you can try this recovery procedure, but it may or may not be terribly helpful. - If this fails to boot, you can try using the installation cd to do a repair installation. YMMV.
- If this doesn't work, your last option is to try the last known good configuration. You can get to this in the same F8 menu, but use the recovery console to copy your broken registry files back first. I've had several occasions where this made the problem worse, which is why I put it as a last resort instead of Microsoft's first resort.
- If this fails, you'll probably need to reinstall the system. You did make backups of your data, right? If you didn't, you can install into a different directory. You potentially have issues with permissions on your folders, etc (new install, users have new sids), but at least you have your data.
If you have other experiences and/or thoughts to add, drop me an email and I'll probably add it.
Can you guess what I was up all night doing?