Results 1 to 5 of 5

Thread: Win2K Registry Edit.

  1. October 2nd, 2002, 03:27 AM #1
    JoeyBatch
    JoeyBatch is offline
    Banned
    Join Date
    Sep 2002
    Posts
    18

    Win2K Registry Edit.

    Under Win2K you should be able to create a notification package registry key as a subkey of HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify.

    In the notify key you should be able to create a rule: lock with the registry values [REG_SZ]. However once I create this I need more information on creating an even handler fuction for this package. Is anyone familiar with this process.

    This registry edit should allow the logging/auditing of the locking and unlocking of a system.

    However, I need some assistance with completing this task.
    Reply With Quote Reply With Quote
  2. October 2nd, 2002, 03:01 PM #2
    mmelby
    mmelby is offline
    Shadow Programmer mmelby's Avatar
    Join Date
    Jul 2002
    Location
    Ft. Myers, FL
    Posts
    291
    I dont know if you have tried this yet but if you go to msdn on Microdoft and search for winlogon I got a LOT of hits.

    http://www.microsoft.com/msdn
    Work... Some days it's just not worth chewing through the restraints...
    Reply With Quote Reply With Quote
  3. October 2nd, 2002, 04:35 PM #3
    JoeyBatch
    JoeyBatch is offline
    Banned
    Join Date
    Sep 2002
    Posts
    18
    Yes, I have found a lot of information there...
    Reply With Quote Reply With Quote
  4. October 4th, 2002, 10:07 PM #4
    SodaMoca5
    SodaMoca5 is offline
    Senior Member SodaMoca5's Avatar
    Join Date
    Mar 2002
    Posts
    236
    I am not positive if this is what you want but in the registry API if you open the hkey using the RegOpenKeyEx (for win32 apps) or RegOpenKey then you can use the RegNotifyChangeKeyValue if you want to see if this value has changed. If it returns true then you can pop up an notification to your screen. Put this in a timed loop or whatever to check this value.

    The API's are

    Long RegOpenKeyEx (HKEY hkey, LPCTSTR 1pSubKey <address of the string containing the subkeys name to open under hkey>, DWORD u1Options <Must be 0>, samDesired <Security for this key>, phkResult <address of the buffer for the new handle>)

    Long RegNotifyKeyValue (HKEY hkey, BOOL bWatchSubtree <reports changes to subkey if TRUE>, DWORD dwNotifyFilter <specifies flags>, HANDLE hevent <specifies event to raise if fAsynchronous is true>, BOOL fAsynchronous <changes are reported by signalling hevent if true>)

    This information was obtained out of "Windows 95 and NT 4.0 registry and customization Handbook by Jerry Honeycutt"

    I am not sure this is what you were asking but if not maybe you can clarify for me what sort of event handler you were wanting.
    SodaMoca5
    \"We are pressing through the sphincter of assholiness\"
    Reply With Quote Reply With Quote
  5. October 5th, 2002, 09:53 AM #5
    Matty_Cross
    Matty_Cross is offline
    Senior Member
    Join Date
    Sep 2001
    Posts
    831
    Well, from what I've understood from what you've written, your looking for help on writing the event handler.

    I found this ... hopefully it will help... Its got the registry entries that you have to point to in the first link *I think you already linked to that one*, and in the second link, it has the Event Handler Function prototype.. That will give you some sample code...

    Also, try this one
    -Matty_Cross
    \"Isn\'t sanity just a one trick pony anyway? I mean, all you get is one trick. Rational Thinking.
    But when you\'re good and crazy, hehe, the skies the limit!!\"
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules