Every Windows geek knows that you can use the registry to fix just about anything. The trick is finding the particular registry subkey that you need. On most occasions, you need to find the registry subkey that corresponds to a fix you need to make. Other times, you need to change the name of the actual subkey (e.g., because of an organizational change). But how do you find these subkeys? And what if you need to edit not just your local machine's registry but also remote machines' registries? The answer to these questions is Regfind, which you can find in the Microsoft Windows 2000 Server Resource Kit Supplement One. (The tool also works with Windows 9x registries.)
To use Regfind in its simplest form, you feed the utility a string of characters to search for. For example, the command
regfind "acme"
searches the registry for any keys containing the string acme. You can also use Regfind to replace one string with another: Simply add the -r option and the new string. For example, suppose your company recently changed its name from Acme Ltd to Apex Industries and you want all the product-registration information in the registry to reflect that change. You would type
regfind "Acme Ltd" -r "Apex Industries"
When a space or punctuation mark appears in a search string, you must enclose the string in quotation marks.
If you needed to make the same change on a remote machine's registry, you would add the -m option followed by the server's Universal Naming Convention (UNC) path, as in
regfind -m \\server03 "Acme Ltd" -r "Apex Industries"
To speed up Regfind, you can limit its search to a particular registry hive or subkey. Use the -p option to specify the registry location you want to search. For example, suppose you want to narrow your search for Acme Ltd to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft subkey. To restrict Regfind's search-and-replace efforts to subkeys within that subkey, you would type
regfind "Acme Ltd" -r "Apex Industries" -p "HKEY_LOCAL_MACHINESOFTWARE\Microsoft"
Regfind is a helpful tool, but I've discovered a few drawbacks. First, Regfind doesn't seem to support wildcards or UNIX-style regular expressions. The only flexibility that you can build into Regfind is through the -y option, which makes Regfind case insensitive. For example, the command
regfind acme -y
would match acme, Acme, ACME, and all other uppercase-and-lowercase combinations. Oddly, Regfind's options are case insensitive—for example, you can type either -R or -r.
Second, when you use Regfind in a search-and-replace operation, the tool replaces all instances of the string. I haven't found a way to use Regfind to change only one instance of a string, except by using the marginally helpful method of restricting the search to a specific hive. My suggestion—and the Regfind Help suggestion—is to first use Regfind to find the item you're looking for, then either go ahead with the global replace or manually change the specific items you want to replace.
Third, if you need to modify numerical data (e.g., change a timeout parameter from 15 to 30), Regfind isn't the best tool for the task. If you were to instruct Regfind to change 15 to 30 in the registry, the tool would find every registry subkey with a 15 value and change that value to 30. Of course, you can restrict searches to a particular key's subkeys, but even this workaround's parameters are too broad. Most REG_DWORD values that you would want to manipulate contain values of 1 or 0, and more than one REG_DWORD value in a given key or subkey would probably be 1 or 0. Using Regfind to change one value would change them all.