The Save Key command lets you save the information in a key and all its subkeys in a hive file. This hive file can then be used by the Restore and Load Key commands.
Changes in the Registry are saved automatically, whether you make changes by using Registry Editor or by changing settings in applications. The Save Key command is used specifically to save portions of the Registry as a file on disk.
To use the Save Key command, you need Backup privileges, which you have if you are logged on as a member of the Administrators group.
You can use the Save Key command on any key. However, this command will not save volatile keys, which are destroyed when you shut down the system. For example, the HKEY_LOCAL_MACHINE\HARDWARE key is volatile, so it is not saved as a hive file. If you want to view the Hardware hive for debugging, you can save it in a text file by choosing the Save Subtree As command from the Registry menu, as described at the end of this chapter.
Under the FAT file system, this filename cannot have an extension.
If the key that you are saving is in the Registry of a remote computer, the drive and path that you specify for the filename is relative to the remote computer.
The selected key is now saved as a file. When you use the Load Hive command, you can select the filename for any files saved using the Save Key command.
For example, as part of system maintenance, you might use the Save Key command to save a key as a file. When the key that you saved is ready to be returned to the system, you use the Restore command.
You can use the Restore or Restore Volatile command to make a hive file a part of the system configuration. The Restore and Restore Volatile commands let you copy information in a hive file over a specified key. This information copied from the file will overwrite the contents of the specified key, except for the key name.
To use the Restore or Restore Volatile commands, you need Restore privilege— which you have if you are logged on as a member of the Administrators group.
Under the FAT file system, this filename cannot have an extension.
If you are restoring a key on a remote computer, the drive and path of the filename is relative to the remote computer.
Note If you want to add a key temporarily to a system, however, you use the Restore Volatile command. If you use this command, the Registry will make a volatile copy, which will disappear when the system is restarted.
You cannot restore a key that has opened handles or that has subkeys with opened handles. This is why you cannot restore the SAM or SECURITY subtrees, because Windows NT always has handles open in these keys. So the Restore command is used only for special conditions, such as restoration of user profiles on a damaged system. Usually, to switch in a backup version of a hive, you can use the ReplaceKey function in REGREST.EXE (included on the Resource Guide disk).