Helge pointed me out to his blog just recently, and you know what - he has really userful content there. He just recently blogged about a neat little app that allows you to manipulate REG_LINKs. Very useful for your XenApp environments when configuring your remote apps and streaming profiles.

Here's a snippet of hos post:

---

Recently I got into a very interesting discussion with my colleague Nicholas Dille on various aspects of Windows x64. One question he brought up was especially intriguing: Knowing about registry redirection, it is not astonishing to find that the 32-bit version of the registry key HKLM\Software\Classes (aka HKCR) gets to be HKLM\Software\Classes\Wow6432Node. But there is also HKLM\Software\Wow6432Node\Classes!? How can there be two different Wow6432Node 32-bit keys for one 64-bit key?

It soon dawned on us that one of those two Wow6432Node keys must be a registry link to the other, meaning that the 32-bit data is actually stored in only one place as common sense dictates. But which is the original and which is the link? And what is a registry link anyway?

What Are REG_LINKs?

Registry links (internal type name: REG_LINK) seem to be one of the last great mysteries of Windows NT-based operating systems although they have been around since NT4 at least. Microsoft uses them to point the CurrentControlSet registry key to one of the actual ControlSets (typically 001 or 002). A registry link essentially is a symbolic link in the registry - one registry key pointing to another. The nice thing is that this whole pointing stuff happens completely opaquely to applications: if key A points to key B, and an application tries to access key A, it will actually see the contents of key B. The concept is simple, easy and powerful.

How to Manipulate REG_LINKs

There is only one problem: There is no officially documented way to list, create or delete REG_LINKs. The registry API simply does not have any functions for manipulating them. This makes things more difficult, but not impossible. Searching the net, I quickly found the excellent tool regln which comes with full source code and compiled both as 32-bit and 64-bit binaries. The source code of regln gave me the hints I needed: the internal NT API (not too well documented and hidden in ntdll.dll) contains the functions required for REG_LINK manipulation. With that information and some further research I put together a small command line program that scans the registry for REG_LINKs and lists those found along with their target: ListRegistryLinks.exe. The tool is available both in 32-bit and 64-bit versions.

—

Continue at source: Helge's Blog

Download: ListRegistryLinks.exe 1.0 for Windows x86 (32-bit)
Download: ListRegistryLinks.exe 1.0 for Windows x64 (64-bit)