Working with Boot Configuration Data
|
785
Using the BCD Editor
The BCD Editor (BCDEdit.exe) is the only tool that gives you direct access to view
and manage the BCD data store. You can use BCDEdit to view the entries in the
BCD store by following these steps:
1. Click Start, click All Programs, and then click Accessories.
2. Right-click Command Prompt and then select Run As Administrator.
3. Type
bcdedit at the command prompt.
Example 23-1 shows an example of the output from BCDEdit. As the listing shows,
the BCD store for this computer has three entries: one for the Windows Boot Man-
ager, one for the Windows Legacy OS Loader, and one for the Windows Boot
Loader.
Example 23-1. Examining the contents of the BCD data store
Windows Boot Manager
--------------------
Identifier: {bootmgr}
Type: 10100002
Device: partition=C:
Description: Windows Boot Manager
Locale: en-US
Inherit options: {globalsettings}
Boot debugger: No
Default: {current}
Resume application: {23432149-a32e-132a-ba28-ed8322b34395}
Display order: {ntldr}
{current}
Timeout: 30
Windows Legacy OS Loader
------------------------
Identifier: {ntldr}
Type: 10300006
Device: partition=C:
Path: \ntldr
Description: Legacy (pre-Longhorn) Microsoft Windows Operating System
Boot debugger: No
Windows Boot Loader
-------------------
Identifier: {current}
Type: 10200003
Device: partition=D:
Path: \Windows\system32\winload.exe
Description: Microsoft Windows
Locale: en-US
Inherit options: {bootloadersettings}
786
|
Chapter 23: Exploring the Windows Boot Environment
The Windows Boot Loader entry has parameters that track the status of the No Exe-
cute (NX) policy, integrity checking, kernel debugger mode, and Emergency Man-
agement Services (EMS). Although the Windows Boot Manager, Windows Legacy
OS Loader, and Windows Boot Loader are the primary types of entries that control
startup, the BCD also stores information about preoperating system boot environ-
ment utilities and settings. If you want to view the BCD entries for utilities and set-
tings, you use the following command line:
bcdedit /enum all /v
This command line enumerates all BCD entries, regardless of their current state, and
lists them in Verbose Mode. Example 23-2 shows the verbose entries. It is important
to note that Verbose Mode provides the actual value of the Globally Unique Identifi-
ers (GUIDs) needed to manipulate entries in the BCD data store.
Boot debugger: No
Windows device: partition=D:
Windows root: \Windows
Resume application: {23432149-a32e-132a-ba28-ed8322b34395}
No Execute policy: OptIn
No integrity checks: Yes
Kernel debugger: No
EMS enabled in OS: No
Example 23-2. Viewing extended BCD entries
Windows Boot Manager
--------------------
identifier {9dea862c-5cdd-4e70-acc1-f32b344d4795}
device partition=C:
description Windows Boot Manager
locale en-US
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
bootdebug No
default {263bf496-4ab4-11db-b478-c0671802252f}
resumeobject {263bf497-4ab4-11db-b478-c0671802252f}
displayorder {263bf496-4ab4-11db-b478-c0671802252f}
{0c728e1b-d009-11da-b18b-9dc1d02cdda0}
toolsdisplayorder {b2721d73-1db4-4c62-bf78-c548a880142d}
timeout 30
Windows Boot Loader
-------------------
identifier {0c728e1b-d009-11da-b18b-9dc1d02cdda0}
device unknown
path \Windows\system32\winload.exe
description Microsoft Windows
locale en-US
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
bootdebug Yes
osdevice unknown
Example 23-1. Examining the contents of the BCD data store (continued)
Working with Boot Configuration Data
|
787
systemroot \Windows
resumeobject {0c728e1c-d009-11da-b18b-9dc1d02cdda0}
nx OptIn
quietboot No
debug No
ems No
Windows Boot Loader
-------------------
identifier {263bf496-4ab4-11db-b478-c0671802252f}
device partition=C:
path \Windows\system32\winload.exe
description Microsoft Windows Vista
locale en-US
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
osdevice partition=C:
systemroot \Windows
resumeobject {263bf497-4ab4-11db-b478-c0671802252f}
nx OptIn
Resume from Hibernate
---------------------
identifier {0c728e1c-d009-11da-b18b-9dc1d02cdda0}
device unknown
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {1afa9c49-16ab-4a5c-901b-212802da9460}
bootdebug Yes
filedevice unknown
filepath \hiberfil.sys
pae No
debugoptionenabled No
Resume from Hibernate
---------------------
identifier {263bf497-4ab4-11db-b478-c0671802252f}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {1afa9c49-16ab-4a5c-901b-212802da9460}
filedevice partition=C:
filepath \hiberfil.sys
pae No
debugoptionenabled No
Windows Memory Tester
---------------------
identifier {b2721d73-1db4-4c62-bf78-c548a880142d}
device partition=C:
path \boot\memtest.exe
Example 23-2. Viewing extended BCD entries (continued)
788
|
Chapter 23: Exploring the Windows Boot Environment
description Windows Memory Diagnostic
locale en-US
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
badmemoryaccess Yes
bootdebug No
Windows Legacy OS Loader
------------------------
identifier {466f5a88-0af2-4f76-9038-095b170dc21c}
device partition=C:
path \ntldr
description Legacy (pre-Longhorn) Microsoft Windows Operating System
bootdebug No
EMS Settings
------------
identifier {0ce4991b-e6b3-4b16-b23c-5e0d9250e5d9}
bootems Yes
Debugger Settings
-----------------
identifier {4636856e-540f-4170-a130-a84776f4c654}
debugtype Serial
debugport 1
baudrate 115200
RAM Defects
-----------
identifier {5189b25c-5558-4bf2-bca4-289b11bd29e2}
Global Settings
---------------
identifier {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
inherit {4636856e-540f-4170-a130-a84776f4c654}
{0ce4991b-e6b3-4b16-b23c-5e0d9250e5d9}
{5189b25c-5558-4bf2-bca4-289b11bd29e2}
Boot Loader Settings
--------------------
identifier {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
Resume Loader Settings
----------------------
identifier {1afa9c49-16ab-4a5c-901b-212802da9460}
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
Example 23-2. Viewing extended BCD entries (continued)
Get Windows Vista Security: Praxisorientierte Sicherheit für Profis now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
