To get to this page: Select Controls from the left menu. Go to New > Control. Click Get Started for the Registry Value Existence control type. (Or click edit for any control of this type you want to change.)
The Registry Value Existence control type checks for the existence of a user-specified registry value. Note that this type of control does not look at the content of the registry value.
In the General Information section, provide basic information for the control, including a control statement and category. See General Information for details.
In the Scan Parameters section, specify the scan parameters that the scanning engine will use to gather data for the control. The scan parameters combined make up a single data point. You must also enter a description for the data point, which will appear in compliance policies and reports.
A registry hive is a top level registry key predefined by the Windows system to store registry keys, subkeys and values for specific objectives. All registry hives begin with HKEY and appear as file folders at the top level on the left hand side of the Registry Editor window.
These common hives are supported in custom controls:
HKEY_CLASSES_ROOT (HKCR). This hive contains information about registered applications, such as Associations from File Extensions and OLE Object Class IDs tying them to the applications used to handle these items. The information stored here ensures that the correct program opens when you open a file by using Windows Explorer. HKEY_CLASSES_ROOT is a subkey of HKEY_LOCAL_MACHINE\Software.
HKEY_CURRENT_USER (HKCU). This hive contains the root of the configuration information for the user who is currently logged on. The user's folders, screen colors, and Control Panel settings are stored here. This information is referred to as a user's profile. HKEY_CURRENT_USER is a subkey of HKEY_USERS.
HKEY_USERS (HKU). This hive contains the root of all user profiles on the computer.
HKEY_LOCAL_MACHINE (HKLM). This hive contains configuration information particular to the computer. The information stored here is general to all users on the computer.
A registry key appears as a file folder on the left side of the Registry Editor window. Registry keys may contain registry subkeys, which are keys within a key. Subkeys also appear as file folders on the left side of the Registry Editor window.
NAME. Enter the name of the registry value as it appears in the Name column in the Registry Editor window. If you do not specify a registry value name, then the service will check the content of the default value for the specified registry key. The default value appears as (Default) in the Name column in the Registry Editor window.
Data Type. (View only) The data type of the value returned by the scanning engine. For a registry value existence control this is set to "Boolean" by default.
Description. Enter a description for the custom control which will appear in compliance policies and reports.
Click Add Parameters to add parameters and close the Scan Parameters window. You will notice the Edit Parameters button is available. Click this button to edit parameters before saving the control.
See also:
Add/Edit Scan Parameters in a New Control
Update the Data Point Description in an Existing Control
In the Control Technologies section, identify the technologies applicable to the control. For each technology, provide a rationale statement and set the default control value.
Rationale. Enter a rationale statement describing how the control should be implemented for each technology.
Default Value. Select the default expected value (True or False) for each technology. Select the Lock Value option to lock the default value. When locked, users cannot change the default value in the Policy Editor.
In the References section, add or remove references to internal policies and documents. See References for details.