Most of you probably know that ctrl+shift+esc brings up the task manager.
Today i learned a sneaky way to disable that combination
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe] "debugger"="Disabled"
Office 2007 features a new toolbar in all applications, called the Quick Access Toolbar.
A user may add or remove their own buttons.
By default, the .qat files containing the user’s settings are saved in the following location in Windows XP or Windows Server 2003:
C:\Documents and Settings\username\Local Settings\Application Data\Microsoft\Office
And for Windows Vista or Windows Server 2008 in:
C:\Users\usernameAppData\Local\Microsoft\Office
Here’s how to make sure this bar roams with the user:
Locate and then click to select the following registry subkey:
HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Toolbars
If you use policies, select the following registry subkey:
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Common\Toolbars
New DWORD value called “QuickAccessToolbarRoaming” with value “1”
regfile:
Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Toolbars] "QuickAccessToolbarRoaming"=dword:00000001 [HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Common\Toolbars] "QuickAccessToolbarRoaming"=dword:00000001
Microsoft’s article on this:
http://support.microsoft.com/kb/958062
If you want to customize your Office 2007 setup, here’s how:
setup.exe /admin
Then go through all steps in the customization wizard.
Be sure to have “completion notice” turned on and “suppress modals” turned off (this is to get to see errors, if any exist). Once you’re done with testing, go through the customization again to modify the MSP to disable completion notice and enable suppress modals. For completely silent install, you MUST set the DisplayLevel to “none”.
Save the resulting patch file in the same folder as o2k7 setup files.
Now just execute this command for silent install:
setup.exe /adminfile CUSTOM.MSP
OR
If you have Office 2007 Enterprise VLK, you could even drop the CUSTOM.MSP file in the “Updates” folder and setup will pick it up automatically (without any switches being used). For this, ensure you have WindowsInstaller 3.1 already installed. You can add in further MSP files (e.g. extracted from SP2 update EXE) as well, to have updates applied during install.
The IntelPPM should be enabled on all Intel systems. If not, the processor will overheat.
But it can not be enabled on systems with an AMD processor. The system won’t boot and result in a 0×000007 bluescreen.
This is something you need to know if you want to create images and deploy it on different systems.
_disable_intelppm.reg
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelppm] "Start"=dword:00000004
_enable_intelppm.reg
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelppm] "Start"=dword:00000001
It’s actually a pretty big security issue, but i’m glad it exists :)
Can’t access your raid configuration anymore? Forgot your password?
areca master password: MNO974315743924 (works on 1160, 1210 (McBIOS), …)
And just a reminder:
areca default archttp32 user/pass: admin/0000
RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove
Just a reminder for myself on how to rebuild degraded 3ware arrays on some of my linux machines with the cli tool.
Scenario:
The degraded drive is connected to port 2.
The drive is connected to controller 0.
Port 0 is member of unit 0.
tw_cli maint remove c0 p2
tw_cli maint rescan c0
tw_cli maint createunit c0 rspare p2
tw_cli maint rebuild c0 u0 p2
This week i was copying large amounts of data to a Maxtor USB disk using the midnight commander. While the midnight commander was gathering information about the amounts of data to be processed (taking at least 20 minutes or more), the usb disk was going into standby mode.
By the time it was ready and wanted to start copying data, i got all kinds of i/o errors on /dev/sdb (the usb disk).
So i did a filesystem check on the usb disk and started over again. The same happened.
Then it occured to me: the usb disk was going to standby mode. It will come back alive whenever the OS wants to read or write data, but it takes too long resulting in i/o errors.
This command prevents the disk from going to standby mode:
sdparm --clear STANDBY -6 /dev/sdb
edit:
Today i played around with some usb disks that don’t support the command above, so i had to dig further.
Seems like i missed this option in my (custom compiled) kernel: ” [*] USB selective suspend/resume and wakeup “. This is actually the real fix.
When logging off from a Windows 2000, XP or 2003 machine system processes and applications occasionally maintain connections to registry keys in the user profile after a user logs off. In those cases the user session is prevented from completely ending. This can result in problems when using Roaming User Profiles in a server environment.
Therefor, always install the User Hive Cleanup service from Microsoft:
http://www.microsoft … 18-b570-42470e2f3582.
After doing so i’ve seen some errors in the eventviewer when using Symantec Antivirus v10 or Endpoint Protection. These programs have “Tamper Protection” which means they will block programs from messing around with the main processes from Symantec.
In this case it’s actually pretty clear who’s blocking the registry :)
When using linux as a router you also might want to forwards some ports.
This should do the trick (it will when using my script from the other post):
iptables -A PREROUTING -t nat -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.1.50:80 iptables -A INPUT -p tcp -m state --state NEW --dport 80 -i eth1 -j ACCEPT
But more generally it might be necessary to add an extra line first to allow traffic to your nic connected to the internet at all:
iptables -A FORWARD -i eth1 -o eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -A PREROUTING -t nat -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.1.50:80 iptables -A INPUT -p tcp -m state --state NEW --dport 80 -i eth1 -j ACCEPT
Back in the days in our student house we used an old pentium II machine to share our internet access. Hardware routers were much more expensive those days.
A simple script to make a NAT router (replace INTERNET= and LOCALNET= if you have other devices).
Place the script in /etc/network/if-up.d/ (at least with debian) and call it natrouter.sh. Make sure you chmod +x natrouter.sh.
#!/bin/sh INTERNET=eth0 LOCALNET=eth1 PATH=/usr/sbin:/sbin:/bin:/usr/bin # delete all existing rules iptables -F iptables -t nat -F iptables -t mangle -F iptables -X # Always accept traffic on individual interfaces iptables -A INPUT -i lo,$INTERNET,$LOCALNET -j ACCEPT # Allow established connections back to the LAN iptables -A FORWARD -i $INTERNET -o $LOCALNET -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow outgoing connections from the LAN to INTERNET iptables -A FORWARD -i $LOCALNET -o $INTERNET -j ACCEPT # Masquerade iptables -t nat -A POSTROUTING -o $INTERNET -j MASQUERADE # Don't forward from the outside to the inside iptables -A FORWARD -i $INTERNET -o $LOCALNET -j REJECT # Enable routing echo 1 > /proc/sys/net/ipv4/ip_forward
Roaming profiles. How convenient. No matter which computer you are sitting behind, the roaming profile will always make sure you have all your personal settings.
In practice however, roaming profiles tend to grow (slow logins), give problems with permissions, get corrupted and most of the time there’s nothing you can do but to start over with a whole new profile.
There is however something you can do to figure out what’s going on.
It’s called User Environment Logging (http://support.microsoft.com/kb/221833). You’ll get a log from milisecond to milisecond about what’s going on.
Paste this code into a regfile and import it.
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "UserEnvDebugLevel"=dword:00010002
Login and logout and afterwards you’ll have a nice logfile called %SystemRoot%\Debug\UserMode\Userenv.log giving you all the details you need to know about your profile, what happens in the background and what goes wrong.
Good luck!
In our line of work a bootable stick is nothing less but essential! CD’s can be used (in fact, sometimes you have no other option as the computer won’t boot from USB) but they are slow, easily scratched, have no option to add files (unless you’re going to burn a new cd), limited in size, etc.
Bootable sticks can be used for a lot of things, e.g.
But first, let’s see how to create the sticks.
MSDOS
Download this utility (originally) from HP: hp_format_usb_sp27213.exe
You’ll also need these files msdos_files_for_bootable_usb.zip
Now just add extra files, utilities, modified config.sys or autoexec.bat and you’re off to go!
XP
I presume everybody’s familiar with WinPE/BartPE cd’s. These can be booted from usb. Refer to this site for a how-to:
http://www.911cd.net … .php?showtopic=10806
There are some disadvantages when using XP-based bootable media:
I recommend using Vista based media.
Vista
Bootable media based on the Vista kernel have big advantages:
Example: one of my customers uses an iscsi SAN. Servers are equiped with iscsi hba’s. In case of trouble, i can boot from usb, then load the driver and all of a sudden all drives on the SAN are visible. No reboot requred. No floppy + F6 etc.
I recommend the Active Boot Disk. They come pre-loaded with utilities for checking drives, changing passwords etc too!
Whenever you put a new piece of hardware into your computer, Windows will try to find a driver within it’s own database (”%windir%\inf”).
If no matching driver is found, you will be prompted for other approaches (windows update, choose, removeable media, etc).
You can however add extra directories for Windows to look for drivers.
The key used for this is:
HKLM\Software\Microsoft\Windows\CurrentVersion\DevicePath (REG_EXPAND_SZ)
Add extra directories separated by “;” e.g.
c:\windows\inf;c:\drivers\audio;c:\drivers\chipset;c:\drivers\massstorage;c:\drivers\modem
Ok but when do you actually need this?
This is often used when creating images for computer deployment and you want to add lots of drivers in order to support all sorts of computers. After deploying the image, Windows will find new hardware and look for drivers in all directories.
Whenever i create an image, i always run this batchfile first:
@echo off mkdir C:\Drivers\audio mkdir C:\Drivers\biometrics mkdir C:\Drivers\bluetooth mkdir C:\Drivers\chipset mkdir C:\Drivers\hid mkdir C:\Drivers\massstorage mkdir C:\Drivers\modem mkdir C:\Drivers\nic mkdir C:\Drivers\proc mkdir C:\Drivers\sensors mkdir C:\Drivers\sound mkdir C:\Drivers\storage mkdir C:\Drivers\tpm mkdir C:\Drivers\vga mkdir C:\Drivers\wlan mkdir C:\Drivers\extra1 mkdir C:\Drivers\extra2 mkdir C:\Drivers\extra3 mkdir C:\Drivers\extra4 mkdir C:\Drivers\extra5 mkdir C:\Drivers\extra6 mkdir C:\Drivers\extra7 mkdir C:\Drivers\extra8 mkdir C:\Drivers\extra9 echo "bla" >C:\Drivers\bogus.inf copy C:\Drivers\bogus.inf C:\Drivers\audio copy C:\Drivers\bogus.inf C:\Drivers\biometrics copy C:\Drivers\bogus.inf C:\Drivers\bluetooth copy C:\Drivers\bogus.inf C:\Drivers\chipset copy C:\Drivers\bogus.inf C:\Drivers\hid copy C:\Drivers\bogus.inf C:\Drivers\massstorage copy C:\Drivers\bogus.inf C:\Drivers\modem copy C:\Drivers\bogus.inf C:\Drivers\nic copy C:\Drivers\bogus.inf C:\Drivers\proc copy C:\Drivers\bogus.inf C:\Drivers\sensors copy C:\Drivers\bogus.inf C:\Drivers\sound copy C:\Drivers\bogus.inf C:\Drivers\storage copy C:\Drivers\bogus.inf C:\Drivers\tpm copy C:\Drivers\bogus.inf C:\Drivers\vga copy C:\Drivers\bogus.inf C:\Drivers\wlan copy C:\Drivers\bogus.inf C:\Drivers\extra1 copy C:\Drivers\bogus.inf C:\Drivers\extra2 copy C:\Drivers\bogus.inf C:\Drivers\extra3 copy C:\Drivers\bogus.inf C:\Drivers\extra4 copy C:\Drivers\bogus.inf C:\Drivers\extra5 copy C:\Drivers\bogus.inf C:\Drivers\extra6 copy C:\Drivers\bogus.inf C:\Drivers\extra7 copy C:\Drivers\bogus.inf C:\Drivers\extra8 copy C:\Drivers\bogus.inf C:\Drivers\extra9 del C:\Drivers\bogus.inf pause
Then i use the “sysprep driver scanner” (http://www.vernalex. … spdrvscn/index.shtml). It will scan a directory and all subdirectories for .inf files. When found, the directory will be added to the list. This list will then be save to the registry key mentioned above.
Either use the GUI or use the commandline functionality, e.g.
spdrvscn.exe /d %SystemRoot%\inf /p C:\Drivers /e inf /a /s /q