blog.saalmink.nl

Flash:
New url: http://www.adobe.com … oftware/flash/about/
Old url: http://kb2.adobe.com … ps/155/tn_15507.html

Java:
http://java.com/en/d … load/help/testvm.xml

You’ll probably find this all across the internet, but just for my own reference:

@echo off
cd /d %windir%\system32
net stop vss
net stop swprv
regsvr32 ole32.dll
regsvr32 oleaut32.dll
regsvr32 /i eventcls.dll
regsvr32 vss_ps.dll
vssvc /register
regsvr32 /i swprv.dll
regsvr32 es.dll
regsvr32 stdprov.dll
regsvr32 vssui.dll
regsvr32 msxml.dll
regsvr32 msxml3.dll
regsvr32 msxml4.dll
pause

I deliberatly removed the “/s” from all the regsvr32 commands so i can see the results.

Doing a full backup of an Exchange 2003 database was easy.
Start, run, ntbackup, backup, custom, select the exchange object, select a destination file, create a schedule and there you go: your daily scheduled database dump. This (and this is important as we’re dealing with a database) would also commit all data tot the database and purge the transaction logs.
This would then be backupped by any backup application.
More expensive backup solutions would do these kind of database tricks by default. But as i prefer to use non-intelligent, image-based backups (like V2i, Symantec Backup Exec System Recovery, or Drivesnapshot), this had to be done manually.

Doing the same with Exchange 2007 took me some time to find out. Here’s how.

You’ll need Service Pack 2 for Exchange 2007. This includes a plugin for Windows Backup (wbadmin.exe, the successor of ntbackup) so that it’s Exchange-aware.
Please note that Windows Backup can only create backup on a volume basis (complete drive letters or mountpoints only)! That’s why my Exchange 2007 servers have a dedicated drive for the Exchange Database + System files + Transaction Logs. This keeps the backups as small as possible, without extra data. Allthough it’s better to have the Transaction Logs on another drive aswell in case of serious recovery, but i’m going to test that later.
Backups are on a seperate partition too.

This gives the following scenario:
C: = Windows 2008 + Exchange 2007 installation
D: = dvdrom drive
E: = dedicated to: Exchange Database, System files and Transaction Logs
F: = dedicated to: Exchange backup/dump

To create the backup, the following command is used:

WBADMIN START BACKUP -backupTarget:F: -include:E: -vssfull -quiet

-vssfull is the option that purges the Transaction Logs
-quiet will not ask “are you sure?” but still shows some output (you might want to pipe this to a file as some sort of log)
This can be scheduled with Windows Task Scheduler (Server manager, Configuration, Task Scheduler, Task Scheduler Library).

Only one instance of the backup is kept on F:, but that’s no problem as all partitions are backed up by the regular backup.

Sometimes you need to access Active Directory Repair mode through RDP.
Add this to your boot.ini and reboot:

/SAFEBOOT:DSREPAIR

Make sure you have the restore password though!
After making your desired changes to the system, remove it from boot.ini and reboot again.

Another happy customer due to the following registry hack:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"RasDisable"="1"

aka

reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v RasDisable /t REG_SZ /d "1" /f

Having problems with sending mail?
You might want to try to simulate a smtp session to see what goes wrong exactly.

Start a msdos prompt and type:

C:\WINDOWS>telnet smtp.xs4all.nl 25

Your smtp may be different offcourse.

Trying 194.109.6.51...
Connected to smtp.xs4all.nl.
Escape character is '^]'.
220 smtp-vbr11.xs4all.nl ESMTP Sendmail 8.13.8/8.13.8; Mon, 14 Sep 2009 15:03:50 +0200 (CEST)

Type “helo” followed by your domain

   helo bogusdomain.nl
250 smtp-vbr11.xs4all.nl Hello xxxxxxxxx [a.b.c.d], pleased to meet you

Type “mail from:” followed by your email address

   mail from:[email protected]
250 2.1.0 [email protected]... Sender ok

Type “rcpt to:” followed by your email address

   rcpt to:[email protected]
553 5.3.0 [email protected]... Relaying denied,Authenticate with your username and password first

Now we see what is wrong here. This server doesn’t allow me to relay.
Type “quit” to exit.

   quit
221 2.0.0 smtp-vbr11.xs4all.nl closing connection
Connection closed by foreign host.

If you didn’t get an error after “rcpt-to:”, continue with:

250 2.1.5 Ok
   data
354 End data with <CR><LF>.<CR><LF>
   hello hugo

   .
250 2.0.0 Ok: queued as 60D2A4A24A

  quit
221 2.0.0 Bye

Mail should arrive now.

One of my customers has a directory filled with home directories of all students.
Due to some copying, the ownership of all files was set to “administrator”.
Since quota was enabled, quota usage of all students was practically 0.

They needed a fix to set ownership back a.s.a.p.

I created the following batchfile. You need the subinacl utility from microsoft though.

• Put the script in the directory you want to make the changes for.
• Usernames must match the directorynames.

@echo off
for /f "tokens=*" %%a in ('dir /b /ad') do subinacl /file %%a\*.* /setowner=%%a
pause

Maybe you want to grant the users (just to be sure)

@echo off 
for /f "tokens=*" %%a in ('dir /b /ad') do subinacl /file %%a\*.* /setowner=%%a 
for /f "tokens=*" %%a in ('dir /b /ad') do subinacl /file %%a\*.* /grant=YOURDOMAIN\%%a 
pause 

Sometimes you just want people not to show up in your address list.
Here’s a simple vbs script that does the trick.

REM On Error Resume Next

groep = inputbox("Which group?")

set objRootDSE = GetObject("LDAP://RootDSE")
strdomainname = objRootDSE.Get("defaultNamingContext")

set objgroup = getobject("LDAP://cn=" + groep + ",cn=users," + strdomainname)
objgroup.GetInfo

arrmember = objgroup.GetEx("member")

for each objmember in arrmember
	set objuser = getobject("LDAP://" + objmember)
	objuser.MSExchHideFromAddressLists = TRUE
	objuser.SetInfo
next

Today i logged in to a server and this is what i saw:

Microsoft has an article on this matter: http://support.microsoft.com/kb/906510

I have no clue what caused this, however the resolution is simple. Import the following .reg file:

Windows Registry Editor Version 5.00 

[HKEY_USERS\.DEFAULT\Control Panel\Colors] 
"ActiveBorder"="212 208 200" 
"ActiveTitle"="10 36 106" 
"AppWorkSpace"="128 128 128" 
"Background"="102 111 116" 
"ButtonAlternateFace"="181 181 181" 
"ButtonDkShadow"="64 64 64" 
"ButtonFace"="212 208 200" 
"ButtonHilight"="255 255 255" 
"ButtonLight"="212 208 200" 
"ButtonShadow"="128 128 128" 
"ButtonText"="0 0 0" 
"GradientActiveTitle"="166 202 240" 
"GradientInactiveTitle"="192 192 192" 
"GrayText"="128 128 128" 
"Hilight"="10 36 106" 
"HilightText"="255 255 255" 
"HotTrackingColor"="0 0 128" 
"InactiveBorder"="212 208 200" 
"InactiveTitle"="128 128 128" 
"InactiveTitleText"="212 208 200" 
"InfoText"="0 0 0" 
"InfoWindow"="255 255 225" 
"Menu"="212 208 200" 
"MenuText"="0 0 0" 
"Scrollbar"="212 208 200" 
"TitleText"="255 255 255" 
"Window"="255 255 255" 
"WindowFrame"="0 0 0" 
"WindowText"="0 0 0"

Big thanks to my friend at Tech Notes for helping me out so quickly.

How to make sure your client is in the right timezone and synchs with your preferred ntp server?

Control.exe TIMEDATE.CPL,,/Z (GMT+01:00) Amsterdam, Berlijn, Bern, Rome, Stockholm, Wenen
net time /setsntp:ntp.xs4all.nl
net time /querysntp
w32tm /Resync

Event viewer nicely logs the resync action:

Type gebeurtenis: Informatie
Bron van gebeurtenis: W32Time
Categorie van gebeurtenis: Geen
Gebeurtenis-ID: 35
Datum: 12-8-2009
Tijd: 10:04:10
Gebruiker: n.v.t.
Computer: HUGO7900SSF
Beschrijving:
De tijdservice is nu bezig met het synchroniseren van de systeemtijd met de tijdbron ntp.xs4all.nl (ntp.m|0×1|10.0.11.76:123->194.109.22.18:123).

Zie Help en ondersteuning op http://go.microsoft.com/fwlink/events.asp voor meer informatie.

If you want to make changes to the registry for the “default user” there is one BIG misunderstanding that i want to clarify here.

HKEY_USERS\.DEFAULT is NOT the Default User!

This is actually the registry for the Local System account. Changes in this hive will be applyed before a user logs in.
A clear example: when making the following change:

Windows Registry Editor Version 5.00

[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"Wallpaper"="C:\Windows\mywallpaper.bmp"

the background called “mywallpaper.bmp” will be loaded onto the background while pressing ctrl+alt+del and entering your credentials. (e.g. this is how Dell or HP use their own backgrounds on a pre-installed system).

Ok so how do you make changes to the default user?

It’s actually pretty simple.
As you should know the registry for a user is placed in a file called ntuser.dat in the %userprofile% directory. Therefor, in c:\documents and settings\Default User you’ll find the registry for the default user (doh!).

Now load this file as a temporary hive to enabled making changes to it.
Start a dos prompt. Then type:

reg load HKU\Temp "c:\documents and settings\Default User\NTUSER.DAT"

Start regedit and go to HKEY_USERS\Temp and you’ll see the registry for the default user.
Make the desired changes. When done, close regedit to avoid locking issues and back in your dos prompt type:

reg unload HKU\Temp

And you’re done!
New users without existing profile will inherit the Default User profile and therefor inherit the changes you just made.

“Ok one question though, why not use (domain) policies for such purposes?”
Good question. Policies will always be a better solution because changes to the policies will automatically be applied to existing user profiles and changes to the default user profile will only be used when a user logs in and the user has no existing profile.
There are, however, settings that can not be changed from (domain) policies (at least not in current Windows versions…). Examples:

• Power management (screensaver, disks going to stand-by), etc
• Schemes for audio/sounds
• (one of my favorites) Quick Launch behaviour (e.g. the number of items, the locked status, etc)
• … etc!

Conclusion
Now you know how to edit the default user registry.
Think about making these changes when preparing an image that you’re going to deploy to a network. Or at least apply the changes to the clients before all users are going to log in!

Some actions require an elevated dos prompt.
The fastest way:

• Click on the Windows (start) button
• type: cmd in the search bar
• hold down ctrl+shift and then press enter

NOTES:

• Do not try to do this from the Run box (Win+R), this MUST to be done through the search bar.
• UAC must be enabled otherwise it won’t work

I’m involved in a lot of network migrations (client/servers).
Usually, migrating the server isn’t that difficult. However, the software on the clients can be tricky. There can be a lot of registry keys, ini files or all sort of pointers pointing to the old servername.

There’s one sneaky trick that makes it all a lot easyer!

• Raise your domain funtional level to 2003.
• Download and install the latest Support Tools
• Use netdom to add a server alias, e.g.

  netdom computername newserver /add:oldserver.domain.local

• Import this regfile:

  Windows Registry Editor Version 5.00
  
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters]
  "DisableStrictNameChecking"=dword:00000001

Regedit
Connect to remote registry

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server]
"fDenyTSConnections"=dword:00000000

Then reboot the machine remotely, e.g.

shutdown -m \\yourserver -r -t 0

Thnx to my mate at http://www.tech-notes.nl

Most of you probably know that ctrl+shift+esc brings up the task manager.

Today i learned a sneaky way to disable that combination

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"debugger"="Disabled"

The IntelPPM should be enabled on all Intel systems. If not, the processor will overheat.
But it can not be enabled on systems with an AMD processor. The system won’t boot and result in a 0×000007 bluescreen.

This is something you need to know if you want to create images and deploy it on different systems.

_disable_intelppm.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelppm]
"Start"=dword:00000004

_enable_intelppm.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelppm]
"Start"=dword:00000001

RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove

When logging off from a Windows 2000, XP or 2003 machine system processes and applications occasionally maintain connections to registry keys in the user profile after a user logs off. In those cases the user session is prevented from completely ending. This can result in problems when using Roaming User Profiles in a server environment.

Therefor, always install the User Hive Cleanup service from Microsoft:
http://www.microsoft … 18-b570-42470e2f3582.

After doing so i’ve seen some errors in the eventviewer when using Symantec Antivirus v10 or Endpoint Protection. These programs have “Tamper Protection” which means they will block programs from messing around with the main processes from Symantec.
In this case it’s actually pretty clear who’s blocking the registry :)

Roaming profiles. How convenient. No matter which computer you are sitting behind, the roaming profile will always make sure you have all your personal settings.

In practice however, roaming profiles tend to grow (slow logins), give problems with permissions, get corrupted and most of the time there’s nothing you can do but to start over with a whole new profile.

There is however something you can do to figure out what’s going on.
It’s called User Environment Logging (http://support.microsoft.com/kb/221833). You’ll get a log from milisecond to milisecond about what’s going on.

Paste this code into a regfile and import it.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"UserEnvDebugLevel"=dword:00010002

Login and logout and afterwards you’ll have a nice logfile called %SystemRoot%\Debug\UserMode\Userenv.log giving you all the details you need to know about your profile, what happens in the background and what goes wrong.

Good luck!

Whenever you put a new piece of hardware into your computer, Windows will try to find a driver within it’s own database (”%windir%\inf”).
If no matching driver is found, you will be prompted for other approaches (windows update, choose, removeable media, etc).

You can however add extra directories for Windows to look for drivers.

The key used for this is:
HKLM\Software\Microsoft\Windows\CurrentVersion\DevicePath (REG_EXPAND_SZ)

Add extra directories separated by “;” e.g.

c:\windows\inf;c:\drivers\audio;c:\drivers\chipset;c:\drivers\massstorage;c:\drivers\modem

Ok but when do you actually need this?

This is often used when creating images for computer deployment and you want to add lots of drivers in order to support all sorts of computers. After deploying the image, Windows will find new hardware and look for drivers in all directories.

Whenever i create an image, i always run this batchfile first:

@echo off
mkdir C:\Drivers\audio
mkdir C:\Drivers\biometrics
mkdir C:\Drivers\bluetooth
mkdir C:\Drivers\chipset
mkdir C:\Drivers\hid
mkdir C:\Drivers\massstorage
mkdir C:\Drivers\modem
mkdir C:\Drivers\nic
mkdir C:\Drivers\proc
mkdir C:\Drivers\sensors
mkdir C:\Drivers\sound
mkdir C:\Drivers\storage
mkdir C:\Drivers\tpm
mkdir C:\Drivers\vga
mkdir C:\Drivers\wlan
mkdir C:\Drivers\extra1
mkdir C:\Drivers\extra2
mkdir C:\Drivers\extra3
mkdir C:\Drivers\extra4
mkdir C:\Drivers\extra5
mkdir C:\Drivers\extra6
mkdir C:\Drivers\extra7
mkdir C:\Drivers\extra8
mkdir C:\Drivers\extra9

echo "bla" >C:\Drivers\bogus.inf
copy C:\Drivers\bogus.inf C:\Drivers\audio
copy C:\Drivers\bogus.inf C:\Drivers\biometrics
copy C:\Drivers\bogus.inf C:\Drivers\bluetooth
copy C:\Drivers\bogus.inf C:\Drivers\chipset
copy C:\Drivers\bogus.inf C:\Drivers\hid
copy C:\Drivers\bogus.inf C:\Drivers\massstorage
copy C:\Drivers\bogus.inf C:\Drivers\modem
copy C:\Drivers\bogus.inf C:\Drivers\nic
copy C:\Drivers\bogus.inf C:\Drivers\proc
copy C:\Drivers\bogus.inf C:\Drivers\sensors
copy C:\Drivers\bogus.inf C:\Drivers\sound
copy C:\Drivers\bogus.inf C:\Drivers\storage
copy C:\Drivers\bogus.inf C:\Drivers\tpm
copy C:\Drivers\bogus.inf C:\Drivers\vga
copy C:\Drivers\bogus.inf C:\Drivers\wlan
copy C:\Drivers\bogus.inf C:\Drivers\extra1
copy C:\Drivers\bogus.inf C:\Drivers\extra2
copy C:\Drivers\bogus.inf C:\Drivers\extra3
copy C:\Drivers\bogus.inf C:\Drivers\extra4
copy C:\Drivers\bogus.inf C:\Drivers\extra5
copy C:\Drivers\bogus.inf C:\Drivers\extra6
copy C:\Drivers\bogus.inf C:\Drivers\extra7
copy C:\Drivers\bogus.inf C:\Drivers\extra8
copy C:\Drivers\bogus.inf C:\Drivers\extra9
del C:\Drivers\bogus.inf

pause

Then i use the “sysprep driver scanner” (http://www.vernalex. … spdrvscn/index.shtml). It will scan a directory and all subdirectories for .inf files. When found, the directory will be added to the list. This list will then be save to the registry key mentioned above.

Either use the GUI or use the commandline functionality, e.g.

spdrvscn.exe /d %SystemRoot%\inf /p C:\Drivers /e inf /a /s /q