Sunday, June 29, 2008

Notes on VPNs between Macs and SBS2003

 
 

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________

Tuesday, June 24, 2008

Tip on NTBACKUP and Recovery Storage Groups

Make sure that, when restoring from an NTBACKUP Exchange store, that you don't restore more than one information store at a time i.e do private store first and choose Replay logs, before than doing another restore operation for public store.

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________

Saturday, June 21, 2008

Script for adding shares from one machine to another machine (rather than just overwriting existing ones!)

 

 

 

@ECHO OFF
:: Check Windows version -- Windows 2000 or later
IF NOT "%OS%"=="Windows_NT" GOTO Syntax
VER | FIND.EXE "Windows NT" >NUL
IF NOT ERRORLEVEL 1 GOTO Syntax

 

:: Check command line arguments -- none required
IF NOT "%~1"=="" GOTO Syntax

 

:: Save a list of ALL shares found on the source server
NET.EXE SHARE > "%~dp0%ComputerName%_originalshares.txt" 2>&1

 

:: List only the shares that should be recreated on the target server
:: Note: Remove the FINDSTR filters for VPHOME and VPLOGON
::       if Norton AntiVirus is not installed on the servers
NET.EXE SHARE | FIND.EXE /I /V " Spooled " | FINDSTR.EXE /I /V /R /B /C:"PRINT\$" | FINDSTR.EXE /I /V /R /B /C:"IPC\$" | FINDSTR.EXE /I /V /R /B /C:"ADMIN\$" | FINDSTR.EXE /I /V /R /B /C:"[A-Z]\$" | FINDSTR.EXE /I /V /R /B /C:"VPHOME" | FINDSTR.EXE /I /V /R /B /C:"VPLOGON" > "%~dp0%ComputerName%_netshares.txt"

 

:: Add a prompt for confirmation to the automatically generated batch files
>  "%~dp0%ComputerName%_recreate_shares.bat" ECHO @ECHO OFF
>> "%~dp0%ComputerName%_recreate_shares.bat" ECHO CLS
>> "%~dp0%ComputerName%_recreate_shares.bat" ECHO ECHO.
>> "%~dp0%ComputerName%_recreate_shares.bat" ECHO ECHO You are about to recreate %ComputerName%'s shares.
>> "%~dp0%ComputerName%_recreate_shares.bat" ECHO IF /I NOT "%%ComputerName%%"=="%ComputerName%" ECHO This server is NOT the one that generated this batch file.
>> "%~dp0%ComputerName%_recreate_shares.bat" ECHO PAUSE
>> "%~dp0%ComputerName%_recreate_shares.bat" ECHO VER ^| FIND.EXE "Windows 2000" ^>NUL
>> "%~dp0%ComputerName%_recreate_shares.bat" ECHO IF ERRORLEVEL 1 (SET Grant=/GRANT:Everyone,FULL) ELSE (SET Grant=)
>> "%~dp0%ComputerName%_recreate_shares.bat" ECHO ECHO ON

 

>  "%~dp0%ComputerName%_delete_shares.bat" ECHO @ECHO OFF
>> "%~dp0%ComputerName%_delete_shares.bat" ECHO CLS
>> "%~dp0%ComputerName%_delete_shares.bat" ECHO ECHO.
>> "%~dp0%ComputerName%_delete_shares.bat" ECHO ECHO You are about to delete all shares migrated from %ComputerName%.
>> "%~dp0%ComputerName%_delete_shares.bat" ECHO IF /I NOT "%%ComputerName%%"=="%ComputerName%" ECHO This server is NOT the one that generated this batch file.
>> "%~dp0%ComputerName%_delete_shares.bat" ECHO PAUSE
>> "%~dp0%ComputerName%_delete_shares.bat" ECHO ECHO ON

 

:: Read the list of shares to be migrated and generate the required batch files
FOR /F "skip=4 tokens=1" %%A IN ('TYPE "%~dp0%ComputerName%_netshares.txt" 2^>NUL ^| FINDSTR.EXE /R /B /I /V /C:"The command completed successfully\." ^| FINDSTR.EXE /R /B /V /C:" " ^| SORT') DO CALL :ReadShare %%A

 

:: Done
TITLE Ready
GOTO:EOF

 


:ReadShare
:: Display progress.
TITLE %~1
:: Retrieve the path associated with the share name and add the share to both batch files
FOR /F "tokens=1*" %%a IN ('NET.EXE SHARE %1 2^>NUL ^| FINDSTR.EXE /R /B /I /C:"Path"') DO (
 >> "%~dp0%ComputerName%_recreate_shares.bat" ECHO NET.EXE SHARE %1="%%~b" %%Grant%%
 >> "%~dp0%ComputerName%_delete_shares.bat"   ECHO VER ^| NET.EXE SHARE %1 /DELETE
)
GOTO:EOF

 


:Syntax
ECHO.
ECHO ShareMig.bat,  Version 1.00 for Windows 2000 / Windows Server 2003
ECHO Prepare a migration of all shares from the current server to a new one.
ECHO.
ECHO Usage:  SHAREMIG.BAT
ECHO.
ECHO When run on a server, this batch file will generate 4 files:
ECHO.
ECHO   %%COMPUTERNAME%%_ORIGINALSHARES.TXT         text file listing ALL shares;
ECHO   %%COMPUTERNAME%%_NETSHARES.TXT              list of shares to be migrated;
ECHO   %%COMPUTERNAME%%_RECREATE_SHARES.BAT        use this batch file to recreate
ECHO                                             the shares on the new server;
ECHO   %%COMPUTERNAME%%_DELETE_SHARES.BAT          undo and test batch file to delete
ECHO                                             the migrated shares again;
ECHO.
ECHO where %%COMPUTERNAME%% is the name of the server this batch file was executed on.
ECHO Usually %%COMPUTERNAME%%_RECREATE_SHARES.BAT is the only file you'll need on the
ECHO new server; %%COMPUTERNAME%%_DELETE_SHARES.BAT is for testing purposes only.
ECHO If all else fails, use the generated text files as a reference for manual
ECHO (re)creation of the shares.
ECHO.
ECHO Written by Rob van der Woude
ECHO http://www.robvanderwoude.com

 

 

Minimal Debian Etch AMD64 install for VMWare Server

http://outsidaz.org/blog1/2007/10/30/minimal-debian-etch-amd64-install-for-vmware-server/

40 different remote access applications

http://mashable.com/2007/09/07/remote-access/

Terminal Server Licences - Users and Devices can be bypassed?

Can’t remember where I got this but good for testing.

 

)
Subject: interesting

 

Description
Windows 2003 Terminal Server Licensing Hack / Bug

In Windows 2000, Terminal Services only included a "Per Device" licensing mode.
This means if you have 5 people sharing 1 workstation and they all use TS on a server, they only require 1 TS CAL. However in today's world of throw away computers and telecommuting, the reality is most companies will have more than 1 "device" (computer) per employee. This means for 1 power user you may have to supply 2 or 3 TS CALs. This obviously isnt fair. Microsoft made up for this partly in 2000 by letting 2000 Pro or XP Pro machines connect to a 2000 TS Server effectively for free. TS CALs for these devices come from an unlimited pool on the TS Licensing Server automatically.

Microsoft was pressured in Windows 2003 to introduce a Per User licensing mode as it was expected that an XP Client license would no longer include a TS CAL. This would allow 1 Power User to use as many PCs as they wanted while consuming only 1 TS CAL. Since companies now have to pay for EVERY TS CAL in 2003, this made alot more sense.

Well with all the feature updates in 2003 Server, someone forgot to "finish" the Licensing Code for Per User. (In theory all they had to do was assign a CAL to the user's SID, but in workgroups this may not work as expected, so who knows).
Well rather than pulling the (expected) Per User licensing mode, Microsoft released it in such a way that it barely works.

In a Per Device mode, the TS Licensing server has to have 2 things.
1) Needs to be "Activated" (This registers the TS Lic server with MS, but its totally free)
2) Needs to have Per Device TS CALs added to the Licensing Server

However, in Per USer mode, the TS Licensing server only needs #1.
What? You dont beleive me? Check this URL:
- http://www.microsoft.com/windowsserver2003/techinfo/overview/termservlic.mspx
- Download and open the 2003 TS Licensing Whitepaper.
- Look in the section called "Client License Distribution Per User"
- Notice that section is VERY short and read the first sentence as its specifically says "must be able to locate a license server" as the only requirement.

The caveat to this is 2003 defaults to Per Device mode and needs to be changed to Per User mode in order use (exploit) this feature (bug).

To change your licensing Mode:
- Launch Terminal Server Configuration from Administrative Tools.
- Select Server Options on the left
- Double Click Licensing Mode on the right. Change the mode to Per User and then reboot.
NOTE: If you are adding TS and your source disk was 2003 with SP1 integrated, you will actually be prompted for your licensing mode and licensing server discovery method during the install. This makes it alot easier.



Something not documented very well in the whitepaper is also the easiest way to point your TS Server at a specific Licensing server. If you dont have TS Licensing setup in AD properly and your TS Licensing server is NOT on the same subnet as the Licensing server, this is the fastest and easiest way to force the TS Server to see the Licensing Server.

Add a Registry key (not a Reg Entry but a Key (looks like a folder)) like the following.
You will probably need to add the LicenseServers key as well.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService\Parameters\LicenseServers\LICSERVERNAME
Where LICSERVERNAME is the name of your License Server. It can also be the IP or FQDN of the License Server if need be. This KB Article explains it:
http://support.microsoft.com/kb/279561



Just keep in mind that if you do this at your company, and you ever get audited by MS and they find you dont have any Per User TS CALs at least purchased, your going to be in some serious trouble. The funny part is they dont have an easy way to tell how many your supposed to have purchased anyway because the licensing is broken and cant track valid licesnes properly anyway.

I personally found this all out because I put 1000 Per User TS CALs on my Licensing Server my company purchased. Several months later after I pointed 30+ TS Servers at this license server (all in Per User Mode of course), I was surprised to find it said I had Zero issued and 1000 still available. I opened a case with MS where they embarrassingly explained to me this glitch.


Well thats it, enjoy your free 2003 TS Licenses.

 

 

SQL 2000 enterprise manager - Network share backups

 

Grant server full rights to network share (COMPUTERNAME$)

Create share specific to database

backup databases in sep jobs

path will be \\server\share (must be manually entered)

 

 

 

Site listing IP address ranges for each country

http://www.proxyserverprivacy.com/ipaddress_range.php

NICE LOGON SCRIPT

Download this scriptClick here to print the script.


Author: Grant Ardern

Description:

Logon script proven to actually lower workstation cost of ownership by standardizing environment without the limitations of desktop lockdowns.

Script:

'-------------------
'VBS LOGON SCRIPT - If Possible Consult Domain Admin Before Editing This Script...
'-------------------
'Original script by Grant Ardern ext 8433 mob 025 871 827 email grant@digitalmuscle.net
'-------------------
' Defining Variables and Initialising Scripting Objects
'-------------------
Const SOURCE = "\\ServerName\NETLOGON\virusdat4"
Const TARGET_NT = "C:\Program Files\Network Associates\VirusScan NT"
Const ForReading = 1, ForWriting = 2, ForAppending = 8

Dim WSHNetwork
Dim WshShell
Dim WshSysEnv
Dim WshProcessEnvironment
Dim UserObj
Dim objTimer
Dim strUserID 'User Name
Dim strWorkstation
Dim sNIC, sMan
Dim iCount
Dim strDomain
Dim strOS, strTarget, strSource

If err <> 0 Then
   Wscript.echo "Login Script Failed - Contact IT, ext 8453"
End If

Set WSHNetwork = WScript.CreateObject("WScript.Network")
Set WshShell = WScript.CreateObject("WScript.Shell")
Set WshProcessEnvironment = WshShell.Environment("Process")
Set FileSysObj = CreateObject("Scripting.FileSystemObject")
Set LoginBox = CreateObject("Loginscreen.Main")
Set WshSysEnv = WshShell.Environment
Set DomainObj = GetObject("WinNT://DomainName")

strDomain = "DomainName"

on error resume next

Do
 strUserID = WSHNetwork.UserName
 strWorkstation = WSHNetwork.ComputerName
Loop Until strUserID <> ""


Set UserObj = GetObject("WinNT://" & strDomain & "/" & strUserID)

'***Initialise Groups
     Dim UserGroups
     Dim GroupObj
     UserGroups=""
     For Each GroupObj In UserObj.Groups
          UserGroups=UserGroups & "[" & GroupObj.Name & "]"
     Next

'*** Initialising LoginBox
LoginBox.Start
LoginBox.SetImage("\\ServerName\netlogon\PH_login.bmp")
LoginBox.SetTitle("Company Name Ltd")
LoginBox.SetWelcomeMessage("Running Logon Script For Pacific Health Ltd.,Tauranga...")
LoginBox.SetWaitMessage("Please wait while you are being logged onto the network...")

'-------------------
' General Logon Processes - (Specifics Executed By Procedures & Functions)
'-------------------

LoginBox.Pbar(10)
LoginBox.SetDisplayMessage ("Welcome " & strUserId & vbCrLF)

LoginBox.Pbar(20)
Text = "Mapping G: Drive To Group Shares"
LoginBox.SetDisplayMessage(Text)
KillDrive("G:")
MapDrive "G:","\\ServerName\grpshare"
LoginBox.Pbar(30)

Text = Text & vbcrlf & "Mapping H: Drive To Home Directory"
LoginBox.SetDisplayMessage(Text)
KillDrive("H:")
MapDrive "H:","\\ServerName\" & strUserID
LoginBox.Pbar(40)


If InGroup("IT") Then
Text = Text & vbcrlf & "Mapping I: Drive To Installs Directory"
LoginBox.SetDisplayMessage(Text)
KillDrive("I:")
MapDrive "I:","\\ServerName\Installs"
LoginBox.Pbar(45)
End If

'** Temp Change for comrad (needs to map k: \\foxtrot\comrad\comrad)
'I have done this in the initial script using a net use stmt as this fails)
'**

'If strOS = "Windows_NT" Then
'     If InGroup("Domain Users") Then
'          Text = Text & vbcrlf & "Mapping K: Drive To ComRad"
'          LoginBox.SetDisplayMessage(Text)
'          KillDrive("K:")
'          MapDrive "K:","\\ServerName\Comrad\"
'          LoginBox.Pbar(45)
'     End If
'End If

If InGroup("DBAccess") Then
Text = Text & vbcrlf & "Mapping L: Drive To Database Directory"
LoginBox.SetDisplayMessage(Text)
KillDrive("L:")
MapDrive "L:","\\ServerName\DBAccess"
LoginBox.Pbar(50)
End If

If InGroup("TESTING") Then
Text = Text & vbcrlf & "Mapping M: Drive To Mt on Oscar"
LoginBox.SetDisplayMessage(Text)
KillDrive("M:")
MapDrive "M:","\\Oscar\Mt"
LoginBox.Pbar(55)
End If

If InGroup("ANSOS") Then
Text = Text & vbcrlf & "Mapping M: Drive To Ansos"
LoginBox.SetDisplayMessage(Text)
KillDrive("M:")
MapDrive "M:","\\whiskey\ansos"
LoginBox.Pbar(55)
End If

If InGroup("Domain Admins") Then
Text = Text & vbcrlf & "Mapping N: Drive To ServerName\Netlogon"
LoginBox.SetDisplayMessage(Text)
MapDrive "N:","\\ServerName\Netlogon"
LoginBox.Pbar(60)
End If

If InGroup("IT") Then
Text = Text & vbcrlf & "Mapping O: Drive To Quetzal Directory"
LoginBox.SetDisplayMessage(Text)
KillDrive("O:")
MapDrive "O:","\\106180\Quetzal"
LoginBox.Pbar(65)
End If

If InGroup("COMMUNITY") Then
Text = Text & vbcrlf & "Mapping P: Drive To CMS"
LoginBox.SetDisplayMessage(Text)
KillDrive("P:")
MapDrive "P:","\\ServerName\cms"
LoginBox.Pbar(65)
End If

If InGroup("MATERNITY") Then
Text = Text & vbcrlf & "Mapping P: Drive To Terranova"
LoginBox.SetDisplayMessage(Text)
KillDrive("P:")
MapDrive "P:","\\ServerName\tnova"
LoginBox.Pbar(65)
End If

If InGroup("pharmasc") Then
Text = Text & vbcrlf & "Mapping P: Drive To Ascribe"
LoginBox.SetDisplayMessage(Text)
KillDrive("P:")
MapDrive "P:","\\ServerName\ac_live"
KillDrive("N:")
MapDrive "N:","\\ServerName\ascibe"
LoginBox.Pbar(65)
End If

If InGroup("AFFINITY") Then
Text = Text & vbcrlf & "Mapping P: Drive To Mantrack"
LoginBox.SetDisplayMessage(Text)
KillDrive("P:")
MapDrive "P:","\\whiskey\affinity$"
LoginBox.Pbar(65)
End If


If InGroup("telephonists") Then
Text = Text & vbcrlf & "Mapping W: Drive To Winpage"
LoginBox.SetDisplayMessage(Text)
KillDrive("W:")
MapDrive "W:","\\basekitnt\winpage"
LoginBox.Pbar(65)
End If

If InGroup("Domain Admins") Then
Text = Text & vbcrlf & "Mapping P: Drive To ServerName Apps"
LoginBox.SetDisplayMessage(Text)
KillDrive("P:")
MapDrive "P:","\\ServerName\apps"
LoginBox.Pbar(65)
End If

If InGroup("PAYROLL") Then
Text = Text & vbcrlf & "Mapping Q: Drive To Decision Group"
LoginBox.SetDisplayMessage(Text)
KillDrive("Q:")
MapDrive "Q:","\\Oscar\Decisiongroup"
LoginBox.Pbar(65)
End If

If InGroup("3M") Then
Text = Text & vbcrlf & "Mapping R: Drive To 3M Encoder"
LoginBox.SetDisplayMessage(Text)
KillDrive("R:")
MapDrive "R:","\\ServerName\encoder"
LoginBox.Pbar(65)
End If

If strUserID="GRANT" Then
Text = Text & vbcrlf & "Mapping S: Drive To Std Desktop"
LoginBox.SetDisplayMessage(Text)
KillDrive("S:")
MapDrive "S:","\\build\StdDsktp"
LoginBox.Pbar(65)
End If

Text = Text & vbcrlf & "Checking Virus Files Are Up To date..."
LoginBox.SetDisplayMessage(Text)
VirusFilesCheck
LoginBox.Pbar(70)


If Not InGroup("SpecialNetwork") Then
CheckNetwork
UpdateRegistry
Text = Text & vbcrlf & "Checking Registry & Network settings Are Correct"
LoginBox.SetDisplayMessage(Text)
End If


Text = Text & vbcrlf & "Performing Miscellaneous Corrections"
LoginBox.SetDisplayMessage(Text)
MiscellaneousFixes
LoginBox.Pbar(90)

Set SuccessLog =
FileSysObj.OpenTextFile("\\ServerName\logfile$\NT_Logons.txt",
ForAppending, True, TristateFalse)
SuccessLog.WriteLine(int(now()) &" , " & strUserID & " , " &
strWorkstation & " , "& time & vblf)
SuccessLog.Close

LoginBox.Pbar(100)
on error resume next

'LoginBox.NoPBar
Set objTimer = CreateObject ("TimeObject.Time")
objTimer.Timer (1) 'Wait 1 seconds

LoginBox.Kill


Set LoginBox = nothing

'-------------------
'----------Sub-Procedures---------

'-------------------
' Sub: Disconnects Network Drives
'-------------------
Sub KillDrive(strdrive)

On Error Resume Next
If FileSysObj.DriveExists(strDrive) = true then
WshNetwork.RemoveNetworkDrive strDrive

End Sub
'-------------------
' Sub: Drive Mapping Routine
'-------------------
Sub MapDrive( strDrive, strShare )

     Dim Path
     If InStr(strShare,"\") then
          Path=strShare
     Else
          Path="\\" & Authsvr & "\" & strShare
     End If

     ' Map drive
     On Error Resume Next
     WSHNetwork.MapNetworkDrive strDrive, Path

     ' End Sub result
     If Err.Number <> 0 Then WriteErr( strUserID & ": Mapping " & strDrive & " to " & Path & " " & Err.Description & " " & Now() )
End Sub
'-------------------
' Function: InGroup
'-------------------
Function InGroup(strGroup)
     InGroup=False
     If InStr(UserGroups,"[" & strGroup & "]") Then
               InGroup=True
     End If
End Function
'-------------------
' Virus File Maintenance
'-------------------
Sub VirusFilesCheck
On error resume next
 GetOS
  If strOS = "Windows_NT" Then
     If IsFileOlder(TARGET_NT & "\SCAN.DAT", SOURCE & "\SCAN.DAT") Then
               WshShell.Run "net stop " & Chr(34) & "Network Associates McShield" & Chr(34), 0, TRUE
               CopyDirFiles SOURCE, TARGET_NT
               WshShell.Run "net start " & Chr(34) & "Network Associates McShield" & Chr(34), 0, TRUE
               'Wscript.Echo "Virus Files Updated!"
     End If
  End If
End Sub
'-------------------
' Sub: Return OS Type
'-------------------
Sub GetOS

     strOS = WshSysEnv("OS")

End Sub

'-------------------
' Function: File Creation Date Comparison
'------------------
Function IsFileOlder(filespec1, filespec2)
     Dim f1, f2, strTargetDate, strSourceDate, bExists

     bExists = TRUE
     If Not FileSysObj.fileExists(filespec1) Then
          strPrompt = "Target file:" & vbLf & vbLf & filespec1 & vbLf & vbLf &_
                                         "NT Virus Scanner ver 4 Not Installed! Click OK & Call IT-ext 8453"
          bExists = FALSE
     ElseIf Not FileSysObj.fileExists(filespec2) Then
          strPrompt = "Source file:" & vbLf & vbLf & filespec2 & vbLf & vbLf &_
                                         "Virus Files Don't Exist! Please Call IT-ext 8453"
          bExists = FALSE
     End If

     If bExists = FALSE Then
          strTitle = "File Comparison Error!"
          MsgBox strPrompt, vbCritical, strTitle
          'Wscript.Quit
          Exit Function
     End If

     Set f1 = FileSysObj.GetFile(filespec1)
     Set f2 = FileSysObj.GetFile(filespec2)
     strTargetDate = f1.DateLastModified
     strSourceDate = f2.DateLastModified

     If strTargetDate < strSourceDate Then
          IsFileOlder = TRUE
               Else
          IsFileOlder = FALSE

     End If

End Function
'-------------------
' Function: CopyFile
'-------------------

Sub CopyFile(strSource, strDest)
     Dim lfsObject
     Dim Source

     On Error Resume Next
     Set lfsObject = CreateObject("Scripting.FileSystemObject")
     Set Source = lfsObject.GetFile(strSource)

      Source.Copy strDest
     Set lfsObject = nothing

End Sub

'-------------------
' Sub: Copy Files From Directory
'-------------------
Sub CopyDirFiles(strSourceDir, strTargetDir)
     Dim lfsObject, lFileList, lFolder, lFile

     On Error Resume Next
     Set lfsObject = CreateObject("Scripting.FileSystemObject")
     Set lFolder = lfsObject.GetFolder(SOURCE)
     Set lFileList = lFolder.Files


     For Each lFile in lFileList
          lfsObject.CopyFile SOURCE & "\" & lFile.Name, TARGET_NT & "\" & lFile.Name
     Next


End Sub

'-------------------

' Standard Registry Changes and Maintenance
'-------------------
Sub UpdateRegistry
     'Clear log-out error
     'WSHShell.RegDelete "HKLM\Software\Microsoft\Windows\CurrentVersion\ProfileList\" & strUserID & "\BadLocal"



     'Clear last user
'     WSHShell.RegWrite "HKLM\Network\Logon\username", ""

On error resume next

If Not InGroup("OfflineUsers") Then
     WSHShell.RegWrite "HKCU\Software\Microsoft\Office\8.0\Outlook\OST\NoOst", 0, "REG_DWORD"
End If

     'WSHShell.RegWrite "HKCU\Software\Microsoft\Office\8.0\Outlook\Today\URL", "http://pacentral/index.html"
     'WSHShell.RegWrite "HKCU\Software\Microsoft\Office\9.0\Outlook\Today\URL", "http://pacentral/index.html"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://pacentral/index.html"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\LinkResolveIgnoreLinkInfo", 1, "REG_DWORD"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Internet Explorer\Main\Search Page","http://10.0.1.249/welcome.html"
     WSHShell.RegWrite "HKCU\Control Panel\Keyboard\Initial\KeyboardIndicators", "2"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cache", "%Windir%\Temporary Internet Files"
     WSHShell.RegWrite "HKLMSoftware\Microsoft\Windows\CurrentVersion\AppInstallPath", "%logonserver%\Netlogon\domainadmin\apps.ini"
     WSHShell.RegWrite "HKLM\Software\Microsoft\Clients\Mail\(Default)", "Microsoft Outlook"
     WSHShell.RegWrite "HKCU\Software\Policies\Microsoft\Windows\System\ExcludeProfileDirs", "Temporary Internet Files;Temp;History"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Windows NT\Current Version\Winlogon\RunLogonScriptSync", "1"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Windows NT\Current Version\Winlogon\ExcludeProfileDirs", "Local Settings\Application Data\Microsoft\Outlook"
     WSHShell.RegWrite "HKLM\Software\McAfee\VirusScan\McShield\CurrentVersion\szDefProgExts", "EXE COM DOC DOT XL? MD? VXD 386 SYS BIN RTF OBD DLL SCR OBT PP? POT OLE SHS MPP MPT XTP XLB CMD OVL DEV VBS ADT CBT CLA CPL CSC DRV HTM HTT JS MSO OV?"
     WSHShell.RegWrite "HKLM\Software\McAfee\VirusScan\McShield\CurrentVersion\szProgExts", "EXE COM DOC DOT XL? MD? VXD 386 SYS BIN RTF OBD DLL SCR OBT PP? POT OLE SHS MPP MPT XTP XLB CMD OVL DEV VBS ADT CBT CLA CPL CSC DRV HTM HTT JS MSO OV?"

If Not InGroup("SpecialRegistry") Then
     WSHShell.RegWrite "HKCU\Software\Microsoft\ClipArt Gallery\3.0\ConcurrentDatabases\Office97 Clipart","G:\Shared\Clipart\Office.cag"
     WSHShell.RegWrite "HKCU\Software\Microsoft\ClipArt Gallery\3.0\ConcurrentDatabases\Office97 Multimedia Clipart","G:\Shared\Clipart\mmedia.cag"
     WSHShell.RegWrite "HKCU\Software\Microsoft\ClipArt Gallery\3.0\ConcurrentDatabases\Office97 Photos Clipart","G:\Shared\Clipart\photos.cag"
     WSHShell.RegWrite "HKCU\Software\Microsoft\ClipArt Gallery\3.0\ConcurrentDatabases\Office97 Popular Clipart","G:\Shared\Clipart\pop97.cag"
     WSHShell.RegWrite "HKCU\Software\Microsoft\ClipArt Gallery\3.0\ConcurrentDatabases\Office97 PowerPoint Clipart","G:\Shared\Clipart\powerpnt.cag"
     WSHShell.RegWrite "HKCU\Software\Microsoft\ClipArt Gallery\3.0\ConcurrentDatabases\Office97 Screen Beans Clipart","G:\Shared\Clipart\scrbeans.cag"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Office\8.0\Word\Options\DOC-PATH", "H:\"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Office\8.0\Word\Options\PICTURE-PATH", "G:\Shared\Clipart"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Office\8.0\Common\FileNew\LocalTemplates\","C:\Pr ogram Files\Microsoft Office\Templates"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Office\8.0\Common\FileNew\SharedTemplates\","G:\Shared\Templates\"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Office\8.0\PowerPoint\Recent Folder List\Default", "H:\"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Office\8.0\Excel\Microsoft Excel\DefaultPath", "H:\"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Office\8.0\Excel\Microsoft Excel\Options3", 44, "REG_DWORD"
     WSHShell.RegWrite "HKCU\Software\Microsoft\Office\8.0\Access\Settings\Default DataBase Directory", "L:\"
     WSHShell.RegWrite "HKLM\SOFTWARE\Microsoft\Shared Tools\Proofing Tools\Custom Dictionaries\1", "\\ServerName\grpshare\Shared\Dictionaries\Medical1.dic"
     WSHShell.RegWrite "HKLM\SOFTWARE\Microsoft\Shared Tools\Proofing Tools\Custom Dictionaries\2", "\\ServerName\grpshare\Shared\Dictionaries\Medical2.dic"
     WSHShell.RegWrite "HKLM\SOFTWARE\Microsoft\Shared Tools\Stationery\Stationery Folder", "\\ServerName\grpshare\Shared\Stationery"
     WSHShell.RegWrite "HKLM\SOFTWARE\Microsoft\Shared Tools\Stationery\Backgrounds Folder", "\\ServerName\grpshare\Shared\Stationery"

End If

     'Office AutoCorrect Lists
     'WSHShell.RegWrite "HKCU\Software\Microsoft\Office\8.0\Common\AutoCorrect\Path","G:\Shared\Dictionaries\autocorrect.acl"

End Sub


'-------------------
' Network Settings Checks & Updates - Hosts file, DCHP, Gateways, Etc...
'-------------------
Sub CheckNetwork

' Set the DCHP service to autostart
If Not InGroup("SpecialNetwork") Then
     'WSHShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Services\DHCP\Start", 2
     WSHShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters\DhcpDomain", "DNSdomain.co.nz"
     WSHShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters\DhcpNameServer", "10.0.7.7 10.0.7.1"
     WSHShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters\Domain", "DNSdomain.co.nz"
     WSHShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters\NameServer", "10.0.1.249"
     WSHShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters\IPEnableRouter", 1, "REG_DWORD"
     WSHShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters\SearchList", "DNSdomain.co.nz"
End If

' Get Network card
On Error Resume Next
iCount = 1
Do
  sNIC = WSHShell.RegRead("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkCards\" & iCount & "\ServiceName")
  sMan = WSHShell.RegRead("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkCards\" & iCount & "\Manufacturer")
  ' Skip the Async and NDIS services
  If sMan <> "Microsoft" And Err.Number = 0 Then
     ' Call SetNIC
  End If
  iCount = iCount + 1
Loop Until Err.Number <> 0

' Clear the error
Err.Clear

End Sub
'*******************
Sub SetNIC
  Dim iTest
  ' Set the NIC service to use DHCP
  sNIC = "HKLM\SYSTEM\CurrentControlSet\Services\" & sNIC &"\Parameters\TCPIP\"
  iTest = WSHShell.RegRead(sNIC & "EnableDHCP")
  If iTest = 0 Then
    WSHShell.RegWrite sNIC & "EnableDHCP", 1, "REG_DWORD"
    WSHShell.RegWrite sNIC & "IPAddress", "0.0.0.0", "REG_MULTI_SZ"
    WSHShell.RegWrite sNIC & "SubnetMask", "0.0.0.0", "REG_MULTI_SZ"
  End If
End Sub

'-------------------

' Miscellaneous Fixes, File Copies Etc...
'-------------------

Sub MiscellaneousFixes
On error resume next

'Disabling VBS.Freelink Virus
     If WSHShell.RegRead("HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Rundll") = "RUNDLL.VBS" then
          WSHShell.RegDelete "HKCU\Software\Microsoft\Windows\Current Version\Run\Rundll"
     End If

If strOS = "Windows_NT" Then
'CopyFile "\\ServerName\Netlogon\domainadmin\winnt256.bmp","C:\WinNT\winnt256.bmp"
CopyFile "\\ServerName\Netlogon\domainadmin\oemlogo.bmp","C:\WinNT\system32\oemlogobmp"
CopyFile "\\ServerName\Netlogon\domainadmin\oeminfo.ini","C:\WinNT\system32.ini"
End If

If InGroup("administrators") Then
    CopyFile "\\ServerName\Netlogon\domainadmin\Hosts","C:\WinNT\System32\Drivers\Etc"
End If

End Sub

 

 

FW: MSI Installer fails when Installing Large Service Packs

I just encountered this error when installing a large service pack from Microsft on Windows Server 2003

 

Microsoft have released a hotfix to address this

 

 

 

FW: You cannot successfully perform an online backup of the information store databases on your Exchange Server 2003 SP1 computer, and event ID 217 is logged

 

 

This was a problem for a customer of mine recently – Information Store wouldn’t backup after they exceeded the 16GB limit and we did an offline defrag ‘eseutil /d’.  It would do a partial backup and then fail.

 

In the event log we were getting:

 

Event ID: 217
Source: ESE
Type: Error
Category: Logging/Recovery
Description:
Error -4001 During backup of a database location. The database will be unable to restore.

 

Prior to the offline defrag the Information Store was backing up fine.  The customer has Exchange 2003 SP1.  The answer is a hotfix from Microsoft which is incorporated in  SP2 however once you have this issue just upgrading to Exchange SP2 will not fix it.

 

Here’s the Microsoft link which explains how to fix the issue.  It’s quite straight forward – obtain the hotfix (we have it if required) and run a taskkill to stop the store process and force a recovery on reboot.

 

http://support.microsoft.com/kb/889528

 

 

Should be in the Darwin Awards...

http://www.safetycenter.navy.mil/photo/archive/default.htm

Good Kung Fu Desktops

http://www.cinemaisdope.com/category/shaw-brothers/page/3/

 

http://www.shawbros.nl/desktop.html

Thursday, June 19, 2008

More Blackberry stuff

FAQ - Enterprise Server Errors

You can either click on a question to take you directly to the answer or scroll through to read all of them.

1. How do I resolve a Winsock error: 11001 message in the debug log?
2. How do I resolve a Winsock error: 10060 message in the debug log?
3. How do I resolve a Winsock error: 10054 message in the debug log?
4. How do I resolve a Winsock error: 10091 message in the debug log?
5. How do I resolve a Winsock error: 10061 message in the debug log?
6. How do I resolve an error 2140 when starting the BlackBerry Service?
7. I found the following in my Debug log: MAPI_E_LOGON_FAILED (80040111). What does it mean?
8. I receive error 5302 when I try to start the BlackBerry Service. What does this message mean?
9. I receive error 5401 when I try to start the BlackBerry Service. What does this message mean?

1. How do I resolve a Winsock error: 11001 message in the debug log?

Winsock error: 11001 appearing in the debug log indicates that there is a problem with the DNS resolution within the server. To check the DNS server, complete the following steps:

  1. Ping a domain name
  2. Ping an IP address for the same domain name
  3. If the IP address worked and the domain name didn't, then check your DNS server settings.

For further assistance with Winsock errors go to the Microsoft support site: http://search.support.microsoft.com/kb/c.asp?ln=en-us Back to top

2. How do I resolve a Winsock error: 10060 message in the debug log?

Winsock error: 10060 appearing in the BlackBerry Enterprise Server debug log indicates that the server is having troubles connecting through the Internet. To resolve this, verify the following:

bullet That Port 3101 is open for bi-directional, outbound initiated traffic.
bullet That the Internet connection is working properly; that other services using the Internet connection are not having any timing-related issues or performance problems.

For further assistance with Winsock errors go to the Microsoft support site:
http://search.support.microsoft.com/kb/c.asp?ln=en-us Back to top

3. How do I resolve a Winsock error: 10054 message in the debug log?

Winsock error: 10054 appearing in the BlackBerry Enterprise Server debug log indicates that the remote host forcibly closed a connection. This normally results if the peer program on the remote host is suddenly stopped or the host is rebooted. To resolve this, verify the following:

bullet That Port 3101 is open for bi-directional, outbound initiated traffic.
bullet That the Internet connection is working properly.

For further assistance with Winsock errors go to the Microsoft support site:
http://search.support.microsoft.com/kb/c.asp?ln=en-us Back to top

4. How do I resolve a Winsock error: 10091 message in the debug log?

Winsock error: 10091 appearing in the BlackBerry Enterprise Server debug log indicates that the Windows Sockets implementation cannot function because the underlying system it uses to provide network services is currently unavailable To resolve this, verify the following:

bullet That the appropriate Windows Sockets DLL file is in the current path. Go to the Microsoft website for further information concerning your environment.
bullet That more than one Windows Sockets implementation is trying to being used simultaneously. If there is more than one WINSOCK DLL on the system, confirm the first one in the path is appropriate for the network subsystem currently loaded.
bullet That all components are currently installed and configured correctly.

For further assistance with Winsock errors go to the Microsoft support site:
http://search.support.microsoft.com/kb/c.asp?ln=en-us Back to top

5. How do I resolve a Winsock error: 10061 message in the debug log?

Winsock error: 10061 appearing in the BlackBerry Enterprise Server debug log indicates that the Windows Sockets implementation cannot function because the underlying system it uses to provide network services is currently unavailable. To resolve this, verify the following:

bullet That Port 3101 is open for bi-directional, outbound initiated traffic.
bullet That the Internet connection is working properly.

For further assistance with Winsock errors go to the Microsoft support site:
http://search.support.microsoft.com/kb/c.asp?ln=en-us Back to top

6. How do I resolve an error 2140 when starting the BlackBerry Service?

The following information will be displayed in the debug log:

bullet MAPI Logon EX
bullet No Service Name
bullet Authentication Failed
bullet Using "Default" MAPI Profile

Use this information to complete the following steps:

1. MAPI Logon EX:
Confirm that the BESAdmin account has the following:

bullet Domain Administration group
bullet Log on Locally, Log on as a Service
bullet Microsoft Exchange permissions
bullet MAPI profile

2. No Service Name:
The server name listed in the BlackBerry Enterprise Server does not match the Registry

bullet In Microsoft Exchange Administrator: right-click the Configuration container and select BlackBerry Servers > System Info. Compare the information listed with the information listed in the Registry HKEY_LOCAL_MACHINE/Software/Research In Motion/BlackBerry/Server
Note: Any changes can be made directly in the Registry

No SRP Authentication Key or Identifier:

bullet In Microsoft Exchange Administrator: right-click the Configuration container and select BlackBerry Servers > System Info. Confirm the SRP information is listed in the Microsoft Exchange Administrator.

3. Authentication Failed: An incorrect SRP Authentication Key and/or SRP Identifier has been used. >

bullet In Microsoft Exchange Administrator: right-click the Configuration container and select BlackBerry Servers > System Info. Confirm the information is corrected.

5. Using "default" MAPI profile:
The BESAdmin MAPI profile is not correct; to resolve this you must recreate the MAPI Profile, following these steps:

  1. Select Start> Settings> Control Panel> Mail icon.
  2. Select the Show Profiles button
  3. Select the Add button
  4. Select the following options: Microsoft Exchange Server and Manually Configure Information Services
  5. Select Next.
  6. Name the profile.
  7. Select Next.
  8. Select Add.
  9. Select Microsoft Exchange Server.
  10. Select OK.
  11. Type the name of the Microsoft Exchange Server and the user's mailbox.
  12. Select the Check Name button.
Note: If the correct information has been entered, both the Microsoft Exchange Server and the Mailbox name will be underlined.

  1. Select Apply.
  2. Select OK.
  3. Select option to add to the startup group (if preferred).
  4. Select Finish. Back to top

7. I found the following in my Debug log: MAPI_E_LOGON_FAILED (80040111). What does it mean?

The MAPI_E_LOGON_FAILED message means that there was a problem logging onto the email account in question. To resolve this, verify the following:

bullet If passing a profile name in the logon line, confirm the profile exists on the computer where the logon line runs.
bullet To logon to a mailbox, specify the owner of the mailbox as someone that has an account on the Windows NT Domain, or someone that has logon permissions to that mailbox
bullet Confirm the account logged into under IIS has "Log on Locally" rights to the IIS computer. These rights are granted through the "User Manager" on the IIS computer
bullet IIS version 4.0 has an additional feature that allows for password synchronization between IIS 4.0 and the computer user accounts. Password synchronization should only be used with the user account defined by the local computer, not with user accounts on remote computers. This feature will not work to authenticate an anonymous user to a remote Microsoft Exchange server.

Please refer to Microsoft article Q181739 for more detailed information. Back to top

8. I receive error 5302 when I try to start the BlackBerry Service. What does this message mean?

This message is received if an incorrect MAPI profile is inserted during installation of the BlackBerry Enterprise Server. To fix this situation follow the steps below:

  1. In Microsoft Exchange Administrator: right-click the Configuration container and select BlackBerry Servers > System Info. Check that the MAPI Profile and Server Name are correct.
  2. Verify this against the Registry Key: HKEY_LOCAL_MACHINE\Software\Research In Motion\BlackBerry\Server\"Name" (For information on checking Registry keys, go to the Start menu on the desktop and select Run. Enter Regedit, and then select OK. If you have not used Regedit before, take a few minutes to read the online help within the program.)
  3. If the information does not match, edit the registry directly to ensure that the information from step 1 is identical.
  4. Recreate the MAPI profile and reboot the BlackBerry Enterprise Server. Back to top

9. I receive error 5401 when I try to start the BlackBerry Service. What does this message mean?

An error message 5401 when trying to start the BlackBerry Service means that one of the following setting problems could exist:

bullet Incorrect MAPI profile
bullet The BlackBerry Enterprise Server has been removed
bullet Incorrect server name
bullet Incorrect Admin mailbox

To verify this information, complete the following steps:

  1. In Microsoft Exchange Administrator, right-click the Configuration container.
  2. Select BlackBerry Server.
  3. Select the System Info button and check that the MAPI Profile and Server Name are correct.
  4. Verify this information against the Registry Key: HKEY_LOCAL_MACHINE\Software\Research In Motion\BlackBerry\Server\"Name" (For information on checking Registry keys go to the Start menu on the desktop and select Run. Type Regedit and select OK. If you have not used Regedit before, take a few minutes to read the online help within the program.)
  5. If the information does not match, edit the registry directly to ensure that the information from Step 1 is identical.
Note: If no users have been added to the server, remove the server and re-add it with a new name. Add that new name to the Registry.

The Admin mailbox displayed in the System Info must be the correct Admin account (i.e. BESAdmin). If the information is incorrect you will need to remove and re-add the BlackBerry Enterprise Server using the correct information. Back to top


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________

Tuesday, June 17, 2008

How to configure SQL mail


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________

PING Partition is not ghost....

 
Disk Imaging and other neat tools...

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________

Getting a TV card to work in server 2008

 
 

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________

Might be a repeat but how to run server 2008 as workstation


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________

Tuesday, June 3, 2008

SBS 2008 RC0 out now

 
 
 
 

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________

Active Directory Mapping tool


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________