I’ve recorded a short video on how to lock windows machines from the windows command line. Let me know if you found it useful.
Category Archives: Microsoft
RDP setup
I often need to connect to servers via RDP. I’ve found these posts below helpful for configuring RDP connection settings, specifically getting the new RDP window to open on the screen I want in the position I want.
Firstly, GrandPixel’s comment on this blog post at hydrous.net at 9:00pm on August 17, 2010.
Secondly, this post at blogs.msdn.com
The final RDP file contents for me are:
screen mode id:i:2
use multimon:i:0
desktopwidth:i:1440
desktopheight:i:900
session bpp:i:32
winposstr:s:0,3,-1440,100,1400,900
compression:i:1
keyboardhook:i:2
audiocapturemode:i:0
videoplaybackmode:i:1
connection type:i:2
displayconnectionbar:i:1
disable wallpaper:i:1
allow font smoothing:i:0
allow desktop composition:i:0
disable full window drag:i:1
disable menu anims:i:1
disable themes:i:0
disable cursor setting:i:0
bitmapcachepersistenable:i:1
full address:s:{removed}
audiomode:i:0
redirectprinters:i:1
redirectcomports:i:0
redirectsmartcards:i:0
redirectclipboard:i:1
redirectposdevices:i:0
redirectdirectx:i:1
autoreconnection enabled:i:1
authentication level:i:0
prompt for credentials:i:0
negotiate security layer:i:1
remoteapplicationmode:i:0
alternate shell:s:
shell working directory:s:
gatewayhostname:s:
gatewayusagemethod:i:4
gatewaycredentialssource:i:4
gatewayprofileusagemethod:i:0
promptcredentialonce:i:1
use redirection server name:i:0
drivestoredirect:s:*
username:s:{removed}
Hopefully, others looking to open the RDP windows to a specified location will find the two posts above of use.
Best Practice Outlook 2010
Aside
Good read, if you’re into tech stuff:
This guide represents our advice on how to get the most out of Outlook 2010. However, it is not a comprehensive guide. A few core scenarios are covered to help you leverage Outlook into your information management needs. Best practices for Outlook 2010 – Outlook – Office.com.
No IMAP to Exchange 2003
Aside
So I ran into an issue I’ve not seen before yesterday. Couldn’t get Microsoft Outlook 2010 configured to talk via IMAP to Microsoft Exchange 2003, although the username and password was correct, it just would not connect. Turns out the answer is in this Microsoft KB article: Users Cannot Log On Using POP3 and the Error 0×80040920 Is Logged. Although about POP3 and not IMAP, the fix is the same, make both the account name and the alias in Microsoft Exchange the same.
How to find your external ip address from the command line
I often need to know what the external IP address for a client is. Thus I’ve cobbled together the following script. Simply copy the code below into externalip.cmd and when run from the command prompt it will do two things for you:
- the script will display the external IP address
- the script will set the environment variable ExternalIP to be whatever that IP is
@echo off
:: Find out what the External IP address is
:: Create the .vbs file first
Echo Option Explicit >externalipaddress.vbs
Echo Dim http : Set http = CreateObject( "MSXML2.ServerXmlHttp" ) >>externalipaddress.vbs
Echo http.Open "GET", "http://whatismyip.org", False >>externalipaddress.vbs
Echo http.Send >>externalipaddress.vbs
Echo Wscript.Echo http.responseText >>externalipaddress.vbs
Echo Set http = Nothing >>externalipaddress.vbs
:: run the resulting .vbs script and set the enviroment variable
for /f "skip=2 " %%G IN ('cscript externalipaddress.vbs') DO (Set ExternalIP=%%G)
:: Display the enviroment variable
Echo External IP is %ExternalIP%
:: tidy up and remove the temp file
del externalipaddress.vbs /q
Let me know if you find this useful, or if you can improve on it I’d love to hear from you.
Update on XPUnlimited
So some time ago I wrote a post about using XPUnlimited questioning it’s legality.
Today I’ve had another systems engineer tell me that it is legal. So I’ve spoken with the local distributor (http://xpunlimited.com.au/) here in Australia and asked them to clarify this.
Part of their reply pointed me to the FAQ on the XPUnlimited.com site:
It is legal to use XPUnlimited on top of Windows. If you want to know the details, read the license terms of Windows.
Certainly looking through the links and reading the paragraphs they cite makes me somewhat more comfortable about hearing of people who use it.
Reading the Registry from the Command Line
Often I need to check windows registry values, for example, to see if an addon is working.
From the Microsoft Windows command line (Start | run | cmd) it is easy to see what value a registry key has:
REG QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\MS Project\Addins\Mindjet.Mm8MsProject.AddIn.4" /v "LoadBehavior"
In this example above, we see if the Mindjet Mindmanager add-on is loaded or not in Microsoft Project.
Who should pay for Microsoft SQL installations that go wrong?
The day is almost over, so I’ll fill you in on some of what occurred today, as it relates directly to this post by Mike at GLComputing. This was originally written as a comment to his post and kinda grew, so I’m posting it here in full.
SQL 2008 Express R2 has finally let me install a default SQLEXPRESS instance but I still can’t get a custom instance of ACT7 working. Who should be paying for the time it’s taking me to work out this issue?
I don’t yet have a complete answer to that question.
Imagine for a moment that I buy a brand new car, from a dealership. The car has trouble starting. So I go back to the dealership and ask them to fix it. They do so. I as a client go home happy.
But what’s really occurred? Well, the dealership gets a mechanic to look at it; he determines that a component if faulty, he replaces it with one off the spare part shelf in the dealership.
The dealership doesn’t want to wear the cost of the mechanics time or the cost of the part, so they put in a warranty claim to the manufacturer for the time taken by the mechanic and the cost of the part.
The manufacturer pays up, occasionally they audit the dealership to make sure fraud isn’t occurring. The manufacturer actually obtained the faulty component from a supplier. They then make a claim to the supplier for the costs.
The supplier pays up.
I know this because many years ago (early ’90′s) I was a Warranty Manager for a car dealership.
Should the same process apply in the software industry?
Is it the fault of the reseller/dealership that software/component failed?
Is it the fault of the software house/manufacturer that the software/component failed?
Is it the fault of the supplier that the software/component failed?
Of course the initial supplier will argue that they make their product to stringent standards, and they can’t account for all the possible variables of other hardware and environmental conditions.
And of course the software house/manufacturer will say they took all appropriate steps.
And also, of course, the reseller/dealership will say they aren’t to blame either.
And the customer, well, the customer is never wrong, right?
Getting a little more specific, in my case today, the client has all good name brand equipment, setup by a reputable IT firm with a solid reputation. I couldn’t fault either their spec’s or configuration. I know the amount of effort I’ve put into this today. I know how much effort I’ve put into making SQL installs go smoothly, to the point where they mostly do go smooth for me, but sometimes, like today, they go very very wrong.
And so yes, I lay the fault with the remaining two players. Me, the guy on the pointy end of the issue, who gets to look like an idiot in front of a customer because he can’t make shrink wrapped software work on name brand computers. [Do you think I'm a little cranky? hint, I am.]
You see, the vendor here (Sage) have a product they sell (Sage ACT!) that uses a database in the back end (Microsoft SQL Server 2008 Express R2). The vendor (Sage) has chosen to use that product, use that version of the product. That choice means an implicit responsibility to issues using their product with the 3rd party product. Let me say it clearly, “Sage, you chose to use Microsoft SQL 2008 Express R2, which makes you half responsible.”
The 3rd party, the supplier of that component, Microsoft, have chosen to update their product, and sometimes that transition hasn’t gone smoothly for them, but nonetheless they have updated on a semi-regular basis (although not yearly, and the topic of frequency will be the subject of another discussion). They provide help via their KB articles and revert to the line “too many other environmental factors, not our problem”.
Reminds me of a joke I heard years ago:
A helicopter was flying around above Seattle when an electrical malfunction disabled all of the aircraft’s electronic navigation and communications equipment. Due to the clouds and haze, the pilot could not determine the helicopter’s position and course to fly to the airport. The pilot saw a tall building, flew toward it, circled, drew a handwritten sign, and held it in the helicopter’s window. The pilot’s sign said “WHERE AM I?” in large letters. People in the tall building quickly responded to the aircraft, drew a large sign and held it in a building window. Their sign read: “YOU ARE IN A HELICOPTER.” The pilot smiled, waved, looked at her map, determined the course to steer to SEATAC airport, and landed safely. After they were on the ground, the co-pilot asked the pilot how the “YOU ARE IN A HELICOPTER” sign helped determine their position. The pilot responded “I knew that had to be the Microsoft building because, like their technical support, online help and product documentation, the response they gave me was technically correct, but completely useless.” – Thanks to Alun for the source link.
In my view, if a car had, say a throttle problem, the manufacture would be sorting out the problem quick smart. Sage, you need to compensate the people in the front line, in the trenches. Go hit Microsoft up if you’re not happy about it. That’s what the car manufacturers do. It works for them so don’t tell me it can’t work.
But, Sage, I’m not hearing much from you. And that’s concerning to me because in today’s world, the world of 2011, the internet, social media and a with your own social media presence, to not hear much at all is to hear all the other dissenting voices, to hear the competition.
Now honestly, the competition to Sage ACT! is woeful. Seriously, it is. ACT! is a great product, it’s flexible, customisable, and at least 11 other herbs and spices, all of which are pure goodness (honestly, it’s a lot more than 11). So here’s a hint to the competition, if you want a good CRM product, imitate ACT!.
Want to know one of its weaknesses? It’s reliance on product that doesn’t install properly. Achilles only had one heel that gave him trouble. Most, but not all, of the competition have figured this out, and allow either multiple backend databases to be used (MSSQL/MySQL/Oracle/PostgreSQL and others).
Now if you agree with me, let me know, if you don’t let me know as well, because as those that know me can attest, if you can prove your point, I’ll change. Of course, if you don’t give two hoots, then I guess I won’t be hearing from you. Either way, I’m gonna go hold my teddy bear and sing myself to sleep, hoping that the SQL install nightmare doesn’t plague me tonight. I’m gonna need some sleep to go fight this dragon again.
How to clear the MS Exchange mail queue quickly
Spent the day dealing with an exchange server that had been compromised. As a result, heaps of spam emails were in the exchange mail queue. Manually removing them is a major pain in the rear. Fortunately, others have shared how to clear the Microsoft Exchange mail queue of thousands for spam mails.
- Stop the SMTP service.
- Create a new spam folder for example in
C:\Program Files\Exchsrvr\Mailroot\vsi 1\Spam - With the SMTP service still stopped, move all the messages from the
C:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue
to the spam folder (in case you need to retrieve a message) - Restart the SMTP service.
Of course prior to doing that, the instructions at this Microsoft KB How to block open SMTP relaying and clean up Exchange Server SMTP queues in Windows Small Business Server is quite helpful in showing how to make sure your exchange server is not an open relay. It also shows how to test if it is an authenticated relay attack that is the problem.
How to block open SMTP relaying and clean up Exchange Server SMTP queues in Windows Small Business Server
Enable Network Level Authentication on XP Pro
I just tried to remotely control a server via RDP and got the error
The remote computer requires Network Level Authentication, which your computer does not support.
A quick search uncovered Microsoft KB 951608 which shows which two registry keys need editing to enable it. After you reboot of course.
- Click Start, click Run, type
regedit, and then press ENTER. - In the navigation pane, locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa - In the details pane, right-click
Security Packages, and then click Modify. - In the Value data box, type
tspkg. Leave any data that is specific to other SSPs, and then click OK. - In the navigation pane, locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders - In the details pane, right-click
SecurityProviders, and then click Modify. - In the Value data box, type
credssp.dll. Leave any data that is specific to other SSPs, and then click OK. - Exit Registry Editor.
- Restart the computer.
Now I’ve been able to connect to the remote site and get the job done.