Do people not realise you can tax your bloody car online these days without moaning at the Post Office? #waiting or perhaps they can't read!
Archive for category Windows
Windows 7– Offline files and SMB shares
Posted by Kevster in Linux / *Nix, Windows on 25/09/2010
Why is it so difficult for this to work out of the box ?
I’m currently using a hacked WD MyWorld NAS device that runs BusyBox, Optware and the latest release of Samba. You would think offline files would be easy to get working.
Wrong. See http://blog.rainiernetworks.com/2008/06/25/vista-synchronization-errors/ and http://justanothersysadmin.wordpress.com/2008/03/30/vista-offline-files-and-smb-opportunistic-locks/
Why oh why Microsoft not make the offline files function out of the box. I guess it works fine against a Microsoft server but in the spirit of greater interoperability fix it please !
Windows 7 – How to add ‘difficult’ applications to the tray
Windows 7 rocks as they say. Been running it for a long while now and makes Vista seem as bad a shell as XP these days.
The Beta, then RC and now the RTM code is very, very solid. Amazingly fast and a dream to use. Owning a Mac as well, there are some compelling reasons why I still think its the premier desktop OS.
One annoyance though is being able to ‘pin’ applications to the tray. Depite all your efforts, some will not do it. Instead follow this procedure how to do it. Its a frig, but one that works !
http://www.unawave.de/windows-7-tipps/folder-to-taskbar.html?lang=EN
Flushing SQL Transaction Logs
Can never remember the syntax so here is is as a reminder:
Make the database current then run
DBCC
SHRINKFILE(‘Foo_LOG’,1)
BACKUP
LOG Foo WITH TRUNCATE_ONLY
DBCC
SHRINKFILE(‘Foo_LOG’,1)
go
ASP.Net and SharePoint
Its taken me long enough but finally had a reason to write some true ASP.Net code. One problem I hit was that trying to run code on a server that is running SharePoint Services …. so you need this exceprt….
You may see this error:
An error occurred during the processing of /test.aspx. Code blocks are not allowed in this file.
Reason: SharePoint does not allow server side code to execute in aspx pages contained in the SharePoint site.
Fix: Edit the web.config (I.E. C:\Inetpub\wwwroot\wss\VirtualDirectories\80\web.config) file:
<PageParserPaths>
<!– To allow a single file: –>
<PageParserPath VirtualPath=”/test.aspx” CompilationMode=”Always” AllowServerSideScript=”true” />
<!– To allow global: –>
<PageParserPath VirtualPath=”/*” CompilationMode=”Always” AllowServerSideScript=”true” />
<!– To allow global within a subsite: –>
<PageParserPath VirtualPath=”/websitefoobar/*” CompilationMode=”Always” AllowServerSideScript=”true” />
</PageParserPaths>
<!– To allow a single file: –>
<PageParserPath VirtualPath=”/test.aspx” CompilationMode=”Always” AllowServerSideScript=”true” />
<!– To allow global: –>
<PageParserPath VirtualPath=”/*” CompilationMode=”Always” AllowServerSideScript=”true” />
<!– To allow global within a subsite: –>
<PageParserPath VirtualPath=”/websitefoobar/*” CompilationMode=”Always” AllowServerSideScript=”true” />
</PageParserPaths>
Windows Firewall Network Awareness….. how it works it out
Stolen from Mark Minasi’s supurb site…. at http://www.minasi.com/newsletters/nws0409.htm handy referance how Windows XP SP2+ detects between Standard and Domain settings. In Vista this changes but its the same principle.
===
There’s a personal firewall built into XP that’s always been there. But now it’s kind of “in your face,” as it’s turned on by default and it’s much easier to configure and control from the GUI, group policies, and command-line tools.
Even better, it’s got two “profiles;” it behaves one way when you’re inside your domain and another when you’re outside, such as when you’re connected to the Internet with your laptop from home or a hotel.
You might have heard about Firewall’s two profiles, the “standard” and the “domain” profile. (“Domain” means you’re in the domain, on site; “standard” means you’re somewhere else, out of the firewall.) But did you ever wonder, how does it know when you’re “in the domain?” I wondered. Is it something as easy as IP address ranges? Pinging the domain controller to measure the latency periods? Arcanely measuring the Earth’s magnetic field to estimate how far you are from Headquarters? Nope. It’s like this:
- Windows Firewall (call it WF) remembers the last time that you got group policies.
- It remembers the DNS suffix of the system that you got them from. (So, for example, if your AD domain was called bigfirm.com, then the domain controller (DC) that your system got the group policies from almost certainly had a DNS suffix of bigfirm.com.)
- WF then looks at all of your network adapters — here’s where it gets geeky — and examines their adapter-specific DNS suffixes. If any of them match the DNS suffix of your last GP update, then it assumes you’re in the domain.
In English, then… suppose you’re out on the road and for some reason want the firewall to think that you’re in “domain” mode rather than “standard” mode. Just go to the Advanced properties of your NIC, click the DNS tab and punch in your domain’s name in the “DNS suffix” field, and your firewall will behave as if you’re on the corporate grounds.
That, by the way was the simplified version; if you’d like to know more about how the network location awareness in Windows works, get this article:
http://www.microsoft.com/technet/community/columns/cableguy/cg0504.mspx
Controlling SSL Ciphers on Windows 2003/2008 Server
On Windows 2003/2008 Servers running anything over SSL (ie HTTPS) via applications like IIS, Terminal Services (SP1+) and ISA Server even if the application can set ‘Force 128bit encryption’ other weak ciphers are still availible on the server.
To stop this:
1) Backup your registry or at least export the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL
2) Copy below into a text document and rename to .reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Client]
“Enabled”=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server]
“Enabled”=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
“Enabled”=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server]
“Enabled”=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers]
“Enabled”=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\DES 56/56]
“Enabled”=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 40/128]
“Enabled”=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128]
“Enabled”=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128]
“Enabled”=dword:00000000
3) Double click the .reg file to run and answer Yes to dialog
4) Confirm working ciphers. A good site is http://www.serversniff.net/content.php?do=ssl
Making Bootable Windows CD/DVD’s
Just a refresh and a quick note here…..
Main things to do:
- Put all the files into a main folder
- Get a copy of the boot files (various places including http://www.tacktech.com/pub/microsoft/bootfiles/bootfiles.zip)
- Use Nero to burn a new Bootable DVD/CD
- When the dialog opens, set Bootable Disc Type: to No Emulation.
Click the “>>Advanced” button, and set the Load Segment: to 0×000 and the Sector Count: to 4. Now click “Browse” where the dialog asks you to “locate the image file that contains the bootable image.” - Follow the usual process to make the DVD, remembering to keep a copy of the ISO/NRG image
Good luck
Windows Automated Installations – What to call workstations
One of the big problems I have found when creating build systems for companies is what to call machines when they are being built.
A good idea a few companies I have worked at is to use the vendor serial number that is affixed and labeled all over the machines. On Dell machines its called the ‘Service Tag Number’
How to pipe that into installations is another story but if you are doing simple cloning using Ghost, PQ or Altris then this handy VBscript may come in useful. It extracts the Dell Tag number using WMI and then sets a SYSTEM environment varible called DellTag
BTW – I’m not a hardcore coder so if anyone can make it better then please advise! Fragments were made using the excellent Microsoft Scriptomatic2 tool.
‘ DellSN.vbs
‘
‘ Version 1.0 – Kevin Iddles, Yawns.com Limited
‘
‘ Script to extract Dell Tag Number from BIOS using WMI
‘ Outputs Dell tag to screen and sets a SYSTEM environment varible accordingly.
‘
‘ Call from CMD by using —- cscript //NoLogo DellSn.vbs
‘ Obviously will need to open a new session to pickup the setting
‘On Error Resume Next
Const wbemFlagReturnImmediately = &h10
Const wbemFlagForwardOnly = &h20
Dim strSN
‘ Start Get the Dell Asset number from BIOS
Set objWMIService = GetObject(“winmgmts:\\.\root\CIMV2″)
Set colItems = objWMIService.ExecQuery(“SELECT SerialNumber FROM Win32_BIOS”, “WQL”, wbemFlagReturnImmediately + wbemFlagForwardOnly)
For Each objItem In colItems
WScript.Echo objItem.SerialNumber
strSN = objItem.SerialNumber
Next
‘ Debug – Echo results set in var
‘ Wscript.Echo strSN
‘ Start Set Env
‘
‘ This gets set as a SYSTEM varible – user must be a local administrator for correct permissions
Set EnvClass = GetObject(“WinMgmts:\\.\root\cimv2:Win32_Environment”)
‘ Make a new instance of that class
Set EnvVarInst = EnvClass.SpawnInstance_
‘ File in the key props and props of interest on that instance
EnvVarInst.UserName = “<SYSTEM>”
EnvVarInst.Name = “DellTag”
EnvVarInst.VariableValue = strSN
‘ Write the new instance in to WMI
EnvVarInst.Put_
‘ End Set Env