Destination IP

a great site link with info on how to remove a very annoying piece of av software from XP or Vista.

http://www.xp-vista.com/spyware-removal/xp-antivirus-2008-removal-instructions-xp-antivirus-2008

For those that may be looking to disable their IE browsers from running the silly connection wizard on startup i’ve got the Group Policy link, as well as the technet article should you need to know more.

Group Policy setting: Disable Internet Connection Wizard
This Group Policy setting is in User Configuration\Administrative Templates\Windows Components\Internet Explorer. It affects administrators as well as users.

http://technet.microsoft.com/en-us/library/bb490614(TechNet.10).aspx

When going through your policies you may want to re-evaluate the rate of group policy refreshes.
I find it useful to have them refreshing in the background but at the same time you don’t want them doing it to often, especially if you have WAN links with a number of users pulling across that link or anything like that.
The Technet Article is linked below, the useful links i required for my policies were as follows:

Computer Refresh Interval
Computer Configuration\Administrative Templates\System\Group Policy

User Refresh Interval
User Configuration\Administrative Templates\System\Group Policy

http://technet2.microsoft.com/windowsserver/en/library/3951b3be-8c85-4a17-8fff-481af6eaedf01033.mspx?mfr=true

Here is some handy info I lashed off pietschsoft to get our company info into system properties for the new SOE we are building.

Show Computer Manufacturer and Support Information (All Windows)
This tip lets you customize the System Properties page in Control Panel. This is especially useful if you run a computer store and want your customers to be reminded where they bought their PC and where to get technical support.

To add the manufacturer and support information you need to create two new files in the Windows system directly, normally “C:\WINDOWS\SYSTEM” for Windows 95, 98 and Me and “C:\WINNT\SYSTEM32” for Windows NT and 2000.
The first file is a text file called “OEMINFO.INI”. To create the file open notepad and copy the template below, make any changes and save the file in the System directory.
OEMINFO.INI Template
[General]
Manufacturer=Your Company, Inc.
Model=Your Computer Model
SupportURL=http://your.support.site/
LocalFile=c:\your\local\support\file.htm

[Support Information]
Line1=first line
Line2=second line
Line3=third line
Line4=fourth line
...
LineN=nth line
; Create as many lines as you need by incrementing the Line number
The other file you need to create is a logo file. This is a standard Windows bitmap file (172 x 172 pixels), saved as “OEMLOGO.BMP” in the Windows System directory.
Once you have created both these files open System Properties from Control Panel and your company information and logo will be displayed. The details you entered in the [Support Information] section will show up when you click on the Support Information button.

http://pietschsoft.com/post/2004/08/Windows-System-Properties---Add-Custom-Manufacturer-Properties.aspx

So Microsoft Downloads gave me some interesting links this morning, addons to desktop search that actually look half useful(makes me wonder why they aren’t just part of the search to begin with).

Desktop Search Add-ins

Outlook Saved Mail
This one looks good, a brief quote from the download page.
“This iFilter allows you to perform a search on all elements of your MSG (.MSG) files including Message Body; Subject; From; From Name; From Address; To Name; To Address; CC Name; CC Address; Doc Title Prefix; Sent Date; Received Date; Primary Date; Conversation ID; Attachment Names and will indicate if an attachment is present within the .MSG. Additionally, content within attachments are indexed and searched.”

http://www.microsoft.com/downloads/details.aspx?FamilyID=134ECBB0-C162-4D07-BEF3-0B602C4A79DD&displaylang=en

MS Networks Search
However great this sounds I’m wary of the bandwidth and load on fileservers by having this installed, with no central management you could accidentally DOS your own file servers. Not to mention gig to the edge, wan based file servers and vpn users will all suffer if this just treats servers as local resources.

http://www.microsoft.com/downloads/details.aspx?FamilyID=F7E981D9-5A3B-4872-A07E-220761E27283&displaylang=en

IE History Search
I personally don’t use IE for my primary browsing so this addon doesn’t appeal to me, it may be up your alley though so here’s the link.
http://www.microsoft.com/downloads/details.aspx?FamilyID=EA7F95D9-69AE-4639-9D76-A44F51109053&displaylang=en

Well what a royal pain this was, related to an app we use that on install would halt trying to find this file saying it couldn’t find a file that was clearly visible when I browsed to it.

Thanks to the guys at this forum linked, I was able to get there by following nimd4’s recommendation of giving my user account ownership then full control over the file, hit retry and voila it worked like a charm.
http://www.vistax64.com/microsoft-office/52821-ms-office-2003-error-1913-mapisvc-inf.html

Thanks to an article from techrepublic I found one good hint in there which I had never even heard of before, removing old or unused device drivers because they start up with your machine can help to speed up your systems boot times quite a bit. The article is referring to an XP tweak but it works just as well in Vista.

Full PDF linked here.

I noticed a handy article come through techrepublic today with some nifty vista commands to have on hand.

aero on and off
Right click the desktop and select new shortcut, where it says “type the location” put the following in their own shortcuts.

aero off
Rundll32 dwmApi #104

Aero on
Rundll32 dwmApi #102

Note: aero on will make your screen blink but aero off will do nothing so it just happens.

Task mgr
Bring up task mgr instantly

Ctrl+shift+esc

Shell Commands
This article also had some useful tips on shell commands that may come in handy, shoot through to see them.
http://blogs.techrepublic.com.com/window-on-windows/?p=713&tag=nl.e132

MS Activesync, sometimes referred to as AUTD (Always Up To Date) is something I get queried on often so I thought it best I explain it in human and understandable language.

Synchronisation Process
The phone connects to the server over https (if you use http you should be stabbed with your handheld in the eye) and opens a https connection to the server, it then asks the server if there is any new info (contacts, calendar, mail) if there is it starts a sync process if not then it holds the session open.
It does this every 30 minutes, so basically every thirty minutes your phone will connect via https a connection and ask for confirmation of the sync status the server does not respond if there is no new mail thus when new mail or whatever comes in within that 30 minute window the server responds on that session and the phone initiates a full sync.

Graphical Representation:

Thus theoretically its holding open a data connection permanently and I can tell you from experience on my nokia n95 that full push nails your battery ALOT faster than say putting it to do a manual sync every 30 minutes but the benefits are clear. I think Push vs using the sync are really personal and you need to base your decision of push vs sync or manual based on all of your needs.

Performance vs Lifetime List
- Push on permanently – Battery life severely degraded and you will be woken up at 3am by international newsletters
- Push on by schedule – my preferred method, push on between 8am and 8pm(weekdays) allowing me windows outside of work to still get mail but not intruding on my time. Battery Life sacrifice still high, need to charge phone pretty much daily.
- Scheduled or manual push – These will offer the most optimal battery life but will also give you email “latency” as the time between syncs means your ability to receive and respond to emails is limited by the sync windows. Battery life will be the longest in a manual configuration.

The image used here comes from this article
http://technet.microsoft.com/en-us/library/bb266973.aspx

I cached it locally in case that article moves or is changed/removed.

Firstly, use this tool for extended troubleshooting, the Client Diagnostic Tool is invaluable in seeing what is going wrong.

Gotcha 1. - updates failling with error : Windows Update is disabled by policy for user
Make sure this is not disabled:
“Turn off access to all Windows Update features”
Computer Configuration\Administrative Templates\System\Internet Communication Management\Internet Communication settings

I find that although this is stated as ok and recommended in the MS documentation here its actually not ok and breaks all my users.

Gotcha 2. - Assign one pc to multiple WSUS groups

The big gotcha can come if you assign a computer to more than one group in your WSUS organisation and like me have more than one WSUS server.
Scenario: you are using site based OU’s to assign people to their respective WSUS server, this does wonders when people move sites and they are assigned to their local WSUS server based on IP address. This means they don’t span your WAN links for updates and you don’t have to be as on top of employees moving offices.

If like me you like to have a different set of rules for your employees machines to that of your servers then you will create a servers group, move all your servers into an OU so they are assigned that group exclusively and apply your server patches only to that group.

Problem: my servers are all assigned the root server as their location for updates, because of site based OU’s the group policy is pushing them their local sites server and assigning them to their site based wsus location where they are fed the rules the clients get. This causes some sort of conflict which means WSUS just gives up, it sees them assigned the “Server” group as well as a “Site based OU” which are different and assigned to different servers and as such wsus will never update for this server until you get it out of one of those groups.

Solution: at this stage my only advice is to make sure your normal(site based OU) WSUS update isn’t forcibly rebooting systems and take your servers out of their “SERVER” group and let site based OU’s take over. This required assigning all server updates to that group as well so don’t forget that if you were like me and trying to be neat.

This site here is a great resource for client deployment and explaining all the various fields in the Group Policy that you may need to use.

The link to the full download of Windows XP SP3 you need to follow this Windows Network Installation Link.

That is the microsoft download location for the full network install, mostly used by IT professionals who need it but i know some people like to grab the patch anyway for whatever reason.

We had an issue where a user decided to install his home office 2007 copy onto his work machine and obviously we got a report saying so. Since we aren’t licensed for that the obvious answer was to uninstall and reinstall outlook 2003.

Upon doing so an error would pop up and outlook seemed completely broken, the error was referencing Mapi32.dll and Mapi32.dll is located at c:\windows\system32\Mapi32.dll
This is not the correct file however, nomatter if you rename or delete this it wont fix the issue.

The offending file in question is MSMAPI32.dll in C:\Program Files\Common Files\System\MSMAPI\1033. Rename or move or delete this file then reinstall office 2003 and you are good to go.

I installed an ISA Server with a single NIC config and wanted it to hit my internal WSUS server for updates but when i ran a wuauclt /detectnow at the commandline my windowsupdate.log file would give me this erroneous error.

I’m currently running up a frontend exchange server for push to mobile devices and although my current setup is all 2003 exchange servers I thought maybe this could be the beginning of my 2007 exchange server infrastructure (I’m on Software Assurance don’t worry MS).

I found this article http://msexchangeteam.com/archive/2006/10/09/429135.aspx that describes in the discussions section that its most likely possible to do this, you just won’t get the 2007 functionality to those users on the backend in 2003 exchange servers.

I post this also because this article shows some very valuable info in relation to running 2003 and 2007 exchange servers simultaneously as the changes are very significant.

When building a lab System Center Configuration Server i came across an odd issue, I accidentally logged in as the local admin when i was building it and when i then tried to login as the domain admin I didn’t have permissions to anything in the SCCM console.