Find Windows system uptime from the command line


Here’s a quick and easy way of checking how long a Windows server or workstation has been up, via the command line.  It pipes the results of Net Statistics Workstation into find.  Run the following from a command prompt:

net statistics workstation | find /i “statistics since”

The results will look like

Statistics since 8/12/2009 11:08 PM

Which shows the machine has been up since 11:08pm on August 12, 2009.

Howto: Do not display the name of the user who has locked a Windows computer or server


Normally when a Windows workstation or server is locked, you’ll see something similar to the following Windows Security message:  

This computer is in use and has been locked.
 
Only DOMAIN\USER (user name) or an administrator can unlock this computer.
 
To not show the name of the user who has locked a computer, the following can be defined in a workstation level GPO
 
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Interactive logon: Display user information when the session is locked.
 
There are three choices if you enable this policy:
 
  • User display name, domain and user names (default setting)
  • User display name only
  • Do not display user information
 
Besides being able to apply this to Active Directory GPOs, this setting appears in the local security policy on my Windows XP SP3 VM.  The setting is not available on my XP SP2 laptop, but I see from KB837022  there is a hotfix that corrects this problem in XP SP2.


Alternatively, the following DWORD can be created in the registry of XP SP2, Windows Vista, and Windows Server 2008 machine to accomplish the same thing:
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DontDisplayLockedUserId
 
User display name, domain and user names = 1
User display name only = 2
Do not display user information =3
 
You need to restart the machine for the change to take effect.
 
You may also be interested in the related Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Interactive logon: Do not display last user name setting. This security setting determines whether the name of the last user to log on to the computer is displayed in the Windows logon screen.

If this policy is enabled, the name of the last user to successfully log on is not displayed in the Log On to Windows dialog box.  If this policy is disabled, the name of the last user to log on is displayed.

Fix: Windows 2008 server is displayed as Windows Vista in McAfee EPO agent console


One of my newly deployed Windows 2008 servers was being identified in the McAfee EPO 4.0 admin console as a Windows Vista machine. This was curious to me, since I had created this Windows 2008 server from the same media as it’s predecessors, and had installed all the same versions of software onto it, such as the Common Management Agent 3.6 patch 3, aka FramePkg.exe.

The instructions I received from McAfee Technical support said to copy the sitelist.xml file from the EPO server’s \Program Files\McAfee\ePolicy Orchestrator\DB directory, and paste it into the C:\Documents and Settings\All Users\Application data\McAfee\Common Framework directory on the Windows 2008 server.

First of all, in Windows 2008 C:\Documents and Settings is hidden by default, so in Windows Explorer I had to select Organize – Folder and Search Options – View – Show hidden files and folders in order to even see C:\Documents and Settings.

When I clicked on the C:\Documents and Settings directory, I immediately received the following error, despite being logged in with my domain admin credentials:

C:\Documents and Settings is not accessible. Access is denied.

I noticed the local administators group, which domain admins is a member of, did not have explicit permissions assigned to the directory, so I attempted to assign them, but was once again denied access. I checked ownership, and saw SYSTEM was the owner, so I tried to take ownership of the directory, but was denied. Only after logging in as the local administrator was I able to take ownership, and assign myself rights to the file system.

After much googling I was able to determine the cause of this problem. In Windows Server 2008 (and Windows Vista) the familiar old XP file/directory structure has been replaced. C:\Documents and Settings no longer physically exists, but has been replaced by junction points which are used for backwards compatibility with legacy applications.

These junction points are like shortcuts to the actual data locations, and are not meant to be navigated by the system administrator. The ACLs are set to ““Everyone Deny Read”. Applications must have permissions in order to call out and traverse a specific path.

To make a long story short, instead of placing the sitelist.xml file in the C:\Documents and Settings\All Users\Application data\McAfee\Common Framework directory on the Windows 2008 server, I had to put it in the C:\ProgramData\McAfee\Common Framework directory instead.

I then restarted the McAfee Framework service on the Windows 2008 server. I waited about an hour (not sure if this is necessary, but I was busy), then verified the correct operating system was properly detected on the EPO admin console.

I asked McAfee how to get our custom sitelist.xml file into the new FramePkg.exe file for deployment, and he said that shouldn’t be necessary. If we experience another case like this where the client OS is misidentified for some reason, they will work with us to determine the cause of the problem, rather than have us apply the band-aid fix after the fact.

Free Microsoft eBook: Windows Vista Resource Kit, Second Edition


Microsoft Press is making the Windows Vista Resource Kit, Second Edition a free download for one month only.

The catch is you have to sign up for the Microsoft Press Book Connection Newsletter, which will give you notification of offers, register, and download the free eBook selection of the month.

The book is written by Mitch Tulloch, Tony Northrup, and Jerry Honeycutt with the Windows Vista Team. If you’d like to purchase the print copy of the book, you can pick it up for $44.09 on amazon.com, a savings of $25.00.

Howto: Disable the clicking sound in Internet Explorer and Windows Explorer


The clicking sound that Windows plays when you click on a link in Internet Explorer or open a folder in Windows Explorer can get annoying. 

Here’s how to disable the sound in Windows XP:

  1. Click Start > Control Panel > Sounds and Audio Devices
  2. Click the Sounds tab
  3. Scroll down the list under Program Events. Under the Windows Explorer section, highlight Start Navigation.
  4. Under the Sounds box, select (None) > OK, close Control Panel

Here’s how to disable the sound in Windows Vista:

  1. Click Start > Control Panel > Sound
  2. Click the Sounds tab
  3. Scroll down the list under Program. Under the Windows Explorer section, highlight Start Navigation.
  4. Under the Sounds box, select (None) > OK, close Control Panel

You should no longer hear the clicking noise when you select links in Internet Explorer or open directories in Windows Explorer.

Howto: Register Firefox Portable as the default Windows browser


Ramesh has written some instructions detailing how to register Firefox Portable as the default browser for Windows XP and Windows Vista.

He uses a utility called DefaultBrowser to define the default browser in XP, and uses a tool called RegisterFirefoxPortable to do the same in Vista.

This is pretty slick, something I’ve been thinking about doing for a while.

Follow

Get every new post delivered to your Inbox.

Join 32 other followers