Howto: Do not display the name of the user who has locked a Windows computer or server


Normally when a Windows workstation or server is locked, you’ll see something similar to the following Windows Security message:  

This computer is in use and has been locked.
 
Only DOMAIN\USER (user name) or an administrator can unlock this computer.
 
To not show the name of the user who has locked a computer, the following can be defined in a workstation level GPO
 
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Interactive logon: Display user information when the session is locked.
 
There are three choices if you enable this policy:
 
  • User display name, domain and user names (default setting)
  • User display name only
  • Do not display user information
 
Besides being able to apply this to Active Directory GPOs, this setting appears in the local security policy on my Windows XP SP3 VM.  The setting is not available on my XP SP2 laptop, but I see from KB837022  there is a hotfix that corrects this problem in XP SP2.


Alternatively, the following DWORD can be created in the registry of XP SP2, Windows Vista, and Windows Server 2008 machine to accomplish the same thing:
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DontDisplayLockedUserId
 
User display name, domain and user names = 1
User display name only = 2
Do not display user information =3
 
You need to restart the machine for the change to take effect.
 
You may also be interested in the related Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Interactive logon: Do not display last user name setting. This security setting determines whether the name of the last user to log on to the computer is displayed in the Windows logon screen.

If this policy is enabled, the name of the last user to successfully log on is not displayed in the Log On to Windows dialog box.  If this policy is disabled, the name of the last user to log on is displayed.

Fix: 0x80070005: Access is denied when running scheduled task as a non-administrator


I was running a scheduled task on a Windows 2003 server that called a script that ran as a non-administrator on the server.  The service account that the script ran under had rights to all the appropriate directories on the server, but I still kept seeing the following error after the scheduled task failed to execute:

0x80070005: Access is denied

The solution is documented in KB867466

Grant the Cmd.exe program Read and Execute permissions for the user account that the batch job runs under. To do this, follow these steps:

  1. Click Start, and then click Windows Explorer.
  2. Locate and then right-click the Cmd.exe file. The Cmd.exe file is located in the %windir%\System32 folder.
  3. Click Properties.
  4. Click the Security tab.
  5. Click Add.
  6. In the Enter the object names to select box, type the user name that the batch job runs under, and then click OK two times.Note When you add the user, the user is automatically granted Read and Execute permissions.
  7. Click Yes when you are prompted to continue.
 
This issue occurs if all the following conditions are true:
  • You run the batch job on a Windows Server 2003-based member server.
  • The batch job runs as a non-interactive process.
  • The batch job is configured to run under the context of an account that is not a member of the Administrators group.
In Windows Server 2003, the Users group does not have Read and Execute permissions to the command processor (Cmd.exe). By default, the Cmd.exe program has the following permissions settings:
  • The Interactive implicit group and the Service implicit group have Read and Execute permissions.Note On a member server, the TelnetClients group also has Read and Execute permissions. On a domain controller, the Batch implicit group also has Read and Execute permissions.
  • The Administrators group and the System implicit group have Full Control permissions.

Copying command prompt output directly to the Windows clipboard


How often have you wanted to copy the output of a Windows command from the command prompt, but had to go thought the process of marking and copying the text first? 

Redirecting the command and it’s output is as easy as this:

ipconfig /all | clip

will pipe the results of ipconfig into the clipboard, which can then be pasted into notepad with a CTRL-V.  How convienent is that!  This works in Windows 2003 and higher (sorry, no Windows XP).

Found at http://www.windowsreference.com/windows-server-2008/copy-command-prompt-output-directly-clipboard-in-windows/

Howto: Mount a Windows share on SLES linux using cifs


This post is mainly for my own benefit.  I mount Windows shares on my SuSE linux box so infrequently, I have to dig through past notes to remind myself what the syntax is.

To mount a Windows share on SLES linux using cifs:

mount -t cifs -o username=jsmith //po5/gwdompri /mnt/po5/gwdompri

where:
  • jsmith is the user account to authenticate as
  • //po5/gwdompri is the Windows server and share you wish to mount
  • /mnt/po5/gwdompri is the location to mount the share, or where you access it on the local Linux box.
Note:
  •  you will be prompted for the password 
  • /mnt/po5/gwdompri must exist

Howto: Use msizap to remove orphaned cached Windows Installer Data Files to increase free disk space


Msizap is a command-line tool that can delete the configuration data that Windows Installer maintains for products that it installs, including the directories, files, registry subkeys, and registry entries in which Windows Installer stores configuration data.

Running msizap.exe with the G parameter removes orphaned cached Windows Installer data files for all users. Running this command on an old Windows XP machine allowed me to reduce the size of the C:\Windows\Installer directory from 3.6GB down to 875MB.

This computer had so many orphaned files due to the constant installation and uninstallation of software such as Java, Flash, Acrobat Reader, and other utility software over the years. Yes, orphaned files persist on your hard drive despite following proper uninstall procedures.

To run msizap, login to the machine as an administrative user and launch a command window. Navigate to the directory that contains msizap.exe, then type the following command:

msizap !G

The G option removes the orphaned cache files, the exclamation point forces a ‘yes’ response to any prompt.

While removing orphaned files should not have any negative impact on your Windows installation, be aware that msizap is a powerful tool that can cause problems if used incorrectly.

Msizap can be downloaded as a part of the Microsoft Windows Server 2003 Support Tools or the Windows Installer CleanUp Utility. I was unable to find the Windows Installer CleanUp Utility by searching Microsoft’s download site, so note that as of today the file’s name is msicuu2.exe if you the above link goes dead in the future.

If you don’t want to install the Windows Installer CleanUp Utility, use a program such as Universal Extractor (aka UniExtract) to extract the individual files. Once you extract the files, you’ll notice msizap.exe does not exist, but you will find MsiZapA.exe and MsiZapU.exe.

There are two versions of MSIZAP.EXE: MsiZapA.exe (for use in Windows 95, Windows 98 and Windows ME), and MsiZapU.exe (for use in Windows NT, Windows 2000, Windows XP, and Windows Server 2003). The appropriate executable should be renamed MsiZap.exe.

Current msizap.exe options are as follows:

Usage: msizap T[WA!] {product code}
msizap T[WA!] {msi package}
msizap *[WA!] ALLPRODUCTS
msizap PWSA?!

* = remove all Windows Installer folders and regkeys;
adjust shared DLL counts; stop Windows Installer service
T = remove all info for given product code
P = remove In-Progress key
S = remove Rollback Information
A = for any specified removal, just change ACLs to Admin Full Control
W = for all users (by default, only for the current user)
M = remove a managed patch registration info
G = remove orphaned cached Windows Installer data files (for all users)
? = verbose help
! = force ‘yes’ response to any prompt

For more information on the Windows Installer Cleanup Utility and msizap.exe see KB290301.

Howto: Generate many files of a particular size in Windows


I was recently performing some performance testing that required me to copy many files of a particular size from one Windows XP workstation to a Windows 2003 server. I had a heck of a time figuring out how to batch generate the test files.

Finally I cam across the fsutil tool, which is included on both Windows XP and Windows Server 2003.

The syntax for using fsutil is:

fsutil file createnew filename filesize

I used a simple loop to create files of a particular size using fsutil. Running from a command prompt:

For /L %i in (1,1,25000) do fsutil file createnew A%i.tmp 12288

will create 25,000 files of 12288 bytes (12KB) named A1.tmp, A2.tmp, A3,tmp…

to run this loop in a .cmd file instead of from the command line replace single % with double percent signs

For /L %i in (1,1,10000) do fsutil file createnew B%i.tmp 65536

will create 10,000 files of 65536 bytes (64KB) named B1.tmp, B2.tmp, B3,tmp…

For /L %i in (1,1,2500) do fsutil file createnew C%i.tmp 131072

will create 2,500 files of 131072 bytes (128KB) named C1.tmp, C2.tmp, C3,tmp…

For /L %i in (1,1,1000) do fsutil file createnew D%i.tmp 1048576

will create 1,000 files of 1048576 bytes (1024KB or 1MB) named D1.tmp, D2.tmp, D3,tmp…

I was able to create hundreds of thousands of files of a very specific size in a short amount of time using this procedure.

The deltree command equivalent for Windows 2000, Windows XP, Windows Server 2003, and beyond


Good old DOS and versions of Windows prior to Windows 2000 included the deltree.exe command. The deltree command could remove a directory and all the files the directory contained. Subdirectories could also be deleted when the /s option is used. This was extremely helpful for removing a directory structure that contained many files and folders. It’s usually much faster to delete files from the command line, rather than through Windows Explorer.

To remove multiple levels of files and directories in Windows operating systems that do not have deltree.exe, use the rd.exe or rmdir.exe command:

rd directoryname /s
or
rmdir directoryname /s

where directoryname is the name and path to the directory you want to remove. This will also delete all files and subdirectories.

Use the following command to remove all files from a directory and it’s subdirectories while maintaining the directory structure:

del *.* /s /q

This uses the del.exe command to delete all files from the current directory and subdirectories. The /q option instructs del.exe to run in quiet mode and not to prompt you to remove every folder it encounters.

Follow

Get every new post delivered to your Inbox.

Join 32 other followers