RahulPatel–twikies…

November 28, 2008

Gencontrol

Filed under: Tips n Tricks — Rahul Patel @ 6:13 pm

Gencontrol is based on the open source Virtual Network Computing (VNC) viewer and server products. With Gencontrol, you can run a single executable (This remote control software does not require separate server installation) and either remotely control or monitor another system’s desktop within your domain. When executed, Gencontrol will remotely install a VNC server application on a remote system. The remote install involves creating a folder named “VNCTEMP” on the target system’s C drive, which includes two files: VNCHooks.dll and WinVNC.exe. After the files are copied, Gencontrol then remotely launches the WinVNC.exe server application on the target system. Finally, it will then automatically open a VNC client session between your system and the target. This can allow you to remotely control another user’s desktop.

Screenshot

Gencontrol - Windows Remote Control

Download:Gencontrol

Advertisements

Windows Command Reference Book

Filed under: Micorosoft Windows — Rahul Patel @ 1:51 pm

The Windows command-line tools are used to perform various tasks related to Windows Vista, Windows Server 2003, and Windows Server 2008.You can use the command reference to familiarize yourself with new and enhanced command-line tools, to learn about the command shell, and to automate command-line tasks by using batch files or scripting tools.

Download: Windows Command Reference Book

November 27, 2008

PST2GB

Filed under: Exchange Server,Microsoft Office — Rahul Patel @ 2:03 pm
Brief Description
Tool for issues discussed in Q296088Specific support tool to create a truncated copy of a .pst file allowing some recovery when the file size has reached over 2 gig. The copy does not have all the original data because the tool cuts a user defined amount of data from the file.
Download this link or with my box:
http://www.microsoft.com/downloads/details.aspx?FamilyID=B33B1DFF-6F50-411D-BBDF-82019DDA602E&displaylang=en

November 26, 2008

Data Execution Prevention (DEP)

Filed under: Micorosoft Windows — Rahul Patel @ 11:04 am

Data Execution Prevention, or DEP, is Microsoft’s software implementation that takes advantage of hardware NX  or XD support.  NX stands for No Execute and XD stands for Execute Disabled and are the ability for the processor to mark physical memory locations with a flag indicating whether or not the data in that location should be executable or not.  NX is AMD’s implementation and XD is Intel’s, but they are basically the same thing.  This software support requires the Windows PAE kernel be installed, but this should happen automatically, so you don’t have to set the /PAE switch in your Boot.ini.  What all of this means is that with DEP, the operating system has the ability to block certain code from executing on the system.  DEP was first introduced with Windows XP Service Pack 2 and has been included in every Microsoft OS and service pack since then.

With hardware enforced DEP, all memory spaces are automatically marked as non-executable unless they are explicitly told they are being allocated for executable code.  This flag is set on a per-page basis and is set via a bit in the page table entry (PTE) for that page.  If something tries to execute code from a memory region that is marked as non-executable, the hardware feature passes and exception to DEP within Windows and lets it know that this is happening. DEP then causes an assert within the code stack that is executing, which causes it to fail with an access violation.

In the past, this was not enforced and code could execute from basically anywhere.  This allowed virus and malware writers to exploit a buffer overflow, and spew a string of executable code out into an unprotected data region.  It could then execute it from that location uncontested. Those of you who remember the outbreaks of Blaster and Sasser – those are prime examples of using this sort of exploit.  By combining processor NX or XD support with Windows OS support, this type of vulnerability should be largely mitigated.

Sometimes an innocent application will trigger DEP simply due to faulty coding.  We often see this on older applications or things like shareware.  It is usually not intentional and never caused a problem in the old days, but now that security is paramount, inefficient (and sometimes sloppy!) memory management can cause some serious issues.  The right answer of course is for the application vendor to rewrite the portion of the app that is triggering DEP, but that is of course not likely in the case of older applications or shareware applications.  In this case, you can exempt the application for DEP monitoring so that DEP ignores it.  As long as you trust the application in question and know it is not really doing anything malicious, exempting it from DEP should not be a problem.

You can add a program to the exemption list by simply clicking Add and browsing to the .EXE file in question.  However, there are a couple of other ways to disable DEP for a specific application beyond using the GUI.  The first is by changing the Application Compatibility settings for the application in the registry.  To do this, browse to the following key in the registry:  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers.  For each application for which you want to disable DEP, you create a string value where the name of the value is the full path to the executable.  You would then set the value data to “DisableNXShowUI” as shown below.

If you have several applications for which you want to disable DEP across your environment, it may be worthwhile to use the Application Compatibility Toolkit to deploy a custom Compatibility Database (see the TechNet article on Resolving Application Compatibility Issues with Compatibility Administrator for more details).

Turning our attention back to the boot.ini for a second before we wrap up, you may have noticed an entry in your Boot.ini saying Optout or Optin, like this:

[boot loader] 
timeout=30 
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS 
[operating systems] 
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows Server 2003, Standard" /fastdetect /noexecute=optout

The ‘noexecute‘ value dictates what state DEP operates under. There are four different entries possible:

  • Optin: DEP is enabled for Windows system binaries and any application that ‘opts in’.  By default, only Windows binaries will be covered.  This is the value set if you choose the option ‘Turn on DEP for essential Windows programs and services only’ listed in the screenshot above.
  • Optout: DEP is enabled for all processes, not just Windows binaries.  An application or process can be ‘opted out’ on an individual basis.  The Application Compatibility Toolkit can be used to create shims to opt-out apps, then deployed on your network.  This option is set if you choose ‘Turn on DEP for all programs and services except those I select’, like in the screenshot above.
  • AlwaysOn: DEP is on for all processes, period. You cannot exempt processes from DEP monitoring, and any Application Compatibility Toolkit shims do not apply.
  • AlwaysOff: Totally disables DEP regardless of hardware support. In addition, the PAE kernel will not be installed unless /PAE is put in the boot.ini.

Please note that these last two values must be set manually.

source:technet.com

November 25, 2008

Microsoft IPsec Diagnostic Tool 1.0

Filed under: Micorosoft Windows — Rahul Patel @ 4:53 pm

Microsoft IPsec Diagnostic Tool checks for common network problems on the host machine and if found, suggests repair commands. Further, it collects IPsec policy information on the system and parses the IPsec logs to deduce why a failure might have happened. Beyond IPsec, it offers trace collection for VPN, NAP client, Windows Firewall, Group policy updates, Wireless and System events. The Diagnostic Report generated by the tool is conclusive and is derived from the system logs collected by the tool during its analysis phase. These logs are self sufficient to diagnose any network related issues. For further assistance, the logs would require to be shared with Network Administrators or Microsoft support.

Click it here.

Check your DCs replication

Filed under: Micorosoft Windows — Rahul Patel @ 12:07 pm

Dsastat (Windows Support Tool) is a command line utility that allows you to check your DCs replications, it compares and detects differences between directory partitions on domain controllers. The tool retrieves capacity statistics such as megabytes per server, objects per server, and megabytes per object class. Then, the tool compares the attributes of replicated objects. You can use the tool to compare two directory trees across replicas in the same domain or, for a global catalog, across different domains.

Following is an end result from the simple command with -s syntax for server names; i.e

dsastat -s:dc1;dc2

http://support.microsoft.com/kb/318340

Windows Server 2008 Step-by-Step Guides

Filed under: Server 2008 — Rahul Patel @ 11:16 am

Creating_and_Deploying_Active_Directory_Rights_Management_Services_Templates_Step-by-Step_Guide.doc

158 KB
Deploying Active Directory Rights Management Services in a Multiple Forest Environment Step-by-Step Guide.doc 314 KB
Deploying Active Directory Rights Management Services in an Extranet Step-by-Step Guide.doc 209 KB
Deploying Active Directory Rights Management Services with Microsoft Office SharePoint Server 2007 Step-By-Step Guide.doc 278 KB
Deploying an Active Directory Rights Management Services Licensing-only Cluster Step-by-Step Guide.doc 196 KB
Deploying SSTP Remote Access Step by Step Guide.doc 639 KB
Removing Active Directory Rights Management Services Step-by-Step Guide.doc 156 KB
Server Manager Scenarios Step-by-Step Guide.doc 225 KB
Server_Core_Installation_Option_of_Windows_Server_2008_Step-By-Step_Guide.doc 421 KB
Step_by_Step_Guide_to_Customizing_TS_Web_Access_by_Using_Windows_SharePoint_Services.doc 157 KB
Step-by-Step Guide for Configuring a Two-Node File Server Failover Cluster in Windows Server 2008.doc 341 KB
Step-by-Step Guide for Configuring a Two-Node Print Server Failover Cluster in Windows Server 2008.doc 335 KB
Step-by-Step Guide for File Server Resource Manager in Windows Server 2008.doc 386 KB
Step-by-Step Guide for Storage Manager for SANs in Windows Server 2008.doc 217 KB
Step-by-Step Guide to Deploying Policies for Windows Firewall with Advanced Security.doc 1012 KB
Step-by-Step_Guide_for_Configuring_Network_Load_Balancing_with_Terminal_Services_in_Windows_Server_2008.doc 159 KB
Step-by-Step_Guide_for_Windows_Deployment_Services_in_Windows_Server_2008.doc 309 KB
TS RemoteApp Step-by-Step Guide.doc 370 KB
Using Identity Federation with Active Directory Rights Management Services Step-by-Step Guide.doc 370 KB
Windows Server 2008 Active Directory Certificate Services Step-By-Step Guide.doc 247 KB
Windows Server 2008 Foundation Network Guide.doc 490 KB
Windows Server 2008 Network Policy Server (NPS) Operations Guide.doc 469 KB
Windows Server 2008 Step-by-Step Guide for DNS in Small Networks.doc 537 KB
Windows Server 2008 TS Gateway Server Step-By-Step Setup Guide.doc 667 KB
Windows Server 2008 TS Licensing Step-By-Step Guide.doc 323 KB
Windows_ Server_Active_Directory_Rights_Management_Services_Step-by-Step_Guide.doc 272 KB
Windows_Server_2008_TS_Session_Broker_Load_Balancing_Step-By-Step_Guide.doc

http://www.microsoft.com/downloads/details.aspx?FamilyID=518d870c-fa3e-4f6a-97f5-acaf31de6dce&DisplayLang=en

November 24, 2008

Version of Schema

Filed under: Micorosoft Windows — Rahul Patel @ 6:51 pm

The following command will know which of the Windows Server Schema updates have been applied.

dsquery.exe * “CN=Schema,CN=Configuration,DC=domain,DC=com” -scope base -attr objectversion

Here is what the versions will mean:

44 = Windows Server 2008
31 = Windows Server 2003 R2
30 = Windows Server 2003
13 = Windows 2000

Server Core Default Services

Filed under: Server 2008,Server Core — Rahul Patel @ 6:43 pm
Service_Name Display_Name Mode
Account
AeLookupSvc Application Experience Auto LocalSystem
AppMgmt Application Management Manual LocalSystem
BFE Base Filtering Engine Auto LocalService
BITS Background Intelligent Transfer Service Auto LocalSystem
Browser Computer Browser Manual LocalSystem
CertPropSvc Certificate Propagation Manual LocalSystem
COMSysApp COM+ System Application Manual LocalSystem
CryptSvc Cryptographic Services Auto Network-Service
DcomLaunch DCOM Server Process Launcher Auto LocalSystem
Dhcp DHCP Client Auto LocalService
Dnscache DNS Client Auto Network-Service
DPS Diagnostic Policy Service Auto LocalService
Eventlog Windows Event Log Auto LocalService
EventSystem COM+ Event System Auto LocalService
FCRegSvc Microsoft Fibre Channel Platform Registration Service Manual LocalService
gpsvc Group Policy Client Auto LocalSystem
hidserv Human Interface Device Access Manual LocalSystem
hkmsvc Health Key and Certificate Management Manual LocalSystem
IKEEXT IKE and AuthIP IPsec Keying Modules Auto LocalSystem
iphlpsvc IP Helper Auto LocalSystem
KeyIso CNG Key Isolation Manual LocalSystem
KtmRm KtmRm for Distributed Transaction Coordinator Auto Network-Service
LanmanServer Server Auto LocalSystem
LanmanWorkstation Workstation Auto LocalService
lltdsvc Link-Layer Topology Discovery Mapper Manual LocalService
lmhosts TCP/IP NetBIOS Helper Auto LocalService
MpsSvc Windows Firewall Auto LocalService
MSDTC Distributed Transaction Coordinator Auto Network-Service
MSiSCSI Microsoft iSCSI Initiator Service Manual LocalSystem
msiserver Windows Installer Manual LocalSystem
napagent Network Access Protection Agent Manual Network-Service
Netlogon Netlogon Manual LocalSystem
netprofm Network List Service Auto LocalService
NlaSvc Network Location Awareness Auto Network-Service
nsi Network Store Interface Service Auto LocalService
pla Performance Logs & Alerts Manual LocalService
PlugPlay Plug and Play Auto LocalSystem
PolicyAgent IPsec Policy Agent Auto Network-Service
ProfSvc User Profile Service Auto LocalSystem
ProtectedStorage Protected Storage Manual LocalSystem
RemoteRegistry Remote Registry Auto LocalService
RpcSs Remote Procedure Call (RPC) Auto Network- Service
RSoPProv Resultant Set of Policy Provider Manual LocalSystem
sacsvr Special Administration Console Helper Manual LocalSystem
SamSs Security Accounts Manager Auto LocalSystem
SCardSvr Smart Card Manual LocalService
Schedule Task Scheduler Auto LocalSystem
SCPolicySvc Smart Card Removal Policy Manual LocalSystem
seclogon Secondary Logon Auto LocalSystem
SENS System Event Notification Service Auto LocalSystem
SessionEnv Terminal Services Configuration Manual LocalSystem
slsvc Software Licensing Auto Network-Service
SNMPTRAP SNMP Trap Manual LocalService
swprv Microsoft Software Shadow Copy Provider Manual LocalSystem
TBS TPM Base Services Manual LocalService
TermService Terminal Services Auto Network-Service
TrustedInstaller Windows Modules Installer Auto LocalSystem
UmRdpService Terminal Services UserMode Port Redirector Manual LocalSystem
vds Virtual Disk Manual LocalSystem
VSS Volume Shadow Copy Manual LocalSystem
W32Time Windows Time Auto LocalService
WcsPlugInService Windows Color System Manual LocalService
WdiServiceHost Diagnostic Service Host Manual LocalService
WdiSystemHost Diagnostic System Host Manual LocalSystem
Wecsvc Windows Event Collector Manual Network-Service
WinHttpAuto-ProxySvc WinHTTP Web Proxy Auto-Discovery Service Auto LocalService
Winmgmt Windows Management Instrumentation Auto LocalSystem
WinRM Windows Remote Management (WS-Management) Auto Network-Service
wmiApSrv WMI Performance Adapter Manual LocalSystem
wuauserv Windows Update Auto LocalSystem

Set Up a Vacation Message “Rule” using Microsoft Outlook 2003

Filed under: Office 2003 — Rahul Patel @ 10:59 am

Please download How to Set Up a Vacation.pdf from box…

Next Page »

Blog at WordPress.com.