When you run explorer and its using mapped drives or printers, there is a lot of crap network traffic that hangs up the kernel and your experence with your OS in windows. so here is a tip that I never bloged about. Disable the qutomatic query for network resources. This will speed up your work PC a bit if your a poweruser.

So you might have noticed that my websites have been having issues lately. This is because my old ProLiant1850 finally got too old to play anymore rainder games. So in a quick chop chop, I took a trusty old P4B motherboard and put Server 2008 on it.

Now server 2008 has a lot of bad ass features, I really like core for example. And the new options for managment for IIS-Apps, or the new schedualed task manager. etc etc..

However the thing that ties them all into one package the GUI what a total waste of time. I cant express how much I hate, dislike, or generally spit in the direction of the 2008–vista-GUI

I dont know what ass at Microsoft decided to change server to match the WindowsME that vista is. When I get on a server and want to add a user for some testing I dont want some Lame ass GUI vista windowsME looking user add control panel, I want right click on my computer – system manage and add a user like we have for 9 years now. WHY MICROSOFT WHY. This only scratches my hate for this new interface.

Anyway I wanted to rant just for server 2010 when it releases Microsoft, Please go back to the UI that we have all learned to use in our sleep and not force admins to use fluffy wizards and crap ass MMC’s that are bulky and slow. I hope you google and find me.

So lets pose a problem, you have a computer with encrypted HDD and you cant reboot the PC. Or a comptuer has something worth getting in memory (encryption key) and you want it. But the computer is locked. well you can now hack this.

winlockpwn - tool to connect to windows with firewire and inject a dll hack into memory to bypass passwords on the "windows lock screen" and allow you access to windows with no password when locked.

if your not a linux power user, or just want to cheat here is a setup quide and if you use backtrack here is a post about it.

So a lot of people say it works, I agree that it will - it uses dll hacking for passwords, you can do this with the computer powered off or just hack it

so what did I get, nothing...

i get this error

IOError: [Errno 22] Invalid argument

from firewire.py, line 693: "If a node doesn't feel like fulfilling a request, it will raise an IOError."

now if you unplug the fw and plug it back in repeatedly running the script it will start scanning memory only to end with a device busy

seems that the "money time" is when the device is detected as a "Hard Drive" you start scanning the memory at that point. then the ipod comes in and all work ends

same issue on two computers

but who's to say Im just odd.

UPDATE: May22

I got it to work, who knows if I was sleepy or a reboot fixed it. But when I powered up. Started from "step 5" and followed steps exactly.

Dell630 fully patched on the domain and it worked! I had full access as advertised.

something I noticed was that this morning businfo has 1 on the node 0 and not 0 for all the data it spits out on what will and wont work.

I saw this poster the other day about Exchange 2007 from TechNet turns out they published them. If your a m$ person this is worth downloading and printing (or trying to print and jamming up your printer buffer)

Exchange Server 2007 Component Architecture
Active Directory Component Jigsaw Poster
Windows Server 2008 Component Poster

One thing I love about MSDN subscriptions is the ability to get Visual Studio. Now I dont program much but I did have a lot of fun with VB back in the day and when VS2002 went to .net I must admit that I lost interest as the code changed a lot.

Then comes VS2005 with all its cool context help.

Then comes VS2008, I must say this is the most impressive dev studio I have ever seen. Just like office2007 and ability to think what I want before I want. VS08 allows someone who just knows how to program, convert to .net and program up things that are awesome. Seriously the context help and auto-complete in VS2008 are way cool. If you are a programmer or have MSDN and did old c or vb then check out the new application its worth the time.

I just found out that quick basic is public domain. I learned to program with qbasic way back in grade school. Time to dig up some of my old programs, but I couldnt afford the version with the compiler.

Something to check out, info stolen from wikipedia

Perhaps the most notable new feature of Windows Server 2008 is a new variation of installation called Server Core. Server Core is a significantly scaled-back installation where no Windows Explorer shell is installed, and all configuration and maintenance is done entirely through command line interface windows, or by connecting to the machine remotely using Microsoft Management Console. Server Core also does not include the .NET Framework, Internet Explorer or many other features not related to core server features. A Server Core machine can be configured for several basic roles: Domain controller/Active Directory Domain Services, ADLDS (ADAM), DNS Server, DHCP Server, file server, print server, Windows Media Server, Terminal Services Easy Print, TS Remote Programs, and TS Gateway, IIS 7 web server and Windows Server Virtualization virtual server. This last role is projected to be available at most 180 days after release of Windows Server 2008.

Setup reference

Server role reference

 

I always seem to loose these KB’s when I’m building a dev server and need to backup or transfer or export the MS-SQL accounts. Here is the kb for sql 7.x and sql 2005

here is a page with all the command line options that you can run with outlook.exe I found some handy commands. Like all the clean commands.

I ran across a fun post for a way to disable the reply to all, and forward ability with emails. How many times have you forward out something like “server will be down” and you get 3 reply all’s “looks like kelly is actually working today”, “haha yea kelly must have called the nerd herd”

use VBA to disable the reply to all and forward

Prevent Reply to all and forward with custom form

here is a copy of scotts post (just as a local copy)

 

Here's "How to easily disable Reply To All and Forward in Outlook": Go Tools|Macro|Macros... In the next dialog, type something like NoReplyAll and click Create. At this point, even when running Vista 64, you'll be magically transported back to 1996, completely with owner-draw non-standard gray toolbars and other bits of gray that will leak in from the past. Add these lines to your new subroutine: ActiveInspector.CurrentItem.Actions("Reply to All").Enabled = False ActiveInspector.CurrentItem.Actions("Forward").Enabled = False Then close this window. At this point you've got a macro that prevents Replying to All and Forwarding (at least within Outlook world. This won't prevent folks running other mail systems from Replying to All, but we're mostly focused on internal work with this tip.) Now, open up a new Outlook Message and right click at the VERY top (assuming Outlook 2007). Click More Commands...now from this dialog select "Macros" from the dropdown, select your new Macro and click Add>>. If you like, click on your Macro on the right and select the Modify button and pick a nice icon for it and a Display Name. I used a "halting hand" icon: Click OK and look at your Quick Access Toolbar...you've got a nice little icon there. Now, CLICK that button then send an email to yourself or a coworker...

 

This is an amusing error coming from the windows update page when I loaded up windows for workgroups 3.11. It thinks I’m a mac.

Found a workaround, just go to File, Open, Other Users Folder. Solves the problem for now. There is some bug with the “quick open” list that normally shows up in a toolbar on the left of outlook.

"The Messaging interface has returned an unknown error." occurs when trying to view a shared calendar

In Outlook 2007, an error may occur when trying to view a shared calendar from the People's Calendars list. The error will say "The Messaging interface has returned an unknown error.  If the problem persists, restart Outlook."  Restarting Outlook does resolve the problem.

Microsoft has confirmed that this is a known bug with Outlook 2007.  We are currently waiting to hear back from Microsoft as to the decision on whether this will be resolved by a Hot Fix or included in Office 2007 Service Pack 1.

make sure when adding a vista machine to 2000 that the following GPO is set this way

Domain Member: Digitally Encrypt or sign secure channel data (always) - change to disabled  -this isnt in the default 2000 GPO

Network Security: LAN Manager authentication level - change to "Send LM and NTLM - use NTLMv2 session security if negotiated"

yes recover deleted files from PST

1. To corrupt the PST file, opening it with the hex editor.
2. Delete positions 7 through 13 with the spacebar. Since you're using hexadecimal numbering, this actually clears 13 characters in the following positions:
3. 00007
   00008
   00009
   0000a
   0000b
   0000c
   0000d
   0000e
   0000f
   00010
   00011
   00012
   00013
   (The editor displays the code “20” each time you clear a position with the spacebar.)
4. After clearing those positions in the file, save it. Your PST is now corrupted.
5. Run the Inbox Repair Tool, SCANPST.exe, to recover the file. On Win2K and WinNT systems, the executable is located in For additional information on the Inbox Repair Tool, see Microsoft Knowledge Base article 287497.
6. After creating a backup, the Inbox Repair Tool repairs the damage and recreates the PST. Open the new PST in Outlook. The Deleted Items folder should contain all removed messages, so anything you've emptied will be restored.

I got my first corporate Vista box today, im not that impressed. Its a lot of ho-hum slow GUI mess if you ask me. yea you can change vista to look like XP again and use all the normal windows 2000 GUI look, feel. But its just slow. the hard disk is always dooing something. More importantly some reason ipv6 is running and my network isnt a fan of it on the PC. I dont know why and I dont have time to figure out, but I do know how to shut it off. problem solved from my end.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters]
"DisabledComponents"=dword:000000ff

and if you want to back out that change, either delete 'DisabledComponents" or set it to 0.
If you are curious what each bit of the DWORD does, here you go:

Disable all tunnel interfaces:
0x00000001
Disable 6to4:
0x00000002
Disable ISATAP:
0x00000004
Disable Teredo:
0x00000008
Disable Teredo and 6to4:
0x0000000A
Disable all LAN and PPP interfaces:
0x00000010
Disable all LAN, PPP, and tunnel interfaces:
0x00000011
Prefer IPv4 over IPv6:
0x00000020
Disable IPv6 over all interfaces and prefer IPv4 to IPv6:
0x000000FF

a simple trick to get elevated command line from the screen saver, there are many ways to enter this data one fast trick is to use a linux reg editor its simple as making the logon script the command window. also works to do a command line of “copy cmd.exe logon.scr” this will work anywhere  but on domain controllers not booted in recovery mode. This is preventable with PGP disk encryption.

Windows Registry Editor Version 5.00

[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"ScreenSaverIsSecure"="0"
"ScreenSaveTimeOut"="15"
"ScreenSaveActive"="1"
"SCRNSAVE.EXE"="cmd.exe"

OEM data you changed

Windows Registry Editor Version 5.00

[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"ScreenSaverIsSecure"="0"
"ScreenSaveTimeOut"="600"
"ScreenSaveActive"="1"
"SCRNSAVE.EXE"="C:\\WINDOWS\\System32\\logon.scr"

in recent hackings I came across a few other locations that if smart you can inject autoruns

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]

 

If you own a PC that the public can get to – laptop, library, corporate etc etc. Disable AutoPlay on the system via Group Policy. Do this to prevent hackers

• KB 555324
• KB 320182

 

So I wanted to review the permissions of a group of calendars so that all team members can look at other’s clanadars. This is not only a hard task as a administrator to do individually but its also a pain for users, open click add add add. Most users dont understand permissions so they have no idea where or what to click. So I set out for a tool to mass edit calendar permissions.

I found one from Microsoft! This is a very powerful tool and not for goofing off, it is very powerful for public folders as well as private. Public Folder DAV Admin tool and steps that are “not approved” to edit the calendar permissions You can set the default permissions to review for example, this will allow a select or everyone to view everyones calendar, (not that big of a security risk since you can cheat and use free busy data to gather the same information) but it increases productivity for users to know what others calendars look like with the native views in outlook.

It will also do powerful admin tools for your public folders. Give you some interesting data as well. The Q article has one glitch it has steps for a older version of the DAV tool, go to tools menu in the tool for the calendar permissions setting. and log in with a domain admin that has exchange management over the server. My non domain admin user didn't work. (send-as has no barring on this tool)

here is the new fixmbr tool for vista

http://support.microsoft.com/kb/927392/en-us

 

this is a kicker because no where on the web is a clear answer.

in a command window go to “C:\WINDOWS\Downloaded Program Files”

then “regsvr32 /u” the file that is causing problems, then delete it. Then go to the website that installed and and try again.

recent new image creation and I ran into this error “ the system is not fully installed” after a pain in the ass of dealing with it I figured out its Windows Media Player 11. Since I don't need WMP11 I didn't put it in the image. Thanks Microsoft for wasting my time on this one.

this looks cool its a robotics control software from Microsoft, the cool part is that you can render a virtual robot in 3dSpace. how to use this

If your in MicrosoftIT then here are some things you want to catch up on to be ahead of the pack.

PowerShell – I have been reading the users guide and trying to get learned on it basically bash in windows but .net learn it

Windows AIK – SysprepVista Basically, get learned with WIM (Windows Image Files) the way vista is installed is not a file copy its a disk image process so when you make a “install disk” its really a image of a clean box. WindowsPE runs the show now.

Applies to: IT Professionals

gathered from here.

Control Panel > System > Hardware > Device Manager > select "View" and Show hidden devices

Dr.Watson - i know its there but i never look at it. its cool.
Start > Run > "drwtsn32.exe" > Ok

font editor
Go to Start > Run > and type in eudcedit

To get Admin account on the " Home Welcome Screen" as well as the other usernames, make sure that there are no accounts logged in. Press "ctrl-alt-del" twice and you should be able to login as administrator!

This is to increase the the number of max downloads to 10.  (this is HUGE!)
1. Start Registry Editor (Regedt32.exe).
2. Locate the following key in the registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\Current\Version\Internet Settings
3. On the Edit menu, click Add Value , and then add the following registry values:
  "MaxConnectionsPer1_0Server"=Dword:0000000a
  "MaxConnectionsPerServer"=Dword:0000000a
4. Quit Registry Editor.

I always need to google this so I bloged it.

To rebuild your TCP stack the following command will help you

netsh int ip reset c:\resetlog.txt

TO rebuild your Winsock Stack the following…

XPSP2 –  netsh winsock reset catalog

XPSP1 – …

In Registry Editor, locate the following keys, right-click each key, and then click Delete:

then for winsock re-install TCP (for sp1 or 2)

Step 2: Install TCP/IP

1.	Right-click the network connection, and then click Properties.
2.	Click Install.
3.	Click Protocol, and then click Add.
4.	Click Have Disk.
5.	Type C:\Windows\inf, and then click OK.
6.	On the list of available protocols, click Internet Protocol (TCP/IP), and then click OK.

I had to write a exchange 2007 report for a client today it had a lot of handy links so I posted the link part of my report here.

 

That is correct you need to put the 2003 server in native mode see the following link

http://www.microsoft.com/technet/prodtechnol/exchange/e2k7help/6646fa21-69e7-49b0-9a99-839eba9e6694.mspx?mfr=true

 

As for not connecting to your schema master and RUS you need to run the ‘prepare____’ commands (forestprep/domainprep) before exchange 2007 will be allowed to talk to the AD infrastructure.

http://www.microsoft.com/technet/prodtechnol/exchange/e2k7help/6646fa21-69e7-49b0-9a99-839eba9e6694.mspx?mfr=true

 

Yes you can run Exchange12 out of your current environment and put SMTP connectors like we did with other companies. Just grow a new server put AD on it make it the Forest master /domain master, etc. then install Exchange (I gave a more user friendly link then Microsoft site with step by step if you want to attempt this on your own)

 

Friendly install link

http://www.msexchange.org/tutorials/Installing-Exchange-2007-Part1.html

 

Using Exchange12 with ADAM

From my understanding this is for performance and DR see following link – an “edge server” is a server out of your primary net… think DMZ

http://www.msexchange.org/tutorials/Introduction-Exchange-2007-Server-Roles.html

 

As for uninstalling Exchange 2007 I have no experience with this at all yet. My test environment is not one which I currently want to pull things out of at this moment. However Google has a few topics on the matter (none look like the answer is yes)

http://www.google.com/search?hl=en&q=uninstall+exchange+2007

“The Delegates settings were not saved correctly.  Unable to activate send-on-behalf-of list. You do not have sufficient premission to perform the opreration on the object.”

patch KB913807 is installed on the computer with outlook 2003 – go to a computer with out this patch or remote the patch from the computer it will work just fine.

SELF does not have appropriate rights to the Active Directory user object to modify the send-on-behalf-of list.  I manually set the SELF rights to the same as a newly created user object and I no longer get the error.

Did you allow automatic patches to run on your exchange server then realize that your blackberry stopped working? I did.

Black Berry KB

Microsoft KB that broke it

I cheated and used Jon’s Tip to fix it and applied the security to the whole company OU Im not going to itemize out each employee with a blackberry. (simply by adding the security to the OU advanced properties)

*note that if your user with a blackberry is a domain admin it still will not work unless you by-pass the new security policy’s in place. read the lower half of the M$KB

 

along with free Visual Studio  MSDN is now free. This is the “god documentation” to visual studio.

Windows XP will do it, so will 2003 – give me 2000.

• Run Regedit (Start Menu>Run; type in 'regedit')
• Open HKEY_CURRENT_USER
• Open subfolder Software
• Open subfolder Microsoft
• Open subfolder Command Processor
• Double-click the key vale CompletionChar (right-hand side). Change the Value Data value to the ASCII value of the key you wish to use for command completion. Not all keys will work - the reccomended value is 9 decimal which is the <TAB> key.
• Quit regedit

i use this product daily and paid for it, now its free. go figure.

Download Virtual PC 2004

its a great tool.

I had a few links i wanted to read later and just posted them here.

• Star Software, Free Software that lets you view the stars.
• Tips for securing or hacking cisco routers
• Tips for Etherreal packet decode
• This one is illegal booyea (how to use pirate bay search)

Tip for UDMA-6

How to Check Current Transfer Mode

1. Open Device Manager
2. Expand IDE ATA/ATAPI Controllers
3. Double click on Primary IDE Controller or Secondary IDE Controller
4. Go to the Advanced Settings tab to see the current transfer modes. If you see anything besides UltraDMA-6, and especially if you see PIO Mode, then follow the steps below.

How to Force UltraDMA-6

1. Open up the Registry Editor.
2. Navigate to the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}.
3. There are several sub-keys under this one, such as 0000, 0001, etc. You are interested in two of them that say Primary IDE Channel and Secondary IDE Channel.
4. Make the following changes to both of those keys:
   1. Delete any attributes named MasterIdDataCheckSum or SlaveIdDataCheckSum. This resets the tracking for errors that Windows uses to determine when the transfer mode should be lowered.
   2. Add an attribute with the name ResetErrorCountersOnSuccess and a DWORD value of 1. This tells Windows that it should lower the transfer mode when there are six consecutive errors instead of six cumulative errors.
   3. If they exist, set the following keys to a hexadecimal value of ffffffff (eight F's). This will change the transfer modes to UltraDMA-6:
      
      • MasterDeviceTimingMode
      • MasterDeviceTimingModeAllowed
      • SlaveDeviceTimingMode
      • SlaveDeviceTimingModeAllowed
      • UserMasterDeviceTimingModeAllowed
      • UserSlaveDeviceTimingModeAllowed
        
   4. Reboot your computer and check the devices to see if they are set to UltraDMA Mode 6.

remote desktop is very handy, if you remember to turn it on.

If you dont remember, then download this and it will reghack a remote computer for you, so that you can get into the box.

press alt+ctl+end in RDP to simulate alt+ctl+delete

 

interesting windows hack

Rename multiple files

this isn't really crazy but it is fun. Today I got a Xbox360, now to start my new xbox hacking adventure

the hardware is WAY cool, just no games yet.

Seriously My recommendation to not buy a xbox360 today is that there is no games. Everything I play is still xbox game. even a new game I found ‘black’ and if a title is going to be on 360 in a few months you cant play the legacy game on the 360. Its real nice. the wireless remote will grow on you like moss on a tree in Seattle. But seriously there is NO games. I even opened back up my gamefly account just to get some of the games that suck as rentals since there is no way I will buy them at the 60$ tags. I did buy burnout however, its a worth while purchase even if like me you own it on xbox still.

always moving in and out of networks on static IP’s and back to DHCP etc. You can do this via GUI or via command line. The advantage to command line is you can script common commands for quick changes. The idea here is that you make a few batch files. Like DHCP, 10.0.0.0, 192.168.0.0.0 172… you get the idea

In each batch file you then script the proper network address information. This allows for a quick change from network to network with out needing to traverse the slower GUI for network settings.

Here is a example of a static address the important part is the interface name make sure you link this to the proper interface for your laptop

 Example for a batch file

netsh interface ip set address name="Local Area Connection" static 192.168.0.100 255.255.255.0 192.168.0.1 1

or for DHCP

netsh interface ip set address "Local Area Connection" dhcp

 Another trick is to export the settings to a file and reload them to export the current settings you can then put this setting into a batch file and edit the .txt for local specific. So if your working on site for a week and then head home to get email you can export the client settings and a DHCP setting, then you don’t need to remember or write things down just a quick type type.

netsh -c interface dump > c:\location1.txt

 to import them back into the system

netsh -f c:\location1.txt

Other command examples

netsh interface ip show config

netsh interface ip set dns "Local Area Connection" static 192.168.0.200

netsh interface ip set dns "Local Area Connection" dhcp

netsh interface ip set wins "Local Area Connection" static 192.168.0.200

 netsh is very powerful you can change everything network including the firewall via command fill read me is here

 

stolen from a different site, but a nifty tip I mostly wanted to blog this for my own notes since I use my blog as a scratch pad for memory.

For example, if you already have some knowledge of the commands involved, many "Missing or corrupt HAL.DLL," "Invalid Boot.Ini," or "Windows could not start..." problems can be fixed with these five shortcut steps:

• Boot from your XP Setup CD and enter the Recovery Console
• Run "Attrib -H -R -S" on the C:\Boot.ini file
• Delete the C:\Boot.ini file
• Run "Bootcfg /Rebuild"
• Run Fixboot