Wednesday, April 30, 2008

Disable USB Drive using Group Policy

usb.bat file contain
regedit /s \\slche\systemrestore$\usb.reg


usb.reg file contain

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR]
"Start"=dword:00000004

usb.bat is put in logon scipt in computer policy
rsb.reg file is placed in \\slche\systemrestore$\usb.reg

Create scheduled restore point in Windows XP

Restore.bat file contain
at 3:40pm \\bslch\systemrestore$\a.vbs

a.vbs file contain
Set IRP = getobject("winmgmts:\\.\root\default:Systemrestore" )
MYRP = IRP.createrestorepoint ("IT Helpdesk Restore Point", 0, 100)



put the restore.bat file in logon script in computer policy.
a.vbs file is copied into "\\bslch\systemrestore$" this location.

Thursday, April 24, 2008

How to enable firewall in Windows XP

netsh firewall set opmode mode=ENABLE
netsh firewall set service type=FILEANDPRINT mode=ENABLE

Friday, April 18, 2008

Map Network drive using Vbscript

' save this contents to MapNetwork.vbs
Option Explicit
Dim objNetwork
Dim strDriveLetter, strRemotePath
strDriveLetter = "J:"
strRemotePath = "\\10.90.2.3\e$"

Set objNetwork = CreateObject("WScript.Network")

objNetwork.MapNetworkDrive strDriveLetter, strRemotePath
WScript.Quit

Saturday, April 12, 2008

Block Messenger Service

System Key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger]
Value Name: Start
Data Type: REG_DWORD (DWORD Value)
Value Data: (2 = automatic, 3 = enabled, 4 = disabled)

Disable Task Manager

User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
System]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
System]
Value Name: DisableTaskMgr
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = default, 1 = disable Task Manager)

Disable the Right Click on the Desktop

User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Value Name: NoViewContextMenu
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disabled, 1 = enabled)

Force Windows to Use the Classic Desktop

User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Value Name: ClassicShell
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = Default, 1 = Classic Desktop)

Remove My Documents from the Desktop

This setting is used to remove the My Documents folder from the Windows desktop.

User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\
CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder]
Value Name: Attributes
Data Type: REG_DWORD (DWORD Value)
Value Data: (0xf0500174 = Hidden, 0xf0400174 = Default)

Disable Desktop Cleanup Wizard Windows XP

By default Windows will run the Desktop Cleanup Wizard every 60 days to remove unused desktop items and shortcuts. This setting will disable it from running automatically.


User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\
Desktop\CleanupWiz]
Value Name: NoRun
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = enabled, 1= disable wizard)

Monday, April 7, 2008

How to View and delete scheduled job tasks

at command prompt

View scheduled jobs

at \\computername

Delete scheduled jobs

type
at \\computername /delete /y

Map network Drive

net use \\server\share password /USER:domain\username

/P means persistent.

This means reconnect the share at the next logon.

But for that to work with a password you will also need to save the credentials.

So try this ...

NET USE Z: \\192.168.2.43\mercury password /USER:domain\username /SAVECRED /PERSISENT:YES

Replace password, domain and username with appropriate values ...

NET USE Z: \\192.168.2.43\mercury MrBlobby /USER:BBC\NoelEdmonds /SAVECRED /PERSISENT:YES

Example:

net use h: \\computername\c$ /u:domainname\username "Pasword"

Delete net drive using this command

net use * /delete /y

Disable USB drive

copy the below three lines and paste this file to usb.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR]
"Start"=dword:00000004

then run this file or create a batch file


regedit /s \\sbslchedc01\systemrestore$\usb.reg

PsExec

PsExec executes a program on a remote system, where remotely executed console applications execute interactively.

psexec @computername.txt -e -u administrator -P password -realtime -c ocxreg.bat

computername.txt contain computer name or ip address..

schedule a restore point

Paste the following two lines of code into notepad. Then save the file with restore.vbs extention, e.g. save it as something like 'restorepoint.vbs'

Set IRP = getobject ("winmgmts:\\.\root\default:Systemrestore" )

MYRP = IRP.createrestorepoint ("Tamilchild Restore Point", 0, 100)

with that done, run the file manually, then open system restore and verify the restore point was created ok.

Now you can use scheduled tasks in the normal way to create a restore point as you wish. Needless to say, the account you schedule this to run under will need to be an admin account.

Change file name with date extention

Create a batch file save this contents. It works good.

ren "C:\Program Files\Syslogd\Logs\SyslogCatchAll.txt" SyslogCatchAll%date:~4,2%-%date:~7,2%-%date:~10%.txt

Friday, April 4, 2008

Gateway address, IP Address, DNS

Add gateway address
Type the command in cmd
netsh interface ip delete addres "local area connection" gateway=10.90.102.6

netsh interface ip set address name="local area connection" gateway=10.90.102.6 gwmetric=default

netsh interface ip add address "local area connection" gateway=10.90.103.6 gwmetric=automatic

Delete DNS

Delete particular Dns using this command

netsh interface ip delete dns "local area connection" 10.90.2.2

Delete all dns using this command..

netsh interface ip delete dns "Local Area Connection" all


using command prompt..

netsh interface ip add dns "local area connection" 10.90.2.2 index=2

ok..

Add Ip address

Simply type this command in cmd..

Netsh interface ip add address "local area connection" 10.90.30.2 255.255.254.0

OK..

Shutdown the Remote PC

The following command is used for remote pc shutdown

shutdown -m \\computername(or Ipaddress) -s -f -t 00


-m Remote machine

-s Shutdown

-t time duration

To enable or disable the Remote Desktop exception

Using the command prompt

To enable or disable the Remote Desktop exception

• Type the following at the command prompt, and press ENTER:

netsh firewall set service type = remotedesktop mode =

mode


Substitute values for the placeholder in italics. The following table lists possible values for the placeholder.

Placeholder Possible Values Description
mode

enable, disable

Specifies whether to enable or disable the exception.


If you get an "Access Denied" message when you run a command, you do not have administrative rights to configure Windows Firewall. If you get an "Ok" message but the command does not take effect, the setting might be managed by Group Policy

Delete cached copies of roaming profiles

Using Group Policy to delete cached copies of roaming profiles

This article discusses how you can use Group Policy to delete locally cached copies of roaming profiles.

MORE INFORMATION
If you enable Group Policy, any local copy of a user's roaming profile is deleted when the user logs off. However, the roaming profile still remains on the network server that stores it.

You can configure a Group Policy Object (GPO) to perform the preceding behavior by performing the following steps:
1. Edit the GPO that you want to modify.
2. Locate the following section: Computer Configuration \ Administrative Templates \ System \ User Profiles.
3. Double-click Delete cached copies of roaming profiles (the Group Policy setting).
4. Click Enabled.

NOTE: The preceding steps involve a computer configuration setting. When Group Policy is applied to a container, such as an organizational unit, it can apply to all computers in that organizational unit and not necessarily to all users in that organizational unit. For example, if a user in the organizational unit that has this policy, logs on to a computer that is in another organizational unit that does not have this policy, a copy of the roaming profile can remain on the computer. Once this policy is applied to a computer it applies to all users that use that computer.

Enable or Disable the File and Printer Sharing

Using the command prompt

To enable or disable the File and Printer Sharing exception

• Type the following at the command prompt, and press ENTER:

netsh firewall set service type = fileandprint mode = mode


mode
enable, disable

Specifies whether to enable or disable the exception.


If you get an "Access Denied" message when you run a command, you do not have administrative rights to configure Windows Firewall. If you get an "Ok" message but the command does not take effect, the setting might be managed by Group Policy.

Uninstalling using McAfee Consumer Product Removal

Download the removal tool from http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe.

Click Save and save the file to any folder on the computer.

Navigate to the folder where the file is saved.
Double-click MCPR.exe.

Click Run. A Command Line window will be displayed, and then close automatically. Wait for a second Command Line window to be displayed. (Do not double-click MCPR.exe again.) The program will begin the cleanup.

Observe the installation, which could take several minutes. The following message will be displayed in the Command Line window:

The machine must reboot to complete the un-installation. Reboot now? [y.n]

Press Y on the keyboard.
Wait for the computer to restart.

All McAfee products are now removed from your computer.

McAfee Common Framework returned error ffffffdf@3

When updating McAfee Virus Scan Enterprise 8.0i manually I get the error message "Failed to initialize common updater subsystem, Make sure the McAfee Framework Services is running, McAfee Common Framework returned error ffffffdf@3". What do I do?

You will need to Re-Register the OLE32.DLL to Re-Populate the Registry. To do this please do the following:-

Click Start, then Run, and in the Open text box type:

Regsvr32.exe %Windir%\System32\Ole32.dll

A RegSvr32 popup message states: DllRegisterServer in C:\WINNT\System32\ole32.dll succeeded.

Click OK.

Send Keys Representation

Key SendKeys Representation

BACKSPACE {BACKSPACE}, {BS}, or {BKSP}
BREAK {BREAK}
CAPS LOCK {CAPSLOCK}
DEL or DELETE {DELETE} or {DEL}
DOWN ARROW {DOWN}
END {END}
ENTER {ENTER} or ~
ESC {ESC}
HELP {HELP}
HOME {HOME}
INS or INSERT {INSERT} or {INS}
LEFT ARROW {LEFT}
NUM LOCK {NUMLOCK}
PAGE DOWN {PGDN}
PAGE UP {PGUP}
PRINT SCREEN {PRTSC}
RIGHT ARROW {RIGHT}
SCROLL LOCK {SCROLLLOCK}
TAB {TAB}
UP ARROW {UP}
SHIFT +
CONTROL ^
ALT %
BACKSPACE {BACKSPACE}, {BS}, or {BKSP}

How to Configure Automatic Updates

Configuring Automatic Updates by using Group Policy

The easiest way to configure automatic updates is through the group policy, in environments where this is possible. If group policies (AD) are not available, you can use the registry file which has to be deployed to every machine. This registry file, or group policy template if you're using Active Directory, enables advanced features available with the new WSUS client.

In order to configure client machines using group policy it is necessary to load the latest version of the wuau.adm administrative template. This template is available on Windows 2003 servers or Windows XP machines with Service Pack 2 installed. By default it is stored in C:\WINDOWS\Inf directory.


Configuring automatic updates in a non-AD environment

There are three ways of configuring automatic updates in non-Active Directory environments:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]

; Define WSUS update server and the status server
"WUServer"="http://msupdate.auckland.ac.nz/"
"WUStatusServer"="http://msupdate.auckland.ac.nz"

; Users in the Users security group are not allowed to approve or
; disapprove changes (change this to 00000001 if you want them to be
; able to approve changes)
"ElevateNonAdmins"=dword:00000000

; Define client target group – important for reports
"TargetGroup"="ITSS"
; This option has to be 1 if client-side targeting is enabled.
"TargetGroupEnabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]

"UseWUServer"=dword:00000001

; Logged users can choose if they want to restart the computer
"NoAutoRebootWithLoggedOnUsers"=dword:00000001

; Enable automatic updates (1 for disable)
"NoAutoUpdate"=dword:00000000

; Following options are available:
; 2 – notify before download
; 3 – automatic download and notify of installation
; 4 – automatic download and scheduled installation
; 5 – automatic updates required, but end users can configure them
"AUOptions"=dword:00000004

; Every day is scheduled (0, otherwise days defined from Sunday – 1, to
; Saturday – 7)
"ScheduledInstallDay"=dword:00000000

; Time of day to install updates – 10 AM (0a in hexadecimal)
"ScheduledInstallTime"=dword:0000000a

; Silently install minor updates
"AutoInstallMinorUpdates"=dword:00000001

; Detection frequency in hours – every 20 hours (14 in hexadecimal)
"DetectionFrequency"=dword:00000014
"DetectionFrequencyEnabled"=dword:00000001

; Time between prompting again for a scheduled restart – 30 minutes (1e
; in hexadecimal)
"RebootRelaunchTimeout"=dword:0000001e
"RebootRelaunchTimeoutEnabled"=dword:00000001

; Warning time after installing updates with a deadline or scheduled
; updates – 15 minutes
"RebootWarningTimeout"=dword:0000000f
"RebootWarningTimeoutEnabled"=dword:00000001

; Time that the WSUS client will wait at startup before applying
; updates from a missed scheduled installation time. This applies only
; to scheduled installations.
"RescheduleWaitTime"=dword:0000001e
"RescheduleWaitTimeEnabled"=dword:00000001

WSUS 2.0 Updation Errors

WSUS 2.0 Updation Errors

The following events are occured while updating wsus 2.0 to wsus 3.0

Event Type: Error
Event Source: Windows Server Update Services
Event Category: Web Services
Event ID: 12012
Description:
The API Remoting Web Service is not working.

Event Type: Error
Event Source: Windows Server Update Services
Event Category: Web Services
Event ID: 12032
Description:
The Server Synchronization Web Service is not working.


Event Type: Error
Event Source: Windows Server Update Services
Event Category: Web Services
Event ID: 12022
Description:
The Client Web Service is not working.

Event Type: Error
Event Source: Windows Server Update Services
Event Category: Web Services
Event ID: 12042
Description:
The SimpleAuth Web Service is not working.

Event Type: Error
Event Source: Windows Server Update Services
Event Category: Web Services
Event ID: 12052
Description:
The DSS Authentication Web Service is not working.


Answer:

Upgrading from WSUS 2.0 to WSUS 3.0 requires the re-entry of the authentication credentials on the proxy configuration page of the WSUS Administration Console after completing the upgrade.

Reconnect to WSUS

Reconnect the Wsus...
you need to delete the identification info from the registry and reboot the PC in order for it to report properly. Here is the relevant information:

HKLM\Software\Microsoft\Windows\CurrentVersion\Windowsupdate
Delete the following entries, if present:
AccountDomainSID
SusClientID
PingID

Reboot.

The appropriate entries will be recreated when the PC reconnects to WUS.

Run application without User intervention

Suppose you want to run hyperterminal via command mode without user intervention.

The following vbs script is very useful for you..


' openhyper.vbs
' Example VBScript Run Notepad and use SendKeys
' -----------------------------------------------------'
' Developed by S.Murugan
Option Explicit
Dim objShell, Racey, intCount
Set objShell = CreateObject("WScript.Shell")
objShell.Run "hypertrm new.ht"
Wscript.Sleep 1500
Racey = 1000
intCount=0

objShell.SendKeys "%T"
WScript.Sleep 1500
objShell.SendKeys "C"
WScript.Sleep 1500
objShell.SendKeys "{TAB}"
WScript.Sleep 1500
objShell.SendKeys "{TAB}"
WScript.Sleep 1500
objShell.SendKeys "{ENTER}"

WScript.Quit
' End of Example SendKeys VBScript




Updated file

' hyperopen.vbs
' Example VBScript Run Notepad and use SendKeys
' -----------------------------------------------------'
Option Explicit
Dim objShell, Racey, intCount
Set objShell = CreateObject("WScript.Shell")
objShell.Run "hypertrm new.ht"
Wscript.Sleep 1500
Racey = 1000
intCount=0

objShell.SendKeys "%T"
WScript.Sleep 1500
objShell.SendKeys "C"
WScript.Sleep 1500
objShell.SendKeys "C:\Documents and Settings\murugans\Desktop\capture.txt"
WScript.Sleep 1500
objShell.SendKeys "{TAB}"
WScript.Sleep 1500
objShell.SendKeys "{TAB}"
WScript.Sleep 1500
objShell.SendKeys "{ENTER}"

WScript.Quit
' End of Example SendKeys VBScript




' stop the application new
' Example VBScript Run Notepad and use SendKeys
' -----------------------------------------------------'
Dim objshell
Set objShell = CreateObject("WScript.Shell")
While objShell.AppActivate("new") <> True
WScript.Sleep 500
Wend
WScript.Sleep 100
objShell.SendKeys "{ENTER}"

objShell.SendKeys "%F"
WScript.Sleep 1500
objShell.SendKeys "x"
WScript.Sleep 1500
objShell.SendKeys "{ENTER}"

WScript.Quit
' End of Example SendKeys VBScript