|
|
Block XP SP3 - Stop the madness
If you have not heard about it already, many people are having big problems with Windows XP SP3.
I just want to remind everyone that we have had a tool out since January that will delay the automatic install of SP3 for 12 months.
You have 4 options for preventing the automatic install of SP3:
1. Download our Network Administrator to deploy the change across your network.
or
2. Download and use the free GUI tool we have to make the change on a single system
or
3. Download and use the free command line tools from MS
or
4. Update the registry manually. To do this you simply need to go to this key:
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate
Create a new DWORD value named DoNotAllowSP and set it to 1 (To disable the SP install), or 0 (To allow the SP install)
One final reminder - all of these blocking options are only valid for 12 months following the release of the service pack. After that, Windows will ignore the registry change and install.
Posted By: Steve Wiseman on Tuesday, May 13, 2008
Check out our utilities for windows
Find out where a DLL, EXE, or SYS file came from
There have been many times while working on a problem that I have found files that look suspicious, or are not part of the standard windows install. Microsoft has provided an excellent resource for researching executable files within windows.
It is called the DLL Help Database Search
So for example...you are working on your server, trying to diagnose a problem...and you see a process running called MAD.EXE
On the surface this really looks like a nefarious program. What legitimate application could be called MAD.exe?
If we do a search on the DLL help database we find that it is part of Microsoft Exchange:
Even better, you can see the version history of the file, what product it belongs to, and even the path of the file on the original install disk by clicking on the "More Info" link:
If that was not enough information for you, each file has a link to more details. Click on it, and there is even more:
This is an invaluable tool for IT Administrators, I suggest adding it to your list of bookmarks:
http://support.microsoft.com/dllhelp/
Posted By: Steve Wiseman on Tuesday, April 15, 2008
Check out our utilities for windows
VMWare 2.0 Beta 2 Release
VMWare has announced the release of Beta 2 of their server product.
It is supposed to have improved performance, and include these new key features:
- Update VMWare Infrastructure (VI) Web Access management interface
- Independent virtual machine console
- Support for USB 2.0 devices
- Multi-Tiered permissions
- New Hardware editors
- Automatically start your virtual machines
This is the next generation of their free server product. I am downloading this beta right now to see how far along they are.
Visit their website, and Get your own copy today
Posted By: Steve Wiseman on Tuesday, April 08, 2008
Check out our utilities for windows
Restrict User Logon Hours
We have a support contract with one of our software vendors. From time to time they need to login via Remote Desktop and make changes or updates for us.
I setup a special account that will notify me when they login to our server - that way I always know when they are on our system. They always work on it during business hours, and in the past they have always called us before doing any work.
This morning I see a notification email that they had logged in after 6pm last night. Grrr. I like them having their own account and password, and I don't want to disable and enable their account each time they need to do work...so I decided to see if I could limit their allowed times for logging in.
It is actually much easier than I imagined. To do it you need to get on the domain controller, open up Active Directory Users and Computers, and double click on the user you want to limit (In this case I will use our support account)
Then move over to the accounts tab, and click on the button that says "Logon Hours"
Once you click on that button, a window will appear that allows you to select the hours the user can logon.
Simply make your choice, and now the user is limited to logon the hours you selected. If they try to logon during a restricted time, they will be greeted with this message:
Now you don't have to worry about users sneaking in when they shouldn't
Posted By: Steve Wiseman on Tuesday, April 08, 2008
Check out our utilities for windows
Vista Service Pack 1 is coming your way
Service Pack 1 for Vista was released a few weeks ago. For now, it is an optional update. Beginning mid April, SP1 will start automatically downloading to PCs - Only on machines that have automatic updates turned on. Not to fear, it will download but not install automatically.
If you are not familiar with the new layout of Automatic updates, you can see if it is available for downloading by opening Internet Explorer, click on tools, then Automatic updates. It will bring up the Automatic Update application. Click on the link that says "View Available Updates"
If SP1 is available, it will look something like this:
If you want to try it out now, but you still do not see it in your list of optional updates there are a few things you need to check:
-You have a pre-release version of Vista. If you do, you need to uninstall windows, and install a fresh full release.
-You already have it. To check, simply go to the start menu, and right click on computer and go to properties
-SP1 is only available in these languages: English, French, Spanish, German, and Japanese. If you have another language version of Windows installed, it is not available yet
-Windows update has detected that you have drivers that are problematic with SP1. If this is the case, SP1 will not show up in your list of updates (No way we know yet to determine if this is the case)
-You are missing pre-requisite patches needed. Simply keep running automatic update until you are fully patched.
We are still testing it out here ourselves...we can't recommend for or against it yet. I think many of the fixes will be invisible to most - since their major focus for SP1 was driver incompatibilities.
Posted By: Steve Wiseman on Monday, April 07, 2008
Check out our utilities for windows
Use auditing to track who deleted your files
I had a reader write me a few days ago:
...I'm in a school environment and a student has deleted some files and I would like to know how I can do this in Win2k server to catch this sucker. Please advice and more power to you.
This can be accomplished through auditing. Lets start out by identifying what folder we want to watch - and be careful where you turn on auditing...turn it on too many folders with too many options and you can have huge performance issues.
We find the folder we want, and right click on it and go to properties
This will bring up the properties page for the folder. Move over to the security tab, and click on the advanced button:
The advanced page will appear. Click on the Auditing tab, and click the add button:
A user dialog will come up. I chose to put the "Everyone" group here. This allows me to audit for any possible user account that may be deleting files. If you think you know who it might be...you could put those users here instead. The smaller window of users being audited means better performance.
Once you click OK, a selection box will be displayed. Again - chose only the options you need. Each additional option will reduce performance. Here I just pick the options to audit deleting files and folders
Click OK through all of the windows you have open. If a user deletes a file or folder Windows will write an event to the security log.
Now. We have our auditing turned on, and you get to work one morning and find that files are missing. Simply open the event viewer and move over to the security log. Look for the event ID 560:
Double click on the event, and you will need to sit there and read it for a little bit to determine who did what. Here is an excerpt from mine (I copied the text from event viewer to notepad for easier reading)
We can see from this log entry that the user Administrator deleted the file setuperr.log
Now when someone deletes a file, you will have no problem determining who did it.
If you have a windows administration question, or an idea for a utility please send me an email at support@intelliadmin.com. I can't promise that I will answer every email, but I try to read them all.
Posted By: Steve Wiseman on Friday, March 21, 2008
Check out our utilities for windows
IntelliAdmin Remote Control - Status Update
We have been working on the new version of Remote Control LAN edition for quite some time.
Over a year in fact.
For those who have been waiting...it will be worth it.
Before talking about some of the cool features I want to let you know that all current customers will get a free upgrade. This is a big deal. Why? Because when we do release 3.0 we will be raising the price. In addition we may be changing the way we license the product (Possibly per client instead of per administrator). So if you buy now, you will be getting 3.0 for a lot less.
The biggest change will be Vista, and 64 bit support. This sounds so simple on the surface, but making our product compatible with Vista has been one of the most challenging programing projects we have ever faced.
I don't want to get too technical, but lets take an example...
To grab changes on the screen we need a special DLL called a 'hook'. This hook DLL allows the agent to see any graphical changes, and then send them back to the client. To make all of this work the hook uses a shared piece of memory. This shared memory *must* be accessible to all processes on the system.
Well, for quite some time we fought with our hook in Vista. Why? Because every time Internet Explorer was launched our hook would crash (Sometimes taking the system with it). Finally we determined that IE was now launched in a special restricted mode, and if you wanted it to access your shared memory you needed to explicitly allow these types of processes to access it.
This would have been easy to discover if Microsoft had properly documented this - but it was very hard to find. Worse yet the API calls needed could not compile with the current version of Visual Studio (Well after Vista had been released). With a little luck and lots of research we finally got the hook to work.
As you can imagine, this is the tip of the iceberg. I could fill over 100 pages describing the enormous changes needed to make it not only compatible with Vista, but work well with Vista.
We are still getting all of the ends tied up, and I have a rough estimate of about 2 months before we release our first beta. It might be less time than that, but I want to give our team breathing room so they concentrate on quality and not race to finish
With that said, lets start looking at some of the feature in the new version.
Request access before connecting:
We have a flood of email asking for this. Essentially it allows the end user to have a choice when you connect. They are asked for their permission before you can control their computer. I believe in some areas this is a regulatory requirement (Like being notified that your phone conversation is being recorded).
We wanted it to be clear when permission was asked. So what 3.0 does is darken the current desktop, and display a request form like this:
Now, even this feature gave us some heartburn. We wanted this to be shown even if the user had not logged in yet...and it does do that (This was not easy to accomplish). No matter where the user is at, they will be prompted for access.
Seamless operation during a UAC prompt:
If you have not used Vista before, you might not know what I am talking about. Essentially a UAC prompt is popped up each time you try to do something that requires administrative access. It looks something like this:
Whats the big deal here? Well the big deal is that most remote control software out there will choke when this prompt comes up. RealVNC will just disconnect you. UltraVNC has this wacky disconnect and reconnect feature, but very few remote control solutions have an elegant solution that allows seamless operation before, during, and after a UAC prompt. We have accomplished this in 3.0.
Support for Group Policy, and Windows User accounts:
Currently you simply need an administrator account. Now this will always be true if you want to automatically install the agent over your LAN. What if you wanted to install the agent yourself, and grant all users that are a member of the "Remote Administrators" group "View Only" access? This is all possible in 3.0. In addition, we will make available a group policy template that will allow you to deploy, and manage permissions of agents across your network.
Lets start looking at some screen shots of the software :)
Multi-User permissions
There are three types of accounts available in the new version.
1. Windows users and groups - These are domain, or local accounts that are granted access to the agent
2. Standard username and password - These are username and password combinations created by you, but do not require any interaction with windows security
3. VNC password accounts - Yes. You read it right, support for VNC client to connect to the agent.
Now with 1, and 2 you get a secure connection with Diffie-Heliman key exchange exchange, and 256 bit AES encryption. In addition to that the client supports the full array of features made available in 3.0
If the client is VNC, there is no encryption, and limited support for the new features. VNC support has been added for those customers that have non-windows operating systems and need some way to connect. If you do not add a VNC account, the VNC authentication system becomes inactive.
Here is what the form looks like for adding, or updating these user accounts:
Each user has their own settings:
So for example, you could give windows administrators full access, but standard users 'view only' access.
IP Address Filtering
Out of the box it will allow any IP to connect. Using filtering you could restrict it to a range of IP addresses, or block specific IPs that you have had problems with:
Multiple Interfaces Supported
Most of the time you will only need to listen on all interfaces on the same port. If you have custom needs it is possible to listen on more than one port, and on a specific interface:
Status Window
This has been requested many times over. Some customers have wanted a constant notification while the administrator is connected. When the status window is turned on it is displayed in the top right of the screen. If the mouse moves near it then switches to the left side of the screen. No matter what screen or window the user is on - it will always be displayed. This means even if the workstation is locked, or the user has not even logged in yet...it will be shown (While the administrator is connected)
Here is what it looks like:
Connection Activity
When administrators are connected, it is easy to see who is connected and from what IP address:
That is all I have for now. If you would like to join the beta program (Again...it may be 2 months before you see anything). Please send an email to beta@intelliadmin.com with Remote Control LAN as the subject, and you will be added to the beta list.
Posted By: Steve Wiseman on Tuesday, March 18, 2008
Check out our utilities for windows
Try out the IE 8 Beta
It seems like it was just yesterday that IE 7 was released. Well, the IE 8 beta is now available to the public, and anyone can download and try it out.
I had a chance to download and give it a try. It does have some ground breaking features. I am not sure if they will take hold or not.
One example is the activity providers. You can right click anywhere within a web page and launch an activity provider:
So for example, I visited our website, right clicked and went to translate. I was brought directly to a translation:
Another interesting feature is in the address bar. It highlights the domain name, so you can clearly see the exact URL you are visiting:
This is the first browser Microsoft has released that is standards compliant. This comes at a cost, since not all websites are. For example, when I went to blogger.com some of the buttons were not aligned, and the subject edit box was missing:
This can be easily fixed by switching to IE 7 Compatibility mode:
It is an interesting release. I suggest checking it out.
Posted By: Steve Wiseman on Friday, March 14, 2008
Check out our utilities for windows
|
 |
