How to turn on Userenv debugging

You can also turn on debug logging for Userenv which will give you a lot more information about what is breaking:

Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
Value: UserEnvDebugLevel
Value Type: REG_DWORD
Value Data: 10002 (Hex)

Sponsor

Posted Tuesday, March 07, 2006 5:47 PM by owsteve | 0 Comments

Create a unique variable on a batch file.

for /f "tokens=1,2" %%u in ('date /t') do set d=%%v
for /f "tokens=1" %%u in ('time /t') do set t=%%u
if "%t:~1,1%"==":" set t=0%t%
set timestr=%d:~6,4%%d:~3,2%%d:~0,2%%t:~0,2%%t:~3,2%
echo %timestr%

Sponsor

Posted Friday, March 03, 2006 12:51 PM by owsteve | 0 Comments

WMI properties related to task manager memory settings

I was writing a console app that wanted to retrieve the same memory settings that show up in task manager. Here are the 4 properties, you just have to divide them by 1024 to get the Megabyte size.

Memory Usage = WorkingSetSize (WMI Property)
Peak Memory Usage = PeakWorkingSetSize (WMI Property)
VM Size = PageFileUsage
Peak VM Size = PeakPageFileSystem

Sponsor

Posted Monday, February 06, 2006 10:44 AM by owsteve | 0 Comments

Flash Tip: Checking Microsoft Systems Management Server (SMS) 2003 for new program advertisements

Q: How can I force my Microsoft Systems Management Server (SMS) 2003 clients to check for new program advertisements?

A: Program advertisements occur as part of the Machine Policy Retrieval & Evaluation Cycle action in the SMS 2003 Advanced Client. To force a client to find new programs that are available ahead of the regular discovery phase, perform these steps:

1.	Open the Systems Management Control Panel item (Start, Settings, Control Panel, Systems Management).
2.	Click the Actions tab.
3.	Select "Machine Policy Retrieval & Evaluation Cycle," and then click Initiate Action.
4.	Close the Systems Management Control Panel item. Within a few minutes, the new program advertisements should be visible.

Alternatively, you can use the Policy Spy Tool to force a machine policy retrieval. You can download the Policy Spy Tool here.

This Windows tip is brought to you by Windows IT Pro (formerly Windows & .NET Magazine), the top technical publication for IT professionals filled with technical how-to articles, strategies, tips, and solutions. Order now at a special charter rate.

Sponsor

Posted Saturday, January 14, 2006 1:01 AM by owsteve | 0 Comments

Change schema on Tables and Stored procedures in sql 2005

I was trying to change the 'schema' on an object from a 'username' to 'dbo' in SQL Server 2005. The script generates code you have to copy, paste and run on the database. Thanks to the DBA gurus on the sql-sqlsvr-sprocs@sqladvice.com list (Bill Swartz thanks a bunch) that provided the syntax. I encourage everyone looking for SQL help to check out the lists on SQLAdvice.com http://sqladvice.com/lists/category.aspx?c=32

Change Stored procedures in sql 2005

'Note this is the raw query
SELECT 'ALTER SCHEMA dbo TRANSFER ' + s.Name + '.' + p.Name FROM sys.Procedures p INNER JOIN sys.Schemas s on p.schema_id = s.schema_id where s.Name = 'CHANGE_ME_Username'

It would create this kind of output.

ALTER SCHEMA dbo TRANSFER steveschofield.spAuthors1
ALTER SCHEMA dbo TRANSFER steveschofield.spAuthors2
ALTER SCHEMA dbo TRANSFER steveschofield.spAuthors3

You would run in a new query window, after this refresh SQL Management studio and the stored procedures would be dbo.spAuthors1, dbo.spAuthors2, dbo.spAuthors3.

Change Table in sql 2005

Here is an article that describes the syntax, it uses the 'sp_changeobjectowner' which isn't real "sql2005'ish" but works.

http://www.sqlservercentral.com/columnists/kKellenberger/understandingobjectownership.asp

declare @OldOwner varchar(100)
declare @NewOwner varchar(100)

set @OldOwner = 'OldOwner'
set @NewOwner = 'NewOwner'


select 'sp_changeobjectowner ''[' + table_schema + '].[' + table_name + ']'', ''' + @NewOwner + '''
go  

from information_schema.tables where Table_schema = @OldOwner

Sponsor

Posted Thursday, December 29, 2005 4:50 PM by owsteve | 0 Comments

How to setup a 'Blind Get' FTP Server by Steve Schofield

Over the last few weeks I've actually starting writing articles again. I've published them on my own little world of code samples and more.

"This article covers how-to setup an anonymous “blind get” FTP server using Microsoft Windows 2003 built-in FTP server. A “blind get” FTP server provides a method to anonymously transfer files using FTP without having permission to list files or add files on the FTP site. In other words, you can “get” files but not see what’s there or retrieve files unless the absolute path is known. There are benefits for both the end-user and FTP administrator. The end-user doesn’t have to remember a user id and password. The FTP administrator uses NTFS permissions so anonymous users can’t browse or add files." Read on...

http://www.aspdot.net/articles/blindget/

Sponsor

Posted Wednesday, December 21, 2005 12:35 AM by owsteve | 0 Comments

Exchange info / references.

I'm reading up more on Exchange and becoming familiar with some of the options the product offers. The article below discusses the Sender ID filtering option, it also shows how to apply various policies on incoming SMTP messages. Here are some good reference links besides http://Microsoft.com/exchange/

Various Exchange tools (misc stuff these are free)
http://www.microsoft.com/technet/prodtechnol/exchange/downloads/2003/tools.mspx

Configuring and enabling Sender ID filtering in Exchange 2003 SP2
http://www.msexchange.org/tutorials/Configuring-enabling-Sender-ID-filtering-Exchange-2003-SP2.html

Good Exchange website (tons of articles).
http://www.msexchange.org

ListServ (pretty busy but good info)
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist

Various Exchange info
http://www.msexchange.org/pages/links.asp#Exchange

Steve

Sponsor

Posted Saturday, December 17, 2005 11:22 PM by owsteve | 0 Comments

Microsoft IIS Remote Denial of Service (DoS) .DLL Url exploit / IIS - 5.1

For those running IIS 5.1 (XP) I would suggest checking this out. Hopefully no one is using for internet production apps. I ran through this sample on my laptop which has visual studio and a debugger and was able to reproduce this. Hmm. Good thing IIS 5/6 are not affected.

http://ingehenriksen.blogspot.com/

Steve

Sponsor

Posted Saturday, December 17, 2005 8:48 PM by owsteve | 0 Comments

Exchange goodies

Exchange goodies.

http://www.microsoft.com/technet/prodtechnol/exchange/downloads/2003/tools.mspx

Sponsor

Posted Tuesday, December 13, 2005 12:09 AM by owsteve | 0 Comments

Create Export & Encrypt connection string on server and dev machine with ASP.Net 2.0

This article covers some basic steps and commands to encrypt your connection string and other items in a configuration file using ASP.NET 2.0. Microsoft has made it much easier to have a portable key that encrypts certain sections in a web.config that are normally clear text. I haven't found a quick how-to reference to allow for a scenerio where the key is both on a local development machine along with being on a remote web server. Developers like to test out their code locally before publishing to production. In our case we have shared clients at ORCS Web that want to encrypt their information for added security. ASP.NET 2.0 makes this really simple. I'm not going to cover this topic and I'm assuming you already know this. If not there are several good articles that explain the architecture, basic commands etc. This article covers the scenerio of creating a key on a production server then exporting the keys to an XML file where the developer can import and use on their local machine. The web.config will be encrypted both on their local dev box as well as the remote server using the same RSA key.

Links to articles covering Encrypting connection strings

This has to be run on the server

How to create a key locally on shared server. The example is called ‘YourCustomKey’ but this can be anything. These are stored in C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys Make sure the everyone group has proper folder permissions to make this work

'step 1 - Add to container
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis -pc "YourCustomKey" -exp

'Step 2 - Added to web.config at the root of the folder for the website. This has to be there prior to encrypting
<configProtectedData>
<providers>
<add keyContainerName="YourCustomKey" useMachineContainer="true" description="Uses RsaCryptoServiceProvider to encrypt and decrypt" name="YourCustomKey" type="System.Configuration.RsaProtectedConfigurationProvider,System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</configProtectedData>

'Step 3 Encrypt (can also put quotes around it)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis -pef connectionStrings c:\inetpub\wwwroot -prov YourCustomKey (web.config is assumed to already be present)

'Decrypt
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis -pdf connectionStrings c:\inetpub\wwwroot -prov YourCustomKey

To export and give to client to run on their own machine in an XML file.

1. aspnet_regiis -px "YourCustomKey" "C:\temp\CustomKeys.xml" -pri

The -pri switch causes the private and public key to be exported. This enables both encryption and decryption. Without the–pri switch, you would only be able to encrypt data with the exported key.

Client has to run this on their local machine

Here's my command line session:

C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0>aspnet_regiis.exe -pz "YourCustomKey"
Deleting RSA Key container...
Succeeded!

C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0>aspnet_regiis.exe -pi "YourCustomKey" "c:\temp\CustomKeys.xml" -exp
Importing RSA Keys from file..
Succeeded!

(At this point the web app with the encrypted web.config works locally)

C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0>aspnet_regiis.exe -pdf connectionStrings "C:\Documents and Settings\Steve Schofield\My Documents\Visual Studio 2005\Web Sites\YourWebsitePath"
Decrypting configuration section...
Succeeded!

(At this point I check web.config and see its decrypted)

C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0>aspnet_regiis.exe -pef connectionStrings "C:\Documents and Settings\Steve Schofield\My Documents\Visual Studio 2005\Web Sites\YourWebsitePath" -prov
"YourCustomKey"
Encrypting configuration section...
Succeeded!

Check web.config and its encrypted)

Last Test

Upload web.config to remote host

Additional notes:

After I imported the RSA key and I downloaded the encrypted web.config file, I kept getting an error when I tried to decrypt it locally: "The RSA key container could not be opened. Failed"
Then tried encrypting an un-encrypted web.config locally with the imported key.. Uploaded the new encrypted web.config file to the server and now everything works locally in the development pc and on the server.

Sponsor

Posted Friday, December 09, 2005 11:56 PM by owsteve | 0 Comments

A guided tour of the Microsoft Command Shell

http://arstechnica.com/guides/other/msh.ars Wow great article, the perspective from a linux admin and they like MSH it worth reading.

Sponsor

Posted Tuesday, December 06, 2005 11:31 PM by owsteve | 0 Comments

Adventure with vtsqq.dll

Nothing like spending an evening fighting spyware. I noticed on a personal computer I use from time to time something called 'winfixerscannerinstall.cab' wanted to install when browsing the Internet. Some friends of ours used this computer and that is how this got installed. Luckily the POP-Up blocker built into IE warned about this ActiveX control. (I'm not a Firefox fan and prefer IE). None the less a 3 hour adventure later and using all the normal spyware tools didn't work, it was time to figure out this and clean it off the machine. (love a challenge too!)

Cleaning the machine up was no small task and required the use of a few unique utilities listed below. The scary thing the dll hooked itself into winlogon.exe and explorer.exe processes. The pc was running update to date AV software. Personally and I have no hard proof but it started with yahoo messenger. That is an evil IM client in my personal opinion!. I wish the people that have enough time to develop this stuff actually used it for constructive development vs. creating malware. Ole well was an adventure and thought I would pass along. Makes me want to switch to FreeBSD for my desktop at times. (I was just kidding!)