Tuesday, December 30, 2008

Vista SP1 - useless files remover

If you have Windows Vista (XP users - give it up, its really old, its time to move on) and you've instaled SP1, you may well have a huge pile of completely useless files hanging about on your C: drive. They are pre-SP1 files that would only be used if you deinstalled SP1, and I've yet to see any real reason to do this, SP1 seems to be generally a very good thing.

You already have a tool to do this - it will free up some space, anything from nothing (if you installed Vista with SP1 included) to over 1gb, but will mean SP1 disappears from Add/Remove Programs.

To run this, go to a command prompt (right click and Run As Administrator if using UAC) and enter the command:

c:\windows\system32\vsp1cln.exe

It'll ask you if you're sure and then churn away for up to about 3 minutes and suddenly you'll have loads of space. Nice.

Thanks to TechRepublic for the tip: http://www.builderau.com.au/video/soa/Remove-Windows-Vista-SP1-installation-files/0,2000064338,22461499p,00.htm

Monday, December 15, 2008

The Mystery of the Missing System DSNs

Have you ever created ODBC System DSNs to see them instantly vanish before your very eyes? This is a spodadic problem on Windows 2003 and XP at least. This is not the biggest problem in the world - the global recession and the wars in the Middle East are at least as bad, but its bothered me for a while. The ODBC DSNs are there in the registry and even work if called directly but will not be listed. This was only a problem for me recently when I had an app which relied on listing them so I had to actually find a solution.

In case anyone else has this, look at this registry key:
HKLM\SOFTWARE\ODBC\ODBC.INI\ODBC Data Sources

There should be a (Default) REG_SZ with a blank value. This is wrong - it should say "Value Not Set". Delete that one value and it will reproduce itself instantly, then reopen ODBC Data Sources and it suddenly notices it has DSNs!

Good old registry, never fails.

Thursday, December 11, 2008

Using Event Viewer to trigger actions

For a while I have been using Vista and Server 2008's lovely Event Viewer as a stick to beat Windows XP/2003 obsessives who refuse to move on. Its great! You right click on an event in Event Viewer and click "Attach Task To This Event" and just fill in the blanks. Its one of those features that is so obvious - getting a machine to automatically do something if that happens again, like email me or fix what just blew up - that you can't believe its never been there before.

This is a dangerous route down which to go of course. Previously we've installed a system then kept a careful long term eye on events to make sure it was all fine tuned and set up right. Now we can just bolt together something half workable and put in loads of custom tasks in event viewer to deal with the constant crashes! But we won't of course. We're professionals.

Anyway, getting to the point, it appears Windows 2003 had this feature all along. and for all I know, so did previous OS's. Its not as nifty, granted, but the command line tool EventTriggers will do basically the same thing, which makes me annoyed what I never found this before, since i I can think of loads of times it would have been really useful. Now we're finally moving away from Server 2008 I finally work out how to use it!

More info at: http://www.computerperformance.co.uk/Logon/VBScript/eventtriggers.htm

Saturday, November 22, 2008

FTP in Windows Server 2008 - isolating users

Apparently Windows 2003 has something called "FTP user isolation". You know, so lots of people use one FTP site and see only their own stuff? I never really needed this as a few years ago I accidentally discovered an apparently undocumented way of doing isolating FTP users:

  • Create a single FTP site with the default folder location, disallow anonymous access
  • For each FTP username you want, create Active Directory or local Windows users on the IIS box with damn good passwords
  • Create virtual directories in IIS with the same names as the usernames you just created. Point them to the home directories you want for your users
  • For each of these folders, make sure its relavent username has NTFS write permissions

Easy! You would not want to set up thousands of users like this but if only have a couple it works a treat. Each user logging into your FTP site with their AD or local username and password (use an AD account if your FTP server is also a domain controller - yikes!) and see only their own folder.

Now, I've just got my first Windows Server 2008 web and FTP server I just assumed all this would still work, but I have just found its a bit more complicated. Actually, its positively bonkers. This example is for domain users, it might be different for local users. Anyway, to achieve the same thing in Windows Server 2008...

  • Install IIS, Download the FTP server for Server 2008 (mutter mutter), set up an FTP site pointing at some empty folder - probably c:\inetpub\ftproot
  • In the IIS tools, select your FTP site so all the options are displayed on the right. Select "FTP User Isolation", and set it to Isolate Users, using "user name directory" (the first Isolated option)
  • In Windows Explorer, create a folder called the name of the domain (just the short version, no dots) in the ftp root folder (I really can't remember how I figured out this was needed!)
  • Back in the IIS tools expand the site so you can see the new folder. Right click, New Virtual Directory. Give it one of the usernames and point it to the folder that username should be restricted to. Create a virtual directory for each of the users you want to have access.

Not the most obvious process!

Friday, November 14, 2008

Anti Acrobat Reader Rant

[Warning - this is not a balenced or reasonable peice.]

Arrrggggggggghhhhhhh! I HATE Acrobat Reader! When looking at a server that had run out of space on the C: drive I just discovered that its installation of Acrobat Reader 9 was taking up 200mb of space. Doing bloody what? This application opens PDFs - that's it, everything else it might do or claim to do is fluff, you only install it to open PDF files. It certainly did this in version 5, presumably in version 1. Why exactly are we on version NINE?!

Do Adobe have a team of dedicated and talanted programmers who have been given the priorities of releasing a new version of Reader every year without fail, making sure that at every point it gets exponentially bigger and gains absolutely no noticable extra functionality? Is it a ploy to force constant machine upgrades to cope?

And why, while I am blithering, did I go to uninstall it to move it to another drive and find THREE applications in Add/Remove Programs - Reader, 'Acrobat.com' and something called 'Adobe Air'? Is Air some funny reference to how heavy their appplication is for a glorified file viewer? What is Acrobat.com, have they installed their website on my server?

Don't even get me started on the fact that my reinstall claimed to require a reboot and added back in the autoloading application to the startup apps. I might start foaming at the mouth.

Sorry, I feel better.

Thursday, November 13, 2008

Windows Server 2003 Event Log access

I've just spent about 2 hours messing about figuring out how to give non-admin users access over the network to the Event Logs on a Windows Server 2003 SP2 server. What fun hours they were too! Since I might never find this again, I thought I would report it...

This will allow Authenticated Users to read the Application and System logs - it is possible to put an AD SID instead of 'AU' to make it a lot more tied down.

Just enter the text '(A;;0x1;;;AU)' to the end of the string value 'CustomSD' in the following keys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System

Thursday, October 30, 2008

Government considers nationalising Nominet?

In what has to be one of the more worrying tech stories this year, Peter Mandelson's Government department has apparently asked Nominet to "justify its independance from Whitehall". That has to be one of the more sinister threats an organization can be issued!

http://www.theregister.co.uk/2008/10/29/berr_nominet/

Good thing Mandelson himself is not sinister.

The really worrying thing is that Nominet has for years been providing an efficient, cheap and stable service keeping .uk domain names going - and the government? Well, they seem to be unable from being involved in technology issues without it either breaking, going over budget or the important bits being left on a train.

Or Jacqui Smith being put in charge of the UK's DNS. Gulp.

Tuesday, October 14, 2008

Windows 7 is called ... Windows 7

Good name! According to The Register the next version of Windows is going to go back to the numbering they abandoned after NT4, which given the fairly justifiable derision everyone had for Vista when its name was announced is probably a good thing. Let's face it, people hated it 18 months before they even saw it. Windows 7 harks back to a simpler time, when men were men and the Operating System did not come on the equivalent of 2083 floppy disks.

I understand Windows 7 will not ship with lots of the programs we have taken for granted like Windows Mail and Media Player (they should have done that a couple of versions ago and the EU would not have sued them for 500 million euros) - instead we will be expected to use everything online. Excuse me for being cynical, but this isn't just a very good anti-piracy measure, is it Microsoft?

Personally I am still waiting for Windows RG - the Really Good Edition. Demo available here:

http://www.deanliou.com/WinRG/

Sunday, October 12, 2008

Symantec destroys another great company

I should probably not refer to Symantec as the "evil empire" as I bet they have great lawyers to stop that kind of nonsense. I should also probably not say how they appear to keep taking over companies that make great, or at least usable, software and replacing it with generic bloatware. Let's pause for a moment to remember Powerquest (Drive Image - sniff). And Veritas. I bet Altiris is not going to have a bright future.

Oh, and I don't know how hated the word "Norton" was before they started pumping out the current product line, but I don't know anyone who knows what they're doing and uses that pile of ... software.

Anyway, I digress. Symantec has just bought MessageLabs, a company who were rare in that they actually knew what they were doing. Their email scanning service was pricey, but damn it was good. I used them at Pegasus through 2006 and don't remember having to release any emails ever, and we simply got no spam. I assume this is going to be replaced by some horrendous 1gb per pc local install that blocks all email that doesn't come from Symantec marketing or have a virus . Anyway, another service I could not recommend anymore - thanks Symantec.

http://news.bbc.co.uk/1/hi/business/7660783.stm

Thursday, October 2, 2008

New word - unadmin

Today someone asked me to unadmin a user. To him, his request was followed by a two second impassive look from myself followed by the words "Sure, that'll just take a moment - I'll do it now". Internally there was a more involved struggle as my brain pointed out two things:

1. This man has just used a word that does not exist.
2. You know exactly what it means.

So there you are, a new word for today - unadmin. To "unadmin" someone is to remove their administrative status.

Crazy.

Saturday, August 9, 2008

Reasons to use Vista - the Snipping Tool!

Its amazing how many people use Vista and don't know about its key feature - the mighty snipping tool. Its amazing!

Its installed by default in All Programs, Accessories, Snipping Tool and the first time you run it, it asks you if you want to put a shortcut to it on your start bar - that's because the guy who wrote it knew something you don't yet - that the Snipping Tool will change your life.

You run it and it freezes the screen where it is and lets you draw a box to take a screenshot of a bit of it. You can even use a highlighter pen on it without the drawback of getting ink all over your monitor. It does by default put a big red border round the screenshot which is easily disabled, but this is my only gripe.

Personally I think Microsoft should market Vista as "The only Operating System with the Snipping Tool" - I'd buy it!

Friday, June 6, 2008

Word 2007 and the "big gaps"

Normally I am Mr Enthusiasm for new Microsoft apps (a change is as good as a rest!) but Office 2007 has to be a hard one to recommend. Anyway, my Chief User at home (or "wife") has finally broken and complained that she would like Word except why are all her paragraphs suddenly miles from each other?

It must be said that on an environmental level the new 10pt gap between paragraphs is questionable at least. Anyway, help is at hand! To get rid of the gaps, open Word 2007 and...

1. Click the Home tab.
2. Click Change Styles in the Styles group, point to Style Set, and then click Word 2003.
3. To set the style set as the default style set in Word 2007, click Change Styles in the Styles group, and then click Set as Default.

Thursday, April 3, 2008

Adminpak in catchy rename

My life trying to manage Windows 2003 systems from a Vista SP1 machine has not all been easy. Cluster Administrator? Don't even try, you are more likely to break your cluster than manage it. Exchange System Manager? Only if you want to hack your registry to pretend you have IIS 5.1 installed. Remote bleedin' Desktop? Works fine except they changed the /console switch to /admin so you can't log into the desktop with very nice tools like VisionApp Remote Desktop 1.5.

So I'm using a virtual XP machine (actually a snapshot of my old desktop) to do half my work...

But apparently my life is going to be saved by the "Microsoft Remote Server Administration Tools for Windows Vista SP1 32-bit Edition". Catchy name!

http://www.microsoft.com/downloads/details.aspx?FamilyId=9FF6E897-23CE-4A36-B7FC-D52065DE9960&displaylang=en

And Cluster Administrator? Still can't be used for a 2003 system. Now where's that virtual gone?