Techibee.com

Microsoft has released a tool which helps you in blocking the installation of Windows 7/Windows 2008 R2 Service Pack 1 through windows Updates. You can download it from here.

This download contains three files.

1. SPBlockingTool.exe — A microsoft executable

2. SPReg.bat  –  A batch script

3. NoSPUpdate.ADM — A ADM file to use with GPOs

The installation of service pack 1 through Windows Update can be stopped with one of the above above given tools. If you plan to use the executable, you need to pass /B switch to it to block the installation and /U switch to unblock the installation. Similar functionality can be achieved with BAT script also. It helps you to run against remote system as well. Third approach is using the ADM file in your Group Policies. This GPO procedure is very straight forward and like using any other ADM file.

Irrespective of approach you use, it creates a key value name “DoNotAllowSP” and sets it to “1” under HKLMSoftwarePoliciesMicrosoftWindowsWindowsUpdate registry key to block the installation. It deletes this newly created key when you instruct it to unblock the installation restriction.

Hope this helps you.

Till windows XP, taking a screenshot of active windows or a selected area is more than an easy task. You need to be familiar and always remember the key selection(Ctrl+PrintScn) to do that. These headaches are gone with windows 7.

To capture a screenshot in windows 7, follow the below steps.

1. Get the required screen to top of all windows — essential for any screen capture mechanism
2. Go to START -> RUN -> type “SnippingTool.exe”
3. This will gray out your screen and launch the tool.
4. Select the screen area that you want to screen shot and at the end of selection it will automatically converted to a image file and prompts you for saving.
5. Before you save, it allows you to make any modifications to it if you want — like pointing some item etc.

I assume you felt this very easy. You can read more about this at http://windows.microsoft.com/en-IN/windows7/products/features/snipping-tool.

I troubleshooted a peculiar problem today and to implement a workaround for that issue, I have to disconnect wireless at the time of logoff. I did some search in google and the below command helped me.

netsh wlan disconnect

Btw, this command is Vista/Windows 7 compatible. I am not sure about other operating systems. I did some more research and came across bunch of commands using which we can manage wireless on windows 7 computers very easily.

Refer to this Microsoft Document to know the commands.

Happy learning and happy Diwali.

AFAIK, there are two ways available to generate a Pop-up message box using powershell.

Simple way:-

In this powershell relies on a method which is available in windows shell object(WSH). In this you can control four factors, “Message box title”, “Message”, “timeout for message box”, “box type”.

Below is a simple example.

$a = new-object -comobject wscript.shell
$b = $a.popup(“This is a test message from http://Techibee.com “,0,”Test message from techibee”,1)

Second and effective method:-

In this we can make use of dotnet windows forms to generate the pop-up message boxes. Though code looks bit heavy it works very well and has lot of flexibility.

[System.Reflection.Assembly]::LoadWithPartialName(“System.Windows.Forms”)
[Windows.Forms.MessageBox]::Show(“Test message from Techibee.com!. Subscribe to news letters, RSS feeds at http://techibee.com to stay tuned”, “PowerShellScripts.blogspot.com”, [Windows.Forms.MessageBoxButtons]::OK, [Windows.Forms.MessageBoxIcon]::Information)

PowerShell has a built in cmdlet(Get-Eventlog) which directly interacts with Event Viewer. You can query the data in the way you want using this cmdlet. Below are some of the examples…

Get-Eventlog -logName System

This queries all events in System event.

Get-EventLog -LogName System | ? {$_.Entrytype -match “error” }

This queries all error events in System event viewer.

$fromtime = (get-date).Adddays(-1)

Get-EventLog -LogName System | ? {$_.Entrytype -match “error” -and $_.timegenerated -gt $fromtime }

This queries all error events in last one day. You can similarly use the methods of (get-date) to query events in last few seconds, minutes, hours, days, etc.

I have seen this problem randomly on my windows 7 computer. After close observation, I found that DRAG and DROP won’t work from low privileged window to High privileged window. I generally run a command prompt with administrator and try to drag drop items from my explorer to the elevated command prompt. Since the elevated command prompt is running in high privilege mode, and my explorer in low privilege mode, drap-drop from explorer to cmd is not working. Whereas same operation to a normal command prompt is working without any issues since it is in the same privilege mode as my explorer.

I hope this small briefing helps you come out of drap-drop dilemma.

Btw, command prompt appears like below when it is in high privilege mode.

Description:

This powershell function helps you pinning the specified program to Task bar in windows 7/Windows Vista/Windows 2008 computers.

Usage:

[PS]:>Pinto-Taskbar -application “c:windowssystem32calc.exe”

The above statement Pins the calculator program to Task bar.

Code:

function pinto-taskbar {

param(

[parameter(Mandatory = $true)]

[string]$application

)

$appfolderpath = $application.SubString(0,$application.Length-($application.Split(“”)[$application.Split("").Count-1].Length))

$objshell = New-Object -ComObject “Shell.Application”

$objfolder = $objshell.Namespace($appfolderpath)

$appname = $objfolder.ParseName($application.SubString($application.Length-($application.Split(“”)[$application.Split("").Count-1].Length)))

$verbs = $appname.verbs()

foreach ($verb in $verbs) {

if($verb.name.replace(“&”,”") -match “Pin to Taskbar”) {

$verb.DoIt()

}

}

}

Microsoft Office 2007 installation in windows 7 won’t create any Outlook Icon on User desktop. This is expected behavior with default installation. If you want to get this icon, then import the below registry information to your system and you should be able to see it immediately.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00020D75-0000-0000-C000-000000000046}]

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00020D75-0000-0000-C000-000000000046}ShellFolder]
“Attributes”=dword:00000072

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00020D75-0000-0000-C000-000000000046}]
@=”Microsoft Office Outlook”
“InfoTip”=”Displays your e-mail, calendar, contacts, and other important personal information.”

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00020D75-0000-0000-C000-000000000046}DefaultIcon]
@=”C:\PROGRA~2\MICROS~1\Office12\OUTLOOK.EXE,7″

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00020D75-0000-0000-C000-000000000046}InprocServer32]
@=”C:\PROGRA~2\MICROS~1\Office12\MLSHEXT.DLL”
“ThreadingModel”=”Apartment”

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00020D75-0000-0000-C000-000000000046}Shell]

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00020D75-0000-0000-C000-000000000046}ShellOpen]

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00020D75-0000-0000-C000-000000000046}ShellOpenCommand]
@=”"C:\PROGRA~2\MICROS~1\Office12\OUTLOOK.EXE”"

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00020D75-0000-0000-C000-000000000046}ShellPropertiescommand]
@=”rundll32.exe shell32.dll,Control_RunDLL “C:\PROGRA~2\MICROS~1\Office12\MLCFG32.CPL”"

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00020D75-0000-0000-C000-000000000046}shellex]

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00020D75-0000-0000-C000-000000000046}shellexPropertySheetHandlers]

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00020D75-0000-0000-C000-000000000046}shellexPropertySheetHandlers{00020D75-0000-0000-C000-000000000046}]
@=”"

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00020D75-0000-0000-C000-000000000046}ShellFolder]
“Attributes”=hex:72,00,00,00

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerDesktopNameSpace{00020D75-0000-0000-C000-000000000046}]

You can save above bunch of keys as reg file and import into the target machine. Obvious thing is that you should take backup of your registry before you import.

Hope this tip helps you!!

[Source]

I started my day with some exciting stuff. Since the time I started working on Windows 7 computers, I always failed to access remote computer’s(windows 7) administrative shares(for example: c$) using computer’s local admin account(this used to work in windows XP as the local admin name and password are same across all systems). I didn’t pay much attention to it as I got domain admin privileges which anyways working. But these days with the increase in my testing efforts on windows 7 computers, the need to access remote shares with local administrator got increased. I don’t want to put domain admin every time as it is a high level account and moreover I need to put in the credentials every time I access a new computer which is waste of efforts.

Well, I got this problem resolved by little registry tweak. Steps follows….

Fix:

1. Go to Start -> RUN
2. Type: REGEDIT
3. Navigate to “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem”
4. Create a new DWORD key with name “LocalAccountTokenFilterPolicy” and value “1″
5. Restart your computer.

This solved the problem and I am able to access the shares of the computers where I made above change.

Thanks to TechNet Forums for directing me to the solution and special thanks to Jammah.com for providing this tip.

Additional Notes:

Well, the registry key fixed the problem but I am curious about the reasons behind this design. I did some research on this topic and understood that, it is a “Security Measure” for UAC(User Access Contorl) enable systems. The whole purpose of enabling UAC is to make administrators work with non-elevated environment to defend the attacks. As part of UAC implementation, the ability for local administrators to elevate their rights from remote computers is disabled by default and can be enabled on optional basis using aforementioned procedure.

More details can be grabbed from:   http://support.microsoft.com/kb/951016

Hope this information helps you.

Windows Firewall is one of the components which is enhanced greatly from windows XP to windows 7. In windows 7 it acts as two way firewall(Inbound/Outbound) with many advanced security features. This is also called as “Windows Firewall with Advanced security” in Window s7.

The more features, the more details you need it for troubleshooting issues. Since this version of firewall acts as a bi-directional one, you need good amount logging to troubleshoot network connection level issues on windows 7 and windows 2008 R2.

This article talks about how to enable this logging, location of log files, and few more options avaiLalble in logging.

Enabling Logging in Windows 7/Windows 2008 firewall.

It is pretty easy. If you want to enable on a single computer, just go to Start -> RUN -> and type  wf.msc , this opens up “Windows Firewall with Advanced Security”.

Now Right click on “Windows Firewall With Advanced Security on Local Computer” and go to properties which opens below page.

Select “Customize” option under logging.

There browse for log files location where you want to place the logs and also choose the size limit for log files.

Your Logging will not start until you select “YES” for one of the following options. 1) Log dropped packets 2) Log Successful connections.

Click OK twice to complete your configuration.

This completes the configuration.

In my next post I will talk about how to analyze these logs files. Hope this information helps you.