I started my day with some exciting stuff. Since the time I started working on Windows 7 computers, I always failed to access remote computer’s(windows 7) administrative shares(for example: c$) using computer’s local admin account(this used to work in windows XP as the local admin name and password are same across all systems). I didn’t pay much attention to it as I got domain admin privileges which anyways working. But these days with the increase in my testing efforts on windows 7 computers, the need to access remote shares with local administrator got increased. I don’t want to put domain admin every time as it is a high level account and moreover I need to put in the credentials every time I access a new computer which is waste of efforts.
Well, I got this problem resolved by little registry tweak. Steps follows….
Fix:
Go to Start -> RUN
Type: REGEDIT
Navigate to “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem”
Create a new DWORD key with name “LocalAccountTokenFilterPolicy” and value “1”
Restart your computer.
This solved the problem and I am able to access the shares of the computers where I made above change.
Thanks to TechNet Forums for directing me to the solution and special thanks to Jammah.com for providing this tip.
Additional Notes:
Well, the registry key fixed the problem but I am curious about the reasons behind this design. I did some research on this topic and understood that, it is a “Security Measure” for UAC(User Access Contorl) enable systems. The whole purpose of enabling UAC is to make administrators work with non-elevated environment to defend the attacks. As part of UAC implementation, the ability for local administrators to elevate their rights from remote computers is disabled by default and can be enabled on optional basis using aforementioned procedure.
[For a change today I am posting some non-technical stuff]
Today I received this short story as a forward from my friend. Thought of posting it here.
Here goes the story….
A shopkeeper watching over his shop is really surprised when he sees a dog coming inside the shop, He shoos him away. But later, the dog is back inside again. So he goes over to the dog and notices that it has a note in its mouth. He takes the note and it reads “Can I have 12 soaps and a shampoo bottle, please. The money is with the dog.” The shopkeeper looks inside the dogs mouth and to his surprise there is a 100 rupees note in his mouth. So he takes the money and puts the soap, shampoo and change in a bag, and then places it in the dogs mouth.
The shopkeeper is so impressed, and since it is the closing time, he decides to follow the dog. The dog is walking down the street, when it comes to the zebra crossing; he waits till the signal turns green. He walks across the road till the bus stop. He waits on the stop and looks up the timetable for the bus. The shopkeeper is totally out of his mind as the dog gets into the bus and sits on a vacant seat. The shopkeeper followed the dog. The dog waits for the conductor to come to his seat. He gives the change to the conductor and shows him the neck belt to keep the ticket. The shopkeeper is almost fainting at this sight and so are the other people in the bus.
The dog then moves to the front exit of the door and waits for the bus stop to arrive, looking outside. As soon as the stop is in sight he wags his tail to inform the driver to stop. Then not even waiting for the bus stop to arrive the dog jumps out and runs to the house nearby. It opens an big iron gate and rushes towards the door. As it approaches the door, he changes his mind and walks towards the garden. The dog walks up to the window and beats his head several times on the window. It then walks back to the door and waits. The shopkeeper maintaining his senses walks up to the door and watched a big guy open the door.
The guy starts beating, kicking and abusing the dog. The shopkeeper is surprised and runs to stop the guy. the shopkeeper questions the guy “What in the heaven are you doing? The dog is a genius he could be famous in life.”
The guy responds “You call this clever? This is the 3rd time in this week that the dog has forgotten the door keys.”
The moral of the story:You may continue to exceed onlooker’s expectations… But will always fall short of the bosses expectation…
Windows Firewall is one of the components which is enhanced greatly from windows XP to windows 7. In windows 7 it acts as two way firewall(Inbound/Outbound) with many advanced security features. This is also called as “Windows Firewall with Advanced security” in Window s7.
The more features, the more details you need it for troubleshooting issues. Since this version of firewall acts as a bi-directional one, you need good amount logging to troubleshoot network connection level issues on windows 7 and windows 2008 R2.
This article talks about how to enable this logging, location of log files, and few more options avaiLalble in logging.
Enabling Logging in Windows 7/Windows 2008 firewall.
It is pretty easy. If you want to enable on a single computer, just go to Start -> RUN -> and type wf.msc , this opens up “Windows Firewall with Advanced Security”.
Now Right click on “Windows Firewall With Advanced Security on Local Computer” and go to properties which opens below page.
Select “Customize” option under logging.
There browse for log files location where you want to place the logs and also choose the size limit for log files.
Your Logging will not start until you select “YES” for one of the following options. 1) Log dropped packets 2) Log Successful connections.
Click OK twice to complete your configuration.
This completes the configuration.
In my next post I will talk about how to analyze these logs files. Hope this information helps you.
Have you heard about “GOD Mode” in Windows 7? It sounds like a crazy and exciting stuff, right? Initially I felt the same when I came across this topic in one of technet support forums. After some reading I realized that is *not* exciting but a bit useful stuff.
Basically, when you view control panel, you will get few initial options and selecting one will take you inside and show you few more options which are under it. Basically its like a categorization. But with this “God Mode”, you can view all items in control panel in a single page. Nothing more.
Let’s see how to configure this in Windows 7 computer.
Create a folder and rename it to “God Mode.{ED7BA470-8E54-465E-825C-99712043E01C}”
That’s sit. It converts the folder Icon to Control Panel Icon and clicking on which takes you to the single page view of all control panel items.
Well story not ended here. After trying above procedure, one question kept lingering in my mind — why it is called “God Mode” while it is not doing any “godly” things. I just replace the “God Mode” with my name — ha ha there is no change in functionality and it is still showing the things which it used to show when named as God mode. So there is no significance in that name and you can use any name you want but you should suffix it with the GUID which is related to control panel. Below is the sample screenshot which shows the view.
Today I came across this nice presentation on troubleshooting windows problem like sluggish performance and crazy behaviors. I recommend this video for Windows System administrator who are serious about developing their windows troubleshooting skills. I am big fan of Russinovich articles and have gone through some of his videos at PDC and they are awesome. Happy learning….
When you login to GMail next time, visit “setting” at the right top corner which takes you to your account settings page. There after a bit scrolling down you can see option to set signatures which supports RichText now. That means, you can put your favorites(or you branding) images in your auto signature. It also help you to format your signature font/size to much granular level than before.
Microsoft has announced Service Pack 1(SP1) beta for Windows 7 and Windows 2008 R2.
Windows 7 and Windows Server 2008 R2 SP1 Beta helps keep your PCs and servers on the latest support level, provides ongoing improvements to the Windows Operating System (OS), by including previous updates delivered over Windows Update as well as continuing incremental updates to the Windows 7 and Windows Server 2008 R2 platforms based on customer and partner feedback, and is easy for organizations to deploy a single set of updates.
Windows 7 and Windows Server 2008 R2 SP1 Beta will help you:
Keep your PCs supported and up-to-date
Get ongoing updates to the Windows 7 platform
Easily deploy cumulative updates at a single time
Meet your users’ demands for greater business mobility
Provide a comprehensive set of virtualization innovations
Provide an easier Service Pack deployment model for better IT efficiency
To download SP1, first your should register yourself at this LINK and after successful registration it will display the options to update your computer either via Windows update or ISO. The ISO contains the SP1 for both 32 and 64 bit architectures of Windows 7 and 64-bit version for windows 2008 R2.
Today I enabled Outlook cached mode for mailbox and it started Syncing all my email items. But one thing I couldn’t understand is, in what order it is syncing the folders. I got to see few mails urgently and that folder is not yet synced. I quickly searched in internet and came across a simple trick to force sync the folder I required.
It is very simple, just select the folder that you want to Sync and press SHIFT+F9. Outlook will start Syncing your folder immediately.
ILO(Integrated Lights-out) is a technology that enables system administrators to remote control the server even when it is powered down. After reading my previous post on same ILO topic, one of my X-colleague contacted me for some readymade script which he can use to get the ILO version information. There this script took birth.
This scripts gets the ILO version of given remote server.
