004 » Bypassing
the WinNT logon prompt.
If you want to
autolog a user, both TweakUI and the Resource Kit utility AUTOLOG.EXE will do
it for you. To configure this using the registry, edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\Current Version\Winlogin
Set the
DefaultDomainName, DefaultPassword (must be non-blank), and DefaultUserName.
Set AutoAdminLogon to 1 (all are type REG_SZ). If you ever want to logon as a
different user, hold down the shift key as you logoff.
If you
implemented Tip 025, undo it.
Note:Your
password is stored in plain text in the registry and can be seen by someone
with the authority to view a remote registry.
005 » Activating
a screensaver from an icon.
See tip 302
before you bother with this hack.
1.Edit HKEY_CURRENT_USER\Software\Microsoft\Windows
NT\CurrentVersion\Windows
2. Select the
Programs value and then choose String from the Edit menu.
3. Add the 'scr'
extension to the string as follows: Programs: REG_SZ: exe com bat pif cmd scr
4. Choose OK,
close the Registry editor, and log off.
5. Log back on
and from explorer, highlight the screen saver you want and right click to
define a shortcut.
Example:\WINNT\SYSTEM32\SSBEZIER.SCR
/S
The /S switch
forces the screen saver to start immediately. Remove the /S to display a setup
screen. You can not use a screensaver that uses a password.
Never use
anything other than the blank screen saver (scrnsave.scr) on a
"Server" as it will steal needed cycles!
006 » Run a
batch job at boot without logging on.
Download AUTOEXNT
Note: The
Resource Kit contains SRVANY which allows any application to be installed as a
service.
007 » Turn off
CD AutoRun.
Set
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Autorun to zero.
See Tip 215 -
NoDriveAutoRun.
008 » Stop
CHKDSK from running at boot time.
1.Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
2.Change the
BootExecute entry from:
autocheck
autochk * /.........
To:
autocheck
autochk *
If you have
scheduled CHKDSK for multiple volumes, there will be an autocheck entry for
each volume. Delete the string from the BootExecute registry value for each
volume you do not want checked. If you have NT 4.0, SP2, a new command line
utility, CHKNTFS, will assist in preventing repeated CHKDSKs during reboots if
the "dirty" bit is set. Type CHKNTFS /? and see KB article Q160963.
009 » Run a
Control Panel object without opening the Control Panel.
In Explorer,
associate .CPL with %windir%\system32\control.exe (View/Options/Type)
Then Highlight
the .CPL and create a shortcut.
Example:
Description:
Display
Command line:
c:\winnt\system32\display.cpl
Working
Directory: c:\winnt\system32
Click on the
shortcut to run Display.CPL.
If you wish to
add Control Panel to your start menu, create a new folder (see tip 051) and
name it
Control
Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}
You will need to
reboot to see Control Panel on your Start menu.
Another way to
add Control Panel to your Start menu is to use TweakUI. From the Desktop tab,
right click on Control Panel and Create as file. Save it on the menu (see tip 051).
You can do this
for Printers also.
010 » Changing
the default WinNT install path.
If you want to
change where NT expects to find the NT CD, edit:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Sourcepath
and
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Sourcepath
If your CD drive
is D: and you are working with an Intel-based machine, the value should be
D:\I386 and D:\ respectively.
011 » IRPstackSize
error.
After adding a
device (or sometimes a service), you may get a system event indicating
insufficient resources. Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CURRENT_CONTROL_SET\SERVICES\LanmanServer\Parameters
Change or add
value: IRPstackSize REG_DWORD
The maximum
value is C (12). You might want to try 7 but at least 2 more than the current
value. If you are going to install Norton NT Utilities, this value should not
exceed "A" (10) prior to installing.
012 » Build a
NTFS or FAT boot floppy.
The KB has an
article, Q119467, describing the process of building a boot floppy for an NTFS
partition. This is useful if you accidentally replace the boot disk hardware
driver or loose your boot manager, and no ERD is available.
The procedure in
the article did not work in my environment but the enclosed process did allow
me to successfully boot. Try the method in Q119467 first.
The Process:
(Some of these files are hidden/system/read_only so in explorer options/view
check "show all files" and uncheck "hide files...."
1. DISKCOPY the
first Setup Disk.
2. Delete all
files on this new Boot Floppy.
3. Copy
NTDETECT.COM and BOOTSECT.DOS*** from your root to the floppy.
4. Copy NTLDR
from your root to the floppy, renaming it SETUPLDR.BIN
5. COPY
NTBOOTDD.SYS from your root to the floppy.**
6. Create a
BOOT.INI as follows (SPACING IS IMPORTANT) * or just copy your C:\BOOT.INI
[boot loader]
timeout=10
default=
scsi(0)disk(0)rdisk(0)partition(1)\WINNT
[operating
systems]
scsi(0)disk(0)rdisk(0)partition(1)\WINNT="Windows
NT Server Version 4.0"
It is a good
idea to have a second instance of NT installed on a different partion(
preferably a different disk). This will insure that you can always boot (if it
is in this boot.ini). You will also be able to boot to this alternate instance
to "repair" your primary instance. * WINNT is my NT directory - no
drive letter allowed. "Windows NT .." could be any character string
such as "Glad I had this BOOT FLOPPY!"
** This is a
copy of your SCSI driver. If you don't have a SCSI NT disk, you don't need
this. If you have a SCSI NT disk and the SCSI BIOS is enabled, you don't need
this, but it is a good idea to protect against SCSI BIOS failure (which will
prevent booting).
*** Only if DOS
is installed.
013 » Scheduling
a Windows NT backup.
NT has a built
in scheduling service. To use it with network access, define a user account
with all the permissions and rights you want the schedule service to have. It
must be a member of the Administrators group and have the right to log on as a
batch job and as a service (advanced rights). It must have a non-blank,
non-expiring password.
In control
panel/services, locate the scheduler service and change the startup to use this
account. Set it to logon automatically. Now stop and restart the service.
In a DOS window
(Command prompt), type AT /?
This is the
syntax for scheduling. Here is an example on how to schedule a backup.
1. Using any
text editor, such as Notepad, create a command file (MYBACKUP.CMD) to perform
the commands to backup the requested files. (You must use full path names for
every file and program.)
The following
example would back up all files on the C: drive, replacing any files currently
on the tape, label the backup set "My Backup Files", backup the local
registry, and log all backup information to C:\BACKUP.LOG:
Drive:\WinNT\system32\ntbackup
backup c: /D "My Backup Files" /B /L "c:\backup.log"
NOTE: For
additional information on available NTBACKUP options, search Windows NT Help
for NTBACKUP.
2. Using the AT
command, schedule the command file (MYBACKUP.CMD) to run when desired. The
following AT command will schedule MYBACKUP.CMD to execute at 11:00 P.M. every
Monday, Wednesday, and Friday:
AT 23:00
/interactive /every:M,W,F cmd.exe /c "Drive:\Directory\MYBACKUP.CMD"
014 » Windows NT
Short File Extensions.
There's a
registry setting that makes 4+ character extensions look like 3 character
extensions. NT 4.0 defaults to ON so that DEL *.htm will also delete *.HTML.
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\filesystem
value:
Win95TruncatedExtensions: REG_DWORD:
0 = off
1 = on
015 » Shutdown
button on the Welcome dialog box.
To display a
shutdown button at Login, edit:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon
Value: ShutdownWithoutLogon
REG_SZ 0 or 1
When this value
is set to 1, you can select Shutdown from the Welcome dialog box. If the value
is 0, the Shutdown button does not appear.
016 » WinNT runs
an unknown job at login.
If you can't
find it in the startup group, check:
HKEY_CURRENT_USER\Software\Microsoft\Windows
NT\CurrentVersion\Windows
load REG_SZ
and/or run REG_SZ
Remove the
offending value.
Here are other
places where a program can be loaded at startup in NT:
- In the Startup
folder for the current user and all users.
- In the
registry:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
017 » Printer
PopUp and Event Logging.
With NT 4.0, you
can modify these entries on the "Print Server" by using
Start / Settings
/ Printers / File / Server Properties / Advanced.
To do this via
the Registry:
To prevent PopUp
messages from appearing upon print job completion:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Providers
To prevent PopUp
notification: add a value name of NetPopup, set REG_DWORD to 0.
To prevent
logging: Add VALUE: EventLog set Reg_DWORD to 0.
You will have to
stop and restart the spooler from services in the Control Panel but you may
wish to reboot.
018 » Changing
the default spool directory.
You can change
the default printer spool directory for all printers or the printer spool
directory for specific printers.
To change the
default printer spool directory for all printers add the following value
HKEY_LOCAL_MACHINE
\SYSTEM\CurrentControlSet\Control\Print\Printers
Value Name:
DefaultSpoolDirectory
Data Type:
REG_SZ
String: full
path to printer spool directory
To change the
default printer spool directory for specific printers add the following value
HKEY_LOCAL_MACHINE
\SYSTEM\CurrentControlSet\Control\Print\Printers\
Value Name:
SpoolDirectory
Data Type:
REG_SZ
String: full
path to printer spool directory
You must make
sure that the path specified actually exists. If it does not exist, Windows NT
uses the default spool directory.
019 » Disabling
autodisconnect.
Windows NT uses
two different autodisconnect parameters; one for disconnecting Remote Access
Service (RAS) connections and another for disconnecting LAN connections. The
RAS Autodisconnect parameter is well documented in the Windows NT Server Remote
Access Service manual on page 82, but the LAN version is undocumented.
You can find the
LAN autodisconnect parameter in the registry at
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters
Purpose: The
function is to disconnect idle sessions after a set number of minutes. The
number of minutes can be set at a command prompt using the Net Config Server
command. For example, to set the autodisconnect value to 30 minutes:
Net Config
Server /autodisconnect:30
The valid value
range of this REG_DWORD value is -1 to 65535 minutes at the command line. To
disable autodisconnect set it to: -1
Setting
Autodisconnect to 0 does not turn it off and results in very fast disconnects,
within a few seconds of idle time. (However, the RAS Autodisconnect parameter
is turned off if you set it to a value of 0.)
NOTE: It is preferable
to modify the LAN autodisconnect directly in the registry. If you modify it at
the command line, Windows NT may turn off its autotuning functions.
The valid value
range if you edit the LAN autodisconnect parameter in the registry is 0 to
4294967295 (Oxffffffff). If you configure the autodisconnect option to -1 at
the command prompt, Autodisconnect is set to the upper value in the registry.
This is approximately 8,171 years (not tested), which should be long enough to
be the equivalent of turning autodisconnect off.
021 »
Parse/Don't Parse autoexec.bat.
Windows NT
parses the AUTOEXEC.BAT file during startup by default, which results in the
appending of the path statement in the AUTOEXEC.BAT file to the system path
created by Windows NT. You can modify the system path and evironment variable
at Control Panel/System/EnvironmentTab.
You can
configure parsing of the AUTOEXEC.BAT file at:
HKEY_CURRENT_USER\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon\ParseAutoexec
1 = autoexec.bat
is parsed
0 = autoexec.bat
is not parsed
This has no
effect on the parsing of AUTOEXEC.NT or CONFIG.NT by the MS-DOS or 16-bit
Windows environments (VDMs).
022 » 3 Button
Mouse.
Edit:
HKEY_LOCAL_MACHINE folder/SYSTEM/CurrentControlSet/Services
Double click on either
BUSMOUSE, SERMOUSE, or i8042PRT (PS/2 style mouse port).
Double click on
the PARAMETERS sub-key.
On the right
side of this window double-click on NumberOfButtons.
In the command
line change the number '2' to '3' and click on OK.
Exit and restart
NT for these changes take effect.
Download
CLCKR12a.ZIP to configure the middle button (and more) functionality.
(Works on NT4.0
and NT 3.5x - for Intel, Alpha and PPC)
023 » NUMLOCK at
startup.
Edit:
HKEY_Current_User\ControlPanel\Keyboard\InitialKeyboardIndicators
Type REG_SZ:
If set to 0,
NumLock is disabled for that current user after logging on. If it is 2, NumLock
is enabled and will retain the settings from the last shutdown.
024 » Logon
Welcome/Legal Notice.
The Registry
value entries that control the logon sequence for starting Windows NT are found
under the following Registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon
LegalNoticeCaption
REG_SZ
Default: (none)
Specifies a
caption for a message to appear when the user presses CTRL+ALT+DEL during
logon. Add this value entry if you want to add a warning to be displayed when a
user attempts to log on to a Windows NT system. The user cannot proceed with
logging on without acknowledging this message. To specify text for the message,
you must also specify a value for LegalNoticeText.
Note: You can
use the System Policy Editor to change this value.
LegalNoticeText
REG_SZ
Default: (none)
Specifies the
message to appear when the user presses CTRL+ALT+DEL during logon. Add this
value entry if you want to add a warning to be displayed when a user attempts
to log on to a Windows NT system. The user cannot proceed with logging on
without acknowledging this message. To control presentation, you may insert a
lf/cr by copying the contents of lfcr.npd to the clipboard and pasteing it as
you type. To include a caption for the logon notice, you must also specify a
value forLegalNoticeCaption.
Note: You can
use the System Policy Editor to change this value.
LogonPrompt REG_SZ
Default:
"Enter a user name and password that is valid for this system."
The text entered
appears in the Logon Information dialog box. This is designed for additional
legal warnings to the user before they log on. This value entry does not appear
in the Registry unless you add it.
Welcome REG_SZ
Default: (Title
only; no message)
The text entered
appears in the caption bar beside the title of the Begin Logon, Logon
Information, Workstation Locked, and Unlock Workstation dialog boxes. This
value entry does not appear in the Registry unless you add it.
025 » Don't
display Last user in logon dialogue.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon
DontDisplayLastUserName
REG_SZ
Range: 0 or 1
Default: 0
(false)
By default,
Windows NT displays the name of the last person to log on in the Username space
of the Logon Information dialog box. If you add this value entry and set it to
1, the Username space is always blank when the Logon Information dialog box
appears.
026 » NTFS -
Disable 8.3 Name creation.
You can increase
NTFS performance if you disable 8.3 name creation.
(Some 16bit
programs may have trouble finding Long File Names. Don't set this option if you
wish to install Norton NT Utilities.)
Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem
Value:NtfsDisable8dot3NameCreation
REG_DWORD
Default: 0
Range: 0 or 1
Set it to 1 to
disable 8.3 name creation. This won't take effect until the next boot.
027 » Deleteing
device drivers and services.
If you have a
service or device driver that you want to remove:
In Control Panel
/Services or /Devices, located the object and STOP it (if it is started). If it
won't STOP, configure StartUp as Disabled and reboot.
Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
Locate the
object, highlight it, delete it.
028 » Activate
Screen Saver if no one logs on.
Edit: HKEY_USERS
\DEFAULT\Control Panel\Desktop
Double click
ScreenSaveActive and set it to 1.
Double click
SCRNSAVE.EXE and enter the full path to the screen saver you want to use such
as SCRNSAVE.SCR or SSTARS.SCR.
Double click
ScreenSaveTimeOut and enter the number of seconds of inactivity before
activation.
You will need to
reboot for this to become effective.
Never use
anything other than the blank screen saver (scrnsave.scr) on a
"Server" as it will steal needed cycles!
029 » Displaying
Your Company Logo (or other bitmap) during logon.
Design an
appropriate bitmap and place it in your NT directory as YourLogoName.BMP. Use
8.3 naming convention.
Edit: HKEY_USERS
\.DEFAULT\Control Panel\Desktop
Double click or
Add Value REG_SZ of Wallpaper and set it to the full path to YourLogoName.BMP.
Double click or
Add Value REG_SZ of TileWallpaper. 0 is Don't tile, 1 is tile.
Double click or
Add Value REG_SZ of WallpaperStyle. 0 is normal, 2 is stretch to fill the
screen (which is mutually exclusive with TileWallpaper = 1).
If you use a
normal, not tiled logo, you can position it by adding the following REG_SZ
values:
WallpaperOriginX
set to the number of pixels from the left hand edge of the screen.
WallpaperOriginY
set to the number of pixels from the top of the screen
030 » Reduce
Windows NT 4.0 Start Menu navigation delay.
To reduce the
time it takes for the Start Menu to display the next tree as the cursor moves
over it, edit:
HKEY_CURRENT_USER/Control
Panel/Desktop
Double click on
MenuShowDelay and set it to 100. You will need to reboot for this to take
effect.
031 » WinNT 4.0
File Name Completion.
If you want to
be able to depress the TAB key to complete the file name you are typing at a
command prompt, edit:
HKEY_CURRENT_USER/Software/Microsoft/Command
Processor
Double Click on
CompletionChar or add value of REG_DWORD, set it to 9. You will need to reboot.
033 » Can't
shutdown without "killing" an application.
When I used to
Logoff or ShutDown, WOWEXEC would invariably not respond and I would have to
press "End Task".
Edit
HKEY_USER\.DEFAULT\Control Panel\Desktop and add value AutoEndTasks REG_SZ. Set
it to 1.
Edit HKEY_USER\YourUserId\Control
Panel\Desktop and add value AutoEndTasks REG_SZ. Set it to 1.
This forces any
task, that does not respond to the shutdown, to end.
You can also Add
Value of WaitToKillAppTimeout with type REG_SZ.
The default: is
20000 milliseconds (20 seconds). If the user process does not end by this time,
AutoEndTasks is invoked.
034 » Uninstall
apps without Add/Remove or an uninstall program.
If you want to
uninstall an appliction that has no uninstall program and it is not listed in
the Add/Remove applet of Control Panel (or that uninstall doesn't work), then
just delete the directory/files. Drill down:
HKEY_LOCAL_MACHINE\SOFTWARE\
and HKEY_CURRENT_USER\SOFTWARE
locating the
applications entry and delete them.
Use Explorer to
to remove the entries from the Start Menu in either %windir%\Profiles\All
Users\Start Menu\Programs\ and/or %windir%\Profiles\YourId\Start Menu\Programs\
If there is an
entry in the Add/Remove list, edit:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
locate the entry
and delete it. If the app has a service, edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
and scroll down
till you locate it. Then delete it.
If this app
starts automatically and there is no entry in the StartUp folder(s), then use
Regedt32 to edit:
HKEY_CURRENT_USER\Software\Microsoft\Windows
NT\CurrentVersion\Windows
load REG_SZ and
run REG_SZ
Remove the
offending value and reboot.
035 » Managing
the Mapped Network Drive dropdown list.
If you want to
remove some the connections in the list, edit:
HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\CurrentVersion\Network\PersistentConnections
Highlight and
delete unwanted entires. Then double click Order and remove the letters that
have been deleted. You may rearrange the letters to change the display order.
036 » Ghosted
connections.
If you want to
Ghost/Un-Ghost persistent connections, edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\NetworkProvider
Value:
RestoreConnection REG_DWORD
0 = ghost
connection
1 = persistant
(not ghosted)
037 » Power Down
when you Shut Down.
If you are tired
of "it is now safe to turn off your computer" when you select Shut
Down, Edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon
Double click on
PowerDownAfterShutdown or add it as REG_SZ. Set it to 1.
This only works
if your HAL (Hardware Abstraction Layer) supports it.
038 » Adding
applications to your Send To folder.
When you right
click on a file in explorer, you can choose to Open with .. or Send To. You can
add applications to your Send To.
Create a
Shortcut to your application (right click the ProgramName.exe) and copy (or
cut) the Shortcut to %windir%\Profiles\YourUserId\SendTo.
Now, when you
right click on that file with a non-standard extension, you can Send To your
application.
How to schedule
a CHKDSK on every boot.
Create a file,
C:\Y.TXT that contains: Y
Create a file
C:\CHKBOOT.BAT that contains:
chkdsk C: /F
<c:\y.txt or chkdsk C: /F /R <c:\y.txt
exit
If you have a D
drive, just add another line, etc..
If you always
logon to the server, just put C:\CHKBOOT.BAT in your StartUp group or download
AUTOEXNT. This service will execute a batch file during system boot.
You can do this
with one file as follows: (Provided by Keith Gorham)
echo y | chkdsk
Drive: /f
exit
045 » Can I
upgrade to Windows NT 4.0?.
Download the
Windows NT 4.0 Compatibility Test Tool - nthq.zip.
047 » Increasing
the environment memory available to DOS programs.
For all DOS
apps, CONFIG.NT should have shell=%windir%\system32\command.com /p /e:size
where
"size" is the environment space you want.
For 1 DOS app,
use a PIF and create a custom autoexec and config file.
048 » Where is
that WinNT driver for my printer?
Excerpts from KB
article Q156082: "Windows NT printer drivers are developed through the
cooperation between Microsoft and the independent hardware vendor (IHV) that
manufactures the print device. Microsoft's role is to assist IHVs with
programming and testing of the printer driver's interaction with Windows NT.
The role of the IHV is to assist Microsoft in addressing either the general
features or the entire feature set of the print device."
See
"Freeware tools for Windows NT" earlier on this page for where to
download new drivers.
If you have an
unsupported PostScript printer, see Q142057 for instructions on installing the
PPD that came with your printer.
If Microsoft
does not have the printer driver:
1. Find a
printer driver emulation that can provide the correct output. If your printer
is a new model, you may want to try the driver for the previous model.
2. Contact the
printer manufacturer to see if they have a Windows NT printer driver. Some
printer manufacturers do develop drivers for Windows NT.
3. Indicate your
desire for a printer driver by sending
to ntwish@microsoft.com. Do not include technical support questions in
the e-mail to ntwish; include only the manufacturer of the printer, and the
make and model. Microsoft will use this information to gauge demand for a particular
printer driver.
049 » Enable
your DOS apps to print to a network printer.
At a command
prompt (or in a batch file), type: NET USE LPTx \\computername\sharename
/PERSISTENT:YES .
050 » Locking
down that desktop.
Desktop
restrictions can be implemented by editing the following Explorer values in the
registry: (all values default to 0)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoCommonGroups
REG_DWORD
set it to 1 so
that common program groups do not appear on the Start menu.
NoDesktop
REG_DWORD
set it to 1 to
hide all desktop icons.
NoDrives
REG_DWORD
The low order
(right most) bit is drive A: while the 26th bit is Drive Z:
To hide a drive,
turn on its' bit. These drives will still appear in File Manager. To remove
File Manager, delete winfile.exe.
If your not
happy working in Hex, add these decimal number to hide the drive(s):
A: 1, B: 2, C:
4, D: 8, E: 16, F: 32, G: 64, H: 128, I: 256, J: 512, K: 1024, L: 2048, M:
4096, N: 8192, O: 16384, P: 32768, Q: 65536, R: 131072, S: 262144, T: 524288,
U: 1048576, V: 2097152, W: 4194304, X: 8388608, Y: 16777216, Z: 33554432, ALL:
67108863
NoFileMenu
REG_DWORD
If set to 1, the
File menu in Explorer is removed.
NoFind REG_DWORD
set it to 1 to
remove the Find command from the Start Menu.
NoNetConnectDisconnect
REG_DWORD
A value of 1
removes the "Map Network Drive" and Disconnect Network Drive menu and
right click options.
NoNetHood
REG_DWORD
Set it to 1 to
remove the Network Neighborhood icon and prevent network access from explorer
(it will still work from a command prompt).
NoRun REG_DWORD
If set to 1, the
Run command is removed from the Start menu.
NoSetFolders
REG_DWORD
Set it to 1 to
hide Control Panel and Printers and My Computer in Explorer and on the Start
Menu.
NoSetTaskbar
REG_DWORD
If set to 1,
only Drag and Drop can be used to alter the Start Menu and Desktop. The Taskbar
does not appear on the Start Menu.
NoTrayContextMenu
REG_DWORD
If set to 1,
menus do not display upon right click of the taskbar, start button, clock, or
taskbar application icons. The entry is only available for NT 4.0 with SP 2 or
greater.
NoViewContextMenu
REG_DWORD
If set to 1,
menus do not display upon right click of the desktop or Explorer's results
pane. The entry is only available for NT 4.0 with SP 2 or greater.
RestrictRun
REG_DWORD
Set it to 1 and
only programs that you define at:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun
can be run on
the Workstation. See tip 362.
NoClose REG_DWORD
Set it to 1 to
remove the ShutDown button from the Start Menu. This does not disable shutdown
from CTRL+ALT+DEL. To totally disable a users ability to shutdown, remove the
"advanced" right to "Shutdown the System" from
Policies/User Rights of User Manager for Domains.
To really lock
down the desktop, replace the Explorer or Progman shell with your own launcher.
Edit
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\Shell
and replace the current .exe with YourOwnLauncher.exe. See "Restricting
system features ..." on a subsequent Tips page.
See Tip 070 and
Tip 215 for more.
See Tip 105 for
how to set this for other users.
051 » Manually
managing the Start Menu.
If you want to
rearrange the placement of shortcuts on you start menu, it is as simple as cut
and paste.
First we need to
understand where the various sections that are displayed on the Start Menu come
from.
Looking at the
partial Start Menu image below
we can see a
number of sections. Let us call the sections on the left hand pane that
contains ("Shutdown", "Run", ..., and
"Programs"), "SYSTEM". The Section above this is "All
Users/Start Menu" and the left, top most section is "Current
User/Start Menu". The "All Users/Start Menu" shortcuts are
located at:
%windir%\Profiles\All
Users\Start Menu
To add an entry
to your Start Menu here, simply paste a shortcut in this folder.
To add an entry
to "Current User/Start Menu", navigate to:
%windir%\Profiles\YourUserId\Start
Menu and paste a shortcut.
The lower middle
pane is called "All Users/Start Menu/Programs". You can paste a
shortcut or copy a Folder of shortcuts to this pane by drilling down to
%windir%\Profiles\All
Users\Start Menu\Programs. To add a shortcut to one of these folders, simply
navigate to the folder or sub-folder and paste the shortcut.
Lastly, as
you've already guessed, the upper middle pane is called "Current
User/Start Menu/Programs" and is located at
%windir%\Profiles\YourUserId\Start
Menu\Programs and is managed the same as "All Users".
As in any other
folder or file, you can right click to "cut", "copy" or
"rename". Right clicking on a shortcut and choosing properties,
allows you to manage the shortcut's Target, icon, "Start in" Hot key
and Run by selecting the shortcut tab.
052 » Out of
Memory or user32.dll failure in Windows NT 4.0.
If you get
user32.dll failure when starting a service or out of memory errors when you
have available memory, try this:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SessionManager\SubSystems\Windows
Scan for
SharedSection=xxxx, yyyy where xxxx is the size of the desktop heap created by
interactive programs (in Kilobytes) and yyyy is size of the system wide heap.
Add ", zzzz" immediately after yyyy where zzzz is the size of the
hidden desktop heap created by non-interactive processes. Setting this to 512
will often solve your problem. When you're done, this string will look like
SharedSection=xxxx, yyyy, zzz.
You might also
delete RegistrySizeLimit from
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control and setting PagePoolSize to
0 at HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SessionManager\Memory
Management.
You will need to
reboot.
053 » DOS full
screen in WinNT.
To switch your
DOS applications between "Full Screen" and "Windowed" mode,
depress ALT+ENTER. Each time you depress ALT+ENTER the DOS application will
switch modes.
054 » Managing
the Start/Run dropdown list.
When you click
on Start and then on Run.. you can either type your command or select a
previously typed command from the dropdown list. If you're like me, your
dropdown list is a mess. This list is stored as up to 26 value entries in the
registry at:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
Additionally,
the sequence of this list is stored in the value MRUlist. Alter entries
"a" through ... and delete the extra entries (each entry must end
with a "\1"). The MRUlist should be edited to reflect the desired
sequence and should not contain letters for the deleted entries. It is best to
leave no gaps in the letter sequence. You must reboot for the changes to take
effect.
OR
Alter entry
"a", delete "b" through "z". Change MRUlist to a.
After rebooting, type the commands into the run dialog in the reverse order you
wish them stored. You can also drag executable files (even documents with
associations) from Explorer.
055 » Manage the
WinNT Boot Menu.
In Control Panel
\ System \ Startup/Shutdown, you can set the default instance and the default
timeout. To add/delete or change entries, you must edit C:\BOOT.INI. This is a
Read-only, Hidden, System file so in a command prompt you must type
attrib -r -h -s
c:\boot.ini
Now you can edit
the file in any text editor such as notepad. You can delete unwanted entries
(don't delete the "VGA mode" entry for an active instance), change
the text (from "Windows NT Server Version 4.00" to "MyCompany
Server") or add a missing entry. When adding entries, you must understand
the ARC path:
multi(0)disk(0)rdisk(Z)partition(W)\
or
scsi(X)disk(Y)rdisk(Z)partition(W)\
where Z is the
disk number (starting at 0) and W is the partion on that disk (starting at 1).
If you look at the "Target Device" entry in %windir%\repair\setup.log
you will see the "Z" and "W" entries for your booted
instance of NT. The "X" and "Y" entries for
"SCSI" are more complicated and are beyond the scope of this
"Tip". For addition information, see KB article Q102873.
Don't forget to
set the attributes back (attrib +r +h +s c:\boot.ini).
For information
on boot.ini switches, see tip 515.
056 » Prevent
Open Explorer from restarting when you restart Windows NT.
If you wish to
prevent certain open (or minimized apps) such as Explorer.exe or Control Panel
from automatically opening when you restart, navigate to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer.
If the right hand pane doesn't have an entry for NoSaveSettings that is type
REG_BINARY, add it.
Now, change
value to hexadecimal 1 (right hand pane will look like 01 00 00 00) Close all
applications (or you will get a scary message) and reboot.
Contrary to the
Resource Kit documentation, this entry will not prevent you from placing new
shortcuts on your desktop but it will prevent you from permanently
repositioning desktop shortcuts and from adjusting the size and/or position of
the Taskbar.
057 » Explorer
shortcut and command line switches.
You can execute
explorer from the command line or from a shortcut and use switches to control
the view. The syntax is: EXPLORER.EXE [/n] [/e] [,/root,{object}] [[,/select],{sub
object}]
/n.................................Opens
a new "My Computer" view of the object, even if already open.
/e.................................Opens
an "Explorer" view of the object.
/root,{object}................The
specified root for the display. Explorer.exe /e,/root,D:\ will open an
"Explorer" view of the D: drive.
/select,{sub
object}.......The specified folder or file receives focus. Explorer.exe
/select,C:\WinNT\System32\Regedt32.exe will open a window view of
C:\WinNT\System32 and the NT Registry Editor will receive focus. To do the same
with an "Explorer" view, Explorer.exe
/e,/select,C:\WinNT\System32\Regedt32.exe
How to schedule
a CHKDSK on every boot.
Create a file,
C:\Y.TXT that contains: Y
Create a file
C:\CHKBOOT.BAT that contains:
chkdsk C: /F
<c:\y.txt or chkdsk C: /F /R <c:\y.txt
exit
If you have a D
drive, just add another line, etc..
If you always
logon to the server, just put C:\CHKBOOT.BAT in your StartUp group or download
AUTOEXNT. This service will execute a batch file during system boot.
You can do this
with one file as follows: (Provided by Keith Gorham)
echo y | chkdsk
Drive: /f
exit
059 »
Permanently turn that "My Computer" view into an "Explorer"
view.
Double click My
Computer. From the View menu, select options and the File Types tab. Scroll the
list of "Registered file types" and select "Folder".
Depress the Edit button, and select Explore. Press Set Default and press Close
and press Close.
If you want to
change the Open behavior, select Explore and press the Edit button and select
the text in DDE Message and copy it to the Clip Board. Click on OK. Select Open
and press the Edit button. Paste the Clip Board contents into the DDE Message
and click on OK.
060 » Add new
options to that right click in Windows NT 4.0.
When you right
click on a file in Explorer, the valid choices for that extension are
presented. To add a new choice, select view/options/File Types. Scroll to the
file type you wish to ammend, select it, and click the Edit button. Click the
New button. Type the "Action" (Edit, Smile, Print, view, ...) and the
full path to the application (and any command line switches/parametets)
required to perform the "Action". If you want to change an
"Action", click "Edit" instead of "New". I
suggest you edit the "Actions" of "Text Document",
"Write Document" and any type that uses DDE such as "Microsoft
Word Document" to see the possibilities.
061 » Microsoft
Natural Keyboard support in WinNT 4.0.
Registered
owners of InteliType software for Windows NT can get a free upgrade by calling
the Microsoft Upgrade Center at 1 800 360 7561. I believe you are better off
without the InteliType software as WinNT 4.0 provides native support for this
keyboard. Use of InteliType prevents configuration of a 3 buttom mouse.
The following
key combinations are supported by the NT Native drivers:
MENU +
WIN.....................Start Menu
WIN +
R............................Display the Run dialog box.
WIN +
M...........................Minimize all open windows.
WIN + Shift +
M................Undo Minimize all windows
WIN +
F1..........................Help
WIN +
E............................Explorer
WIN +
F............................Find Files/Folders.
CNTRL+ WIN +
F.............Find Computer.
WIN +
TAB.......................Cycle the minimized taskbar icons.
WIN +
BREAK..................Systems Properties.
062 » Give our
machine a Netbios alias in Windows NT.
If you have an
machine name that is invalid for SQL Server, Exchange, or just want to be cute,
you can change it in Control Panel / Networks, but that could be a lot of work.
Create an alias
instead, by editing:
HKEY_Local_Machine\System\CurrentControlSet\Services\LanmanServer\Parameters
Add Value:
OptionalNames REG_SZ String: "Alias"
If you make it a
type REG_MULTI_SZ, you can add multiple alsiases.
063 » Setting
and mapping shares from the command line.
You can create
shares from the command line or a batch file using NET SHARE (type net share /?
for syntax) and you can map any share using NET USE. There is no native way to
establish share permissions from the command line. The NT Server Resource Kit
contains PERMCOPY.EXE that allows you to copy permissions from one share to
another. You can either use an existing share as the source or create some
hidden models (hidden shares end with a $ as in \\MachineName\Model1$). The
syntax for PERMCOPY.EXE is:
permcopy
\\SourceMachine SourceShareName \\DestinationMachine DestinationShareName
(Source and Destination MachineName can be the same).
You may also use
RMTSHARE.EXE from the Resource Kit to set up shares with permissions.
064 » Control
which errors pop-up in WinNT.
You can control
what errors pop-up to interupt you by using the following registry keys (errors
are still recorded in the event logs): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Windows
Add value
NoPopUpsOnBoot as a REG_DWORD. When set to 1, Boot pop-up messages are
suppressed. The default is 0.
Add value
ErrorMode as a REG_DWORD.
0 - All system
and application errors Pop-up (this is the default).
1 - Errors from
system processes are suppressed.
2 - All system
and application errors are suppressed.
065 » Does your
DeskTop disappear, requiring Logoff/Logon?
By default, if
your shell crashes (Explorer.exe), it will automatically restart. If your shell
crashes (icons/Taskbar disappear) and your must logoff/logon to restore them,
edit the following Registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon
Look at
AutoRestartShell (a REG_DWORD) in the right hand pane. If it is 0 (do not
restart), set it to 1(automatically restart).
066 » Can't get
NT to recognize the 256 processors on your MOBO?
If you have more
processors than NT will recognize, try editing:
HKEY_LOCAL_MACHINE/System/CurrentControlSet/Control/Session
Manager/Environment/NUMBER_OF_PROCESSORS
and
HKEY_LOCAL_MACHINE/System/CurrentControlSet/Control/Session
Manager/Environment/LicensedProcessors
Now, when you do
an update install (re-install into the same directory), NT will recognize those
extra processors. As with any system modification requiring use of the NT
CDROM, re-apply your latest SP. Don't forget to generate a current ERD
(RDISK.EXE /S).
Be sure that you
are not violating any license agreements if you do this. You will require a
custom HAL if your MOBO has more than 4 processors.
067 » Want to
map a drive letter to a sub-directory without creating a share?
Type SUBST /? at
a command prompt for syntax. Here are some examples:
subst h:
\\ServerName\User$\%username% where User$ is a hidden share of the main users
directory and %username% represents the users sub-directory and is not shared.
subst x: c:\temp
where temp is a local directory on local drive c:.
subs x:
\\ServerName\C$\DirectoryName\SubDirectoryName where C$ is a hidden
administrative share and DirectoryName and SubDirectoryName are not shared.
You can not
SUBST a network drive on W95.
068 » Can't
re-apply that HOTFIX?
If you can not
re-apply a HOTFIX because the system reports it is already installed, and you
can't remove it via HOTFIX /remove, edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\HOTFIX and delete the Hotfix entry.
Then use
Explorer to navigate to %windir%\HOTFIX\Hf00... or after NT 4.0 SP3, the
%windir%\$NtUninstallQ.....$ and delete the HOTFIX entry. Reboot and re-apply
the HOTFIX. If you know that you will be re-applying a Service Pack, try
removing the HOTFIX first.
069 »
Configuring Service start up order in WinNT.
You can
configure the start up of a service based on the completion of one or more
services. To do this, edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
Scroll to the
1st service you want to control and highlight it. If the right hand pane
contains a DependOnService, double click it and add a service. If
DependOnService is not present, add value DependOnService with type
REG_MULTI_SZ. If you wish to add multiple values, each one should be on a
seperate line.
If you have
RemoteAccess installed, double click its' DependOnService. You will see that it
depends on LanmanServer, RasMan, NetBios, and NetBT. Then look at NetBT. You
can see that it depends on Tcpip. Finally, looking at Tcpip, we see that it
depends on no other service.
070 »
Restricting system features in Windows NT 4.0.
To restrict the
use of system features, edit: (the System sub-key must be added)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
All of the
following entries are type REG_DWORD and have a default of 0. If these entries
are set to 1, the restriction is enabled.
DisableTaskMgr -
Prevents TaskMgr.exe from running. This entry is only supported from NT 4.0
with SP2 or greater.
NoDispAppearancePage
- Removes the ability to change the colors or color scheme on the desktop from
Control Panel.
NoDispBackgroundPage
- Removes the ability to change wallpaper and backround pattern from Control
Panel.
NoDispCPL -
Disables the Display option in Control Panel
NoDispScrSavPage
- The Screen Saver tab does not appear in the Display Properties page of
Control Panel.
NoDispSettingsPage
- The Settings and Plus tab do not appear in the Display Properties page of
Control Panel.
072 » Users
never have a current ERD!
In most sites,
users rarely have a current ERD when they need one!
Do it for them with
this procedure:
Use the
scheduler (AT command) (or a good one like OpalisRobot) on each workstation to
schedule a RDISK.exe /S-. The batch file to schedule is:
%windir%\system32\rdisk.exe
/s-
net use x:
/delete
net use x:
\\YourServer\RepairShare$ /persistent:no
if not exist
x:\%computername% md x:\%computername%
Copy
%windir%\repair\*.* X:\%computername%\*.*
net use x:
/delete
exit
where
%computername% is a subdirectoy of the hidden share on the Server, i.e.; one
for each workstation.
When you need an
ERD for that workstation, just format a diskette on your Server and copy the
files from their wsX directory.
The scheduler
must be run under the system context and allowed to interact with the desktop
or under the context of an administrative user. If you use the system account,
you can't schedule the copy because the system account has no network access.
Use a ROBOT account with a non-blank non-expiring password that is a member of
the administrator group. Use full path names for all files. Here is a sample
schedule for Workstation "wsA":
AT \\wsA 01:00
/interactive /every:M,T,W,Th,F,S,Su \\YourServer\RepairShare$\Repair.bat
You can dress up
the Repair.bat with logging, messaging, etc
073 » Does your
CD-ROM Changer cycle excessively?
If your CD-ROM
Changer cycles excessively, try these 3 simple steps:
1. Set
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Autorun to zero.
2. Set the
"Start Up" of CD Audio in Control Panel / Devices to Manual. Press
the Stop button (This may not br required on your installation).
3. Create a
shortcut to Explorer (set to minimized) and place it in your Startup folder.
Leave it minimized. It will share the CD information with all other copies of
Explorer that you open and with all properly written applications.
074 » How do I
change the shell for selected users?
As mentioned in
"Locking down that Desktop", you can replace the shell by editing:
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\
and replacing
Explorer.exe with YourOwnShell.exe in the Shell value. This, however, is a
global change and affects all users.
To effect only
certain users, create a batch file %windir%\System32\userinit.bat in which you
select the lucky users, running YourOwnShell.exe, but running Userinit.exe for
everyone else. Edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\Userinit
and replace Userinit with Userinit.bat. Do not change the Shell, leaving it as
Explorer.exe. Here is a sample Userinit.bat (I have chosen to identify the
"lucky" users by creating a %username%.lucky file on \\YourPDC\Lucky$
to which everyone has list permission, but you can choose whatever mechanism
you wish):
@echo off
if exists
\\YourPDC\Lucky$\%username%.lucky goto YourS
\\YourPDC\C$\winnt\system32\userinit.exe
goto end
:YourS
\\YourPDC\C$\winnt\system32\YourOwnShell.exe
:end
exit
If you mess up
while testing this (I did) and only a partial desktop loads:
CTRL+ALT+DEL,
choose Task Manager / File / New Task / userinit.exe.
075 » Want to
move tons of shares to another WinNT server?
If the prospect
of moving all those shares to your new server has you down, here is a simple
method that will only take a few minutes. Navigate to the following registry
key:
HKEY_LOCAL_MACHE\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares
Save the Key to
a filename on a floppy. On the new server, navigate to the same key and save
its' empty Shares key to a floppy before restoring it from the 1st server. This
will destroy any existing shares on the new server. Now, restore the empty
Shares key that you saved from the new server to the 1st server or delete the
values manually (also from the Security sub-key). Create at least one new share
on each server. This is required so explorer can refresh its' shares. In
Control Panel / Services, stop and restart the Server Service. If you don't
want that new share, unshare it normally.
076 » Enabling
X-Mouse functionality.
To enable
X-Mouse functionality in Windows NT 4.0, edit the registry at:
HKEY_CURRENT_USER\Control
Panel\Mouse\ActiveWindowTracking
Set this
REG_DWORD to 1.
077 » Want an
inexpensive groupware solution?
By placing a
shortcut to the desktop folders of your team members on your desktop, you can
drag documents from explorer to that icon and a copy of the document will
appear in their desktop folder and its' icon will be displayed on their
desktop. For Windows NT, the desktop folder is located at
%windir%\profiles\UserName\Desktop and for W95 it is Windows\Desktop.
078 » Say hello
to the first user who logs on (Run a job once).
You can
configure multiple RunOnce entries. RunOnce jobs execute at the next logon and
are deleted from the registry.
Edit:
HKEY_LOCAL_MACHINE\Softwate\Microsoft\Windows\CurrentVersion\RunOnce
Add value Any
name with type REG_SZ. Set the value to the full path of the executable or
batch file. Here is a simple example:
Add value
Welcome REG_SZ set to \\ServerName\UserShare\Welcome.cmd where Welcome.cmd
might contain:
@echo off
pause The XYZ
Corporation is pleased to welcome %UserName% to your first logon to
%ComputerName%, a Windows NT 4.0 Workstation.
Exit
Upon completion,
the value Welcome is deleted from the RunOnce sub-key.
079 » Establish
default logoff and shutdown settings.
Edit:
HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\CurrentVersion\Shutdown
Add value
LogoffSetting as a REG_DWORD
0 - Logoff
1 - Shutdown
2 - Shutdown and
Restart
3 - Shutdown and
Power Off (when supported)
Add value
ShutdownSetting as a REG_DWORD
0 - Logoff
1 - Shutdown
2 - Shutdown and
Restart
3 - Shutdown and
Power Off (when supported)
082 » Keep your
RAS connection when you logoff Windows NT
Edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
Add value
KeepRasConnections as a type REG_SZ. Set it to 1.
083 » How to
alter the time it takes Windows NT to shutdown.
Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WaitToKillServiceTimeout
(or add it as a REG_SZ)
This key tells
the service control manager how long to wait for services to complete the
shut-down request. The default is 20000 milliseconds.
You must wait
long enough for the services to complete an orderly shutdown.
084 » Have your
explorer icons gone black?
Right click on
the desktop and choose properties. Click on the Appearance tab. In the Item:
drop-down box, select Icon. Change the Icon size up by 1 and click the Apply
button. Change the Icon size down by 1 and click the Apply button. Click the Ok
button. Your Explorer icons should display properly.
086 » How do I
schedule a service (such as RAS) to start and stop?
You can use the
AT command (or a good scheduler such as OpalisRobot) to schedule a batch file
that contains a net start and/or net stop.
Here is an
example of scheduling RAS to stop at 23:00 and start up at 04:00
AT \\ServerName
23:00 /interactive /every:M,T,W,Th,F,S,Su cmd.exe /c
"Drive:\Directory\RASSS.bat"
where RASSS
contains:
net stop
RemoteAccess
sleep 18000
net start
RemoteAccess
Exit
Note 1:
RemoteAccess is the actual service name. To determine the service name, scan
the registry at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
Note 2: Sleep is
a Resource Kit utility. If you don't have it and can't afford it, schedule the
net start as a seperate job.
087 » Sync the
time on your Workstation(s) with the Server.
Place the
following in the login script, start up folder, and/or schedule it: (This works
on NT and 95)
NET TIME
\\ServerName /SET /YES
You can
configure the PDC or BDC to be the default time server by editing the registry
at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Paramaters
and adding a
Value Name of timesource as type REG_DWORD and setting it to 1. Stop and
restart the server service for this change to take effect.
For WinNT users,
you must grant the user the right to change the system time or use TIMESERV
from the reskit.
088 » Finding
that memory leak using Windows NT 4.0.
Much has been
written about using Performance Monitor to detect and isolate memory leaks. Two
KB articles on the subject are Q130926 and Q150934.
While these
standard protocols work, the hit and miss method of finding the leaking process
can be very time consuming. Here is an alternate method:
1. Start
PMON.EXE from the Resource Kit.
2a.Monitor Paged
and Non-Paged pool usage (last 2 items on the 2nd row).
If these are
increasing over time, you have a memory leak.
2b.Monitior the
commit counters on the 2nd row.
Increasing
numbers over serval hours indicate a probable leak.
2c.Monitor the
Commit Charge column.
The process with
the leak will have an increasing value.
3. To make it
easier to monitor, copy the output to the clipboard and paste it into notepad.
Do this about
once an hour over the duration of your testing.
089 » RAS
Autodial problems?
If you want to
stop RAS AutoDial, use control panel / Services. Scan for Remote Access
Autodial Manager. Stop it and configure startup as manual. If you want Autodial
to work, see KB article Q169244.
If RAS AutoDial
tries to dial itself, edit:
HKEY_CURRENT_USER\Software\Microsoft\RAS
AutoDial\Address
Scan for your
address (both IP and Name) and delete the sub-key. If you have a TCP/IP
network, edit:
HKEY_CURRENT_USER\Software\Microsoft\RAS
AutoDial\Control, double-click DisabledAddresses and add your IP address on a
new line of the REG_MULTI_SZ value.
You must reboot
for these registry changes to take effect.
090 » Create
your own "AutoDial".
I am not
particularly fond of the Windows NT 4.0 AutoDial, so I created my own. Use a
batch file:
REM Switch to
prefered download directory
C:
CD C:\ZIPNEW
REM Dial your
ISP
C:\Winnt\system32\RasPhone
-d EntryName
REM Run your
browser
"C:\Program
Files\Internet Explorer\IEXPLORE.EXE"
REM When you
exit, hang up
c:\winnt\system32\rasdial
EntryName /DISCONNECT
exit
Create a
shortcut to the batch file (I have mine set to minimized) and create a HotKey
and/or place it on the Start Menu.
091 » Force
Explorer to display an open with choice.
If a file with a
known extension is right clicked, you are offered a choice to open the file. If
you wish to open this file with a different program, highlight the file, and
press Shift + Right Click and choose open with. You can permanently change the
association by checking the "always open with this program" check
box.
092 » Define a
default open when you right click in Explorer.
When you right
click on a file with a known extension (in Explorer) you get a choice to open
the file. If the extension is unkown, you get an open with choice.
You can define a
default open choice for those unknown extensions and still have the open with
by amending the registry as follows:
1.
HKEY_Classes_root\unknown\shell
2. Double click
on Shell
3. Add Key open
4. With open
selected, add Key command
5. With command
selected, add a Value with no name (leave it blank) and type REG_EXPAND_SZ
6. Enter the
full path to the executable followed by a space and "%1"
Example:
Drive:\Directory\Program.exe "%1"
093 » Hide that
minimized app from the taskbar.
If you would
like to hide certain minimized apps, so they don't appear on the taskbar,
download hideit. I found this freeware app while browsing the net.
094 » Adding
multiple user accounts.
Below you will
find a batch file which provides a simple method of adding multiple user
accounts. This batch file does not make use of any non-standard commands. I
personally use the resource kit utilities which allow assigning the new user to
a group and setting share permissions, but the enclosed batch file does
everything else. (You can add a net group command - see %systemroot%\System32\ntcmds.hlp)
Usage: Create a
batch file of about 50 entries per the following example:
echo
**>>c:\users\JSIAddErrors.log
call JSIAddUser
User1 User1Password "Remarks" "User1 Full Name" HomeServer
call JSIAddUser
User2 User2Password "Remarks" "User2 Full Name" HomeServer
exit
Requirements:
1. The batch
file must be run on the HomeServer.
2. Users home
directories are created as hidden shares on HomeServer in C:\USERS\UserName.
A login script
will issue a net use Drive: /home
3. Permissions
on C:\USERS are set for Administrators and Backup Operators only.
4. Common files
in C:\USERS\default are copied to the users home directory.
5. An
cummulative log file of errors is created as C:\USERS\JSIAddErrors.log.
JSIAddUser.cmd
REM
JSIAddUser.cmd
REM Usage is
Call JSIAddUser UserName Password "Remarks" "FullName"
HomeServer
if
"%5" == "" goto parms
if exist
c:\users\%1 goto dup
md c:\users\%1
>nul
net user %1 %2
/ADD /comment:%3 /fullname:%4 /homedir:\\%5\%1$ >nul
if errorlevel 1
goto dup
net share %1$=c:\users\%1
/Y>nul
CACLS
c:\users\%1 /G %1:F /T /E >nul
xcopy
c:\users\default\*.* c:\users\%1\ /s /e>nul
goto fin
:dup
Echo %1 and/or
c:\users\%1 pre-existing. >>c:\users\JSIAddErrors.log
goto fin
:parms
Echo number of
parameters for %1. >>c:\users\JSIAddErrors.log
:fin
exit
095 » Is the
Windows NT record of the software owner incorrect?
Did the persons
who installed Windows NT misspell your (or your companies) name? Perhaps you
had a little too much wine while doing the install? In either case, you can correct
the problem by editing the registry at:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion
Double click on
RegisteredOrganization in the right hand pane and change it.
Double click on
RegisteredOwner in the right hand pane and change it.
096 » Removing
Administrative shares.
By default, if
you delete the C$, D$, etc.. Administrative shares, they will be recreated when
you reboot. To disable this feature, edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Paramaters
Double click on
AutoShareServer and set it to 0 to disable it for a server.
Double click on
AutoShareWks and set it to 0 to disable it for a workstation.
If the entries
are not present, Add Value of type REG_DWORD. The Range is 0 (disable) or 1 (enable
- the default).
097 » Limit the
number of users that can be simultaneously logged on to your server.
If you need to
limit the number of simultaneously logged on users, for performance, political
or any other reason, edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Paramaters
Double click on
Users and set this REG_DWORD. You will need to reboot.
098 » Is
replication failing on WinNT 4.0?
In Windows NT
4.0, a new key in the export machine registry must be read by the import
machine. By default, the repluser does not have permissions on this key. To
solve the problem, navigate the registry on the export machine at:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg
and from the
security menu / Permissions, grant read access to repluser
099 » Do
desktops load before the logon script finishes?
Edit or add
value (REG_DWORD):
HKEY_CURRENT_USER\software\microsoft\windows
nt\currentversion\winlogon
value:
RunLogonScriptSync
0 = Don't wait
for the logon script to complete before loading the desktop.
1 = Wait for the
logon script to complete before loading the desktop.
Also add this
to:
HKEY_LOCAL_MACHINE\software\microsoft\windows
nt\currentversion\winlogon
100 » Alter a
login script based on group membership.
If you are not
ready to implement a login script processor like Kix95 (from the resource kit),
you can use a simple exe in your current script. ifmember (also from the
resource kit) allows you to test for membership in one or more groups. Here is
an example:
\\SERVER\NETLOGON\ifmember
"Accountants" "Accounts Payable"
REM 0=none,
1=one of the groups, 2 =two of the listed groups
if ERRORLEVEL 1
goto apac%errorlevel%
:sales
\\SERVER\NETLOGON\ifmember
"Sales"
If NOT
ERRORLEVEL 1 goto common
net use s:
\\ServerName\Sales$ /persistent:no
goto common
:apac1
REM Either a
member of Accountants or Accounts Payable
\\SERVER\NETLOGON\ifmember
"Accountants"
if ERRORLEVEL 1
goto acct
net use x:
\\ServerName\ap$ /persistent:no
goto sales
:acct
net use y:
\\ServerName\acct$ /persistent:no
goto sales
:apac2
REM Membership
in both Accountants and A/P
net use x:
\\ServerName\ap$ /persistent:no
net use z:
\\ServerName\accctap$ /persistent:no
goto acct
:common
net use h: /home
exit
101 » When was
the last time WinNT was started?
To determine the
last time Windows NT was booted, type:
NET STATISTICS
SERVER or NET STATISTICS WORKSTATION
where SERVER and
WORKSTATION refer to services, not installed product.
The first line
will identify the last time the computer was started.
102 » How to
allows users to schedule jobs on your server?
Install
OpalisRobot or follow this procedure to use the built in scheduler:
1. For each
server, edit HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa and add
value SubmitControl as a REG_DWORD. Set it to 1.
2. For
scheduling jobs on a Domain Controller, add the user to the Server Operators
group. For an ordinary server, the user must be a member of the local
Administrators group.
You must reboot
the server(s) for the change to take effect.
104 » Preserve
your Shortcut keys when you remove an icon from the desktop.
If you wish to
remove some icons from the Windows NT 4.0 desktop but preseve the Shortcut keys
that you have defined, perform the following tasks:
1. Right click
on the Start button and choose explore.
2. Navigate to
\Profiles\YourUserId\Start Menu\Programs\Startup and create a new folder (call
it HotKey if you wish).
3. Cut the
Desktop Shortcuts from \Profile\YourUserId\Desktop and paste them into the new
folder (HotKey).
4. Logoff and
logon.
Your Shortcut
keys will still function but your desktop will be less cluttered.
105 » Define
initial settings for new users.
In other tips on
these pages, you have seen registry hacks to the HKEY_CURRENT_USER hive. Any
hack that you can make to HKEY_CURRENT_USER can be made to the default user
hive.
To modify the
default user hive, highlight the HKEY_USERS window and click Load Hive from the
Registry menu. Select the Ntuser.dat file (usually from %windir%\Profiles\Default
User directory). Type NTUSER in the Key Name dialogue box. Now you can add or
modify any Key or Value within this hive. When you finish, highlight NTUSER and
select Permissions from the Security menu. Add Read permission to the Everyone
group. Check the "Replace Permission on Existing Subkeys" box and
click Ok. Select Unload Hive from the Registry menu and exit Regedt32.
Copy the profile
to the Netlogon share on the PDC which is usually at
C:\%windir%\System32\Repl\Export\Scripts.
When a new user
logs on, they will receive the default profile.
106 » Roaming
profiles consume disk space.
When a user with
a roaming profile logs off a workstation, a copy of the profile is cached on
the local hard drive. If other persons with roaming profiles use that
workstation, disk space is being consumed to keep these cached profiles. To
configure so that roaming profiles are not cached, edit:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon
Edit or add
value DeleteRoamingCache as type REG_DWORD. Set it to 1.
107 » What tools
are provided with the Windows NT 4.0 Resource Kit?
The following is
an alphabetical list of the tools included on the
For more information on them, please refer
to the RKTOOLS.HLP online Help file.
ADDUSERS.EXE:
AddUsers - Command-line utility, creates or writes user accounts to a comma
delimited file.
(Updated)
ANIEDIT.EXE: Animated Cursor Creator - Windows-based tool for drawing and
editing animated cursors.
APIMON.EXE: API
Monitor
ASSOCIATE.EXE
(Updated)
ATANALYZR.EXE: AppleTalk network device ANaLYZeR
AUDITCAT.HLP:
Audit Categories Help
(New)
AUDITPOL.EXE: AuditPol
AUTOEXNT.EXE:
AutoExNT Service - Enables you to start a batch file, AUTOEXNT.BAT, at boot
time without having to log on to the computer on which it will run.
(Updated)
AUTOLOG.EXE: Windows NT Auto Logon Setter
BREAKFTM.EXE:
Automated Mirror Break/Restore Utility
BROWMON.EXE:
Browser Monitor - Windows-based tool, shows browser status.
BROWSTAT.EXE:
Browser Status - Command-line utility, diagnoses browser problems and shows
browser status.
C2CONFIG.EXE:
Windows NT C2 Configuration Manager
CHOICE.EXE:
Input from Batch Files - (MS-DOS 6.0 utility).
(Updated)
CLIP.EXE: Clip
(New)
CLIPSTOR.EXE
CMDHERE.EXE:
Command Prompt Here
COMPREG.EXE - A
Win32 character-based/command-line "Registry DIFF" that enables you
to compare any two local and/or remote Registry keys in both Windows NT and
Windows 95.
COMPRESS.EXE:
File Compress - Command-line utility, compresses files. Needed for Setup
customization.
(Updated)
COUNTERS.HLP : Windows NT Performance Counters Help
Crystal Reports
Event Log Viewer - Provides an easy way to extract, view, save, and publish
information from the Windows NT system, application, and security event logs in
a variety of formats.
dbWeb
(New)
DEFPTR.EXE: Default Printer
DELPROF.EXE:
User Profile Deletion Utility
DELSRV.EXE
(New)
DEPENDS.EXE: Dependency Walker
Desktop Themes
for Windows NT 4.0
DESKTOPS.EXE:
DeskTops
DFLYDIST.EXE:
Compound File Layout User Tool
(Updated) DH.EXE
- Command-line utility, enables you to lock heaps, tags, stacks, and objects.
DHCPCMD.EXE:
DHCP Administrator's Tool - Command-line utility.
(Updated)
DHCPLOC.EXE: DHCP Server Locator Utility - Command-line utility, detects
unauthorized DHCP servers on a subnet.
(Updated)
DIRUSE.EXE: Directory Disk Usage - Command-line utility, shows disk space used
per directory.
DISKMAP.EXE
DISKSAVE.EXE -
Enables you to save the Master Boot Record and Boot Sector as binary image
files.
DISKUSE.EXE -
Command-line utility, scans directories on a hard disk and reports on space
used by each user.
(New) DNSCMD.EXE
DOMMON.EXE:
Domain Monitor - Windows-based tool, gives status on domains, domain
controllers, trust relationships.
DRIVERS.EXE:
Device Driver Information - Command-line utility, shows what drivers have
loaded.
DSKPROBE.EXE:
DiskProbe
DUMPEL.EXE: Dump
Event Log - Command-line utility, dumps the event log to a file.
EM2MS.EXE
EMWAC Server CGI
Gateway Scripts
ENUMPRN.EXE
EXCTRLST.EXE:
Extensible Performance Counter List
EXETYPE.EXE:
Finding the Executable Type - Command-line utility, identifies the hardware
platform of a .EXE file.
EXPNDW32.EXE:
File Expansion Utility - File Expansion utility, expands the compressed files
on Windows NT distribution media.
FILEVER.EXE:
FileVer - Command-line utility, examines the version resource structure of a
file or a directory of files and displays information on the versions of
executable files.
(New)
FILEWISE.EXE
FINDGRP.EXE:
Find Group - Command-line utility, finds all group memberships of a specified
user.
(Updated)
FIXACLS.EXE: Reset System File Permissions
FLOPLOCK.EXE:
Lock Floppy Disk Drives - Command-line utility or service that restricts access
to floppy drives.
FORFILES.EXE
FREEDISK.EXE
FTEDIT.EXE: FT
Registry Information Editor - Windows-based tool, enables you to create, edit,
and delete fault tolerance sets for disk drives and partitions of local and
remote computers.
GETMAC.EXE
GETSID.EXE
GFLAGS.EXE
(Updated)
GLOBAL.EXE
GRPCPY.EXE:
Group Copy
HCLNT4.HLP:
Hardware Compatibility List - HCL in online Help format
(Updated)
HEAPMON.EXE
IFMEMBER.EXE -
Command-line utility, checks whether the current user is a member of a
specified group
. IMAGEDIT.EXE:
Image Editor - Windows-based tool, enables the creation of icons and cursors,
and also used by the Animated Cursor Creator.
Index Server
INSTALLD.CMD
(NTDETECT.COM): Startup Hardware Detector
INSTSRV.EXE:
Service Installer - Installs any service.
KERNPROF.EXE:
Kernel Profiler
KILL.EXE: Task
Killing Utility - Command-line utility, use to end one or more tasks, or
processes.
KIX32.EXE:
KiXtart 95
(New) KIXGRP.EXE
LAYOUT.DLL
LEAKYAPP.EXE:
LeakyApp
LINKCK.EXE: Link
Checker
(Updated)
LOCAL.EXE
LOGEVENT.EXE:
Event Logging Utility
(New) LOGOFF.EXE
LOGTIME.EXE
MIBCC.EXE: SNMP
MIB compiler
MONITOR.EXE:
Performance Data Logging Service and Configuration Tool
(Updated)
MUNGE.EXE
NETCLIP.EXE:
Remote Clipboard Viewer
NETCONS.EXE: Net
Connections
(New) NETDOM.EXE
NETSVC.EXE:
Command-line Service Controller - Command-line utility, remotely starts, stops,
and queries the status of services.
(Updated)
NetTime for Macintosh
NETWATCH.EXE:
Net Watcher - Windows-based tool, shows who is connected to shared directories.
NLMON.EXE
NLTEST.EXE
NOW.EXE: Now -
Displays the current date and time on STDOUT, followed by any command-line
arguments you add.
(Updated)
NTCARD40.HLP: Adapter Help - Describes settings for hardware supported under
Windows NT.
NTDETECT.COM
(INSTALLD.CMD): Startup Hardware Detector
(Updated)
NTEVNTLG.MDB
(Updated)
NTIMER.EXE
(Updated) NTMSG.HLP
(New)
NTRIGHTS.EXE
NTUUCODE.EXE:
32-Bit UUDecode and UUEncode Utility
OH.EXE
OLEVIEW.EXE:
OLE/COM Object Viewer
OS2API.TXT -
List of compatible APIs in the OS/2 subsystem.
PASSPROP.EXE
(Updated)
PATHMAN.EXE: Pathman
(Updated)
PERF2MIB.EXE: Performance Monitor MIB Builder Tool
(Updated)
PerfLog: Performance Data Log Service
PERFMTR.EXE:
Performance Meter - Text-mode utility, provides performance information.
(Updated)
Performance Tools
Perl 5 Scripting
Language
PERMCOPY.EXE
PERMS.EXE: File
Access Permissions per User - Command-line utility.
PFMON.EXE: Page
Fault Monitor
PMON.EXE:
Process Resource Monitor - Command-line utility.
POLEDIT.EXE:
Windows NT System Policy Editor
POSIX Utilities
Power Toys
PSTAT.EXE:
Process and Thread Status - Command-line utility, shows process statistics.
Useful for debugging problems.
PULIST.EXE
PVIEWER.EXE:
Process Viewer - Windows-based tool, shows the processes running in the system
and allows ending processes and boosting priority.
QSLICE.EXE: CPU
Usage by Processes - Windows-based tool.
QUICKRES.EXE:
Quick Resolution Changer
RASLIST.EXE
RASUSERS.EXE:
Enumerating Remote Access Users - Command-line utility.
RCMD.EXE: Remote
Command Service - Remotely administers and runs command-line programs, client
program. Used with RCMDSVC.EXE.
(New) REG.EXE
REGBACK.EXE:
Registry Backup - Command-line utility, backs up Registry hives to files
without the use of tape.
REGDMP.EXE
(Updated)
REGENTRY.HLP: Windows NT Registry Entries - Online Help file
REGFIND.EXE
Regina REXX
Scripting Language
REGINI.EXE:
Registry Change by Script - Command-line utility, good for Setup programs.
REGKEY.EXE:
Logon and FAT File System Settings - Windows-based tool, sets new Registry
settings without actually editing the Registry. (Not on PPC RISC-based computers)
REGREST.EXE:
Registry Restoration - Command-line utility, restores Registry hives from
files.
Remote Access
Manager
(Updated) Remote
Console
(Updated)
REMOTE.EXE: Remote Command Line - Command-line utility, runs command-line
programs on remote computers.
Remote Kill
RIPROUTE.WRI:
Routing with Windows NT Server
RMTSHARE.EXE:
Remote Share - Command-line utility, sets up or deletes shares remotely and can
grant and remove ACLs on those shares.
ROBOCOPY.EXE:
Enhanced Network File-Copying Utility - Command-line utility.
RSHSVC.EXE:
TCP/IP Remote Shell Service
RSHXMENU.EXE:
Security Power Toy
RUNEXT: Run
Extension
SC.EXE
SCANREG.EXE - A
Win32 character-based/command-line "Registry GREP" that enables you
to search for any string in keynames, valuenames, and/or valuedata in local or
remote Registries keys in both Windows NT and Windows 95.
SCLIST.EXE
SCOPY.EXE: File
Copy with Security - Command-line utility.
SECADD.EXE
SECEDIT.EXE
(Updated)
SETEDIT.EXE
SETUPMGR.EXE:
Setup Manager - Windows-based tool, enables Windows NT to be installed or
upgraded remotely.
SETX.EXE
ShareUI
SHORTCUT.EXE
(Updated)
SHOWACLS.EXE
SHOWDISK.EXE
SHOWGRPS.EXE
SHOWMBRS.EXE
SHUTDOWN.EXE and
SHUTGUI.EXE: Remote Shutdown - Command-line and GUI utilities, remotely shut
down a server.
(New)
SIPANEL.EXE: Soft Input Panel
SLEEP.EXE: Batch
File Wait - Command-line utility, waits for a specified amount of time. Useful
in batch files.
SNMPMON.EXE:
SNMP Monitor
SNMPUTIL.EXE:
SNMP Browser
SOON.EXE:
Near-Future Command Scheduler
SRVANY.EXE: Applications
as Services Utility
SRVCHECK.EXE
SRVINFO.EXE
SRVINSTW.EXE:
Service Installer Wizard
(New)
SRVMON.EXE: Service Monitor
(Updated) SU.EXE
- Enables you to start a process running as an arbitrary user.
(Updated)
SUBINACL.EXE: SubInAcl
SYSDIFF.EXE
TDISHOW.EXE: TDI
Tracing Utility - Command-line utility, traces packets going across the TDI
layer.
TELNETD.EXE:
Telnet Server Beta
TEXTVIEW.EXE:
TextViewer
TIMEOUT.EXE
(Updated)
TIMESERV.EXE: Time Synchronizing Service - Command-line utility or service.
TIMETHIS.EXE:
TimeThis
TIMEZONE.EXE
TLIST.EXE: Task
List Viewer
TLOCMGR.EXE:
Telephony Location Manager
TOPDESK.EXE:
Multiple Desktops - Windows-based tool.
(Updated)
TOTLPROC.EXE
TweakUI
TZEDIT.EXE: Time
Zone Editor - Windows-based tool.
UPTOMP.EXE: Uni
to Multiprocessor Upgrade Utility
USRSTAT.EXE
USRTOGRP.EXE:
Add Users to Groups - Command-line utility, adds users to local or global
groups from a user-specified input text file.
VDESK.EXE
(New)
WAITFOR.EXE
WCAT: Web
Capacity Analysis Tool
Web Administration
of Microsoft Windows NT Server
WhoAmI
(Updated)
WINAT.EXE: Command Scheduler
WINDIFF.EXE:
File and Directory Comparison - Windows-based tool.
WINEXIT.SCR:
Windows Exit Screen Saver - Logs the current user off after a specified time
has elapsed.
(Updated)
WINLOGO.DOC: "Designed for Windows NT and Windows 95" Logo Handbook
(Updated)
WinMsdP.EXE - Command-line utility, generates a text file of all the
information in WINMSD.
WINSCHK.EXE
WINSCL.EXE
WINSDMP.EXE:
WinsDump
WNTIPCFG.EXE:
Graphical IPConfig Utility
XCACLS.EXE
108 » Manage
file associations from the command line.
Two commands,
ASSOC and FTYPE, allow you to manage file associations from a command prompt
(or in a batch file).
Typing ASSOC,
without parameters, displays the currently defined extensions. Type Assoc .wav
to display the .wav file association. Typing assoc .wav= will delete the .wav
association.
Typing FTYPE
without options displays the file types that have defined open command strings.
Ftype SoundRec will display the open command string for the file type SoundRec.
Typing ftype SoundRec= will delete the open command string.
To define a new
association for .log files which you want to open with notepad:
assoc
.log=LogFile
ftype
LogFile=%Systemroot%\System32\notepad.exe %1
For a complete
explanation, type ftype /? at a command prompt.
109 » Getting
Windows NT command help.
Did you know
that besides typing help from a command line to display the list of commands
and typing command /? to get specific command help, Windows NT has a command
help file?
%windir%\System32\NTcmds.hlp
provides a quick handy reference in a small help window. Create a shortcut and
place it on your Desktop and/or on the Start menu.
111 » Do your
Desktop icons loose position?
If the location
of your Desktop icons occassionally get messed up, you can correct this by
installing LAYOUT from the Resource Kit.
After installing
LAYOUT, a right click on My Computer, Network Neighborhood or the Recycle Bin
will allow you to select Save Desktop Icon Layout. If you subsequently need to
restore, right click and select Restore Desktop Icon Layout.
112 » How do I
remove a Printer/Print Driver?
To completely
remove a Printer and Print driver, perform the following tasks:
1. Remove the
printer from Print Manager
2. Delete the
printer Drivers located in %windir%\system32\spool\drivers\w32x86\2 and/or \0
and/or \1
3. Edit the
registry and delete the driver references at:
Hkey_Local_Machine\System\CurrentControlSet\Control\Print\Environments\WIndows
NT x86\Drivers\Version-1for NT 3.51
Hkey_Local_Machine\System\CurrentControlSet\Control\Print\Environments\WIndows
NT x86\Drivers\Version-2for NT 4.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers\
For a Network
printer:
HKEY_CURRENT_USER\Printers\Connections\<Server
Name>
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Providers\LanMan
Print Services\Servers\<Server Name>\Printers\
4. Restart the
computer
113 » Prevent
logon of mandatory profile user when the server is down.
As you know, to
create a manditory profile, you rename the user's NTUser.dat file to
NTUser.man.
To prevent these
users from logging on when the server is off-line:
1. Rename the
profile folder to include a .man extension
2. In User
Manager for Domains, change the User's Profile Path: to reflect the .man
extension
Example: If
Jennifer's profile path was \\Server\Share\Jennifer\Profile, change it to
\\Server\Share\Jennifer\Profile.man and reflect that change in the User Profile
Path: entry of User Manager for Domains.
With these
changes, Jennifer will be prevented from logging on during those rare server
outages.
114 » How do I
set RAS to answer after more than 1 ring?
The only way I
have found to get RAS to answer on "x" rings is to edit the registry
at:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Class
and to locate
the modems entry (Usually the 4th entry). Double click to expand it. Locate the
modem in question where 0000 is the 1st modem. Double click and highlight the
Monitor key. Double click the 1st entry which should be ATS0= and change the
number of rings.
You will need
stop and restart the RAS service, but a reboot may be necessary.
116 »
Configuring "Snap to" in the registry.
While you can
configure "snap to" in Control Panel / Mouse, you may want to
configure it via the registry. Edit:
HKEY_CURRENT_USER\Control
Panel\Mouse
Edit
SnapToDefaultButton or Add Value of type REG_SZ. Set it to 1.
117 » Do you
occassionally print to a file?
In Windows NT,
you can configure a printer Port as File:. If your usage is infrequent, you may
wish to always print to the same file each time, bypassing the dialogue box
that requests a file name. To accomplish this, edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Ports
and Add Value of
type REG_SZ for your Drive:\Directory\FileName.Extension. Leave the string
empty. Example: C:\prt2file.prn. Don't forget proper permissions.
Reboot and add a
printer using the same driver, print processor, and data type as the printer
that will actually render the output on paper. Select the above filename as the
port.
You may wish to
add a new file type for this extension in Explorer / View / Options / File
Types / New Type. I defined prn file with extension prn. I clicked new and
added a print action with the following Application ... string:
C:\WINNT\system32\print.exe "%1". This allows me to double click to
print to the default printer or drag the file to a desktop printer icon.
118 » Turn off
that Windows Animation.
Using TweakUI,
you can enable/disable Windows Animation. To do this in the registry, edit:
HKEY_CURRENT_USER\Control
Panel\Desktop\WindowMetrics
Double click
MinAnimate or Add Value of type REG_SZ. Setting MinAnimate to 0 turns off the
animation while a setting of 1 enables it.
119 » Rein in
that junior administrator.
If you have
administrators-in-training, you can prevent them from using the registry tools.
Using Regedt32:
Highlight
HKEY_USERS and Load Hive from the Registry menu. Browse to their profile
directory and select NTUser.dat. When prompted for Key Name, input their
UserID. Navigate to \Software\Microsoft\Windows\CurrentVersion\Policies. If no
System sub-key exists, Add Key. Then Add Value of DisableRegistryTools (under
the System key) using type REG_DWORD and set it to 1. Unload Hive from the
Registry menu.
Your junior
administrator will not be able to run Regedt32 or Regedit.
120 » Solve
those logon script problems.
Kixtart 95 is a
freeware logon script processor for Windows NT and Windows 95. It was designed and
developed by Rudd Van Velsen of Microsoft Benelux. In conjunction with
Winset.exe (from the Windows 95 CD), you can set environment variables into
Windows 95 that will allow you to have common environment variables for your
Windows NT and Windows 95 clients. In the partial logon script sequence below,
I have made the following assumptions:
1. In User
Manager for Domains, the logon script in each user's profile is LOGON
2. LOGON.BAT is
located in your server's NETLOGON share and contains:
@echo off
%0\..\KIX32
LOGON
Exit
3. LOGON.SCR is
the KixTart 95 script, and along with Winset.exe, is also located in the
NETLOGON share
4. The KX95.DLL
and Winset.exefiles have been installed in the \SYSTEM sub-directory on your
Windows 95 clients.
Do not use any
of the environment variables that you set into Win95 in the Kixtart 95 script,
they are for use after logon, unless you also issue a SETL and shell any batch
programs that may use them during logon.
Here is
LOGON.SCR
CLS
AT (1,1)
If @INWIN =
2 ; If Client WS is Windows 95
$L =
"@LSERVER" + "\" + "NETLOGON" + "\" +
"WINSET.EXE"
shell "$L
USERNAME=@USERID"
shell "$L
HOMEDRIVE=X:" ; Same drive you
configured in User Manager
shell "$L
HOMEPATH=@HOMEDIR"
shell "$L
HOMESHARE=@HOMESHR"
shell "$L
COMPUTERNAME=@WKSTA"
shell "$L
USERDOMAIN=@DOMAIN"
shell "$L
LOGONSERVER=@LSERVER"
shell "$L
USERPROFILE=@HOMESHR"
shell "$L
OS=Windows_95"
setl
"USERNAME=@USERID"
setl
"HOMEDRIVE=X:"
setl
"HOMEPATH=@HOMEDIR"
setl
"HOMESHARE=@HOMESHR"
setl
"COMPUTERNAME=@WKSTA"
setl "USERDOMAIN=@DOMAIN"
setl
"LOGONSERVER=@LSERVER"
setl
"USERPROFILE=@HOMESHR"
setl
"OS=Windows_95"
endif
If @WKSTA
<> "@LSERVER" ; If
Client WS is not this Server
settime
"@LSERVER" ; Set time on
client to Server
endif
use X:
"@HOMESHR" ;Kix32 version of
NET USE
$S =
"@LSERVER" + "\" + "NETLOGON" + "\" +
"sales.txt"
IF
INGROUP("Sales") and EXIST("$S")
Display
"$S"
AT (23,1)
"Press any key to continue"
GET $A
endif
$B =
"@LSERVER" + "\" + "NETLOGON" + "\" +
"LOGBAT.BAT"
shell
"$B" ;Shell to a batch file
if you wish
; ...the
following code is just for fun
CLS
BIG
$X = 1
DO
COLOR w/n
AT ( $X,$X*2 )
"@USERID"
$X = $X+1
UNTIL $X = 6
COLOR g+/n
AT ( $X,$X*2 )
"@USERID"
sleep 3
AT (23,0)
SMALL
; ...end of
"just for fun"
cookie1 ; required to tell Win95 that the script is
finished when performing LMSCRIPT emulation
exit
Kixtart 95
supports many commands, functions, and macros including registry and file
manipulation, messaging, printer (dis)connection, group membership testing, and
more. I highly recommend it.
121 » Have W95
Client's DOS Prompt open at their home directory.
If you
implemented tip 120, you can cause your Windows 95 client's DOS Prompt to open
at the %HOMEDRIVE%\ as follows:
1. Logon to a
Windows 95 machine and modify the DOS Prompt shortcut in %windir%\Start
Menu\Programs to a have Working: of %HOMEDRIVE%\
2. copy the
shortcut to the NETLOGON share as W95 (it will automatically use a .PIF
extension).
3. In your logon
script, shell a batch file for Windows 95 clients only that copies the W95.PIF
to the client. Here is the batch file:
del
"%windir%\Start Menu\programs\MS-DOS Prompt.pif"
del
"%USERPROFILE%\Start Menu\programs\MS-DOS Prompt.pif"
del
"%windir%\profiles\%USERNAME%\Start Menu\programs\MS-DOS Prompt.pif"
Copy
%LOGONSERVER%\NETLOGON\W95.PIF "%windir%\Start Menu\programs\MS-DOS
Prompt.pif"
Copy
%LOGONSERVER%\NETLOGON\W95.PIF "%USERPROFILE%\Start Menu\programs\MS-DOS
Prompt.pif"
Copy
%LOGONSERVER%\NETLOGON\W95.PIF "%windir%\profiles\%USERNAME%\Start
Menu\programs\MS-DOS Prompt.pif"
EXIT
122 » Network
Neighborhood System Policy Restrictions.
If you don't
want to remove Network Neighborhood from the desktop (see tip 050,
"Locking down that desktop"), you can add the following network
restrictions:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network
Add Value of
NoEntireNetwork as type REG_DWORD. Set it to 1.
and/or
Add Value of
NoWorkgroupContents as type REG_DWORD. Set it to 1.
125 » Increase
network performance.
If you increase
the number of buffers that the redirector reservers for network performance, it
may increase your network throughput. Each extra execution thread that you
configure will take 1k of additional nonpaged pool memory, but only if your
applications actually use them. To configure additional buffers and threads,
edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters
Modify or Add
Value of type REG_DWORD for:
MaxCmds The
range is 0 - 255 and the default is 15
MaxThreads Set
it to the same value as MaxCmds
You may also
want to increase the value of MaxCollectionCount. This REG_DWORD is the buffer
for character-mode named pipes writes. The default is 16 and the range is 0 -
65535.
126 » Adding
"open with xyz" to every Explorer right click.
In addition to tip
060, "Add new options to that right click in Explorer", You can add
an new option to every right click by editing the Registry at
HKEY_CLASSES_ROOT\* and Adding Value EditFlags of type REG_BINARY. With the Hex
button checked, enter 02000000.
In Explorer
select view/options/File Types. Highlight the * entry and click the Edit
button. Click the New button. In the "Action" box, type "open
with xyz". In the "Application ..." box, browse to the program
you wish to use. OK/Close out of the dialogue boxes.
Now, when you
right click in explorer, you will always be able to "open with xyz".
To restrict this
functionality to Unknown file types, perform the Registry edit on
HKEY_CLASSES_ROOT\Unknown instead.
Note: This
procedure will prevent you from using the Office 95 Tool Bar and I haven't
figured out why, yet. You may prefer Tip 092.
127 » Is License
Manager screwed up?
If License
Manager does not reflect the truth about your licenses, and you can't amend it
properly, start over.
First, using
Control Panel / Services, scroll to the License Logging Service and Stop it.
Then delete %windir%\System32\Cpl.cfg, %windir%\System32\Lls\Llsuser.lls, and
%windir%\System32\Lls\Llsmap.lls. Restart the License Logging Service.
You should now
be able to use License Manager to reflect your purchased licenses.
129 » Speed up
that first 16-bit Process on your Windows NT Server.
The 16-bit
sub-systems on your Windows NT Server do not start automatically, causing a
delay in the startup of the first 16-bit Windows or Command line application
started. You can start the 16-bit sub-system automatically by editing:
HKEY_LOCAL_MACHINE/Software/Microsoft/Windows
NT/CurrentVersion/Winlogon
Double click on
Userinit and add ,win.com wowexec to the end of the string.
You will need to
reboot for this change to take effect.
130 » Is there a
delay when saving documents to a Server Share?
If your clients'
experience delay when saving a document to a server share, it may be because
the client is ignoring the server's oplocks break request. If this is pervasive
over many clients, disable opportunistic locking on the server by editing:
HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/LanmanServer/Parameters
Add Value
EnableOplocks as a REG_DWORD. Set it to 0.
You will need to
reboot your server for this change to take effect.
132 » Do your
desktop icons redraw frequently?
If your desktop
icons redraw frequently, try editing:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer
Add Value of Max
Cached Icons with type REG_SZ. Set it to 8000.
Note: There is a
space after Max and after Cached.
135 » Trouble
with the AT command?.
If you are
having trouble with the AT (Schedule Service) command, it might be because the
Schedule Service is running under the default System account context, which has
no network access. To Access network drives, add net use commands with an
appropriate user account as in net use Drive: \\Server\Share password /U:UserId
I recommend
setting up a user account (ROBOT) that is a member of the Domain Admin group.
This account should have a non-blank, non-expiring password. Grant it the
permissions required. Give it all the User Rights and Advanced User Rights that
you would ever require of a batch job. In Control Panel / Services / Schedule,
configure startup to use this account. Stop and Start the schedule service.
If the job
requires interaction with the desktop, you will need the /Interactive switch.
This may require using the System account.
Debug your batch
job by adding ECHO and Pause commands to the batch. Schedule AT time
/interactive "cmd.exe /k" and run the job from the window it opens.
This should let you see what is happening within the context of the schedule
service account.
Get a good
scheduler! I sell OpalisRobot, an event based scheduler for Windows NT. Events
are:
date/time
file creation
directory size
limit
event log entry
success or
failure of a task
SQL query
ODBC Query
State of a
service
Interactive
event
Based on one or
more linked events, tasks can be triggered:
Batch or
executable
Command
execution
SQl file or
Query
Action on an NT
Serviice
Shutdown
Remote execution
File Copy or
move
Directory copy
File Print
Send Mail or
message
ODBC query or
data xfer
RAS connect or
hangup
Send Event Log
message
136 » Who has
What files open?
OFL is a
freeware utility that will list files on the specified Server which have been
opened via a network connection. This version fixes the "Error More
Data" messages. The user running this utility must be either an Operator
or an Administrator.
usage: ofl
[-cdfh?] [-s Server] [-u User] [file]
Options:
c - Close each
open file listed.
d - Detail.
f - Force close
of all files, (no confirmation required).
h - Help,
(this).
? - Usage.
s - Specify a
Server for which to list open files.
u - Specify a
User for which to list open files.
file - The open
file(s) to list.
If no User is
specified, then open files are listed for all users. If no Server is specified,
then open files are listed on the local Server. If no file is specified, then
all files are listed. Wildcards, "*" and "?", may be used.
See the
readme.txt in the included .zip for additional information.
If you run the
following at a command prompt of the server, it will list everyone who has
FILEMANE.EXT open:
OFL -d | FIND
"FILENAME.EXT" /I
137 » How do I
run Win95 games on Windows NT 4.0?
I hated to post
this, but I get so many requests.......
<CD-ROM:>\Support\DEBUG\SETWIN95.CMD
will fool an application into believing that it is running on Windows 95. Visit
http://www.cris.com/~Dstaines/nt40games/ for a list a games that will work on
NT 4.0.
SETWIN95 will
only help if the game aborts itself when checking to see that it is actually
running on WIN95, if the game makes an illegal call it will abend.
138 » How do I
print to a non-NT printer share?
If the TCP/IP
printing service is not installed, install it via
Control
Panel/Network/ Services/TCPIPprinting/Add/MicrosoftTCPIPPrinting.
After the
reboot, choose Start Menu/Printer/AddPrinter/MyComputer/AddPort/LPRPort. Add the
ShareName or IP address of the remote printer.
140 » Set the
system clock over the internet.
Settime.zip is a
freeware app that will set your system clock from a U.S. Navy time source on
the Internet.
141 » Alter when
Windows NT displays the Password expiration warining.
By default,
Windows NT display the password expiration warning 14 days prior to password
expiration. To alter this behavior, edit:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon
Add Value
PasswordExpiryWarning as a REG_DWORD. Set it to the number of days that the
warning is displayed before the password expires.
142 » Alter when
you recieve a HD full warning.
By default,
Windows NT posts an alert when the amount of free space remaining on your disk
falls below 10 percent. With a 9Gig HD, you still have 900Meg available. To
alter this behavior, edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
\LanmanServer\Parameters
Add Value
DiskSpaceThreshold with a type of REG_DWORD and set it to the percentage of
free disk space remaining before an alert is sent. The allowable range is 0 -
99 percent.
143 » Internet
Explorer security.
If you're using
Internet Explorer (IE), disable NTLM authentication by editing:
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet
Explorer\Security\NTLM and double click on SchemeList in the right hand pane.
Change this REG_SZ Value to: Thanks JSI. This will prevent IE from browsing any
site that uses NTLM authentication on the net.
145 » How to
adjust your IntelliMouse scroll.
Edit the
registry at:
HKEY_CURRENT_USER\Control
Panel\Desktop\WheelScrollLines
The valid range
is 0 - 0xFFFFFFFF and the default is 3. This entry determines the number of
lines scrolled for each rotation of the mouse wheel on a Microsoft IntelliMouse™
when no modifier keys (such as CTRL or SHIFT) are pressed. If the value of this
entry is 0, the screen will not scroll when the mouse wheel is turned. If the
value of this entry is greater than the number of lines visible in the window,
the screen will scroll up or down by one page. To direct WindowsNT to interpret
all wheel rotations as page-up or page-down commands, set the value of this
entry to 0xFFFFFFFF.
146 » Error -
"User doesn't have enough rights to do this".
If an
application generates the subject message, it may to be using Null Sessions to
access the registry. This is disabled by default starting with SP3 (SP2 and the
Security hotfix). To enable Null Sessions access to the registry, edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
Double click on
NullSessionPipes in the right hand pane and add winreg to the string.
You must reboot
for this change to take effect.
147 » Does the
\System32 directory open when you logon?
To correct this
problem:
1. Edit:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer.
If the right hand pane has an entry NoSaveSettings that is a 1, set it to zero
until the problem is resolved. This should be a REG_BINARY value.
2. Edit:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
For each Value,
make sure that the string is valid, i.e., if the Value is ActiveMovie File
Extensions, the string of this REG_SZ entry should be ActMovie.exe /Check and
not null. The string must always start with an executable file. If it doesn't,
fix it or delete the Value.
3. See Tip 016
for other keys that you can check.
148 » Is your
network plagued with Browser elections?
A browser
election is a normal network occurance. An election provides a means to
guarantee there is never more than one master browser present in a
domain/workgroup. A master browser is elected in the following priority:
NT Server
installed as PDC
NT Server
NT Workstation
other
A PDC (Primary
Domain Controller) is automatically the Domain Master Browser even if
"IsDomainMaster=Yes" is set in the Registry on another NT Server in
the domain.
If you are
running workgroup servers (no domain controller) and want to force a specific
server to be the preferred master browser, set the following registry entry on
that server to Yes:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters\IsDomainMaster
To prevent an NT
Workstation or Server (non-PDC) from acting as a browser, set the following
entry to No:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters\MaintainServerList
To prevent a
WFWG system from acting as a browser, create and/or set the following statement
in the [Network] section of System.ini of the WFWG client:
MaintainServerList=No.
Other valid entries are Yes and Auto.
Windows 95
machines can only participate in a browser election if they are configured for
File and/or Print sharing. This is accomplished in Control Panel / Networks. To
set or check the browser settings, scroll the network Configuration for File
and printer sharing for Microsoft Networks. Highlight this entry and click the
Properties button. Select Browse Master and choose from Disabled, Enabled, or
Automatic.
149 » How do I
rename a Domain Controller?
See tip 475 for
information on renaiming a domain.
The steps for
renaming a Primary Domain Controller (PDC) vs a Backup Domain Computer (BDC)
are different.
To rename a PDC:
1. Control Panel
/ Network / Identification. Click the Change button and type the new computer
name. Reboot.
2. Server
Manager / Add to Domain, add the new name as a BDC (it will actually be added
as a PDC).
3. Server
Manager / Remove from Domain, remove the old name and any duplicate new name
entry as a BDC.
To rename a BDC:
1. Server
Manager / Add to Domain, add the new name as a BDC.
2. Control Panel
/ Network / Identification. Click the Change button and type the new computer
name. Reboot.
3. On the PDC,
Server Manager, select the new BDC and Sync with Primary. Select old BDC and
Remove from Domain
151 » Problems
with 16bit apps in Windows NT?
Here are some
reasons for having problems with 16bit applications:
1. The PATH
variable is too long or has an entry pointing to the WINDOWS or WINDOW/SYSTEM
directories of a Windows 3.x or Windows 95 installation. This would be in
either Control Panel / System / Environment or the AUTOEXEC.BAT. See tip 021.
2. The
COMMAND.COM used by Windows NT is missing, damaged or replaced by another
version. Repair System files and re-apply your latest Service Pack.
3. The VER.DLL
file in the %systemroot%\system or %systemroot%\system32 directories is
corrupted or replaced by an invalid version.
4. SHARE.EXE (or
VSHARE) is being loaded in an %systemroot%\system32\AUTOEXEC.NT.
5. Insufficent
environment space, see tip 047.
6. Check
%systemroot%\system32\CONFIG.NT, here is mine:
dos=high, umb
device=%SystemRoot%\system32\himem.sys
files=75
shell=%systemroot%\system32\command.com
/p /e:4096
ntcmdprompt
7. Corruption of
the WOW sub-system files. Repair System files and re-apply your latest Service
Pack.
152 » No Disk in
drive?
If you receive a
message from NTVDM, when starting an application, or from a service that there
is no disk in drive A: or a CD-ROM drive letter, it may be that the path
statement contains a reference to this drive. Check Control Panel / System /
Environment and AUTOEXEC.BAT. This drive letter may also be referenced in an
application shortcut. Lastly, if the drive letter is at
HKEY_LOCAL_MACHINE\SYSTEM\SETUP\WinntPath, delete it and reboot.
153 » "Not
enough server storage is available to process this command".
If you receive
the subject or similar message, you may have a non-zero PagedPoolSize entry in
the registry. Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session
Manager\Memory Management
Set
PagedPoolSize to 0.
Reboot.
Another possible
cause of this error is if you installed SP3 before installing any networking
components. If this is the case, re-apply SP3 (and any hotfixes).
154 » Printer
"timing" hacks.
To modify
printer timing behavior, edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print
In the right
hand pane, modify or add value from the following list of parameters:
FastPrintWaitTimeout
type REG_DWORD Range: Milliseconds, Default: 24,000 (4 minutes)
When
JobPrintsWhilstSpooling is enabled, the port thread must synchronize with the
spooling application. This value determines how long the port thread waits
before giving up, pausing the current print job, and moving to the next print
job.
FastPrintThrottleTimeout
type REG_DWORD Range: Milliseconds, Default: 2,000 (2 seconds)
When
JobPrintsWhilstSpooling is enabled, some printers pause if they don't receive
data for a timeout period (usually 15 seconds for a Postscript printer). To
counteract this, the spooler throttles back on data sent to the printer when
FastPrintSlowDownThreshold is reached. At that point, FastPrintThrottleTimeout
causes 1 byte per defined period to be sent to the printer until the threshold
defined by FastPrintSlowDownTheshold is exceeded.
FastPrintSlowDownThreshold
type REG_DWORD Range: Milliseconds,
Default:
FastPrintWaitTimeout divided by FastPrintThrottleTimeout
NetPrinterDecayPeriod
type REG_DWORD Range: Milliseconds, Default: 3,600,000 (1 hour)
Specifies how
long to cache a network printer. The cache is used to present the list of
printers to the browser.
PortThreadPriority
type REG_DWORD Default: 0
Allows you to
set the priority of the port threads. These are the threads that send the
output to the printers. Valid values are:
0 (Normal)
1 (Above normal)
0xFFFFFFFF
(Below normal)
SchedulerThreadPriority
type REG_DWORD Default: 0
The priority of
a thread determines the order in which it is scheduled to run on the processor.
Valid values are:
0 (Normal)
1 (Above normal)
0xFFFFFFFF
(Below normal)
SpoolerPriority
type REG_DWORD Default: 0
Sets the
priority class for the print spooler. Valid values are:
0 (Normal)
1 (Above normal)
0xFFFFFFFF
(Below normal)
155 » Speed up
file system activity.
If you have some
extra RAM and an active file system, you can speed up file system activity by
increasing the IoPageLockLimit from the default 512K bytes to 4096K bytes or
more. Edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session
Manager\Memory Management
IoPageLockLimit
type REG_DWORD Default: 512K
This entry is
the maximum number of bytes that can be locked for I/O operations. When the
value is 0, the system defaults to 512K. The largest value is based on the
amount of memory in your system. I would limit this entry to:
RAM (MB)
IoPageLockLimit
Decimal
IoPageLockLimit
Hex
32 4096 1000
64 8192 2000
128 16384 4000
256+ 65536 10000
Before making
changes, get a baseline by using performance monitor for a representative
period of time. Make your changes in small increments and measure performance
after each change.
156 » Installing
a Service Pack with HOTFIXES.
KB article
Q166839, updated 15-May-1997, contains some usefull information about
installing Hotfixes with Service Pack 3, but it is incorrect and incomplete in
the "How to" section.
Starting With
Windows NT 4.0 Service Pack 3, Update.exe will update your NT 4.0 install to
the service pack and will install any specified HOTFIXes. The steps required to
accomplish this are:
1. Copy all
service pack files to a directory, i.e. C:\SP3. You can expand a Service Pack
by typing: ServicePackFileName.exe /x
2. Create a
subdirectory under SP3 called HOTFIX
3. Copy
hotfix.inf and hotfix.exe to this directory. I have a ZIP file (JSI_T156.zip)
that includes a sample combined hotfix.inf.
You can see from
the COMMENT line at the bottom that this custom HOTFIX contains:
Q143478 -
oobfix_i
Q168748 -
javafixi
Q154087 -
lsa-fixi
Q170510 -
w32kfixi
Q154174 -
icmpfixi
Q146965 -
admnsymi
Q154460 -
chargeni
4. Copy the
actual files that make up the hotfixes into this directory (you may ignore the
*.dbg files). You must expand the hotfix exe files in date order, earliest
first so that you get the latest version of a duplicate file. Type
HotfixFileName.exe /x to expand a hotfix.
5. Open up the
sample hotfix.inf file and add the files in the appropriate sections from the
expanded hotfix.inf
Download my ZIP
and compare it with any single HOTFIX and you will see what I mean.
6. Save your INF
file and run update.exe. After SP3 files are copied, you will be prompted to
verify that you want to have HOTFIXES installed. Choose Yes.
If you are
prompted for the location of your Service Pack files, just point to the SP
directory, i.e. SP3.
If you uninstall
the Service Pack, you will be prompted to remove the HOTFIX.
157 » How can I
let users administer their Workstation?
If you need (or
want) to allow an ordinary user to administer their Workstation, add their
\\Domain\UserId to the Workstations Adminstrators group. This will allow them
to be an administrator of the workstation while signed on as an ordinary user
in the domain.
If you haven't
done so already, add the Domain Administrators global group to the
Workstation's local Adminstrators group. This will allow Domain Administrators
to administer the Workstation.
1. Log on to the
local computer with an account that has local administrator rights.
2. In User
Manager, Double-click on the Group Administrators and click Add.
3. In the List
Names From list box, select the domain you usually log on to. Find the user
name in the list and select it.
4. Click the Add
button, the DOMAINNAME\USERNAME should appear in the lower list box now.
5. Click OK and
OK again.
When the user
logs onto the domain, they will have Administrative rights on their Workstation
but remain an ordinary user in the domain.
159 » Use a
batch file to disconnect user sessions.
You can manually
disconnect users in Server Manager and you can set logon time restrictions
(with forced Logoff) in User Manager for Domains, but I prefer to use a batch
file due to the enhanced flexibily it offers and the ability to schedule it.
Here is a sample (note - a leading : is the same as REM):
:Pausing the
Netlogon service prevent this "server" from processing new logons.
:If you have other
logon servers, they can still process logons.
net pause
Netlogon
:Pausing the
Server service prevents new logons and new connections on this
"server".
net pause Server
net send /domain
"Your session(s) will be disconnected in 5 minutes, please logoff."
:Sleep is a
resource kit utility.
sleep 300
:net session
/delete /y will terminate all sessions/connections with this
"server".
net session
/delete /y
:
:
:Perform other
usefull work here like stopping services, backing up, starting the services.
: To get the
service names, browse the registry at
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
: Example: net
stop RemoteAccess
:
:
:Enable the
Service and/or Netlogon services that you paused.
net continue
Server
net continue
Netlogon
net send /domain
"Logons and connections are now enabled."
exit
160 » How can I
prevent users from accessing Control Panel / System?
Remove the Read
permission from %SystemRoot%\System32\Sysdm.cpl for the Group(s) / User(s) that
you wish to restrict.
You can get at
list of Control Panel Applets by typing:
dir
%SystemRoot%\System32\*.cpl /b
To remove all
Control Panel Objects, see Locking down that desktop at tip 050.
161 » What is
error ####?
Occassionally, a
Windows NT message will not contain any text, just a number. When that happens,
open a command prompt and type:
net helpmsg ####
Example: net helpmsg 1797 yields The printer driver is unknown.
162 » Flaky
logon problems?
If you
experience random Server service stop messages upon boot or randomly experience
logon problems, delaying the start of the NetLogon and Spooler services may
help (and can't hurt). To accomplish this, edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Spooler
Choose Add Value
from the edit menu. Type DependOnService in the Value Name and select type
REG_MULTI_SZ. Add these three lines as Data
LanmanWorkstation
LanmanServer
LmHosts
Next, navigate
to the NetLogon service
(HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon) and edit the
DependOnService value. Add the Spooler service to the end of the string. This
entry should now look like:
LanmanWorkstation
LanmanServer
LmHosts
Spooler
Reboot your
computer.
163 » Take
charge of your desktop.
If you wish to
remove Internet Explorer, the In Box, and/or the Recycle Bin from your desktop,
you may use the following registry hack. Before doing so, you may wish to
create shortcuts for these and place them on your Start menu. You can create
the shortcut by right clicking on the icon and dragging the resulting shortcut
to your profile (see Tip 051). Then edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace
Double Clicking
on NameSpace will reveal the keys for these 3 desktop icons. Clicking each one
will show you the icon name in the right hand pane. To remove an icon, select
the key and delete it.
You may wish to
use LAYOUT.DLL from the resource kit to save your desktop icon positions.
164 » Access
denied while installing applications?
One overlooked
reason for getting access denied and/or other problems when installing software
is the existence of a file that needs to be replaced but can't be due to a
read-only attribute. This most often occurs in the %SystemRoot% directory and
its' sub-directories. To display the files in your NT directory that have the
read-only attribute, type:
dir
%systemroot%\*.* /ar /s
You can remove
the read-only attribute from a file by using the attrib command. To remove the
read-only attribute from all files in the NT directory and sub-directories,
type:
attrib -r
%systemroot%\*.* /s
165 » Control
the order of apps in your Startup folder.
There is no way
to specifically control the startup order of applications in your StartUp
folder. If you need to control the startup sequence, use a batch file with
Start commands. Type Start /? at a command prompt for syntax.
Place a
minimized shortcut to the batch file in your StartUp folder, removing the
application shortcuts that you are starting via the batch file.
166 » Do It
Yourself Shutdown.
With all the
hacking that I do to for these tips, I shutdown and reboot often. To speed up
the shutdown, I have removed the Shutdown button from my Start menu (so I don't
forget - see tip 050), implemented some speed up hacks (see tip 033 and tip
083), and created a batch file where I explicitly stop certain services and
invoke shutdown.exe from the NT 4.0 Server Resource Kit. Here is a sample batch
file:
@echo off
NET STOP
NetLogon
NET STOP Spooler
NET STOP
......other slow services such as Exchange, SQL, etc...
C:\Reskit40\Shutdown
\\ServerName /l /r /t### /y "Bye Y'all"
exit
You can find the
service name by browsing the registry at
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
I placed a
shortcut to this batch file on my start menu (see tip 051).
Note: If
stopping the service requires a y/n response, add /y, i.e. NET STOP ServiceName
/y
167 » Can't
delete LPT1 and other reserved names?.
If you
accidentally create a directory or file with an illegal or reserved name, you
can not delete it normally. To delete it, open a command prompt and type:
del
\\.\Drive:\directory\filename
Example: del
\\.\c:\someplace\lpt1
168 » Error:
There is no print processors!
This error can
occur due to:
. An improper
registry entry at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments
\Windows NT x86\Print Processors\winprint
with a Value of Driver as type REG_SZ with
string winprint.dll
. A corrupt or
missing WINPRINT.DLL which is normally located at
%systemroot%\System32\spool\prtprocs\w32x86
You can expand WINPRINT.DL_ from the to CD by
using the expand command. Type expand /? for help.
169 » Sneaky
hidden drive mapping for everyone.
If your Schedule
service runs under the SYSTEM account (mine does as I use OpalisRobot for scheduling),
and you have the resource kit, you can map drive letters to hidden shares which
will be available to every local user of the Windows NT computer. The drive
mapping is valid until deleted by the SYSTEM account or until you reboot. Here
is a way to establish the mapping at each boot:
. Establish the
hidden shares that you wish to map and assign permissions as in normal shares.
. Install
AUTOEXNT (see tip 006).
. Add
Drive:\Reskit\soon.exe 30 Drive:\Directory\sneak.bat to AUTOEXNT.BAT
. Create sneak.bat.
Hear is a sample:
net use
DriveLetter1: /delete /y
net use
DriveLetter1: \\Server\Share1$
net use
DriveLetter2: /delete /y
net use
DriveLetter2: \\Server\Share2$
exit
. Add
DependOnService entries (see tip 069) as follows:
Service
DependOnService (each entry on a seperate line)
Spooler
LanmanWorkstation, LanmanServer, LmHosts
NetLogon
LanmanWorkstation, LanmanServer, LmHosts, Spooler
Schedule
NetLogon
AutoExNT
Schedule
170 » Freeware
Command Line / Batch Registry & Environment editor.
REG.zip is a
handy Registry and Environment Variable batch and command line tool that
supports operations on the following Registry Hives:
HKEY_LOCAL_MACHINE
HKEY_USERS
HKEY_CURRENT_USER
REG will:
. Add and Delete
a Registry Key.
. Add, Delete
and Change a Registry Value. It supports Value Types of:
REG_SZ
REG_DWORD
REG_MULTI_SZ
REG_EXPAND_SZ
. Add and Delete
a directory in either the SYSTEM or USER PATH.
. Setting an
Environment Variable in either the SYSTEM or USER environment.
. Setting
Environment and PATH variables from a file.
. Setting
multiple options from a file.
. Setting a
Registry Value from the keyboard.
171 » Manage
your own Tips.
You can add,
delete or change the Welcome Tips that are displayed when a user logs on. The
Tips are stored as sequentially named REG_SZ entries at
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Tips
The Value name
starts with 0 and progresses sequentially with no gaps. You may Add Value,
change the text of a Value or delete the last or all Values and start over.
The control for
the Tips is user based and is located at
HKEY_USERS\«User
SID»\Software\Microsoft\Windows\CurrentVersion\Explorer\Tips as two (2)
REG_BINARY entries.
Show controls if
the Tips are displayed. 01000000 enables the display while 00000000 disables
it.
Next controls
which tip is displayed next. 00000000 displays tip 0, 01000000 displays tip 1
and 0a000000 displays tip 10.
172 » Freeware
NT_HAIL - Send WinPopUp messages in Windows NT.
NT_HAIL is a GUI
freeware replacement for NET SEND, very similar to Messager.
NT_HAIL displays
a Network Neighborhood selection list, allowing you to graphically select the
recepients of your message.
173 » BM_DISK is
a freeware disk benchmark utility.
BM_DISK from
BEI, the producers of UltraBac, will test the raw read capability of your
disks.
Usage is BM_DISK
«Drive#» where 0 is the 1st disk, 1 is the second disk, etc..
BEI reports that
the fastest performance they have seen was from a Compaq raid array which
yielded 16Megabytes/second.
174 » Want your
own icon for Network Neighborhood, My Computer and the Recycle Bin?
When a desktop
icon's property sheet offer no option to change the icon display, there may be
a way to alter this in the registry.
If there is a
DefaultIcon sub-key in the HKEY_CLASSES_ROOT\CLSID key, you can alter the icon
display. Here are just some of the possibilities:
HKEY_CLASSES_ROOT\CLSID\{208D2C60....\DefaultIcon
Network Neighborhood
HKEY_CLASSES_ROOT\CLSID\{20D04FE0....\DefaultIcon
My Computer
HKEY_CLASSES_ROOT\CLSID\{645FF040....\DefaultIcon
Recycle Bin 3 Value entires
HKEY_CLASSES_ROOT\CLSID\{00020D75....\DefaultIcon
Inbox
HKEY_CLASSES_ROOT\CLSID\{85BBD920....\DefaultIcon
Briefcase
HKEY_CLASSES_ROOT\CLSID\{FBF23B42....\DefaultIcon
Internet Explorer
Alter the icon
path in the Value entry to reflect the full path to the .ico, .exe, or .dll
file. If you are using a .exe or .dll which contains multiple icons, you must
add a ,xx where xx is the icon number.
175 » Prevent
users from logging on more than once.
Other than
restricting logon to a single computer, Windows NT does not support any
standard method of preventing multiple logons. Here is a method that does work:
1. Create a
hidden share for each user's home directory and assign share permissions for
that user only. I use meaningless alphanumeric strings to prevent guessing the
share name. Example: a1hl2o$. Set the User Limit to Allow 1 Users
2. Create a
%UserName%.txt file in each user's home directory with read permissions only
for that user.
3. Implement a
KixTart login script per tip 120.
4. Add the
following to the logon script, immediately before the cookie1 statement.
$K =
"@LSERVER" + "\" + "NETLOGON" + "\" +
"Once.txt"
$J =
"x:\" + "@USERID" + ".txt"
if exist
("$J")
goto done
endif
CLS
AT (1,1)
display
"$K"
Sleep 3
$RC =
shutdown("", "Shutdown in progress!", 0, 1, 0)
:done
Where once.txt
is in the NetLogon share and contains:
You are logged
on more than once!
Press CTRL + ALT
+ DELETE
Press Shutdown
Why does this
method work? Since only 1 user is allowed to connect to the user's share, the
use command in the logon script fails to map a drive letter if 1 connection to
that share already exits. This causes the if exist on %UserName%.txt to be
false, invoking the shutdown process. Since the logon script hasn't finished,
the manual keystrokes requested in once.txt are required. If a user does not
follow these instructions, they are prevented from completing the logon because
the shutdown is pending.
173 » BM_DISK is
a freeware disk benchmark utility.
BM_DISK from
BEI, the producers of UltraBac, will test the raw read capability of your
disks.
Usage is BM_DISK
«Drive#» where 0 is the 1st disk, 1 is the second disk, etc..
BEI reports that
the fastest performance they have seen was from a Compaq raid array which
yielded 16Megabytes/second.
176 » Have you
messed up the permissions on SYSTEM files?
If you have
modified the permissions on Windows NT folders and files and wish to reset
these, download fixacl1.exe from this Microsoft link.
178 » Command
line cut & paste.
CMD.exe supports
command line cut and paste.
You can copy and
paste text between MS-DOS and WindowsNT. In the command prompt window,
right-click anywhere on the title bar to see a menu, click Edit, and then click
Mark. Select the text you want to copy and press ENTER to copy the text to the
Clipboard or just right click again. You can then paste the text into your
application.
Using the paste
command, you can paste the Clipboard contents to the current command line. If
you paste multiple lines of commands, they will all be executed in turn.
Example:
dir c:\boot.ini
attrib -r -s -h
c:\boot.ini
dir c:\boot.ini
attrib +r +s +h
c:\boot.ini
Copy the above
to the clipboard, open a cmd prompt, right click the title bar, click Edit,
click Paste. See how each command was executed:
179 » Compacting
your WINS and/or DHCP database.
When using
JETPACK to compact a database, never have a TEMP.MDB in the directory of the
.MDB you are compacting, as JETPACK use TEMP.MDB as working storage and will
delete it.
To compact a
WINS database, run a batch file which contains:
cd
%SystemRoot%\System32\WINS
net stop WINS
JETPACK WINS.MDB
WRK.MDB
net start WINS
exit
To compact a
DHCP database, run a batch file which contains:
cd %SystemRoot%\System32\DHCP
net stop
DHCPSERVER
JETPACK DHCP.MDB
WRK.MDB
net start
DHCPSERVER
exit
During the
process, JETPACK compacts your database to WRK.MDB, deletes your .MDB, and then
renames WRK.MDB.
181 » Automate
the replacement of inuse files.
You can manually
replace most inuse files by renaming them and then copying the replacement to
the original name.
To automate this
process for one or more files (if you have NT 4.0 SP2 or later) or to repair an
unbootable systems:
1. Insure that
you replace the setupdd.sys on disk 2 of the 3 setup floppies with the updated
version
as described in
Q168015.
2. Make a copy
of your ERD or generate a new one and delete all files except setup.log.
3. Copy the
files you wish to replace to the root of the ERD.
4. Modify the
setup.log file on the new ERD as described in Modifying the setup.log. later in
this tip.
5. Boot the 3
setup floppies and select R for repair, Verify Windows NT system files only,
and insert the
ERD into drive A: when prompted.
Press enter when
prompted to replace the files or ESC to skip a file.
I you do not
have an NT CD in the CD-ROM drive, see Q158423.
6. When
complete, reboot your computer.
Modifying the
setup.log.
Replace the
contents of the [Files.WinNT] section with a line or lines that contain the
full path to the file on your HD per the following format:
\WINNT\System32\drivers\8514a.sys
= "YourFileOnERD.EXT","99999","\","ERD
disk","YourFileOnERD.EXT"
where \WINNT
must be equal to TargetDirectory. When finished, your setup.log would look like
this:
[Paths]
TargetDirectory
= "\WINNT"
TargetDevice =
"\Device\Harddisk0\partition1"
SystemPartitionDirectory
= "\" SystemPartition = "\Device\Harddisk0\partition1"
[Signature]
Version =
"WinNt4.0"
[Files.SystemPartition]
ntldr =
"ntldr","2a36b"
NTDETECT.COM =
"NTDETECT.COM","b69e"
[Files.WinNt]
\WINNT\System32\drivers\8514a.sys
= "YourFileOnERD.EXT","99999","\","ERD
disk","YourFileOnERD.EXT"
If
YourFileOnERD.EXT is not the same name as 8514a.sys it will replace the
contents of 8514a.sys with the contents of YourFileOnERD.EXT.
If you change
TargetDirectory to be a non-NT directory, setup will copy the following
additional directories to the TargetDirectory which you can delete:
config
Cursors
Fonts
Help
inf
Media
Profiles
repair
system
system32
182 » Off-line
Registry editing.
If you have an
alternate install of Windows NT, you can use Regedt32.exe to edit a non-active
instance of Windows NT. Boot to any instance of Windows NT and use regedt32 to
highlight HKEY_LOCAL_MACHINE. On the Registry menu, Load Hive to invoke a
standard file open dialogue box. If you want to modify something in
HKEY_LOCAL_MACHINE\SYSTEM, you would navigate to the
OriginalNTInstall\System32\config directory and open the SYSTEM file. When
prompted for a name, use anything such as oldsystem. The HKEY_LOCAL_MACHINE
window will list the following hives:
HARDWARE
oldsystem
SAM
SECURITY
SOFTWARE
SYSTEM
Double-click on
oldsystem, and go down to the Select key. Take note of the number associated
with Default: REG_DWORD: This corresponds to the Control Set which will be used
to start the system on the other install. This means that instead of modify
something under CurrentControlSet (which doesn't exist when you've loaded a
hive from another install), you would use ControlSet00x where x is from the
Select key Default:.
You may now edit
anything you want in this ControlSet. Changes are instantly written to disk.
When you have finished, highlight oldsystem and select Unload Hive from the
Registry menu.
183 » How do I
pause a busy share?
If you have a
very active share and need to disconnect users to do some maintenance, you
could:
. Disconnect the
share in Server Manager - but users can reconnect.
. You could
delete the share - but you have to reset permissions when you recreate it.
I use either of
the following methods:
1. Locally, I
disconnect the users from the share in Server Manager and set the number of
connections to 1
which I consume
with the following batch file:
net share %1
/users:1
net use z:
/delete
net use z: \\%2\%1
/persistent:NO
exit
where %1 is the
ShareName and %2 is the ServerName.
When I am
finished, I use:
net use Z:
/delete
net share %1
/unlimited
exit
2. If the entire
process must be scripted or run remotely,
I use the
following batch with the Resource Kit RMTSHARE and PERMCOPY:
permcopy \\%1 %2
\\ServerName DummyShare
net send %1
/DOMAIN "%2 is temporarily out of service."
rmtshare \\%1\%2
/delete
... other stuff
...
rmtshare
\\%1\%2=%3 /unlimited
permcopy
\\ServerName DummyShare \\%1 %2
net send %1
/DOMAIN "%2 is now available."
exit
Where %1 is the
Server, %2 is the ShareName and %3 is the Drive:\Path
184 » Logout is
Freeware and works on WinNT and W95.
The Logout
utility can be exectued from the command line, batch file, or desktop. When a
user runs logout.exe, they are logged off.
186 » Is your
Server Service self-tuning?
If you have ever
run NET CONFIG SERVER in conjunction with the /AUTODISCONNECT, /SERVCOMMENT OR
/HIDDEN switches, you have accidentally turned off Windows NT auto-tuning of
the SERVER service. This also disables the effect of tuning in Control Panel /
Network / Server / Properties. If you add or remove RAM, appropriate tuning of
the SERVER service does not happen.
To restore
auto-tuning, edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
and remove any
of the following which you (or an application) did not specifically set:
maxnonpagedmemoryusage
maxpagedmemoryusage
sessconns
sessusers
maxrawbuflen
maxworkitems
opensearch
sessvcs
sessopens
userpath
anndelta
announce
hidden
autodisconnect
users
srvcomment
Tune the SERVER
service in Control Panel / Network / Server / Properties
187 » Where is
my last Last Known Good?
The following
Value entries of the Select subkey define the meaning of a ControlSet: (all are
type REG_DWORD and have a range of 0xN where N is a ControlSet)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Select
Current
Identifies a control set set from which the
CurrentControlSet subkey is derived.
If this value is
0x1, the subkey producing the CurrentControlSet is ControlSet001.
Default
The default control set. If this value is
0x1, the default control set is ControlSet001.
Failed
The control set that was last rejected and
replaced with a LastKnownGood control set.
LastKnownGood
The last control set that successfully
started the system.
HOWEVER
If
ReportBootOk(type REG_SZ) at:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon
is set to 0, a
LastKnownGood ControlSet will not be created. A string value of 1 is the normal
setting.
To prevent
LastKnownGood selection at a Kiosk, set the LastKnownGood to 0 and set
ReportBootOk to 0.
188 » How to
Connect to Internet Service Providers from Windows NT 4.0.
Knowledge Base
article Q156569 describes the procedure for connecting to an ISP using RAS. It
does not explain how to automate the process.
After
successfully connecting to your ISP, record the Prompts and your responses from
the terminal window. Windows NT provides two scripting methods for automating
your connection, .SCP scripts or SWITCH.INF (\System32\RAS\). Here are some
sample SWITCH.INF entries: (CIS-Internet is my Compuserve phonebook entry,
MINDSRING and MSN are those ISP entries respectively)
[CIS-Internet]
COMMAND=<cr>
OK=<match>"e:"
ERROR_NO_CARRIER=<match>"NO
CARRIER"
LOOP=<ignore>
COMMAND=+<cr>
OK=<match>"e:"
ERROR_NO_CARRIER=<match>"NO
CARRIER"
LOOP=<ignore>
COMMAND=CIS<cr>
OK=<match>"D:"
ERROR_NO_CARRIER=<match>"NO
CARRIER"
LOOP=<ignore>
COMMAND=nnnn,nnn/GO:PPPCONNECT<cr>
OK=<match>":"
ERROR_NO_CARRIER=<match>"NO
CARRIER"
LOOP=<ignore>
COMMAND=YourPassword<cr>
CONNECT=<ignore>
[MINDSPRING]
COMMAND=
OK=<match>"ogin:"
LOOP=<ignore>
COMMAND=UserID<cr>
OK=<match>"assword:"
LOOP=<ignore>
COMMAND=YourPassword<cr>
OK=<ignore>
[MSN]
COMMAND=<cr>
OK=<match>"ogin:"
LOOP=<ignore>
COMMAND=MSN/UserId<cr>
OK=<match>"assword:"
LOOP=<ignore>
COMMAND=YourPassword<cr>
OK=<ignore>
Edit your
phonebook and on the script tab, choose Run this script and enter the name from
within the brackets as above (CIS-Internet, MINDSRING or MSN).
Now when you
dial, instead of being prompted, it will log you on automatically.
189 » WinNT 4.0
Upgrade CD Will Not Upgrade WinNT 4.0.
In KB article
Q154538 Microsoft asserts that a "WinNT 4.0 Upgrade CD Will Not Upgrade
WinNT 4.0". I have had some success by first editing:
HKey_local_Machine/Software/Microsoft/Windows
NT/CurrentVersion
and changing
CurrentVersion to 3.5.
Also edit:
Hkey_Local_Machine\System\Setup\SystemSetupInProgress
Double Click
SystemSetupInProgress and set it to 0. Do the same for:
Hkey_Local_Machine\System\Setup\UpgradeInProgress
NOTE:It is best
to uninstall SP2 or SP3 prior to an update install. If you have RAS installed
you must uninstall the SP. If you can not uninstall, then:
expand <cd-rom>:\i386\tcpip.sy_
%systemroot%\system32\drivers\tcpip.sys prior to doing the update install. The
note is also applicable to installing RAS after SP2/SP3.
191 » Create a
custom HOTFIX.
Installing and
Removing HOTFIXes is a real pain as you have to reboot. Dealing with multiple
HOTFIXes is more that I can suffer. You can create a custom HOTFIX that
combines multiple fixes and thus limit your down time. This is a natural
extension of tip 156. Here's how:
1. Create a
directory that will contain your HOTFIX; i.e. md c:\SP3FIX
2. Download my
sample combined hotfix.inf and unzip it to the directory you created in step 1.
You can see from
the COMMENT line at the bottom that this custom HOTFIX contains:
Q143478 -
oobfix_i
Q168748 -
javafixi
Q154087 - lsa-fixi
Q170510 -
w32kfixi
Q154174 -
icmpfixi
Q146965 -
admnsymi
Q154460 -
chargeni
3. Starting with
the earliest HOTFIX, expand it to a temporary directory. Type
hotfixfilename.exe /x
It is important
to observe date sequence so that you always use the latest version of duplicate
files.
4.Copy all the
files from the temporary directory except hotfix.inf and any *.dbg files to
c:\SP3FIX.
5. Open both
hotfix.infs and add the missing lines from the temorary\hotfix.inf to
c:\SP3FIX\hotfix.inf.
6. Repeat steps
3 - 5 for each additional HOTFIX you wish to combine.
7. Search for
HOTFIX_NUMBER="Q000001" in c:\SP3FIX\hotfix.inf and create a unique
identifier for your custom fix.
You must enclose
your identifier in "" as in "Q000001".
8. You should
amend the COMMENT= to document your fix.
9. Switch to the
c:\SP3FIX directory and type hotfix.exe to install the HOTFIX.
10.If you want
to remove the HOTFIX, change to the c:\SP3FIX directory, and type hotfix.exe
-u.
Download a
combined hotfix that I picked up from Compuserve on 24-Feb-98 that contains the
GETADMIN, IDE, IIS, JOYSTICK, LM, LSA, NDIS, ROLL-UP, SAG, SCSI, TEARDROP2,
WAN, AND SRV fixes.
192 »
\\ServerName\ShareName\Directory on NT and 95.
Windows NT's
SUBST command can map a drive letter to a directory below a share (see tip 067)
but W95 can not.
Both operating
systems do supported UNC names below a share as in
\\ServerNamer\UserShare\UserName where the share is UserShare and UserName is
just a sub-directory.
You can use this
convension at the command line and you can also use it in shortcuts.
193 » NOTEPAD
doesn't like other extensions.
When you want to
save a file in NOTEPAD with a extension other than .TXT, you select All Files
and type FileName.BAT but it saves it as FileName.BAT.TXT.
You can force
NOTEPAD to behave by enclosing the name in quotes; i.e.
"FileName.BAT".
194 » Adaptec
SCSI host adapter required specific BIOS versions.
The AHA-2940
series adapter may not properly function unless its' BIOS version is correct.
In the table
below, items marked with * indicate that the BIOS version varies based upon the
existing BIOS version on the card. 1.1x versions will require version 1.16.
1.2x versions will require 1.23. BIOS versions ending in an S were produced by
an OEM, contact the manufacturer for upgrades. Adaptec technical support can be
contacted at (408) 934-7274.
Adapter Type Version
D e s c r i p t
i o n
AHA-2940 Chip 1.16*
1.23* Base model
AHA-2940
AHA-2940W Chip 1.16*
1.23* 2940 with
Wide support
AHA-2940U Flash OEM OEM version with Ultra
AHA-2940UW Flash
1.23 2940 with Ultra and Wide
AHA-2940AU Chip 1.30 Replaces original 2940, adds Ultra
AHA-3940 Chip 1.14 Base model AHA-3940
AHA-3940UW Chip
1.24 3940 with Ultra Wide
195 » Explorer
will not change the System attribute on a file or folder.
A bug in Windows
NT 4.0 prevents Explorer from changing the System attribute. When you right
click and choose properties, the System attribute is grayed out.
Currently, the
only way to change the System attribute of a file or folder is to use File
Manager (%SystemRoot%\System32\winfile.exe - select the object, choose file /
properties) or to use the Attrib command ( Attrib -s path / Attrib +s path).
196 » How do I
prevent Exchange from being installed when I install NT?
If you wish to
prevent the Exchange client from being installed when you install Windows NT
4.0:
1. Copy the i386
folder to the HD of a Windows NT system.
2. Switch to
that folder and type: expand Syssetup.in_ Syssetup.inf
3. Rename
Syssetup.in_ to Syssetup.old
4.Edit
Syssetup.inf and replace MSMAIL.INF in the [BaseWinOptionsInfs] section with
;MSMAIL.INF
When you install
from this folder, the Exchange client will not be installed.
197 » Join a
Domain from a Windows NT Workstation over RAS.
1. You must have
a Domain account on the remote Domain and you must have dial-in access on the
RAS server.
2. Configure
your Workstation as a member of a Workgroup, not a Domain.
3. Install RAS
for dial-out on your Workstation. See RasPhone.hlp and KB article Q162293 for
trouble shooting RAS client problems.
4. Implement tip
082.
5. You must
create a computer account for your Workstation on the remote Domain:
Connect to the
RAS Server on the Remote Domain.
Use Control
Panel / Network / Identification / Change
Change the
Domain Name to the remote Domain.
Select Create
Computer Account in Domain and enter a Domain Administrators account and
password.
Reboot when you
receive the Welcome to the <Domain Name> domain message.
6.Create a
domain list:
Logon to NT
using your local account.
Connect to the
RAS server on the remote Domain.
CTRL+ALT+DEL and
logoff (your RAS connection should be maintained).
Logon to the
remote Domain.
Now that your
credentials are cached, you may log on to its domain before you are connect to
the RAS server. Windows NT will log you on automatically when you connect.
198 » How do I
set the Logon Script Name for all Users in a Group?
In User Manager
for Domains, it is possible to select multiple users by holding down the
Control Key as you select users or Holding down the Shift Key as you select a
range of users.
You can select
all users who are a member of a Group by:
. User Menu /
Select Users ..
. Click the
Group you desire and press the Select button.
. You can click
an additional Group and press the Select button. When you are finished, press
the Close button.
. User Menu /
Properies
. Make any
changes you desire. In our example, click on profile and enter the FileName (no
extention) of the logon script and click ok.
. As long as the
users are still selected, you can make additional changes.
199 » How do I
change the local Administrator password on all my Workstations without
traveling?
I use the Soon
command from the reskit but the AT command will work:
soon
\\MachineName cmd /c "net user AccountName NewPassword"
I use a batch
file:
echo on
>password.log
@echo
MachineName1 >>password.log
ping
MachineName1 >>password.log
if
%errorlevel%==0 soon \\MachineName1 cmd /c "net user AccountName1
NewPassword1" >>password.log
@echo
MachineName2 >>password.log
ping
MachineName2 >>password.log
if
%errorlevel%==0 soon \\MachineName2 cmd /c "net user AccountName2
NewPassword2" >>password.log
@echo ** end of
file ** >>password.log
exit
200 » More on
Server Service tuning.
In tip 186 we
learned how to insure that the Server Service was self tuning.
When tuning the
Server Service in Control Panel / Network /Services / Server / Properties, you
can choose among:
- Minimize
Memory Used
- Balance
- Maximize
Throughput for File Sharing
- Maximize
Throughput for Network Applications
If you do not
use the Server Service for file and print sharing, or only by a few clients,
set it to Minimize Memory Used or Balance. If you have too little memory
allocated, you may experience not enough server memory/storage to process this
request, server refused connection, or similar messages.
If you have
Maximize Throughput for Network Applications enabled, the following
applications will benefit:
- RAS Server
- Services for
Macintosh
- DHCP Server
- WINS Server
- Internet
Information Server
- DNS Server
(Windows NT 4.0 only)
- Microsoft File
and Print Services for NetWare (also has a memory size setting)
- Microsoft
Directory Service Manager for NetWare
- Microsoft Site
Server
- Other
application servers, like SAP R/3 server and Oracle SQL server (uses Sockets)
or Lotus Notes server (uses NETBIOS)
The following
applications will also benefit if clients do not connect using Named Pipes:
- Microsoft SNA
Server (IPX and TCP sockets available in versions 2.1x)
- Microsoft SQL
Server
- Microsoft
Systems Management Server
- Microsoft
Exchange Server
- Microsoft
Transaction Server
- Microsoft
Message Que Server
The following
will suffer if Maximize Throughput for Network Applications is enabled:
- Windows NT
File and Print Services for Microsoft Network Clients
- Windows NT
Primary Domain Controllers
- Windows NT
Backup Domain Controllers in Resource Domains
Lastly, if you
are experiencing excess (and seemingly unnecessary) Pagefile activity, you may
want to experiment with editing the registry at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session
Manager\Memory Management
and setting
LargeSystemCache (type REG_DWORD) to zero. An entry of zero favors the process
working set and a non-zero entry favors the system cache.
201 » Run 16bit
apps in a Seperate VDM.
When configuring
a shortcut or running an executable from explorer, you have the option to run
16bit applications in a seperate VDM (Virtual DOS Machine). If you always check
run in seperate memory space, you can make that the default behavior by editing
the registry at:
HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/WOW
Edit or Add
Value of type REG_SZ with value name DefaultSeparateVDM and set it to yes. The
default behavior is no.
Reboot.
202 » How can I
let Print Operators add a printer?
You can allow
Print Operators to add a printer port by modify the registry permissions at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors
On the Security
menu, click Permissions. Click Add, and then select the Print Operators group.
Add Print Operators with Full Control, replacing permissions on existing
subkeys.
Stop and then
restart the Spooler service in Control Panel / Services.
203 » How do I
convert to NTFS during an unattended install?
Make a backup
copy of the I386\SYSTEM32\INITIAL.INF on your HardDrive.
Edit
I386\SYSTEM32\INITIAL.INF and locate the set Convert_Winnt = $($1)
in the SetAcls
section and change it to set Convert_Winnt = YES.
204 » Allow your
WinNT and W95 clients to install applications from a server share.
The April 1997
issue of Windows NT Magazine had an article on Installing Applications Across
Your Network. Here is a simple translation that actually does work:
1. Create a
folder and a share on your server called Installs.
2. Copy the
install media to \\ServerName\Installs\AppName\
3. Create a
share called NetInf at %windir%\inf
4. Edit
%windir%\inf\apps.inf and add a new section to the botton:
[AppInstallList]
5. Add a
statement to the [AppInstallList] section for each app:
AppLabel=\\Server\Installs\AppName\InstallProgram.Extension
Example:
Config95=\\Server\Installs\Config95\install.exe
Opalis=\\Server\Installs\Opalis\setup.exe
6.On each client
machine, edit the registry at:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
and Add Value
AppInstallPath of type REG_SZ. Set it to \\Server\Netinf\apps.inf.
7. At a client
workstation, go to Control Panel / add\remove programs / network install tab
and select the application you wish to install.
205 » Change
that "awful green" logon backround color.
In Tip 029 we
learned how to display a custom bitmap (company logo) at logon.
You can change
the logon backround color by altering the RGB values at:
HKEY_USERS\.DEFAULT\Control
Panel\Colors\Background
If you set it to
0 0 0 you will have a black backround, 255 255 255 is white, and 153 0 0 is
this JSI burgundy text.
206 » User gets
Installation failed message.
In Tip 157 we
learned how a domain user could administer their workstation. If you want an
ordinary workstation user to be able to right click on an INF file and not
receive an Installation failed message, edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
and give the user Full Control using the Security / Permissions menu.
207 » Find File
Shortcut.
If you run
Windows NT 4.0, you can invoke the Find Folder or Files dialogue without having
to open Explorer.
Click a blank
area of your desktop and then press F3.
208 » Do you
have font clutter?
When reviwing
installed fonts, you can reduce the number of displayed fonts by selecting
control panel / fonts / view / hide variations. Many fonts have multiple font
files for the same font face such as bold, italic, and bold italic. View / hide
variations displays one line for each of these font families.
209 » Manage
processor affinity.
If you have a
multi-processor system, it is possible to select which CPU(s) an application
uses.
Open Task
Manager and select your application on the Processes tab. Right click the
program name and choose Set Affinity. Uncheck the processors which should not
run this application.
If you try to
select a service, Set Affinity will be ignored.
There is
currently no way to start an application with a defined affinity.
210 » No
configuration information for PC-CARD.
If you have a
new PC-CARD that won't install due to the subject message, even though you have
an NT driver, it is because this card is not in the PCMCIA database. To amend
the database, you will need the product name, manufacturer name, and driver
name (xxxxxxxx.sys).
Run
<CD-ROM>\SUPPORT\DEBUG\I386\PCMCMD > PCCARD.TXT. The piped output
contains the product name and manufacturer name. Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCMCIA\database
and select database
Add Key from the
Edit menu and enter the manufacturer name. Select this key and Add Key again,
entering the product name. Select this key and Add Value name Driver as type
REG_SZ. Enter the driver name without the extension.
Reboot.
211 » How do I
install with an unsupported PC-CARD?
You actually
have to edit the registry of this not yet installed machine. What????
. Boot any NT
machine and copy the \i386 directory from the Windows NT CD
to your hard
drive or to the network distribution share.
. Expand
\i386\System._ System
. Run
<CD-ROM>\SUPPORT\DEBUG\I386\PCMCMD > PCCARD.TXT per Tip 210.
. Using the
instructions in Tip 182, load the expanded System as oldsystem
. Edit
HKEY_LOCAL_MACHINE\oldsystem\ControlSet001\Services\PCMCIA\database
. Highlight
database and Add Key from the Edit menu and enter the manufacturer name.
. Select the
manufacturer name key and Add Key again, entering the product name.
. Select the
product name key and Add Value name Driver as type REG_SZ..
Enter the driver
name without the extension.
. Highlight the
oldsystem key and Unload Hive from the Registry menu.
. Rename the
System file to System._ on your hard drive.
. Install from
the hard drive.
212 » How do I
set the IRQ of my PC-CARD?
Windows NT has
no GUI for setting up a PC-CARD's IRQ. You must edit the registry and enter an
IRQ mask. Edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Pcmcia
Add Value name
InterruptMask of type REG_DWORD and set the RADIX to Binary. Enter the 16 digit
mask.
The InterruptMask
is composed of a series of binary switches, 0 means the IRQ is available and 1
means the IRQ is unavailable. Here is an example for allowing IRQs 10, 9, and
3:
15 14 13 12 11
10 9 8 7 6 5 4 3 2 1 0
1 1 1 1 1 0 0 1
1 1 1 1 0 1 1 1
When you click
Ok, the mask would appear as f9f7 in the right hand pane. Exit regedt32 and
reboot.
213 » A tweak
for NTFS performance.
When Windows NT
lists a directory (Explorer, DIR command, etc.) on an NTFS volume, it updates
the LastAccess time stamp on each directory it detects. If there are a very
large number of directories, this could effect performance. A new registry
entry allows you to control this behavior. Edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\FileSystem
Add Value name
NtfsDisableLastAccessUpdate of type REG_DWORD. Set it to 1 to prevent the
LastAccess time stamp from being updated.
215 » More on
Locking down that desktop.
In Tip 050,
Locking down that desktop, I first detailed Explorer restrictions that could be
implemented via registry changes. Here a few more that I have found at:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer.
All are type REG_DWORD with a default value of 0.
EnforceShellExtensionSecurity
- A value of 1 causes Windows NT to only load the shell extensions listed in
the Approved subkey
(HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell
Extensions\Approved).
NoDriveAutoRun -
A bitmapped value (see NoDrives from Tip 050) that determines wether the
autorun feature is disabled on that drive. If the drives bit is set to 1,
autorun (see tip 007) is disabled.
NoSaveSettings -
A value of 1 prevent changes to the positions of icons and open windows, and
the size and position of the taskbar from being saved.
NoStartBanner -
A value of 1 hides the arrow and Click here to begin caption that appear on the
taskbar when you start WindowsNT.
NoStartMenuSubFolders
- Hides the folders at the top section of the Start menu when the value is set
to 1. Items appear, but folders are hidden.
A few more
restrictions are located at HKEY_CURRENT_USER\Software\Microsoft\Windows:
NoWorkgroupContents
- If the value of this entry is 1, Network Neighborhood does not display
computers in the local workgroup or domain.
NoEntireNetwork
- A value of 1 restricts Network Neighborhood from displaying or accessing
computers outside the local workgroup or domain. The user can still use the
Start/Run, Map/Connect Network Drive, and the Command Prompt.
216 » Service
Pack # reported after uninstall.
When you
uninstall a Service Pack, Windows NT still reports that it is installed. Fix it
by editing:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion
Double click on
CSDVersion and change this type REG_SZ from Service Pack x to Service Pack y
(or spaces if no
Service Pack is currently installed).
217 » Save space
while dual booting.
If you are dual
booting with W95, you can save space by allowing NT and W95 to share a common
PAGEFILE.SYS on a FAT partition.
1. Configure the
NT Pagefile in Control Panel / System / Performance / Virtual Memory.
Set it to the
common FAT partition with Min/Max the same.
2. Configure W95
in Control Panel / System / Performance / Virtual Memory.
Select your own
virtual memory setting using the same settings as NT.
3. After reboot
in W95, edit SYSTEM.INI and edit and/or add the following in the [386Enh]
section:
PagingFile=X:\PAGEFILE.SYS
PagingDrive=X:
MinPagingFileSize=NNNNN
MaxPagingFileSize=NNNNN
where X: is the
common drive and NNNNN is the size of PAGEFILE.SYS in kilobytes.
Reboot. If there
is a Win386.SWP remaining on the W95 drive, delete it.
219 » Can I
clone my Workstation or Server?.
The SID
(Security Identifier) on a NT Workstation, on a NT Member Server, and on a PDC
is generated during the GUI phase of setup. The SID is used on the local
machine, in conjunction with a RID to assign a unique ID to user accounts on
that machine.. The Sid of a BDC is taken from the PDC as they share a common
account database.
When a
Workstation joins a domain. it is given a Domain SID by the PDC which is the
PDC SID plus a unique RID. The Workstation also remembers the domain SID.
In Windows NT
4.0 (and earlier), the PDC does not make use of the Workstations SID. There is
a high probability that this will change in the future.
So, can I clone
my Workstation or Member Server? Yes, if you do it before the GUI phase of
setup. If you do it after the SID has been established, you are tempting the
fates.
For more detail,
see KB article Q162001
220 » Do your
DOS programs run slowly?
When you right
click a DOS program (or .PIF) in Explorer and choose Properties, you get the NT
4.0 version of the PIF editor.
- If the
application runs in a window and the video performance is slow, try full-screen
mode on the Screen tab.
- Disabling the
Compatible Timer Hardware feature in the _DEFAULT.PIF or the applications PIF
on the Program tab / Windows NT button should only be used if it is required to
make the application run.
- If the
application runs Windowed and pauses periodically, try disabling Idle Detection
on the Misc tab.
- If the DOS
application can be configured for printing, choose LPTx. Most DOS apps use
Int17 when configured to print to LPTx and print directly to the port.
221 » Explorer
maps network drives by itself.
This automapping
only occurs if one of the following is true:
. You search
using the open or advanced find function of an Office 97 application and the
search discovers a shortcut that contains a drive letter mapped to a network
drive.
. FindFast is
installed in your startup group and it indexs a drive which contains a sortcut
that uses a drive letter mapped to a network drive.
These behaviors
should not occur if you have SP3 installed.
To avoid the
problem:
. Don't search
folders that contain shortcuts with mapped drive letters.
. Change your
shortcuts to use UNC names (\\Server\Share). See tip 177.
. Disable
FindFast (a good idea in any case as this application sometimes leaks memory
and only
benefits those you have many thousands of documents that require indexing.
222 » Lost MPS
support after applying a Service Pack?
If you installed
Multiprocessor support after installing Windows NT, using Uptomp from the
Resource Kit, the Compaq SSD, or similar means to upgrade to MPS, the %SystemRoot%\Repair\Setup.log
did not get updated. When you applied the Service Pack, it copied the
Uniprocessor Hal.dll that was originally installed when you first setup Windows
NT.
To correct the
problem for Windows NT 4.0, modify the %SystemRoot%\Repair\Setup.log file and
re-apply the Service Pack:
1) attrib -r -h
%SystemRoot%\Repair\Setup.log
2) Make a backup
copy of the %SystemRoot%\Repair\Setup.log.
3) Edit
Setup.log, search for these five lines, changing the string after the = sign:
\\System32\Ntoskrnl.exe
= "NTKRNLMP.EXE","d89e8"
\\System32\Kernel32.dll
= "KERNEL32.DLL","5b7f8"
\\System32\Winsrv.dll
="WINSRV.DLL","37b4e"
\\System32\Ntdll.dll
= "NTDLL.DLL","59c19"
\\System32\win32k.sys
= "WIN32K.SYS","132603"
4) Select ONE of
the following HAL's and modify the line:
\\System32\hal.dll
= "HALSP.DLL","0f337"
\\System32\hal.dll
= "HALMPS.DLL","1a01c"
HALSP.DLL is or
Compaq Systempro,Systempro/XL, ProLiant 2000, 4000, and 4500 systems only
HALMPS.DLL =
Multiprocessor HAL for APIC support and for the Compaq ProLiant 1500 and 5000
5) Save the
modified Setup.log to the %SystemRoot%\Repair directory and attrib +r +h
%SystemRoot%\Repair\Setup.log
6) Re-apply the
service pack.
223 » How can I
preserve my DHCP server settings if I have to uninstall and reinstall DHCP?
Make a copy of
%SystemRoot%\System32\Dhcp\Backup\Dhcpcfg and save it in your favorite safe
spot.
Uninstall and
reinstall DHCP. Before restarting DHCP, reapply your current Service Pack.
Restart the DHCP
service to allow the installation to finish. Then use Control Panel / Services
to stop the DHCP service. Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\DHCP
Server\Configuration
Highlight the
Configuration key and click restore from the Registry menu. Type the path of
the saved Dhcpcfg file.
Restart the DHCP
service. Verify your settings using the DHCP Manager.
224 » How do I
install DOS after WinNT?
DOS must be
installed on the boot partition (C:) which must be formated as the FAT file
system. Before doing anything, generate a new ERD (Emergency Repair Disk) by
running rdisk.exe /s. You will also need your setup floppies. If you lost them,
run Winnt32 /ox from the CD-ROM.
After installing
DOS, the Windows NT boot loader will be disabled. To enable the boot loader,
boot from the NT setup floppies and choose Repair (only repair the boot
records). After the repair, boot Windows NT. From a command prompt, type
attrib -r -s -h
c:\boot.ini
Edit c:\boot.ini
and add c:\="DOS" (or whatever text you want) to the end of the
operating system section. Then type
attrib +r +s +h
c:\boot.ini
On you next
boot, you will see both the NT and DOS options on the boot menu.
If you want to
install Windows 95 also, boot to DOS and install Windows 95. Windows 95 is
NT-aware and will not destroy the boot loader if installed from a dual boot DOS
session.
225 » How can I
import a DUN (Rasphone) phonebook?
Before we begin:
- Importing a
phone book completely replaces your existing phone book, it does not merge
them.
- You can not
import from different NT versions (4.0 vs 3.51).
To import an NT
4.0 phonebook, rename phonebook.pbk on the target machine at
%SystemRoot%\System32\Ras.
Copy
%SystemRoot%\System32\Ras\phonebook.pbk from the source computer to the target
computer.
If you have NT
3.51, the file name is rasphone.pbk. Rasphone.pbk may also be the name if you
upgraded from NT 3.51.
226 » How can I
determine what registry changes a new application installed?
Prior to
installing your new application (or system option), open the registry using
Regedt32.exe. For each Root Key that you want to compare, select it and from
the Registry / Save Subtree As menu, Save as type Text Files, naming it
something like HKLM.old. I would always choose the HKEY_LOCAL_MACHINE,
HKEY_CURRENT_USER, and HKEY_CLASSES Keys.
After the
install, repeat the above steps but use a .new extention. Run Windiff from the
Resource Kit
to compare .old with .new.
I personally use
ConfigSafe
to do this (and restore the registry if the
install causes problems).
227 » Does
SETUP.EXE cause an exception when you logon?
When you logon
to Windows NT, you receive a SETUP.EXE exception. You have used tip 147 and tip
016 but SETUP.EXE is not configured to run????
Windows NT
always calls %SystemRoot%\System32\SETUP.EXE when you logon. If the NT version
of SETUP.EXE was replaced by another application, various exceptions will
occur.
As of
30-Aug-1997, the version of SETUP.EXE that should reside in the
%SystemRoot%\System32 is the one from the original release of NT 4.0, 28,848
bytes dated the first few days of August, 1996. If the date or size is
different, expand it from the CD-ROM.
228 » Undocument
DUN (RASPhone) switches.
In tip 090 we
used the -d switch in RASPHONE.EXE to build our own autodial.
Here are some
other undocumented switches (there is no guarantee that these will exist in
future releases).
(See tip 225 for
the name/location of the phonebook.)
Usage: rasphone
[[[-e|c|r|d|h|s|a] entry]] [-f file]
Switch D e s c r
i p t i o n Example
-e Edit a phonebook entry rasphone -e MSN-f%SystemRoot%\System32\RAS\
name of phonebook
-c Clone a phonebook entry rasphone -c MSN-f%SystemRoot%\System32\RAS\
name of phonebook
-r Remove a phoneboot entry rasphone -r MSN-f%SystemRoot%\System32\RAS\
name of phonebook
-d Dial a phonebook entry rasphone -d MSN
-h Hangup
rasphone -h MSN
-s Raise Dial-Up Networking Monitor rasphone -sNote:RAS must be connected.
-a Phonebook Entry Wizard rasphone -a XYZ-f%SystemRoot%\System32\RAS\
name of phonebook
229 » How do I
map an network drive during Unattended Setup?
Since the
cmdlines.txt is run after MachineName is posted and the Network is started, we
can add our code following the [Commands] statement to perform load balancing
(distribution share on one server, application or Service Pack share on
another):
[Commands]
".\net use
s: \\server\share /user:Domainname\Username password /persistent:no"
Note: The
/persistent parameter is used to ensure that the drive letter is not
automatically reconnected when logging on.
Note: If you are
concerned that the new MachineName may not be validated by your PDC, use the
Guest Account (/user:Domainname\Guest).
230 » How do I
browse a remote network using only TCP/IP?
Configuring RAS
so that a DUN client, using only TCP/IP, can browse a remote network, requires:
DUN client's
workgroup/Domain name to be the same as the remote network (Control Panel /
Networks).
Install WINS on
the remote network (not necessarily on the RAS server).
Configure TCP/IP
on the RAS server to register with WINS (Control Panel / Networks).
Use the default
setting on the DUN client (server-assigned name server addresses).
If it doesn't
work, configure name server addresses in the phonebook.
When you logon,
click the Logon Using Dial-Up Networking check box.
231 » Disable
Network Redirector File Caching.
If you receive
System process-lost delayed write data or redirector has timed out, you may
want to try disabling Network Redirector File Caching, even though this will
slow up network I/O. Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Rdr\Parameters
and edit or Add
Value name of UseWriteBehind with type REG_DWORD.
0 - Write back
caching is not enabled.
1 - Write back
caching is enabled, only if UtilizeNTCaching is set to 1.
Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Lanmanworkstation\parameters
and edit or Add
Value name of UtilizeNTCaching with type REG_DWORD.
0 - Data is
written directly to the redirector, bypassing the cache.
1 - Lazy write
(default) - Data is written to the cache and subsequently flushed to the
Redirector.
Setting this
value to 0 will insure that the file data is written to the server immediately.
Consider setting
UseWriteBehind to a 1 and UtilizeNTCaching to a 1 first. If this doesn't solve
your problem, edit or Add Value name of UseAsyncWriteBehind of type REG_DWORD
and setting it to 0 to disable the asynchronous variant of write-behind
caching. The default, 1, is to use asynchronous write-behind caching.
UseAsyncWriteBehind only works when UseWriteBehind and UtilizeNTCaching are set
to 1.
Lastly, if you
still have a problem, set UtilizeNTCaching to a 0.
You will need to
reboot.
NOTE:
Write-behind (write-back) caching is an optimizing technique that does not wait
for the lazy writer feature of the Cache Manager to flush it to the Redirector.
Write-behind caching makes data available to the Redirector sooner, although it
increases disk I/O slightly.
233 » What is
the relationship between the Recycle Bin and the Recycler folder?
When you delete
a file in Explorer (or My Computer), the file is stored in the Recycle Bin
until you restore the file or empty the bin. Files are also removed when a
newer version is deleted or when the Recycle Bin size exceeds the limit you
configured in Recycle Bin properties.
On NTFS
partitions, the Recycler folder contains a Recycle Bin for each user who has
logged on.
234 » If your
communication device is not supported by Unimodem but it is/was supported by
Modem.inf.
RAS for Windows
NT 4.0 supports Unimodem modems. If your communications device is not supported
by Unimodem, it may be supported by Modem.inf (%systemroot%\System32\RAS\). To
configure RAS to use Modem.inf, edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\RAS\Protocols
Add Value name
EnableUnimodem as type REG_DWORD and set it to 0.
In Control Panel
/ Networks / Services / Remote Access Service, click Properties. Remove all
ports that are defined in the RAS Setup dialog. Now, click Add and add them
back.
RAS will now use
Modem.inf.
235 » Protect
the Settings menu but allow users to manage their print jobs.
If you set
NoSetFolders to 1 per tip 050, your users will not be able to manage their
print jobs. If you want them to, use the Windows 95 Registry Editor
(Regedit.exe) to drill down to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RemoteComputer\NameSpace
Select each
sub-key until the data in right hand pane is "Printers". From the
Registry menu, choose Export Registry File and save it as Printers. Use Notepad
to edit the Printers.REG file that was created and change RemoteComputer to
MyComputer.
Save the file
and Import Registry File.
Your users will
now be able to manage their print jobs.
236 » How do I
abort a login script?
Windows NT will
abort a login script if the SAS (Secure Attention Sequence, better known as
CTRL+ALT+DEL) is pressed.
If the SAS is
pressed during logon but before the logon script process has started, you may
receive a BSOD (Blue Screen Of Death) due to a Winlogon.exe access violation.
237 » Winlogon registry
entries.
The Winlogon
service has numerous registry entries at:
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon
AllocateCDRoms
is type REG_SZ
0(default)
Compact discs in the CD-ROM drive can be accessed by all administrators in the
domain.
1Only the user
logged on locally can access data on the compact discs in the CD-ROM drive.
Note: Since the
CD-ROM is a volume, it has an administrative share. Setting this entry to 1
makes the share unavailable while the current user is logged on.
AllocateFloppies
is type REG_SZ
0(default)
Floppy disks in the floppy disk drive can be accessed by all administrators in
the domain.
1Only the user
logged on locally can access data on the floppy disks in the floppy disk drive.
Note: Since the Floppy
is a volume, it has an administrative share. Setting this entry to 1 makes the
share unavailable while the current user is logged on.
AutoRestartShell
is type REG_DWORD
0If the
WindowsNT user interface or one of its components fails, you must restart the
interface by logging off and logging on again.
1(default) If
the WindowsNT user interface or one of its components fails, the interface is
restarted automatically.
DcacheMinInterval
is type REG_DWORD
When you have
locked your workstation, the domain list is refreshed when you unlock it, if it
has been locked for more than 2 minutes. This causes a noticable delay. The
allowable range is 120 - 86,400 seconds.
ProfileDlgTimeOut
is type REG_DWORD
Determins how
long the system waits for a user response (default is 30 seconds) to:
The system
cannot access or update a server-based profile at logon or logoff.
The user's local
profile is newer than the server-based profile.
Note: Enter this
value in decimal.
RASForce is type
REG_SZ
0(default) Logon
Using Dialup Networking check box is cleared.
1Logon Using
Dialup Networking is selected if RAS is installed and the workstation is part
of a domain.
SlowLinkDetectEnabled
is type REG_DWORD
0The system does
not detect slow links to server-based profiles.
1(default) Lets
a user choose locally cached profile if SlowLinkTimeOut trips.
SlowLinkTimeOut
is type REG_DWORD
If a ping
exceeds this value (default 2000 milliseconds, max 120,000 milliseconds), the
system considers the link to be a slow link. This value entry is used only when
the value of SlowLinkDetectEnabled is 1.
System is type
REG_SZ
Specifies
executable files to be run by Winlogon in the system context (default is
lsass.exe).
Click once to
make your navigation easier. When following the links below, use your browers
back button to return to this page.
See tip 004 for
AutoAdminLogon, DefaultDomainName, DefaultPassword, and DefaultUserName.
See tip 106 for
DeleteRoamingCache.
See tip 025 for
DontDisplayLastUserName.
See tip 082 for
KeepRasConnections.
See tip 024 for
LegalNoticeCaption, LegalNoticeText, LogonPrompt, and Welcome.
See tip 141 for
PasswordExpiryWarning.
See tip 037 for
PowerDownAfterShutdown.
See tip 015 for
ShutdownWithoutLogon.
See tip 187 for
ReportBootOk.
See tip 099 for
RunLogonScriptSync.
See tip 050 and
tip 074 for Shell.
See tip 110 for
Taskman.
See tip 074 for
Userinit.
See tip 368 for
CachedLogonsCount.
238 » Backup
misses files and/or restore causes corruption.
When you use
NTBackup to backup your NT partition (and other partitions), files that are in
use may be bypassed. You can backup inuse files by editing the registry at:
HKEY_CURRENT_USER\Software\Microsoft\Ntbackup\Backup
Engine\Backup files inuse
and setting the
value to 1. The default is 0 - do not backup inuse files.
You should also
edit:
HKEY_CURRENT_USER\Software\Microsoft\Ntbackup\User
Interface\
Skip open files
this type REG_SZ has 3 possible settings:
0 = do not skip,
wait
1 = skip files
that are opened unreadable
2 = wait on open
files for Wait time
Wait time this
type REG_SZ has a range from 0 to 65535 seconds with a default of 30 seconds.
Certain files
will not backup because NT has them open. Others will backup but will corrupt
upon restore. The proper way to backup is:
.Run RDISK /S-to
backup the registry to the %SystemRoot%\repair directory.
The /S causes
the %SystemRoot%\Repair directory to be updated, the - prevents an ERD from
being created.
.Disconnect
users from shares and stop all Services that have databases open
such as WINS,
DHCP, Exchange, SQL, etc.. See tip 159.
.If backing up
network workstations or Servers, use tip 072 to backup their registry.
Combine the
above with tip 013 for the best freeware approach to backup.
239 » Remote
console facility.
FastCon is a
donnationware utility that provides a remote console facility. I quote the
author, Martin DEVERA:
FastCon is WinNT
remote console service. It allows you to connect to the NT Server or NT
Workstation remotely from a WinNT or Win95 system.
Very nice thing
is that you can disconnect from running session (either by line error or
Ctrl-BREAK signal) and the remote session is still running. You then can latter
reconnect to the session and continue with work.
This is a great
remote console utility, so do the right thing if you continue to use it.
Note: After
establishing a remote session using fclient ServerName new SessionName,
you connect to
it using fclient ServerName con SessionName.
240 » Protect
the Documents menu..
You can protect
the Start / Documents menu by deleting the document shortcuts at
%SystemRoot%\Profiles\UserName\recent. Then set the permissions on this folder
to Read for the UserName. You can do this for Default User also, setting
permissions to Read for everyone.
You can use the
following two (2) batch files: (With XCACLS from the resource kit)
REM
Drive:\Directory\RECENT.BAT
%SystemDrive%
CD
%systemroot%\Profiles
del
%1\Recent\*.* /q
xcacls %1\Recent
/C /G %1:R;R "Domain Admins":F;F System:F;F /Y
>>Drive:\Directory\recent.log
REM
Drive:\Directory\CALLRECENT.BAT
%SystemDrive%
CD
%systemroot%\Profiles
del
"Default User\Recent\*.*" /q
xcacls
"Default User\Recent" /C /G everyone:R;R "Domain
Admins":F;F System:F;F /Y >Drive:\Directory\recent.log
Call
Drive:\Directory\recent.bat "UserName1"
Call
Drive:\Directory\recent.bat "UserName2"
Call
Drive:\Directory\recent.bat "UserName3"
. . . . . . . .
. .snip. . . . . . . . . .
Call
Drive:\Directory\recent.bat "UserNamen"
exit
241 » Is the
Doctor in?
You can control
the behavior of Dr. Watson by editing the registry at:
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\AeDebug\Auto
A data value of
0 in this type REG_SZ causes the system to display a message box notifying the
user when an application error occurs. A data value of 1 (the default) causes
the debugger to start automatically.
You can disable
the good doctor by deleting the AeDebug subkey. If you wish to re-enable it,
type drwtsn32-i from a command prompt.
242 » Service
Pack 3 did not replace Poledit.exe.
Due to an error
in the SP3 update.inf file, poledit.exe was not updated by the Service Pack
install. To correct this problem, expand the Service Pack manually by typing:
ServicePackFileName.exe
/x
Edit update.inf
and move the poledit.exe line from the [MustReplace.System32.files] section to
the [SystemRoot.files] section.
Then copy the
poledit.exe from the expanded Service Pack to %SystemRoot%.
If you have to
re-apply the Service Pack in the future, Expand it and use your updated
update.inf file.
243 » Debugging
scheduled jobs.
Does your batch
job run fine but fails when run from the scheduler?
Jobs executed by
the scheduler run under the user context of the schedule service (Control Panel
/ Services /Schedule / Start Up). If the job requires interaction with the
desktop, it is preferable to use the built in system account and check Allow
service to interact with desktop. Use the /interactive switch when invoking the
AT command.
Unfortuneatly,
the system account is local and has no network access. You can circumvent this
problem with:
net use Drive:
\\ServerName\ShareName /U:DomainName\UserName password
where the
account used has the required permissions (and a password that never expires).
You can also
configure the Scheduler to run under the context of a Domain/Admin account.
Create a new user account that is a member of the domain admin group with a
non-blank, non-expiring password. In user manager for domains, give it all the
advanced rights it may ever need including logon as a service and batch job.
To debug your
job, type: AT hh:mm /interactive cmd.exe /k or soon /interactive cmd.exe /k
This will open a
command prompt under the schedule service user context.
You can now run
your batch job in this window and use echo and pause to help pinpoint the
problem.
It is important
to realize that the environment variables available to your scheduled job may
differ from the environment variables available when you run a batch. Type SET
>Drive:\Directory\SET.LOG in this window to pipe the schedule service
environment variables to a log file so you can inspect them. Here are some of
mine:
COMPUTERNAME=ALRMP
ComSpec=C:\WINNT\system32\cmd.exe
/X /e:2048
NTResKit=D:\reskit40
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINNT\system32\repl\import\scripts;C:\WINNT\system32;C:\WINNT;C:\Util
PATHEXT=.COM;.EXE;.BAT;.CMD
PROCESSOR_ARCHITECTURE=x86
SystemDrive=C:
SystemRoot=C:\WINNT
USERDOMAIN=NT
AUTHORITY
USERNAME=SYSTEM
USERPROFILE=C:\WINNT\Profiles\Default
User
windir=C:\WINNT
244 » How do I
use License Manager remotely?
You can install
the remote administration tools on your NT Workstation from the
\Clients\Srvtools directory of the NT Server CD-ROM, but License Manager is not
included. To run License Manager on your NT Workstation, copy:
LLSMGR.EXE
LLSMGR.HLP
LLSRPC.DLL
CCFAPI32.DLL
from the %systemRoot%\System32
directory of your server to the %systemRoot%\System32 directory of your
workstation.
245 » If your
printer won't sleep.
If your printer
is capable of sleeping but won't, it may be because you have bi-directional
support enabled (even though NT doesn't use it).
Click Start /
settings / printers. Select the printer and right click. Choose properties /
port and uncheck Enable bidirectional support.
246 » Can't
access this folder, path is too long or a blank desktop.
This error may
occur on your NT 4.0 workstation if you (or your group) does not have at least
read permission on the root directory of the local system partition.
Logon as a local
Administrator and verify/set at least read permissions on the system partition
root. Do not select the Apply To Subdirectories check box.
If a profile for
that user was just created in %SystemRoot%\Profiles, you may wish to delete it.
Check for a new profile on the PDC also.
247 » How do I
start with a new WINS database?
If you wish to
delete and recreate your WINS database, type the following at a command prompt:
net stop WINS
ren
%SystemRoot%\System32\WINS\Wins.mdb %SystemRoot%\System32\WINS\Wins.old
net start WINS
249 » More on
enabling your DOS apps to print to a network printer.
In Tip 049, we
used:
NET USE LPTx
\\computername\sharename /PERSISTENT:YES
to enable a DOS
app to print to a network printer.
You can also
print directly to a printer share by using:
print
/d:\\<printserver>\<sharename><drive>:\<path>\<filename>
where
<drive>:\<path>\<filename> is the full path to the file you
wish to print.
250 » Long
startup time and/or more flaky logon/share problems.
If you
experience long Windows NT startups or have problems with shares (viewing,
creating, mapping) or other logon problems, you may have messed up the default
permissions on the LanmanServer registry keys.
The default
permissions on this key (and it's sub-keys) should be:
AdministratorsFull
Control
SystemFull
Control
EveryoneSpecial
Access
Query Value
Create Subkey
Enumerate
Subkeys
Notify
Read Control
To set these
permissions, use the Windows NT Registry Editor, REGEDT32.EXE, and select:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer
From the
Security menu, click Permissions. When you select Special Access for Everyone,
you may need to double click the EveryoneSpecial Access line to get the Special
Access sub menu.
Don't forget to
check the Replace Permission on Existing Subkeys box.
You may wish to
see Tip 162 for additional Flaky logon problems.
251 » Spooler
quiet error.
In Windows NT
version 3.x, if the disk partition where the print spool is located ran out of
space, the spooler would generate a pop-up message with the following dialog:
The partition is
out of disk space.
Windows NT 4.0
does not generate a warning and the document is not printed. No entry is
written to the event log.
252 » Grant or
revoke user rights in batch.
The NT Resource
Kit, Vol II
contains NTRIGHTS.EXE.
This
command-line tool, requiring Administrative privledges, can grant or revoke a
WindowsNT right to or from a user or group of users.
Notes: Names of
WindowsNT rights are case-sensitive.
Examples:
To grant the
right to change the system time to the local user group, run:
ntrights +r
SeSystemtimePrivilege -u Users
To revoke the
right of the group Everyone to access this computer from the network, run:
ntrights -r
SeNetworkLogonRight -u Everyone
NTRIGHTS can
also operate on remote computers. To grant the right to log on as a service on
computer JSI001 in domain JSI for the user Jerry, run:
ntrights +r
SeServiceLogonRight -u JSI\Jerry -m \\JSI001
The WindowsNT
rights that can be granted or revoked are:
WindowsNT right
Permits user to
SeAssignPrimaryTokenPrivilege
Replace a process level token.
SeAuditPrivilege Generate security audits.
SeBackupPrivilege
Back up files and directories.
SeBatchLogonRight
Logon as a batch job.
SeChangeNotifyPrivilege
Bypass traverse checking.
SeCreatePagefilePrivilege
Create a pagefile.
SeCreatePermanentPrivilege
Create permanent shared objects.
SeCreateTokenPrivilege
Create a token object.
SeDebugPrivilege
Debug programs.
SeIncreaseBasePriorityPrivilege
Increase scheduling priority.
SeIncreaseQuotaPrivilege
Increase quotas.
SeInteractiveLogonRight
Log on locally.
SeLoadDriverPrivilege
Load and unload device drivers.
SeLockMemoryPrivilege
Lock pages in memory.
SeMachineAccountPrivilege
Add workstations to domain.
SeNetworkLogonRight
Access this computer from the network.
SeProfileSingleProcessPrivilege
Profile single process.
SeRemoteShutdownPrivilege
Force shutdown from a remote system.
SeRestorePrivilege
Restore files and directories.
SeSecurityPrivilege
Manage auditing and security log.
SeServiceLogonRight
Log on as a service.
SeShutdownPrivilege
Shut down the system.
SeSystemEnvironmentPrivilege
Modify firmware environment values.
SeSystemProfilePrivilege
Profile system performance.
SeSystemtimePrivilege
Change the system time.
SeTakeOwnershipPrivilege
Take ownership of files or other objects.
SeTcbPrivilege
Act as part of the operating system.
SeUnsolicitedInputPrivilege
Read unsolicited input from a terminal device.
253 » Set audit
Policies in batch.
AUDITPOL.EXE
from the NT Resource Kit, Vol II
is a command-line program, requiring
Administrative privledges, that will modify the audit policy of a local or
remote computer.
Syntax: auditpol
[\\computer] [/enable | /disable] [/help | /?] [/category:type]
[/category:type] ...
Where:
\\computer is
the name of a remote computer.
/enable enables
audit (default).
/disable
disables audit.
/category:type
specifies what kind of events to audit:
category can be:
system: System
events
logon:
Logon/Logoff events
object: Object
access
privilege: Use
of privileges
policy: Security
policy changes
sam: SAM changes
type can be:
success: Audit
success events.
failure: Audit
failure events.
all: Audit
success and failure events.
none: Do not
audit these events.
254 » RDISK
reports The Emergency Repair Disk Is Full.
When you run
RDISK.EXE or RDISK.EXE /S, the following files are updated in the
%SystemRoot%\Repair directory:
File Name
Registry Hive Name
AUTOEXEC.NT
CONFIG.NT
DEFAULT._ HKEY_USERS\.Default
NTUSER.DA_ (NT
V4.0 only)
SAM._ Portions
of HKEY_LOCAL_MACHINE\SAM
SECURITY._
HKEY_LOCAL_MACHINE\Security
SETUP.LOG
software._
HKEY_LOCAL_MACHINE\Software
system._
HKEY_LOCAL_MACHINE\System
If the total
space for these files exceeds the size of the floppy, you receive the subject
message.
You can reduce
the size of the SETUP.LOG file by removing file from the [Files.WinNt] section
that do not begin with %SystemRoot%\System32 or equivalent. Make a backup
first; i.e. SETUP.BAK. After the ERD is created, rename the \Repair\SETUP.BAK
to \Repair\SETUP.LOG.
If you are
running RDISK.EXE /S, the SAM contains 1K of data for each user account and ½K
of data for each machine account. The SECURITY hive is even larger. You may
have to forgo the /S option. You may even have to restore the origonal SAM and
SECURITY from an older ERD. If you do, you must have at least one of the
following to recover:
-
Regback/Regrest from the Resource Kit
- ConfigSafe NT
from http://www.jsiinc.com/catalog.htm
- A backup
- An alternate
install of NT and to be safe, a copy of the %SystemRoot%\Repair directory
255 » Who
changed the @!#* administrator's password?
To determine the
UserName that changed the Administrator password, perform the following on the
PDC:
1. Enable
Success and Failure audits for File and Object Access using
User Manager for
Domains / Policies / Audit.
2. Using
Regedt32, select the SAM key in HKEY_LOCAL_MACHINE and use Security /
Permissions
to set Full Control for the Administrators
local group. Check Change Permissions on Existing Subkeys.
3. Navigate to
HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\000001F4, select Security /
Audit Permissions
and add the
Administrators local group to the list. Select this group and enable Success
and Failure auditing
for Set Value
events on this and all subkeys.
When a change is
made to the Administrator account, the event:
ID: 560
Source: Security
Type: Success
Audit
Category: Object
Access
will indicate
the UserName.
256 » Does your
W95 clients logon script dialog box stay open?
If you are using
standard logon scripts (as apposed to Kixtart), your clients logon diaglog box
may not close unless you end the script in the Root directory (C:). If this
doesn't cure the problem, try ending the script in the Windows directory.
257 » Where does
Windows NT store the SYSTEM.INI info for 16bit programs?
The WOW key at HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\WOW
stores configuration data for the Win16 on Win32 subsystem; aka Windows on
Windows.
The WOW key
contains subkeys that have the same names as headings in the System.ini file.
The value entries in these subkeys are the same as the values in the 16-bit
Windows 3.x System.ini file.
258 » How can I
disable specific Control Panel applets from certain users and groups?
The best way to
disable selected Control Panel applets is to remove the NTFS read permissions
from the appropriate .cpl file in the %systemroot%\System32 directory for the
selected users and groups. Here is a list:
File Name Applet
Name
ACCESS.CPL
Accessibility options
APPWIZ.CPL
Add/remove programs
CONSOLE.CPL
Console
DESK.CPL Display
DEVAPPS.CPL
PCMCIA, SCSI adapters and tape drives
FINDFAST.CPL
Office Find Fast
INETCPL.CPL
Internet
INTL.CPL
Regional Settings
JOY.CPL Joystick
LICCPA.CPL
Licensing
MAIN.CPL Fonts,
keyboard, mouse and printers
MLCFG32.CPL Mail
MMSYS.CPL Sounds
and multimedia
MODEM.CPL Modems
NCPA.CPL Network
ODBCCP32.CPL
ODBC
PNOTIFY.CPL
Print notification
PORTS.CPL Ports
RASCPL.CPL Dial
up monitor
SRVMGR.CPL
Server, services and devices
SYSDM.CPL System
TELEPHON.CPL
Telephony
THEMES.CPL Themes
TIMEDATE.CPL
Date/time
TWEAKUI.CPL
TWEAKUI
UPS.CPL UPS
WGPOCPL.CPL Work
Group Post Office
FYI - I have
listed the registry entries used by some of the applets.
Accessibility
Options HKEY_CURRENT_USER\Control Panel\Accessibility
Date/Time HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation
Devices
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
Display
HKEY_CURRENT_USER\Control Panel\Desktop and
HKEY_LOCAL_MACHINE\HARDWARE\RESOURCEMAP\VIDEO
Fonts
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
Internet
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
Keyboard
HKEY_CURRENT_USER\Control Panel\Desktop
Modems
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Unimodem
Mouse
HKEY_CURRENT_USER\Control Panel\Mouse
Multimedia
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia
Ports
HKEY_LOCAL_MACHINE\HARDWARE\RESOURCEMAP
Printers
HKEY_CURRENT_USER\Printers
Regional
Settings HKEY_CURRENT_USER\Control Panel\International
SCSI Adapters
HKEY_LOCAL_MACHINE\HARDWARE\RESOURCEMAP\ScsiAdapter
Services
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
Sounds
HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default
Tape devices
HKEY_LOCAL_MACHINE\HARDWARE\RESOURCEMAP\OtherDrivers\TapeDevices
Telephony
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony
UPS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UPS
260 » What is a
Service Group?
A Service Group
is a collection of similar services that are loaded together at startup. Most
services that appear in the HKEY_LOCAL_MACHINE\CurrentControlSet\Services
subkey are part of a Service Group. WindowsNT loads one Service Group at a
time. Services that are not in a group are loaded after all Service Groups are
loaded.
The
HKEY_LOCAL_MACHINE\CurrentControlSet\Control\ServiceGroupOrder subkey
determines the order in which Service Groups are loaded. The List value is a
REG_MULT_SZ entry that specifies the Service Group order.
The
HKEY_LOCAL_MACHINE\CurrentControlSet\Control\GroupOrderList subkey determines
the order in which services within a Service Group are loaded. Services in a
Service Group are assigned a tag, a unique numeric value within a Service Group
which determines the service load order. Each value entry in GroupOrderList
represents a Service Group. The value of the entry is a series of tags in a
specified order. The first entry in this REG_BINARY value is the number of
services in the group, followed by the tags in load sequence. If you look at
PointerPort you can see that there are 3 services in the group and that the
service with tag 02 is loaded first, followed by the service with tag 01 and
then tag 03.
At a service
level, the HKEY_LOCAL_MACHINE\CurrentControlSet\Services\ServiceName subkeys
contain:
Group - this
REG_SZ specifies the Service Group name that a service belongs to.
tag - this
REG_DWORD specifies the service load sequence.
DependOnGroup -
this REG_MULTI_SZ entry defines the Service Groups which must be loaded
succesfully before this service loads.
DependOnService
- this REG_MULTI_SZ entry defines services that must be loaded successfully
before this service loads.
261 » Where does
a DHCP client store lease information?
DHCP clients
store information locally so that they can attempt to lease the same IP address
and still function if the DHCP server is down.
A Windows NT
client stores DHCP information in the registry at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\<Network
Adapter>\Parameters\Tcpip
A Windows 95
client also stores DHCP information in the registry at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VxD\DHCP\DHCPInfo00
Windows for
Workgroups with TCP/IP-32 stores the DHCP-related information in the DHCP.bin
file in the <WINDOWS_SYSTEM_ROOT> subdirectory. This file is in binary
format.
LAN Manager
version 3.0 and LAN Manager for MS-DOS version 2.2c clients both store the
local DHCP-related information in the DHCP.prm file in the <NETWORK_ROOT>
directory. This file is in a binary format.
262 » When I run
regedit.exe to edit the registry, it doesn't.
Regedit.exe, the
Windows 95 registry editor, is included on the Windows NT 4.0 CD-ROM for its'
superior search capability. It does not support all the NT data types and does
not support Windows NT Registry Security.
If you upgraded
to Windows NT from Windows 3.x, the regedit.exe on your computer is the OLE
link registry editor. Do not overwrite this.
Copy regedit.exe
from the NT 4.0 CD-ROM and see tip 108 to associate the .REG extension with
Registry Entries.
263 » How do I
get a scheduled job to print?
You must run the
Schedule service under the local system account. Use Control Panel / Services /
Schedule to stop the Schedule service. Click the Startup button and verify that
System Account and Allow System To Interact With Desktop is checked. Leave the
schedule service stopped.
If you do not
have a local printer, create one using the print driver for the device that the
Scheduler will print to. Configure it for LPT1. Set this as the default printer.
Using the
Windows 95 registry editor, regedit.exe edit:
HKEY_CURRENT_USER\Software\Microsoft\Windows
NT\Current Version\Devices and Export Registry File as
Drive:\SomeDirectory\Devices.
HKEY_CURRENT_USER\Software\Microsoft\Windows
NT\Current Version\PrinterPorts and Export Registry File as
Drive:\SomeDirectory\Printer.
HKEY_CURRENT_USER\Software\Microsoft\Windows
NT\Current Version\Windows and Export Registry File as
Drive:\SomeDirectory\Windows.
Edit each of the
.reg files and replace HKEY_CURRENT_USER in the key with HKEY_USERS\.DEFAULT.
In Devices.reg,
remove all the value entries except LocalPrinter....... Double click the file
to run regedit.exe.
In Printer.reg,
remove all the value entries except LocalPrinter....... Double click the file
to run regedit.exe.
In Windows.reg,
remove all the value entries except Device....... Double click the file to run
regedit.exe.
You may now set
your default printer back to the origonal value and start the Schedule service.
If your printer
is really a local printer, use the /interactive switch with the AT command and
your scheduled job will print.
If your printer
is a remote network printer, use a batch job with the /interactive switch:
net use LPT1: /d
net use LPT1:
\\PrintServer\PrintShare password /U:UserWithPermission
your print
command
net use LPT1: /d
exit
264 » Auditing
logons.
When you enable
auditing of logons in User Manager for Domains \ Policies \ Audit.., records
appear in your Security log in the Event Viewer.
Many of these
records appear to be identical at the summary level but if you view the detail
you will see a difference. Here are the common logon/logoff events:
D e s c r i p t
i o n Event ID Event Type
Interactive
logon 528 2
Interactive
logoff 538 2
Network logon
528 3
Net Use connection*
528 3
Network logoff
538 3
Net Use
disconnection 538 3
Autodisconnect
538 3
Note: * - An
event is only generated by the initial connection from a particular user.
Subsequent Net
Views or Net Uses from the same user to the same computer do not generate any
additional
events unless the user has disconnected (or has been autodisconnected) from all
shares.
265 » NT 4.0
SP2/SP3 machine can not connect to W95 user-level share.
If you are sure
that your W95 machine is properly configured to logon to your domain (see tip
248) and you can not connect to a Windows 95 share, you may have encountered an
obscure bug in mup.sys.
Make a backup
copy of %SystemRoot%\System32\Drivers\mup.sys and copy the origonal from the
Windows NT CD-ROM. Reboot.
If this works
for you, thank Michael Bormann, who provided this tip. Michael also provided
vservupd.exe which will patch your W95 system. This exe is a German version so
if you elect to try it, keep the one file that has a German code page when
prompted. I suggest calling Microsoft and getting the version of this update
suitable for your W95 system. I did try the version on one of my U.S.A. W95
clients with no apparent ill effects.
266 » How do I
track my registry changes?
I pick a
suitable (based upon expected frequency and volume) higher level keyName and
Add Value of <KeyName_History> with type REG_MULTI_SZ. I Describe the
changes on seperate lines of this value entry, including KeyName or ValueName,
date, and a description of the change.
267 » Has your
Fonts folder lost functionality?
If you select
the %SystemRoot%\Fonts folder in explorer, the menus should change to include:
File menu:
- Open
- Print
- Install New
Font
View menu:
- List Fonts By
Similarity
- Hide
Variations (Bold, Italics, Etc.)
You have used
TweakUI to repair the Fonts but to no avail.
The
functionality of the Fonts folder depends upon:
- The System
attribute being set.
- A valid
Fontext.dll being present in %SystemRoot%\System32.
- A valid
Desktop.ini in the Fonts folder (you can not see this file using explorer).
To repair the
Fonts functionality:
- At a command
prompt, type:
%SystemDrive%
CD %SystemRoot%
attrib +s fonts
- Expand the
Fontext.dll from the NT CD-ROM:
expand
<Drive:>\i386\fontext.dl_ %SystemRoot%\system32\fontext.dll
- Expand
Desktop.ini from the NT CD-ROM:
expand
<Drive:>\i386\Desktop.in_ %SystemRoot%\Fonts\Desktop.ini
Shutdown and
restart Windows NT.
Note: This
procedure might also fix a Missing TrueType tab when you use options /view in
the Fonts folder and may correct an incomplete Fonts list in some applications.
268 » Stop 0x1E
using NT 4.0, SP3, and RAS.
If you reinstall
Windows NT with the above configuration or install RAS for the first time, your
computer may reboot repeatedly with the 0x1E BSOD.
This is caused
by the SP3 version of tcpip.sys with the non-sp version of other files
installed by RAS or a reinstall. The solution is to replace
%SystemRoot%\System32\drivers\TcpIP.sys with the version from the CD-ROM. The
trick is how?
. If you have a
dual boot and can access the subject %SystemRoot%\System32\drivers\TcpIP.sys,
expand it from the CD. This requires expand from the NT CD which requires WinNT
or Win95.
. If you have
another WinNT install without SP2 or SP3, use tip 181 and place the origonal TcpIP.sys
on the origonal system's ERD.
. As a last
resort, install a seperate copy of NT into a different directory and use it to
expand tcpip.sy_ from the NT CD into the origonal WinNT at
%SystemRoot%\System32\drivers\TcpIP.sys. Before doing this:
attrib -s -r -h
c:\boot.ini
copy c:\boot.ini
c:\boot.bak
If you decide to
remove this second install latter:
attrib -s -r -h
c:\boot.ini
copy c:\boot.bak
c:\boot.ini
attrib +s +r +h
c:\boot.ini
269 » Set
foreground/backround priority in the Windows NT 4.0 registry.
The relative
priority of foreground vs background applications can be set my modifying
Win32PrioritySeparation at:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\PriorityControl\Win32PrioritySeparation
This type
REG_DWORD entry defaults to 2 if the value is not present.
Win32PrioritySeparation
determines how much processor time the threads of a foreground process receive
each time they are scheduled on a Windows NT workstation processor.
Value Meaning
0 Short
processor interval.Foreground threads get the same amount
of processor
time as background threads which is the same
as threads of
processes with a priority class of Idle.
1 Medium length
processor interval.Foreground processes get more
processor time
than background processes each time they are scheduled.
2 Long processor
interval.Foreground thread processes get much more
processor time
than background processes.
On a
WindowsNT4.0 Server, the length of processor time each thread gets is longer
than on a workstation, but it is fixed. The value of Win32PrioritySeparation is
used to calculate a priority boost for foreground processes. The higher the
value, the greater the boost.
270 » New DEFPTR
manages default printers. NT Resource Kit, Vol II
provides DEFPTR, a tool that runs in trayicon
mode and allows you to easily switch default printers by clicking on an
available printer browse list.
This is usefull
for roaming users, for anyone where network traffic makes switching necessary,
and when applications only print to the default printer.. You can easily toggle
between network and local printers.
271 » Have you
lost your EXE association?
The EXE
association is stored in the registry at:
HKEY_CLASSES_ROOT\exefile\shell\open\command
as an unnamed value of type REG_SZ with a string of "%1" %*
Unfortuneatly,
since EXE files won't run, you can not use the REGEDT32.EXE.
Normally, you
would use your ERD (Emergency Repair Disk) and the Windows NT setup floppies to
repair the SOFTWARE hive of the registry. If yours is out of date, here is an
alternate method.
Install another
instance of Windows NT on your computer, preferably in a different partitions,
but definetly in a different directory.
Using the
technique described in tip 182, use REGEDT32.exe to highlight
HKEY_LOCAL_MACHINE and Load Hive from the Registry menu. Navigate to the
OriginalNTInstall\System32\config and open the Software file. . When prompted
for a name, enter OLDSOFT. The HKEY_LOCAL_MACHINE window will list the
following hives:
HARDWARE
OLDSOFT
SAM
SECURITY
SOFTWARE
SYSTEM
Double-click on
OLDSOFT and then on Classes and navigate to exefile\shell\open\command
Double-click on
<No Name> or Add Value as above and set the string to "%1" %*
Highlight
OLDSOFT and select Unload Hive from the Registry menu.
When you boot to
your origonal install, the association will be fixed.
Note: If you
want to remove the alternate instance of NT:
. Delete the
directory.
. attrib -r -s
-h c:\boot.ini
. Edit
c:\boot.ini and remove the entry. Reset the default (or use Control Panel /
System / Startup...).
. attrib +r +s
+h c:\boot.ini
272 » What do
the ERD repair screens look like?
When you boot
the 1st Setup floppy, you are then prompted to insert Disk 2. When you select R
for Repair, you are presented with:
As part of the
repair Process, Setup will perform each of the optional
tasks shown
below with an "X" in it's check box.
To perform the
selected tasks, press ENTER to indicate "Continue." If you
want to select
or deselect any item in the list, press the UP or DOWN arrow
key to move the
highlight to the item you want to change.
Then press
ENTER.
[ ] Inspect
registry files.
[ ] Inspect
startup environment.
[ ] Verify
Windows NT system files.
[ ] Inspect Boot
Sector.
Continue
<perform selected tasks>
F1=Help F3=Exit
ESC=Cancel
ENTER=Select/Deselect
When you finally
select Continue, setup proceeds through mass storage detection where you
respond as you did during initial setup. It will eventually request Disk 3.
Assuming there are no configuration problems and your CD-ROM is connected and
the NT CD is mounted, you will get:
Setup needs to
know if you have an Emergency repair disk for the Windows NT
version X.X
installation which you want to repair.
NOTE: Setup can
only repair a Windows NT version X.X installation.
If you have the Emergency
Repair Disk, press ENTER.
If you do not
have the Emergency Repair Disk, press ESC. Setup will
attempt to
locate the Windows NT version X.X for you.
ENTER=Continue
ESC=Cancel F3=Exit
Note: If you
choose ESC, it will find your installation and bypass the next screen.
If you Continue
you get:
Please insert
the disk labeled Windows Emergency Repair Disk into Drive A:
press Enter when
ready.
F3=Exit
ENTER=Continue ESC=Cancel
Setup displays:
Setup has found
Windows NT on your hard disk in the directory shown below.
Your Windows NT
Directory
To repair the
Windows NT installation shown above, press ENTER.
To return to the
previous screen, press ESC.
To exit Setup,
press F3.
F3=Exit
ESC=Cancel ENTER=Repair.
If you selected
Inspect registry files, you must make the following selection(s):
Setup will
restore each registry file shown below with an "X" in its check box.
To restore the
selected files, press ENTER to indicate "Continue." If you
want to select
or deselect any item in the list, press the UP or DOWN ARROW
key to move the
highlight to the item you want to change. Then press ENTER.
WARNING: Restore
a registry file only as a last resort. Existing
configuration
may be lost. Press F1 for more information.
[ ] SYSTEM (System configuration)
[ ] SOFTWARE (Software Information)
[ ] DEFAULT (Default User Profile)
[ ] NTUSER.DAT (New User profile)
[ ] SECURITY ( Security Policy) and
SAM (User Accounts Database)
Continue (perform selected tasks)
F1=Help
ENTER=Select/Deselect F3=Exit
273 » Little
known DOS trick assists logon script.
When you write a
logon script, the batch file can not determine where it is running from and
different clients point the current directory to various places. A little known
DOS trick can prevent you from having to hard code the directory and have
different scripts for different servers.
Use
%0\...\<filename> syntax in your logon script. A simple example can been
seen at tip 120 where the following code is used to invoke Kix32:
@echo off
%0\..\KIX32
LOGON
Exit
This works with
all client systems an tells the client that the KIX32 program is located in the
NetLogon share.
274 » Delete
files older than xx days..
DELOLD is a
freeware Visual Basic utililty that can delete files older than xx days in the
target directory. It can be run from the command line, batch file, or a
shortcut.
One of my
favorite uses is to schedule the deletion of *.DOC files from a network share
(using the local path) when the document is 60 days old:
AT
\\ServerHostingShare 01:00 /interactive /every:M,T,W,Th,F,S,Su "DELOLD
<Drive:>\Directory\*.DOC 60"
Install DELOLD
somewhere in the System Path. See the readme file for additional information.
275 » Changes to
user profiles are lost.
If a
non-administrative user makes changes to their non-manditory server based
profile and these changes are lost upon logoff, both from the server and
locally cached store, there are just a few possibilities:
1. The user user
does not have write permissions on the profile directories.
2. The user is
logged on more than once.
3. The user is
not a member of the workstations local Users group. Add the Users Domain
Account or the Domain Users global group to the workstations local Users group.
276 » Establish
a common Favorites folder.
If you have a
Windows NT network, you can establish a common Favorites folder for your
Windows NT Clients.
Create a folder
on the server with appropriate (for your organization) permissions and share
it.
On each Windows
NT Client, edit the registry at:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User
Shell Folders
In the right
hand pane, double click the Favorites value (a type REG_SZ) and enter the UNC
path to the common Favorites folder:
\\ServerName\CommonFavorites
If you prefer,
you could use a mapped drive ( F:\ ) or even F:\Favorities.
277 » Remote
access to the NT 4.0 Registry.
In Windows NT
4.0, only members of the Administrators group have access to the registry.
You can alter
this default by editing the registry at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg
If the
SecurePipeServers key does not exist, add it with a Class of REG_SZ
If the winreg
key does not exist, add it with a Class of REG_SZ
Add value of
Description as type REG_SZ and set the String to Registry Server
Select the
winreg key and choose Security / Permissions from the Regedt32 menu. Grant the
users and groups the access you desire. I would grant Full Control to
Administrators.
It is possible
to bypass these access permissions. Some services such as Directory Replicator
and Spooler require remote access to the Registry. You can grant access to the
account that runs these services or you can edit the registry at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg
Add a key of
AllowedPaths with a empty Class. Select
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowedPaths
and add a value
name of Machine as type REG_MULTI_SZ with the following String values, one per
line:
System\CurrentControlSet\Control\ProductOptions
System\CurrentControlSet\Control\Print\Printers
System\CurrentControlSet\Services\Eventlog
Software\Microsoft\Windows
NT\CurrentVersion
System\CurrentControlSet\Services\Replicator
If you wish, you
can grant users access to listed locations in the registry by adding a value
name of Users as type REG_MULTI_SZ and listing the registry locations, one per
line.
279 » Low on
Registry Quota.
If you receive
the subject message, you are about to exceed the maximum size of the registry.
By default, Windows NT calculates the registry size as 25% of the paged pool.
The default page pool size is approximately equal to the amount of RAM. The
maximum registry size is 152 Meg (80% of the paged pool which is limited to 192
Meg).
The default
calculation of paged pool size and registry size is dynamic and is adjusted
only as you add or remove RAM.
The settings of
two registry values alter the behavior of registry size:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session
Manager\Memory Management
A value entry of
PagedPoolSize as type REG_DWORD sets the paged pool. If this value is missing
or set to 0, the system calculates the default page pool as slightly less than
the installed RAM but limits it to 192 Meg (0x0C000000). If you change this
entry, you must reboot.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control
A value entry of
RegistrySizeLimit as type REG_DWORD directly sets the registry size limit. If
the entry is missing, 0x0, or set to 0xFFFFFFFF, the systems calculates the
registry size limit as 25% of the paged pool. The valid data range is
0x00040000–0xFFFFFFFE.
You can also set
the registry size limit in Control Panel / System / Performance.
280 » More
Server Service troubles.
If you did a New
install of Windows NT and then applied Service Pack 3 before installing your
network, your copy of SRV.SYS was not updated to SP3. Either reapply the
Service Pack or use tip 181 to install SRV.SYS from the expanded SP (You can
expand a Service Pack by typing: ServicePackFileName.exe /x).
281 » Event Id:
2009, Source: Srv, ..table reached maximum size.
Double click the
error to locate the error code in the 11th DWORD at 0x28.
0000: 00040000
00540001 00000000 c00007d9
0010: 00000000
c000009a 00000000 00000000
0020: 00000000
00000000 000003e9 <- Error code
3e9Too many open
files. Type net file > toomany.txt and examine the toomany.txt file.
3eaToo many
unsatisfied SMB searches. Edit the registry at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
Edit or Add
Value of type REG_DWORD for value names:
MaxGlobalOpenSearch
- deault: 4096, max: 65536, recommend: 16384
MaxKeepSearch -
deault: 1800, recommend: 900
MinKeepSearch -
deault: 480, recommend: 240
Set
PagedPoolSize at tip 279 to 0.
3ebToo many user
sessions (mapped drives or redirector hung). Use Server Manager or if you're in
a hurry, see tip 159
3ecNo more free
Tree Ids (TIDs) to satisfy a TreeConnect SMB. The only solution is to offload
highly accessed data.
283 » Knowledge
Base URL launcher.
KBURL is a
freeware program that will convert a KB article ID to its' URL and optionally
launch it. It has a number of usefull configuration options.
See tip 144 for
more information on the Knowledge Base.
284 » RAS
disconnect.
You can
configure the RAS server auto-disconnect in the registry at:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RemoteAccess\Parameters\AutoDisconnect
as a type
REG_DWORD. The default is 20 minutes..
If you set the
string to 0, disconnection is very fast. If a connection is inactive for longer
than this, it is disconnected.
When you edit
the phone book on a client, the User Preferences for client side disconnect is
stored at the following REG_DWORD:
HKEY_Current_User\Software\Microsoft\RAS
Phonebook\IdleHangUpSeconds
and the Logon
Preferences at:
HKEY_USERS\.DEFAULT\Software\Microsoft\RAS
Phonebook\IdleHangUpSeconds
Remote Acess
Autodial Manager must be running for the above to function.
285 » Change
ComputerName without rebooting.
BAPTIZE is a
freeware utility that sets the ComputerName to the specified value without the
need for reboot your machine.
Usage: BAPTIZE
new_name
After the
program finishes, your computer is visible on the network under its new name.
BAPTIZE has been tested with NetBEUI and TCP/IP.
286 » Edit the
boot menu.
NTBoot is a
freeware utility to makes it easy to edit the boot menu.
No more attrib
-r -h -s c:\boot.ini and/or Control Panel / System / StartUp\ShutDown.
You can ADD
entries, EDIT existing entries, and DELETE entries, as well as change the
defaults.
287 » Test for
group membership.
Somar's (tm)
Testgrp is a freeware Windows NT console utility that can be used to test for
group membership in logon scripts. For example:
testgrp "domain admins"
if errorlevel 1 goto skip
call domadmin.bat
:skip
If you have
Windows 95 clients, see tip 120.
288 » How does
Windows NT assign drive letters?
Windows NT first
assigns drive letters that you configured in Disk Administrator (Windisk.exe)
by selecting the Volume and choosing Tools/Assign Drive .. (assuming the
partition is still valid).
If there is a
primary partition on the first hard drive marked as active, it gets the first
available drive letter, otherwise, the first available drive letter is assigned
to the first recognized primary partition.
This process is
repeated for all hard drives in the system. Please note that if you have
multiple controllers in your system, the drive letter ordering is based on the
order in which the device drivers are loaded by Windows NT.
Once the letters
have been assigned to the first primary partitions on all drives in the system,
letters are assigned to the recognized logical disks in the extended partitions
using the same scheme as outlined above, starting with the first drive in the
system.
After all of the
logical disks in the extended partitions are assigned letters, one last scan is
made of the drives, and letters are assigned to any remaining recognized
primary partitions.
Some removeable
media devices are considered to be hard drives and participate in the above.
Lastly,
removeable media devices (CD-ROM) are assigned.
If your new JAZ
drive is messing up your drive letters:
Shutdown
Remove the JAZ
boot
Run Windisk and
assign drive letters to all other devices
Shutdown
Attach the JAZ
Upon booting,
you will find that the JAZ drive has the next available drive letter.
289 » Beware of
the Trojan horse.
In tip 081, we
learned about implementing enhanced password functionality. This technology can
be exploited by allowing a Trojan horse version of a password filter to expose
passwords in plain text.
The threat:
Workstation: The
default permissions allows anyone who is logged on locally or anyone with write
access to a share that includes the %Systemroot%\System32 directory to place a
Trojan horse version of fpnwclnt.dll in that folder. This Trojan horse will be
able to intercept all changes in the local Security Account Manager (SAM)
database. If the workstation is a member of a domain, changes to the domain password
are not trapped by the password filter.
Server:
fpnwclnt.dll is installed by default. If a Trojan horse is substituted on the
Primary Domain Controller (PDC), it will receive domain password changes in
plain text. The default permissions only allow Administrators to logon locally
and only Administrators have write access to the %SystemRoot%\System32 folder.
Pasword filters on a BDC are not used.
Both:
Administrators can add their own DLL to the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages
registry entry to capture passwords.
The Fix:
1. Apply Service
Pack 3.
2. Install
Windows NT on an NTFS partition.
3. Using
Regedt32, edit: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA and
with Security / Permissions, allow only Administrators and System to have write
access.
4. Double click
on Notification Packages and insure that only valid password filter packages
are listed.
5. If you don't
use FPNW (File and Print Services for Netware) and DSMN (Directory Service
Manager for Netware), remove the fpnwclnt entry from Notification Packages.
6.If you use
FPNW or DSMN, make sure fpnwclnt.dll in the %SystemRoot%\System32 folder is the
version that ships with Windows NT 4.0 Service Pack 3 (05/01/97, 35,088) and
that NTFS permissions only permits access by administrators and the system.
Consider
implementing tip 119 to restrict administrator access to the registry.
Note: If FPNW or
DSMN is installed in your domain, but not on the PDC, the PDC registry key is
used.
290 »
Conditional Processing Symbols, Filters, and Redirection for batch processing.
The Windows NT
command language supports Conditional Processing Symbols, Filters, and
Redirection. These can be used in batch processing as well as at a command
prompt.
Symbols:
The ampersand
(&) separates multiple commands on one command line.
The parentheses
groups multiple commands.
The semicolon or
comma or equal sign (; , =) separate command parameters.
The caret (^)
allows you to use a command symbol as text, ignoring the symbols meaning.
The double
ampersand (&&) causes the command following this symbol to run if the
command preceding the symbol is successful.
The double pipe
(||) causes the command following this symbol to run if the command preceding
the symbol fails.
Examples:
Dir
<drive:>\Directory1&Dir <drive:>\Directory2-executes both Dir
commands
Dir
<drive:>\Directory1=<drive:>\Directory2-executes the Dir command on
both directories
net use
<drive:> \\Server\Share&&echo OK-displays ok the first time but
not subsequently as the <drive:> is already used
Redirection
characters change where a command gets information from or sends information
to:
The greater-than
sign (>) sends the output of a command to a file or a device, such as a
printer. If the file exists, it is 1st deleted.
The double
greater-than sign (>>) sends the output of a command to a file. If the
file exists, it is extended, if it doesn't exist, it is created.
The less-than
sign (<) takes the input for a command from a file. Examples:
Dir <drive:>\Directory1
> <drive:>\Directory2\dirlist.txt-creates a new dirlist.txt file with
the output of the dir command.
Dir
<drive:>\Directory3 >> <drive:>\Directory2\dirlist.txt-adds
the output of this dir command to the file created above.
Filters divide,
order, or extract portions of the information that pass through them:
The find command
searches files for the string you specify.
The sort command
orders files.
Examples:
sort <
list.txt > sort.txt-orders the lines of list.txt as sort.txt.
find
".EXE" < Dirlist.txt > EXE.txt-finds upper case .EXE extensions
and creates the lines that contain them in EXE.txt
Here is a batch
file I call 1Meg.bat which I use to find all files over 1 megabyte in the
target directories:
Usage: 1meg
<drive:>\Directory1,<drive:>\Directory2,...<drive:>\Directoryn
output:
1meg_YourUserId.log in the current directory
1meg.bat:
@echo off
dir /o-s /c /n
%* > %TMP%\%USERNAME%tmp.log
find
"replace this string with 14 spaces" %TMP%\%USERNAME%tmp.log /V >
%TMP%\%USERNAME%tmp1.log
find
"<DIR>" %TMP%\%USERNAME%tmp1.log /V >
%TMP%\%USERNAME%tmp.log
find
"Volume " %TMP%\%USERNAME%tmp.log /V > %TMP%\%USERNAME%tmp1.log
find "
File(s)" %TMP%\%USERNAME%tmp1.log /V > %TMP%\%USERNAME%tmp.log
find
"%TMP%\%USERNAME%TMP" %TMP%\%USERNAME%tmp.log /V /I >
%0\...\1meg_%USERNAME%.log
del
%TMP%\%USERNAME%tmp*.log
exit
292 » Networked
Common Desktop, Start Menu, and Programs folders.
You can
establish a shared common Desktop, Start Menu, and Programs folder on your
server. For each client machine, edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User
Shell Folders
Double click on:
Common Programs
and change this REG_EXPAND_SZ value string to the UNC path of a shared folder
on a server.
Common Desktop
and change this REG_EXPAND_SZ value string to the UNC path of a shared folder
on a server.
Common Startup
and change this REG_EXPAND_SZ value string to the UNC path of a shared folder
on a server.
See tip 051.
293 » System
Policies Update.
The Update
registry key has value entries which control the application of System
Policies. Edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Update
UpdateMode is a
REG_DWORD with the data values:
0 - A policy
file is not downloaded from a server and is not applied.
1 - NTconfig.pol
is downloaded ( if present) from the NetLogon share of the %LogonServer% and
applied.
2 - The UNC path
of the policy file is read from NetworkPath and if present, downloaded and
applied.
NetworkPath if a
REG_SZ value that contains the full UNC path to the policy file. It is only
used if UpdateMode is a 2. Example: \\ServerName\ShareName\MyPolicy.pol
294 » Using
DOSKEY.
The Doskey
program is available in all character-based, interactive programs such as
CMD.EXE and FTP.EXE. Doskey maintains a command history buffer and macros for
each program started. The syntax is:
doskey
[/reinstall] [/listsize=size] [/macros:[all | exename] [/history]
[/insert|/overstrike] [/exename=exename] [/macrofile=filename]
[macroname=[text]]
where:
/reinstall
Clears the command history buffer.
/listsize=size
Specifies the maximum number of commands in the history buffer.
/macros Displays
a list of all Doskey macros. You can use a redirection symbol (>) with the
/macros switch to redirect the list to a file. You can abbreviate the /macros
switch as /m.
all Displays
Doskey macros for all executables.
exename Displays
Doskey macros for the specified executable.
/history
Displays all commands stored in memory. You can use a redirection symbol (>)
with the /history switch to redirect the list to a file. You can abbreviate the
/history switch as /h.
/insert |
/overstrike Specifies whether new text you type is to replace old text. If you
use the /insert switch, new text that you type on a line is inserted into old
text (as if you had pressed the INSERT key). If you use the /overstrike switch,
new text replaces old text. The default setting is /overstrike.
/exename=exename
Specifies the program (executable) in which the Doskey macro will run.
/macrofile=filename
Specifies a file containing macros to install.
macroname=[text]
Creates a macro that carries out the commands specified by text. Macroname
specifies the name you want to assign to the macro. Text specifies the commands
you want to record. If text is left blank, macroname is cleared of any assigned
commands.
The /macros and
/history switches are useful for saving macros and commands. To save all
current doskey macros, type:
doskey /macros
> cur
To then to use
cur, type:
doskey
/macrofile=cur
To save all the
commands in the buffer to a batch file, type:
doskey /history
> abatch.bat
To create a
macro with multiple commands, use the $t syntax, variables are $1 to $9, and $*
will append anything you type after the macro name:
doskey nd=md
$1$Tcd $1
When you type nd
Jerry, nd will create a folder Jerry and switch to it.
To delete the nd
macro, type:
doskey nd=
To recall a
command:
UP ARROW Recalls
the command you used before the one displayed.
DOWN ARROW
Recalls the command you used after the one displayed.
PAGE UP Recalls
the oldest command you used in the current session.
PAGE DOWN
Recalls the most recent command you used.
You can edit a
command line:
LEFT ARROW Moves
the cursor back one character.
RIGHT ARROW
Moves the cursor forward one character.
CTRL+LEFT ARROW
Moves the cursor back one word.
CTRL+RIGHT ARROW
Moves the cursor forward one word.
HOME Moves the
cursor to the beginning of the line.
END Moves the
cursor to the end of the line.
ESC Clears the
command from the display.
F1 Copies one
character from the same column in the template to the same column in the
WindowsNT command prompt. (The template is a memory buffer that holds the last
command you typed.)
F2 Searches
forward in the template for the next key you type after pressing F2. Doskey
inserts the text from the template up to but not including the character you
specify.
F3 Copies the
remainder of the template to the command line. Doskey begins copying characters
from the position in the template that corresponds to the position indicated by
the cursor on the command line.
F4 Deletes
characters from the current cursor position up to a character you specify. To
use this editing key, you press F4 and type a character. Doskey deletes the
characters from the current cursor position to the first letter specified.
F5 Copies the
template into the current command line.
F6 Places an
end-of-file character (CTRL+Z) at the current cursor position.
F7 Displays all
commands for this program stored in memory in a pop-up box. Use the up and down
arrow keys to select the command you want and press ENTER. The command will
run. You can also note the sequential number in front of the command and use
this number in conjunction with the F9 key.
ALT+F7 Deletes
all commands stored in memory for the current history buffer.
F8 Displays all
commands in the history buffer that start with the characters in the current
command.
F9 Prompts you
for a history buffer command number, then displays the command associated with
the number you specify. Press ENTER to run the command. To display all the
numbers and their associated commands, press F7.
ALT+F10 Deletes
all macro definitions.
You can use the
following special characters to control command operations when defining a
macro:
$G or $g
Redirects output. Use either of these special characters to send output to a
device or a file instead of to the screen. This character is equivalent to the
redirection symbol for output (>).
$G$G or $g$g
Appends output to the end of a file. Use either of these special double
characters to append output to an existing file rather than replace the data in
the file. These double characters are equivalent to the "append"
redirection symbol for output (>>:).
$L or $l
Redirects input. Use either of these special characters to read input from a
device or a file instead of from the keyboard. This character is equivalent to
the redirection symbol for input (<).
$B or $b Sends
macro output to a command. Using one of these special characters is equivalent
to using the pipe (|) on a command line.
$T or $t
Separates commands. Use either of these special characters to separate commands
when you are creating macros or typing commands on the Doskey command line.
Using one of these special characters is equivalent to using the ampersand
(&) on a command line.
$$ Specifies the
dollar-sign character ($).
You cannot run a
Doskey macro from a batch program.
295 » What SID
is assigned to each user?
If you want to
know what the security identifier (SID) is for a specific user, edit:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\ProfileList
Double click the
ProfileList key to see a list a SID keys.
Double click
each SID to see the user.
With the
ProfileList key selected, Save Subtree As from the Registry menu and save it to
a text file, <Drive:>\Directory\SID.TXT. To make it easier to read, run
this batch:
Find "Class
Name:" <Drive:>\Directory\SID.TXT /V >
<Drive:>\Directory\SID1.TXT
Find "Last
Write Time:" <Drive:>\Directory\SID1.TXT /V > <Drive:>\Directory\SID2.TXT
Find
"Value" <Drive:>\Directory\SID2.TXT /V >
<Drive:>\Directory\SID1.TXT
Find
"Flags" <Drive:>\Directory\SID1.TXT /V >
<Drive:>\Directory\SID2.TXT
Find
"Type" <Drive:>\Directory\SID2.TXT /V >
<Drive:>\Directory\SID1.TXT
Find
"000000" <Drive:>\Directory\SID1.TXT /V >
<Drive:>\Directory\SID2.TXT
Find
"Name:" <Drive:>\Directory\SID2.TXT /V >
<Drive:>\Directory\SID1.TXT
Find
"0x" <Drive:>\Directory\SID1.TXT /V >
<Drive:>\Directory\SID2.TXT
Find
"replace with 8 spaces" <Drive:>\Directory\SID2.TXT >
<Drive:>\Directory\SID1.TXT
Find
".TXT" <Drive:>\Directory\SID1.TXT /V > SIDlist.txt
del
<Drive:>\Directory\SID.TXT
del
<Drive:>\Directory\SID1.TXT
del
<Drive:>\Directory\SID2.TXT
exit
296 » A better
way to prevent a user from logging on more than once.
In tip 175, I
described a method for preventing a user from logging on more than once. Now,
thanks to Nick Brown, there is a better way.
Download
NTNAME.ZIP. Here are excerpts from the NTNAME.DOC:
NTNAME - a
program to enforce one-logon-per-user
NTNAME is a
small utility which helps you build an NT network in which users can log on
only once.
You will need to
combine NTNAME with an automatic logoff program such as LOGOUT.EXE (see tip 184
), and have a consistent approach to user logon scripts.
When you log on
to NT, your PC adds a NetBIOS name consisting of your username, with
Byte16=0x03. This name is used to send you broadcast messages; for example,
when a print job completes.
NTNAME simply
checks to see whether the given name (specified as a command line parameter,
although I suppose it could have been extracted from the environment in
%USERNAME%) is owned by the current PC. If so, it outputs nothing and returns
errorlevel 0. If not, it outputs the name of the owning system to the standard
output (so you can capture it in a file) and returns errorlevel 1.
If you get this
errorlevel, it generally means that you are already logged in on another PC.
It's then up to you to write a logon script to detect this and log the user
off. On our site it looks something like this:
NTNAME
%USERNAME% >%TEMP%\OTHERPC.TXT
if not
errorlevel 1 goto logon_ok
for /f %%f in
('TYPE %TEMP%\OTHERPC.TXT') do @echo Already logged onto %%f %0\..\logout.exe
:logon_ok
You can make a
prettier message with a scripting tool like KIXtart. Just remember that because
you can't do system modal dialogs in NT, if you allow a wait for the user to
read the message before starting the logoff, you allow the user time to find
the process which is about to log them off, and kill it.
The main problem
will be if you have multiple domains and workgroups on your LAN with different
people creating usernames. In this case user SMITH in one domain can fail to
logon because user SMITH in another domain in not logged off.
In this case you
can try NTNAME2. This adds your NetBIOS name, with a Byte16 value which you can
specify (default is 0xCE). If you use a different Byte16 value on each domain,
or even if you just use NTNAME2 on your domain and don't bother on the others,
you should avoid conflicts. However, this is slightly slower (you have to wait
for the check to time out when adding the name), and you risk conflicts with
other NetBIOS applications which might use your Byte16 value.
There are a
couple of disadvantages to the approach in tip 175:
- If the home
share's server is down, you can log on anyway (another BDC will take over). You
might not want to stop people from working in this case.
- If another
user accidentally connects to the home share, it will eat the only allowed
connection. This can happen very easily, even with hidden share names. For
example, if Fred and Joe share a PC, and use Outlook, and they don't have the
master's degree in nuclear physics required to get the Outlook bar onto a
network drive, they will share an Outlook bar. If Fred puts a shortcut to his
home share on there, and Joe clicks on it, then Joe will connect to Fred's home
share, even if the share-level protection is set up to deny him access, and the
connection won't go away until Joe logs out!!! The network security is only
applied after you have connected.
297 » NETDOM
enables administrators to manage domains from the command prompt.
NT Resource Kit, Vol II contains NETDOM, a
utility that enables administrators to manage domains from the command prompt.
You can use
NETDOM to:
Join a domain.
Manage computer accounts for members (for example, adding, deleting, listing,
and querying members).
Manage computer
accounts for BDCs (for example, adding, deleting, listing, and querying BDCs).
Reset secure channels
on BDCs.
Establish trust
relationships.
Manage resource
domain computer accounts (for example, adding, deleting, listing, and querying
resource domains).
298 » Shared
server based profiles.
The User
Profiles tab in Control Panel / System displays local, roaming, and mandatory
user profiles from the %Systemroot%\Profiles directory. This tool cannot show
profiles for other paths.
To change who is
permitted to use a shared server based profile, Log on to server that hosts the
shared profile(s) and edit:
HKEY_USERS
From the
Registry menu, click Load Hive and import the shared profile (
\\ServerName\ShareName\Ntuser.man or other extension). When prompted for a key
name, type JSIhack. Select JSIhack and use Security / Permissions to add or
remove domain users or groups.
When you are
finished, Unload Hive from the Registry menu.
299 » How to
install a Windows 95 print driver.
When you create
a new printer on your Windows NT print server, you can install a Windows 95
driver for use by Windows 95 clients. Log on to the print server with an
Administrative account and click Start/Settings/Printers. Double-click the Add
Printers icon. Click on My Computer/Next. Select the Port and click Next.
Select the Print Device and click Next. Name the Print Device and click Next.
Click Shared, type the ShareName, and select Windows 95 from the list of
operating systems.
1. Insert the
Windows 95 CD-ROM.
2. Create a
directory. We will call it W95print.
3. At a command
prompt, switch to the W95print directory.
4. type:
<CD-ROM
Drive:>\win95\extract.exe /e <CD-ROM Drive:>\win95\precopy2.cab *.*
<CD-ROM
Drive:>\win95\extract.exe /e <CD-ROM Drive:>\win95\win95_09.cab *.*
<CD-ROM
Drive:>\win95\extract.exe /e <CD-ROM Drive:>\win95\win95_10.cab *.*
<CD-ROM
Drive:>\win95\extract.exe /e <CD-ROM Drive:>\win95\win95_15.cab *.*
(OEMSR2 only)
NOTE: Some OEMs
may change these file names.
5. Point to the
W95print directory. If you know the .Inf file you need, select it from this
directory, otherwise select the Msprint.inf file and it will show a list of all
the printer drivers that come with Windows 95.
NOTE: You may be
prompted to locate a fourth cabinet file, win95_11.cab, to complete the driver
installation. If so, expand it as above.
300 » Do not
broadcast printers available on a server.
If you want to
disable the browse thread on your print server so it will not notify other
print servers of the exisistance of your printers, edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print
Add Value of
type REG_DWORD with a value name of DisableServerThread and set the data value
to 1.
301 »
Performance tweaks for Windows NT 4.0.
It is possible
that your Windows NT HAL (Hardware Abstraction Layer) does not recognize the
amount of L2 cache (Secondary RAM Cache) that you have installed. To force
Windows NT to recognize it, edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session
Manager\Memory Management
The value name
SecondLevelDataCache is a type REG_DWORD. A data value of 0 is the default
which sets the L2 cache to 256K. If you have a different amount installed, set
the value in decimal.
Example: If you
have 512K cache, set the entry to 512 in decimal (Hexadecimal 200).
If you have lots
on memory, set DisablePagingExecutive, a type REG_DWORD, to 1. This will allow
drivers and the kernel code to be kept in memory. The default is 0 which pages
drivers and kernel code when needed.
302 » Activate a
password protected screensaver from an shortcut, batch, or via the scheduler.
In tip 005, we
were able to activate a screensaver by making it executable. We were not able
to activate any password protection.
Download
sslaunch.zip. This program can activate any screensaver, with or without
password protection, from a shortcut, batch or even the scheduler.
If Password
protection is set on the screensaver, it will activate after the defined number
of seconds.
When run from
the scheduler, use the /interactive switch. It actives the screensaver defined
for the current logged on user.
The syntax is
very simple: <Drive:>\Directory\savescrn.exe
303 » How do I
clear the page file at shutdown?
For security
reasons, you may want to clear the pagefile.sys when you shutdown the system.
Edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session
Manager\Memory Management
Add Value name
ClearPageFileAtShutdown as type REG_DWORD. The default is 0. When you set it to
1, inactive pages in the pagefile.sys will be filled with zeros. Some pages can
not be cleared as they are active during shutdown.
304 » Do your
client's print jobs remain in the que after printing?
If your client's
print jobs don't get deleted after printing, you may have removed the CREATOR
OWNER entry from the printer permissions.
Click Start /
Settings / Printers and right click on the printer. Select Properties. On the
Security tab, click Permissions. If CREATOR OWNER is not listed with Manage
Documents, add it.
You will need to
reboot your print server.
Note: While
you're here, insure that Administrators have Full Control.
305 » Windows NT
4.0 has two built in File comparison commands.
Fc is best used
for comparing text files while comp is better for other content types.
Fc Compares two
files and displays the differences between them.
fc [/a] [/b]
[/c] [/l] [/lbn] [/n] [/t] [/u] [/w] [/nnnn] [drive1:][path1]filename1
[drive2:][path2]filename2
Parameters:
/a Abbreviates the output of an ASCII
comparison. Instead of displaying all the lines that are different, fc displays
only the first and last line for each set of differences.
/b Compares the files in binary mode. Fc
compares the two files byte by byte and does not attempt to resynchronize the
files after finding a mismatch. This is the default mode for comparing files
that have extensions of .EXE, .COM, .SYS, .OBJ, .LIB, or .BIN.
/c Ignores the case of letters.
/l Compares the files in ASCII mode. Fc
compares the two files line by line and attempts to resynchronize the files
after finding a mismatch. This is the default mode for comparing files that do
not have extensions of .EXE, .COM, .SYS, .OBJ, .LIB, or .BIN.
/lbn Sets the number of lines for the internal
line buffer. The default length of the line buffer is 100 lines. If the files
being compared have more than this number of consecutive differing lines, fc
cancels the comparison.
/n Displays the line numbers during an ASCII
comparison.
/t Does not expand tabs to spaces. The default
behavior is to treat tabs as spaces, with stops at each eighth character
position.
/u Compares files as Unicode text files.
/w Compresses white space (tabs and spaces)
during the comparison. If a line contains many consecutive spaces or tabs, the
/w switch treats these characters as a single space. When used with the /w
switch, fc ignores (and does not compare) white space at the beginning and end
of a line.
/nnnn Specifies the number of consecutive lines
that must match before fc considers the files to be resynchronized. If the
number of matching lines in the files is less than this number, fc displays the
matching lines as differences. The default value is 2.
[drive1:][path1]filename1 Specifies the location and name of the first
file you want to compare.
[drive2:][path2]filename2 Specifies the location and name of the
second file you want to compare.
For more information
on both commands, see %SystemRoot%\System32\NTcmds.hlp
306 » Free tools
available in ZAK.
The Zero
Administration Kit contains some useful free tools:
Floplock- This
tool is used to prevent use of the floppy disk drive (even after rebooting)
using DACL (Discretionary Access Control Lists). If this service is configured
to start up automatically, only administrators and power users can access the
floppy disk drive in Windows NT Workstation, and only administrators can access
the floppy disk drive in Windows NT Server.
Con2Prt- This
tool provides scriptable functionality to the Add Printer Wizard so that
printers can be added or removed from the command line using a script.
FixPrf- Windows
Messaging does not automatically use the currently logged on user name when it
is started. The FixPrf tool forces the Windows Messaging client to load with
the user name of the user logging in.
Additional
information is available in the Zero Administration Kit Administrators Guide.
307 » How can I
force a DOS application to Print-Screen directly to a printer?.
When you press
the Print Scrn key in Windows NT 4.0, the full screen image is written to the
clipboard. When you press <ALT>Print Scrn, the active window is written
to the clipboard.
You can
configure your DOS apps to print directly to a printer:
- Right click on
the exe and create a shortcut.
- Right click on
the shortcut and select Properties. Select the Misc tab and clear the PrtSc
check box.
- Click OK
- Place the
shortcut in your start menu (see tip 051).
When you click
this shortcut, your DOS application will capture the Print Scrn key and print
directly to your printer.
If you have a
network printer, see tip 049.
308 » Does your
100MB EtherNet TCP/IP network perform poorly?.
If your 100MB EtherNet
TCP/IP network performs poorly, it could be due to ACK collisions. You can
contact your NIC manufacturer to see if there is a way to increase the
interframe gap.
The Intel
EtherExpress 100B adapters have a registry parameter:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\e100bx\Parameters
where x is the
number of your interface card. Add Value name Adaptive_ifs as type REG_DWORD
and set it to 1. This will enable an adaptive algorithm, while 0 will disabled
it. A value of 2 - 200 sets a predefined interframe gap, if you want to measure
collisions at 20, 40, 60, ..... and pick one with a low collision rate and good
performance.
If you have a
different NIC, edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
and add Value
name TcpWindowSize as type REG_DWORD and set it to 2920 (decimal).
Note: This tip
is for 100MB EtherNet TCP/IP networks only. Using this parameter on a 10MB
network, or on a WAN or FDDI, or Token Ring, or anything else, will impact
performance.
309 » Service or
driver failed to start and Event Viewer has taken a vacation.
If you receive a
message that a service or driver has failed to start, you are instructed to
check the Event Viewer for details.
If Event Viewer
has gone on vacation (all your All Users folders are gone) and/or no Network
icon displays in Control Panel, you may have a missing or corrupted Ole32.dll
in the %SystemRoot%\System32 folder.
Install a copy
from the CD-ROM, your Latest Service Pack or Hotfix. Reboot your system.
310 » Can I
disable the Microsoft welcome splash screen that new users receive when logging
onto Windows NT?
The easiest way
to do this is to rename %SystemRoot%\welcome.exe.
311 » Regional
settings in the registry.
All
Regional/International settings are stored in the registry as type REG_SZ value
at HKEY_CURRENT_USER\Control Panel\International
iCountryCountry
code is the international telephone code, except for Canada, which is 2. The
default is 1.
iCurrDigitsNumber
digits displayed after the decimal seperator. The default is 2.
iCurrencyDetermines
how currency is displayed:
Value Meaning
0 $2
1 2$
2 $ 2
3 2 $
iDateDetermines
how dates are displayed:
Value Meaning
0 mm/dd/yy
1 dd/mm/yy
2 yy/mm/dd
iDigitsThe
number of digits displayed after the decimal seperator in numbers. The default
is 2.
iLZeroLeading
zeros are not displayed if 0 (default). A Leading zero is displayed if set to
1.
iMeasureMetric
is 0, U.S. is 1
iNegCurrDetermines
the format for displaying negative numbers (default is 1):
Value Meaning
0 ($100.00)
1 -$100.00
2 $-100.00
3 $100.00-
4 (100.00$)
5 -100.00$
6 100.00-$
7 100.00$-
8 -100.00$
9 -$ 100.00
10 100.00 $-
11 $ 100.00-
12 $ -100.00
13 100.00- $
14 ($100.00)
15 (100.00 $)
iTimeDetermines
if the clock is 12 hours (0) or 24-hour (1).
iTLZeroThe
default of 0 means hours may have single digits, a 1 pads to double digits.
LocaleUserlocale
ID for spoken lanuage. The default is U.S. English which is 00000409.
s1159AM
indicator for a 12 hour clock.
s2359PM
indicator for a 12 hour clock.
sCountryCountry
name. The default for U.S. English is United States.
sCurrencyCurrency
symbol. The default for U.S. English is $.
sDateDate
separator. The default for U.S. English is /.
sDecimalDecimal
seperator symbol. The default for U.S. English is the . (period).
sLanguageLanguage
abbreviation: (U.S. English is ENU)
Value
Meaning
CSY Czech
DAN Danish
DEA German (Austrian)
DES German (Swiss)
DEU German
ELL Greek
ENA English (Australia)
ENC English (Canada)
ENG English (U.K.)
ENI English (Irish)
ENU English (U.S.)
ENZ English (New Zealand)
ESM Spanish (Mexican)
ESN Modern Spanish
ESP Castilian Spanish
FIN Finnish
FRA French
FRB French (Belgian)
FRC French (Canadian)
FRS French (Swiss)
HUN Hungarian
ISL Icelandic
ITA Italian
ITS Italian (Swiss)
NLB Dutch (Belgian)
NLD Dutch
NON Norwegian (Nynorsk)
NOR Norwegian (Bokmal)
PLK Polish
PTB Portuguese (Brazilian)
PTG Portuguese
RUS Russian
SKY Slovak
SVC Swedish
SVE Swedish
TRK Turkish
sListList
seperator character. The default for U.S. English is , (comma).
sLongLong Date
format:
Value Meaning
dddd, MMMM dd,
yyyy Wednesday, November 19, 1997
MMMM dd, yyyy
November 19, 1997
dddd, dd MMMM,
yyyy Wednesday, 19 November , 1997
dd MMMM, yyyy 19
November , 1997
sShortDateShort
date:
Value Meaning
MM/dd/yy
03/08/99
M/d/yy 3/8/99
M/d/yyyy
3/8/1999
MM/dd/yyyyy
03/08/1999
yy/MM/dd
99/03/08
dd-MM-yy
08-Mar-99
sThousandThousands
separator. The default for U.S. English is , (comma).
sTime Time
separator. The default for U.S. English is : (colon).
312 » Crash
control registry entries.
The
CrashOnAuditFail value entry at
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa is a type REG_DWORD that
determines system behavior when the Security log (Event Viewer) is full. The
default is 0, the system does not halt. An entry of 1 causes the system to halt
and display c0000244 (STATUS_AUDIT_FAILED). The system then sets this entry to
2 so only Administrators can log on until the Security log is cleared.
Other crash
control entries are located at
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\CrashControl:
AutoReboot is a
REG_DWORD that controls if the system will automatically reboot upon failure. A
value of 0 (default for Workstation) does not cause reboot whereas a value of 1
(default for Server) does.
CrashDumpEnabled
is a REG_DWORD that specifies whether a dump will be written (value 1, default
for Server) or not (value 0, default for Workstation).
DumpFile is a
type REG_EXPAND_SZ that contains the path and file name of the dump file. The
default is %SystemRoot%\Memory.log.
LogEvent is a
REG_DWORD that indicates if a System log entry is written when abnormal
termination occurs. The default for Workstation is 0 (no) while Server defaults
to 1 (yes).
Overwrite is a
REG_DWORD that controls whether a new dump file is created if one already
exists (value 0, default for Workstation) or if a new file should be created
(value 1, default for Server).
SendAlert is a
REG_DWORD that specifies if the logged on user will receive an administrative
alert when the DumpFile is full and LogEvent is 1 and Overwrite is 0. The
default for Workstation is 0 (no) and for Server is 1 (yes). If the value is 1
and the DumpFile is full, a user acknowledgement is required to proceed.
313 » How do I
change the system font?
The system font
is stored in the FONTS.FON value entry at:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\GRE_Initialize
When entering a
new system font, you must enter it with the .FON extension.
315 » How can I
configure the Event Viewer using the registry?
The Event Viewer
logs (System, Application, and Security) have registry entries at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\logfile
There is a
sub-key for each of the 3 logs. Each of these have the following value entries
that can be configured:
File is a type
REG_EXPAND_SZ that contains the path of the log.
MaxSize is a
type REG_DWORD that contains the maximum size of the log file in kilobytes. The
default is 512K.
Retention is a
type REG_DWORD that specifies records which are newer than this value (in
seconds) will not be overwritten. If the value is 0, the log may be
overwritten. If the value is hex 0xffffffff, the log must be cleared manually.
The default is 604800 (7 days). If the log fills up or a retained record needs
to be overwritten, you receive an Event Log Full error.
Sources is a
REG_MULTI_SZ value that contains registered posting programs. Each of these
entries have a sub-key which has values that control message translation and
other information pertinent to the posting program. Sources and the sub-keys
should not be altered manually, only with the API provided for that purpose.
316 » Command
line NTFS compression.
Compact is a
native Windows NT command that displays or alters the compression state of
files and directories. The syntax is:
compact [/c]
[/u] [/s[:DirName]] [/i] [/f] [/a] [/q] filename [...]
If run without
any parameters, it displays the compression state of the current directory.
Parameter M e a
n i n g
/c Compresses
the specified directory or file.
/u Uncompresses
the specified directory or file.
/s[:\DirName]
applies the action to all subdirectories of the specified directory, or of the
current directory if none is specified. If :\DirName is used, the compressed
attribute is not altered.
/i Ignores
errors.
/f Forces the
action on a previously failed attempt.
/a Display files
with the Hidden and/or System attribute.
/q Displays
minimal information.
filename
Specifies the file or directory. You can use multiple filenames and wildcards.
To compress the
files in the current directroy and all subdirectories, type:
compact /c /s
To compress all
files that end in .HTM in the \JSI directory and all subdirectories , but not
modify the compressed attribute of these directories, type:
compact /c
/s:\JSI *.HTM
To force
complete compression of the file JSI.GIF, which was partially compressed at the
time of a disk crash, type:
compact /c /f
JSI.gif
317 » If your
serial mouse fails to detect at startup.
If you have a
serial mouse on COM1 or COM2 that occasional fails to be detected at startup,
you can just fiddle with connector, without the need to reboot, by adding value
entry OverrideHardwareBitstring as a type REG_DWORD to:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Sermouse\Parameters
A data value of
1 indicates that the mouse is installed on COM1 and a data value of 2 specifies
COM2.
This entry causes
the driver to load, even if the mouse is not detected.
318 » A picture
is worth a thousand words.
Instead of
piping a DIR to record a directory structure, try using Tree, which graphically
displays the directory structure.
tree
[drive:][path] [/f] [/a]
Parameter M e a
n i n g
drive: The drive: letter.
path The directory.
/f Displays the
names of the files in each directory.
/a Use text
instead of graphic characters.
To display the
names of all the subdirectories on the disk in your current drive, one screen
at a time, type the following command:
tree \ | more
319 » Running
REGEDIT in batch.
When you want to
run REGEDIT in batch, use the /S switch to avoid the need to respond OK.
Remember that
REGEDIT is the Windows 95 editor. It can be used in Windows NT but only for
data types REG_SZ and REG_DWORD.
A better batch
solution is to use REG.EXE from the NT Resource Kit, Vol II
320 » How much
free space do I need to convert to NTFS?.
If your disk has
standard 512K byte sectors, you can calculate the free space (FS) required as
follows:
1. Set Q1 to
4,194,304 if you partition size is greater than 400meg. Set Q1 to 1,048,576 if
your partition size is less than 100meg. Otherwise:
Q1 = partition
size in bytes divided by 100.
2. Set Q2 =
partition size in bytes divided by 803.
3. Set P1 =
(Number of files + Number of directories) times 1280.
FS = Q1 + Q2 +
P1.
321 » String
search from the command line or in a batch file.
Windows NT
supports findstr which searches files for literal strings or regular
expressions.
findstr [/b]
[/e] [/l] [/c:string] [/r] [/s] [/i] [/x] [/v] [/n] [/m] [/o] [/g:file]
[/f:file] strings files
Parameters M e a
n i n g
/b Match pattern
at beginning of the line.
/e Match pattern
at end of the line.
/l Search
literally.
/c Use text as a
literal. /c:"string"
/r Use text as a
regular expression (default).
/s Search
sub-directories.
/i Case
insensitive.
/x Selects lines
that are an exact match.
/v Selects lines
that do not match.
/n Displays the
line number before the matched line.
/m Displays only
the matching file names.
/o Displays the
offset of the match before the matched line.
/g Gets the
search string from the specified file. /g:argument.txt
/f Gets the file
list from the specified file. /f:filelist.txt
strings The
search string.
files Files to
be searched.
Use spaces to
separate multiple search strings unless the argument is prefixed with /c.
Example:
findstr
"Windows NT" document.txt searches for "Windows" or
"NT" in file document.txt.
findstr
/c:"Windows NT" document.txt searches for "Windows NT" in
file document.txt.
Regular
expressions are a notation for specifying patterns, as opposed to exact
strings. Characters that do not have special meaning are considered literal
character and match an occurance of that character. Letters and numbers are
literal characters. A metacharacter is a symbol with special meaning (an
operator or delimiter) in the regular-expression syntax:
. Wildcard.
* Repeating
character, Match on zero or more occurances
of the previous
character or class.
^ Line position
- beginning of line.
$ Line position
- end of line.
[class] match
any character in the set.
[^class] match
if any character is not in the set.
a-z Range: match
if any characters are in the range.
\a Literal use
of metacharacter a.
\<abc Word
position - beginning of word.
abc\> Word
position - end of word.
Examples:
To find all
occurance of a string begining with W and ending with ws: findstr
"W.*ws" document.txt
To find all
occurances of Windows: findstr Windows document.txt
To find all
occurances of Windows in c:\WinNT and its' sub-directories, ignoring case:
findstr /s /i Windows c:\WinNT\*.*
To find several
strings in a list of files: findstr /g:argument.txt /f:files.txt
To list every
file on the C: drive that contains the word JSI: findstr /s /m
"\<JSI\>" C:\*.*
To find every
file in the current directory that contains a word that starts with Win:
findstr /m "\<Win.*" *.*
322 » Internet
name resolution is slow and/or fails with DNS on your Lan.
If your clients
experience slow internet name resolution, or internet name resolution fails,
while forwarding queries using DNS, but local intranet name resolution works,
your DNS cache file is probably corrupt.
1. Stop the DNS
service - net stop dns
2. Switch to the
DNS directory - cd %SystemRoot%\System32\Dns
3. Rename the
cache file - ren cache.dns cache.old
4. Copy the
backup cache file - copy backup\cache.dns cache.dns
5. Start the DNS
service - net start dns
323 » How can I get
a batch file to prompt me for parameters?
Windows NT does
not support this, but you can fake it out:
1. Make a copy
of %SystemRoot%\_Default or any DOS shortcut and name it the same as your batch
file.
2. Right click
the shortcut and on the Program tab, set its' name. On the Cmd Line:, enter the
full path to the batch file followed by a space and a ?. See below
3. Create a
param.nt in %SystemRoot%\System32 and use the Windows NT.. button to select it:
dos=high, umb
device=%SystemRoot%\system32\himem.sys
files=75
shell=%systemroot%\system32\command.com
/p /e:2048
ntcmdprompt
4. Set the
Window to Run: minimized and check close on exit.
5. Create you
batch file. Here is a very simple example:
dir %1 >
c:\zzz\jsi.log
set >>
c:\zzz\jsi.log
exit
or (if you don't
want to run in the 16bit sub-system)
%systemroot%\System32\cmd.exe
/c "dir %1" > c:\zzz\jsi.log
%systemroot%\System32\cmd.exe
/c "set" >> c:\zzz\jsi.log
exit
6. Move the
shortcut to your start menu (see tip 051).
7. When you run
the shortcut, you will receive the following prompt:
8. Enter your
parameter(s) and click ok.
324 » Registry
entries for services.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
contains sub-keys for services and device drivers. The following value entries appear
in most sub-keys:
ErrorControl is
a type REG_DWORD which specifies how to proceed if the driver fails to load or
to initialize properly:
Value D e s c r
i p t i o n
0 Ignore: If the
driver fails to load or initialize, startup proceeds, and no warning message
appears.
1 Normal: If the
driver fails to load or initialize, startup proceeds, but a warning message
appears.
2 Severe: If the
driver fails to load or initialize, declares the startup as having failed and
restarts by using the LastKnownGood control set. If startup is already using
the LastKnownGood control set, continues startup.
3 Critical: If
the driver fails to load or initialize, declares the startup as having failed
and restarts by by using the LastKnownGood control set. If startup is already
using the LastKnownGood control set, stops startup and runs a debugging
program.
ImagePath is a
type REG_DWORD that contains the full path to the executable. This entry is not
used for network adapters.
ObjectName is a
type REG_DWORD which contains the account name for services or the driver
object that the I/O manager uses to load the device driver.
Start is a type
REG_DWORD which specifies how the service is loaded or started. If the service
is a Win32 service, the value of Start must be 2, 3, or 4. This value entry is
not used for network adapters.
Value D e s c r
i p t i o n
0 Boot: Loaded
by kernel loader. Components of the driver stack for the boot (startup) volume
must be loaded by the kernel loader.
1 System: Loaded
by I/O subsystem. Specifies that the driver is loaded at kernel initialization.
2 Automatic:
Loaded by Service Control Manager. Specifies that the service is loaded or
started automatically.
3 Manual:. The
service does not start until the user starts it manually, such as by using
Services or Devices in Control Panel.
4 Disabled:
Specifies that the service should not be started.
Type is a type
REG_DWORD that specifies what this object represents:
Value D e s c r
i p t i o n
1 A kernel-mode
device driver.
2 A file system
driver.
4 A set of
arguments for an adapter.
8 A file system
driver service, such as a file system recognizer.
16 (0x10) A
Win32 program that runs in a process by itself. This type of Win32 service.can
be started by the Service Controller.
32 (0x20 A Win32
program that shares a process. This type of Win32 service can be started by the
Service Controller.
272 (0x110) A
Win32 program that runs in a process by itself (like Type16) and can interact
with users.
288 (0x120) A
Win32 program that shares a process and can interact with users.
See tips 069 and
260 for additional entries.
Drv.zip is a
freeware utility which starts, stops, pauses, continues or lists information
about drivers on the specified system.
Svc.zip is a
freeware utility which starts, stops, pauses, continues or lists information
about services on the specified system.
325 » The
replace command..
Replace files in
the destination directory with files from the source directory that have the
same name. You can also use replace to add unique filenames to the destination
directory.
replace
[drive1:][path1] filename [drive2:][path2] [/a] [/p] [/r] [/w]
replace
[drive1:][path1] filename [drive2:][path2] [/p] [/r] [/s] [/w] [/u]
P a r a m e t e
r D e s c r i p t i o n
[drive1:][path1]
filename Specifies the location and
name of the source file or set of files.
[drive2:][path2] The destination directory. If this parameter
is omitted, the current directory is used.
/a Adds new
files to the destination directory instead of replacing existing files. You
cannot use this switch with the /s or /u switch.
/p Prompts you
for confirmation before replacing a destination file or adding a source
file.
/r Replaces
read-only files as well as unprotected files. If you do not specify this switch
but attempt to replace a read-only file, an error results and stops the
replacement operation.
/s Searches all
subdirectories of the destination directory and replaces matching files. You
cannot use the /s switch with the /a switch. The replace command does not
search subdirectories specified in path1.
/w Waits for you
to insert a disk before replace begins to search for source files. If you do
not specify /w, replace begins replacing or adding files immediately after you
press ENTER.
/u Replaces (updates)
only those files on the destination directory that are older than those in the
source directory. You cannot use the /u switch with the /a switch.
As replace adds
or replaces files, WindowsNT displays their filenames on the screen. After the
replace command is finished, WindowsNT displays a summary line in one of the
following formats:
nnn files added
or nnn files replaced
no file added or
no file replaced
You cannot use
the replace command to update hidden files or system files. For information
about changing hidden and system attributes, see the attrib command.
The following
list shows each replace exit code:
Value D e s c r
i p t i o n
0 Replace
successfully replaced or added the files.
1 Replace
encountered an incorrect version of MS-DOS.
2 Replace could
not find the source files.
3 Replace could
not find the source or destination path.
5 The user does
not have access to the files you want to replace.
8 There is
insufficient system memory to carry out the command.
11 The user used
the wrong syntax on the command line.
If several
directories on drive D contain various versions of a file named
JSI_DeskTop.htm, and "C:\Working Web\JSI_DeskTop.htm" contains a
current version, typing:
replace
"C:\Working Web\JSI_DeskTop.htm" D:\ /s
will update them
all.
If you want to
add all the new files in C:\Utilities to the backup directory
C:\Utilities\BackUp, type:
replace
c:\Utilities\*.* C:\Utilities\BackUp /a
326 » Freeware
Password changing utility.
Passwd.zip
allows the user to change his/her password on either the local system, or the
Domain Controller. Administrators may change anyone's password.
327 » Access
denied for a ghosted connection?
If you have a
Ghosted connection (see tip 036 ) that requires a password, and you get access
denied when connecting, try setting DeferFlags, a type REG_DWORD at:
HKEY_CURRENT_USER\Network\Drive
letter to 1. You may have to add the Drive letter key with a blank Class.
328 » Freeware
utility lists groups and users.
Grp.zip lists
Local and/or Global groups, and optionally the users within those groups.
Type: grp -adc
329 » Freeware
utility displays system uptime. In tip 101 we learned how to determine when the
system was last started, but we had to calculate the uptime.
SysTime.zip is a
freeware utility that displays the system start time, current time, and the
uptime time for the local system:
START CURRENT
ELAPSED
10-21-1997
08:03:31.000 11-24-1997 21:45:19.452 34 13:41:48.452
330 » How do I
install DOS 6.22 on a Windows NT 4.0 Remoteboot Server?
Make sure that
%SystemRoot%\Rpl\Rplfiles is being shared. If it is not, stop and restart the
Remoteboot service. If it is still not shared, uninstall and reinstall the
Remoteboot service.
On an MS-DOS
6.22 client, logon to the network as an Administrator and connect to the
Rplfiles share by typing:
net use M:
\\ServerName\RPLFILES
Copy all the
MS-DOS files to the M:\Binfiles\Dos622 directory by typing:
COPY C:\DOS\*.*
M:\BINFILES\DOS622
ATTRIB -S -H
C:\IO.SYS
COPY C:\IO.SYS
M:\BINFILES\DOS622
ATTRIB +S +H
C:\IO.SYS
ATTRIB -S - H
C:\MSDOS.SYS
COPY
C:\MSDOS.SYS M:\BINFILES\DOS622
ATTRIB +S +H
C:\MSDOS.SYS
On the
Remoteboot server, start the Remoteboot Manager and select Configure and Check
Configurations. This will make MS-DOS 6.22 available to the clients.
Create a
Remoteboot DOS Client Profile by selecting Remoteboot and New Profile. Type a
Profile Name: MSDOS622. Select the Configuration: DOS 6.22 3Com Etherlink II
and type anything in description. Click OK.
To assign a
Profile to a Remoteboot Client, connect the Remoteboot client to the network
and power on the system. The client should start searching for the Remoteboot
server. The retries counter should increase steadily. If the client has a hard
disk, see tip 331.
In Remoteboot
manager, select the workstation name corresponding to the client's unique media
access control address. The client will have registered its address
automatically with the server. If you can't find it, press F5. If you still
can't find it, the DLC packets are not being received.
Select
Remoteboot and Convert Adapters. Type the client's workstation name and a
description of the client computer. If desired, type a password. A blank or
Null password allows the Remoteboot client to connect to the RPL server without
any operator intervention when the power is turned on.
Select the
Configuration type:
Shared: the
client can share its profile with other clients
Personal: the
must have it own unique profile.
Select the
desired Workstation Profile and select TCP/IP DHCP if you are not using TCP/IP
or select TCP/IP SETTINGS if you are. Click ADD to create a user account for
the computer, and the Remoteboot client will continue the startup process using
the assigned profile.
For additional
information see the resource kit.
331 » How to
configure a remoteboot client with a hard disk.
Some Remote
Initial Program Load (RPL) ROMS will not take control of the system if a hard
drive is installed. If RPL fails:
Make an MS-DOS
bootable floppy disk.
From the Windows
NT remoteboot server, copy Rplenabl.exe and Rpldsabl.exe to the floppy disk:
copy
c:\%SystemRoot%\rpl\rplfiles\binfiles\binr\rpl??able.exe a:
Boot the client
with a bootable floppy disk and type Rplenable.exe to allow the RPL ROM to work
properly with the hard drive installed. Press CTRL+ALT+DEL to reboot the
client.
NOTE: To restore
the hard drive to normal use, perform the above steps, but type Rpldsabl.exe.
If you don't
have a floppy, connect to the Remoteboot Server as an administrator and switch
to the BINFILES\BINR directory. Type Rplenable.exe. Press CTRL+ALT+DEL to
reboot the client.
332 » Access
denied while ammending ACL.
If you have the
right to change permissions on an object, but receive Access Denied, you may be
the victim of hieghtened security. Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowedPaths
Double click
Machine or add value as type REG_MULTI_SZ. Add a string of
System\CurrentControlSet\Control\ProductOptions so that the ACL editor can
determine the product type of the server.
333 » Users can
delete a file without delete permission.
When you grant
Full Control to a user or group, they inherit a hidden permission known as File
Delete Child (FDC). FDC permission allows a user to delete files, not
sub-directories, at the root level of the directory where they have full
control, even if they do not have any permissions on the specific file. They
can not delete files in sub-directories.
The FDC
permission is based on the concept that if a user owns a directory, they should
be able to delete files within that directory. It was created for POSIX
compliance and is equivalent to the UNIX directory write permission.
If you wish to
deny FDC permission, but still grant Full Control, use the special access
permissions to grant everything except Full Control. Let use assume that
Everyone has Full Control ( All ) (All ) on C:\JSI. If I add file test.txt to
this directory and set permissions to Administrators Full Control ( All ) and
then remove Everyone, any user will be able to delete this file. To test this,
logon as an ordinary user. You can see this file but not open it. When you try
to delete the file, it is deleted.
Note: Don't
remove the Everyone group from the system or drive root, you will not be able
to logon. Instead, add SYSTEM and Administrators with Full Control ( All ) (
All ) and then change Everyone to (RWX) (RWX) using Special Directory Access
and Special File Access
334 » Freeware
utility displays stop code text.
Err.zip displays
the text associated with the specified Hex error code. It can be run either in
batch or in interactive mode.
Example:
X:\> err 1E
MsgID: 1e
Source: KERNEL32.DLL
The system
cannot read from the specified device.
335 » How do I
run a Repair for SBS (Small Business Server)?
The 3 setup
diskettes that come with SBS do not offer the option to repair your
installation.
Create a new set
of diskettes by typing:
<Drive:>\i386\winnt32
/ox or <Drive:>\i386\winnt /ox from the CD-ROM.
Rename the
Winnt.sif on the second diskette by typing:
ren a:\Winnt.sif
a:\Winnt.bak
When you boot
these diskettes, you will be offered the Repair option. See tip 272.
336 » Configure
the Console via the registry.
You can
configure the Console using the Console applet in Control Panel.
To configure the
Console using the registry, edit:
HKEY_CURRENT_USER\Console
Value Type
Default D e s c r i p t i o n
CursorSize
REG_DWORD 25% The percentage of the character cell occupied by the cursor. The
valid entries are 25% (small), 50% (medium), and 100% (large).
FullScreen
REG_DWORD 0 Valid entries are 0 (Windowed) and 1 (Full Screen).
FaceName REG_SZ
none Alternate command window font name. If blank, a raster font is used.
FontFamily
REG_DWORD 0 Font type. 0=raster, 48=TrueType.
FontSize REG_DWORD
0x00000000 This is an 8 character hex number, representing pixel height / pixel
width. The default (0x00000000) is 8x12 and an entry of 0x000C0005 is 12x5.
FontWeight
REG_DWORD 0 0 is the default weight of the chosen font.
HistoryBufferSize
REG_DWORD 50 The number of commands that can be stored in each command buffer.
InsertMode
REG_DWORD 0 0=overtype, 1=insert.
NumberOfHistoryBuffers
REG_DWORD 4 Number of command buffers.
PopupColors
REG_DWORD 0x000000F5 8 character hex representing backround color / text color.
QuickEdit
REG_DWORD 0 0=User must use commands to cut & paste, 1=User can use the
mouse to cut & paste.
ScreenBufferSize
REG_DWORD 0x00190050 8 character hex represents lines of text / character per
line. The default is 25 lines of 80 characters.
ScreenColors
REG_DWORD 0x000000007 8 character hex representing backround color / text
color.
WindowSize
REG_DWORD 0x00190050 8 character hex represents lines of text / character per
line. The default is 25 lines of 80 characters.
WindowPosition
REG_DWORD none If not present, the system selects a position. 8 character hex
representing y / x.
For each console
configuration that you save, a sub-key is created with the name of the window.
This sub-key has the same value entries as the Console key. You do this by
right clicking the title bar of the command window and choosing Properties.
337 » Common
registry entries for networking programs..
HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\CurrentVersion\Network\Program
name contains configuration data that is common for programs that view and
maintain the network. Program Name are sub-keys like Browser Monitor, Event
Viewer, Server Manager, User Manager, etc...
All the entries
are type REG_SZ.
Value Default D
e s c r i p t i o n
SaveSettings 1
1=Options are saved and the user's choices are restored when the user starts
the program again. 0=Options are not saved. This entry needs to be 1 for most
other entries to work.
Confirmation 1
Is confirmation for deletion or changes required? 0=No, 1=Yes.
FontFaceName
none Font used if different than default.
FontHeight 0
0=use the default point size for the font.
FontItalic 0
1=italic, 0=not italic.
FontWeight 0
0=use the default font wieght, 400=Standard weight, 700=Bold, 900=Heavy.
SortOrder
depends
on
program for
Event Viewer 0=Oldest first, 1 (default)=Newest first
for User Manager
0=sort by full name, 1 (default)=sort by username.
Window PosXPosY
SizXSizY
0 4 pixel
coordinates that define the size and position of the window followed by 0 if
the windows was not minimized when closed, 1 if minimized.
338 »Event
Viewer registry entries for users.
In addition to
the entries at tip 315 and tip 337, additional user Event Viewer entries are
at:
HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\CurrentVersion\Network\Event
Viewer
These values are
all type REG_SZ.
Value Default D
e s c r i p t i o n
Filter none
Stores the filter scheme used to display data at the last close.
Find none Stores
the filter scheme for the find at the last close.
IfNT 1 1=Event
Viewer was monitoring an NT computer when it was closed. 0=Not NT.
LogType 0 The
log you were viewing at the last close. 0=System, 1=Security log,
2=Application, 4=Customized log file.
Module System
Stores the log name (System, Security, Application, Log file name).
Additionally,
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion
\Network\World
Full Access Shared Parameters\SortHyphens
is a type
REG_DWORD that determines if hyphens are ignored when sorting alphabetically in
Event Viewer, Remoteboot Manager, Server Manager, User Manager, and User
Manager for Domains.This value affects the base sort order of lists in Network,
Server, Services, and Devices in Control Panel.
A data value of
0 (default) ignores hyphens. For example, "Administrator" appears
before "-Sales.". A data value of 1 sorts hyphens; i.e.
"-Sales" appears before "Administrator".
339 » Network
Client Administrator registry entries for users.
Network Client
Administrator helps you to install programs from the WindowsNT Server compact
disc. The NCAdmin sub-key is added the first time you use the program. The key
is at:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Network\NCAdmin
These values are
all type REG_SZ.
Additional
Values are at tip 337.
Value Default D
e s c r i p t i o n
LastClientServer
none The computer name of the last server used to create network client
installation disks or an installation disk set.
LastClientSharepoint
none The name of last shared directory used to create network client
installation disks or an installation disk set. Can not exceed 255 characters.
LastToolsServer
none The name of the last server that referenced the network administration
tools directory path.
LastToolsSharepoint
none The name of the last share that referenced the network administration
tools directory path. This path includes the computer name.
340 » Persistent
Connections registry entries for users.
Besides tip 035
and tip 337, Persistent Connections are located at:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\WindowsNT\CurrentVersion
\Network\Persistent
Connections
These values are
all type REG_SZ.
The Persistent
Connections sub-key stores data about the most recent connections to your
network drives.
Value Default D
e s c r i p t i o n
a - j none The
UNC path of the drives most recently connected to your computer. Up to 10
drives may be stored
Order none The sequence of the drop down list is
the order of the letters a - j.
SaveConnections
yes Persistant connections=yes, Non-persistent connections=no.
Drive letters
connected via the net use and/or the subst commands do not appear in this
registry entry.
341 » Server
Manager registry entries for users.
Besides tip 337,
Server Manager registry entries are at:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\WindowsNT\CurrentVersion
\Network\Server
Manager
These values are
all type REG_SZ.
Value Default D
e s c r i p t i o n
AccountsOnly 0
0=Show domain members and computers that the browser lists as being active in
the domain. 1=Show domain members only.
View 2
0=Configure view according to settings in the DLL specified in ViewExtension,
1=View workstations only, 2=View servers only, 3=View workstations and servers.
ViewExtension
none A a dynamic link library that supports an extended view of Server Manager.
342 » User
Manager and User Manager for Domains registry entries for users.
Besides tip 337,
User Manager and User Manager for Domains registry entries are at:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\WindowsNT\CurrentVersion
\Network\User
Manager and
HKEY_CURRENT_USER\SOFTWARE\Microsoft\WindowsNT\CurrentVersion
\Network\User
Manager for Domains
One additional
Value of type REG_SZ has a default of 500.
ListBoxSplit
defines the vertical space for the Username list box. The Group list box is
calculated as 1000 - ListBoxSplit. This is the percentage of space where 500 is
50.0%. If ListBoxSplit is 667, then the top 2/3 (66.7%) of the windows is
occupied by the Username list box and the remaining 1/3 (33.3%) displays the
Groups list box.
344 » Setting up
a Virtual Private Network (VPN) using Point-to-Point Tunneling Protocol (PPTP).
PPTP allows you
to extend your network over the internet by making a dial-up connection to your
ISP. To configure Windows NT for PPTP:
In Control Panel
/ Networks, add the Point-To-Point Tunneling Protocol.
Remote Access
Services Setup will be invoked for you to add at least one VPN port.
Specify the
protocols to run for the VPN port. You can install up to 256 VPN ports.
Reboot.
To establish a
PPTP connection to your server over the internet:
Implement tip
082.
In DUN, add a
phone book entry for your server. The phone number is the IP addresss or host
name of the sever. Specify the VPN port you will use (Dial Using).
The first time
you log on, you will have to join the domain:
Log on to your
computer using a local account with administrator rights.
Dial your ISP.
Dial your PPTP
Server.
Control Panel /
Network / Identification / Change / Domain and enter the domain name and click
OK.
Click OK when
you receive a "welcome" message from the domain.
Click Close.
Reboot when
prompted.
To connect to
the PPTP server:
Log on to your
computer using a local account with administrator rights.
Dial your ISP.
Close all
programs and log on as a different user.
Press CTRL+ALT+DELETE
to log on when prompted.
Enter your
domain UserName and password. In the Domain box, click the name of your Windows
NT domain. Check the Logon Using Dial-Up Networking box and then click OK.
In the Phone
Book Entry To Dial box, click the phone book entry that you use to connect to
your PPTP server, and then click Dial. Confirm your UserName, password, and
domain, and then click OK.
346 » How can I
get explorer to expand all sub-directories of a selected directory?.
Select the
directory in the left hand pane and press * on the numeric keypad.
347 » Create
your own Application Event Log entries from batch jobs..
The resource kits contain LOGEVENT.EXE which
allows a batch job (or command line) to log events to the Application Event
Log.
You can log to
the local or a remote computer. You must install LOGEVENT.EXE on both the
source and destination computer. To install LOGEVENT.EXE, copy it to the
%SystemRoot%\System32 directory. The first time it is run, it will write User
Event entries in the registry (see tip 315).
Usage:
LOGEVENT [-m \\MACHINENAME] [-s SIWEF] [-c
CategoryNumber] "Event Text"
where -s
indicates severity:
(S)uccess
(I)nformation
(W)arning
(E)rror
(F)ailure
When you run
LOGEVENT.EXE, it posts an Event ID 1 to the Applications Event Log as User
Event with your Category number and the "Event Text". When you
double-click the Event, you get:
The description
for Event ID ( 1 ) in Source ( User Event ) could not be found. It contains the
following insertion string(s): "Event Text".
348 » All pipe
instances are busy when starting a service.
The number of
running services is limited to 100 (excluding all shared services that run
under the Services.exe process, such as Alerter, Browser, EventLog,
LanmanServer, LanmanWorkstation, LMHOSTS, Messenger, Etc....).
If you try to
start an additional service, you receive:
All pipe
instances are busy.
349 » Freeware
tool changes UserName or password in batch.
Cryptpwd can
change UserName and password in batch.
X:>cryptpwd.exe
/?
CryptPwd Ver
0.91 Apr97 by G.Zanzen (c) MCS Central Europe
usage:-u
UserName (default Administrator)
-m \\MachineName
(default LocalMachine)
Resetting
Password Function
-p Set to a
random password
-P xxx Sets
password to xxx
Rename User
Function
-r xxx Renames
user to xxx
-c xxx sets
Comment to xxx
350 » Have you
lost the ability to move your desktop icons?
If you are no
longer able to move your desktop icons, you might be missing some keys in the
registry.
HKEY_CLASSES_ROOT\\Interface\{0000010E-0000-0000-C000-000000000046}\NumMethods
Mine has an
unnamed Value of type REG_SZ which is set to 12.
HKEY_CLASSES_ROOT\\Interface\{0000010E-0000-0000-C000-000000000046}\ProxyStubClsid
Mine has an
unnamed Value of type REG_SZ which is set to {0000030C-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\\Interface\{0000010E-0000-0000-C000-000000000046}\ProxyStubClsid32
Mine has an
unnamed Value of type REG_SZ which is set to
{00000320-0000-0000-C000-000000000046}
351 » Where is
UserName?orsome interesting uses of the for command.
If you have a
large multi-location network with traveling roaming users, and need the abilty
for users to quickly determine where someone last signed on, without messaging,
you can implement the following schema:
. Estabish a
share where Everyone has Change permissions on a server that Everyone can
reach.
. Set
permissions on the shared directory:
Everyone Add
& Read (RWX) (RX)
CREATOR OWNER
Special Access (RWX) (RWXD)
. Create
HereIAm.bat in the shared directory:Note: For Win 95 clients, you must set
environment variables with WINSET.EXE - see tip 120
@echo off
for /f
"tokens=1,2 delims=: " %%i in ('time /t') do set hr=%%i%%j NT clients
will set hr, W95 will be null
for /f
"tokens= 2,3,4 delims=/- " %%i in ('date /t') do set yymmdd=%%k_%%i_%%j
NT clients will set yymmdd, W95 will be null
set
hereiam=%username%_%computername%_%yymmdd%_%hr%.log Example:
SchulmanJ_JSI01_1997_12_08_930a.log
del /q
\\ServerName\ShareName\%username%*.log Delete previous log record.
@echo %UserName%
last logged on computer %computername% on %yymmdd% at
%hr%>\\ServerName\ShareName\%hereiam% Create the log. Note: @echo through
%hereiam% is one line.
. Call
HereIAm.bat in a login script.
. When you want
to determine where UserName last logged on, run WhereIs UserName from the
shared directory or copy it to the users path in the login script:
@echo off
dir
\\ServerName\ShareName\%1*.log
type
\\ServerName\ShareName\%1*.log
pause
exit
352 » When is
Last Known Good set?
In tip 187 we
learned how to prevent Last Known Good from being set and how to prevent a Last
Known Good selection during boot.
Normally, Last
Known Good is set when the first user logs on. If you set ReportBootOk to 0,
you can run a boot verification service defined at:
HKEY_LOCAL_MACHINE\SYSTEM\all
control sets\Services\BootVerify
or you can
provide a program that sets ReportBootOk and define it at:
HKEY_LOCAL_MACHINE\SYSTEM\all
control sets\Control\BootVerificationProgram\ImagePath
and enter the
full path to your program in this type REG_SZ.
Check the SDK
for details (don't ask us, we are not programmers).
» How do I
prevent a password prompt when using RSH (Remote Shell) to execute commands on
a UNIX server?
To prevent the
password prompt, add your IP address and hostname (the computer running
rsh.exe) to the Hosts.eqiv file on the UNIX server.
354 » Unattended
install mini-FAQ.
Here are 37
Knowledge Base articles which address many of the problems which you frequently
encounter during an unattended install. See tip 214.
Q142666-Setting
Up an Additional Service in Unattended Setup.txt
Q149283-Rollback.exe
on Windows NT 4.0 CD Destroys Critical System Info.txt
Q151981-How to
Set Up a Remote Debug Session Using a Null Modem Cable.txt
Q153768-Changing
the Default Installation Drive Using UNATTENDED Setup.txt
Q155099-Creating
Network Component .inf File for Unattended Setup.txt
Q155197-Unattended
Setup Parameters for Unattend.txt File.txt
Q155614-Unattended
Installation of Microsoft Windows NT 4.0.txt
Q155644-Preparing
for Windows NT 4.0 Deployment.txt
Q156203-How to
Disable Installation of NWLink NetBIOS.txt
Q156606-Windows
NT Setup Fails to Install OEM Network Driver.txt
Q156653-Disabling
the installation of IE 2.0 during setup.txt
Q156654-Disabling
the Installation of Exchange During Setup.txt
Q156655-Installing
OEM video drivers with NT 4.0 Unattended Setup.txt
Q156795-Using
Sysdiff.exe with Unattended Setup and Windows NT 4.0.txt
Q156813-Controlling
which Accessories are installed during setup.txt
Q156823-install
of OEM netcard during 4.0 setup.txt
Q156876-Using
UDF Files with Windows NT 4.0 Unattended Setup.txt
Q157576-Troubleshooting
Problems Using Sysdiff.exe Tool.txt
Q158398-Automating
Network Printer Setup.txt
Q158447-How to
Run a Program Only Once After Unattended Setup.txt
Q158548-Sysdiff
Changes Dates on Files It Applies to WinNT.txt
Q159451-Installing
LPR Ports with NT 4.0 Unattended Setup.txt
Q159839-Sysdiff
does not add directories trees that are empty.txt
Q162001-Do Not
Disk Duplicate Installed Versions of Windows NT.txt
Q162230-How to
install IISor PWS on NT.txt
Q163303-Sysdiff
cannot be used to apply Service Pack.txt
Q163914-How to
modify boot.ini using sysdiff.txt
Q163979-Setting
Default Server and Script Options in CSNW.txt
Q165533-General
sysdiff troubleshooting tips.txt
Q165669-How to
set default Screen Saver through an unattended install.txt
Q165974-Cannot
Install CSNW with Attended=Yes in Unattend.txt File.txt
Q166028-Installing
3rd-Party Video drivers with TXTSETUP.OEM Unattended.txt
Q166149-Unattended
setup of RAS as DialOut also installs server.txt
Q167701-Unattended
setup of NT Server 4.0 Network Monitor and Agent.txt
Q168107-Windows
NT Briefcase appears and acts like a normal folder.txt
Q168217-Unattended
Setup may fail with 3Com 3C619B Tokenlink III adapter.txt
Q168814-Installing
NT 4 Service Packs during Unattended installation.txt
358 » Does your
desktop disappear after installing IE 4.x?
With no desktop,
use CTRL+ALT+DEL to start Task Manager. On the Applications tab, start a New
Task of %SystemRoot%\System32\Regedt32.exe.
Delete the
Settings value at:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current
Version\Explorer\Cabinet State
Reboot.
359 »
Intellimouse stops working after Service Pack 3?
On some systems,
the Intellimouse stops working after the application of Service Pack 3.
The workarount
is to install the i8042prt.sys driver from the origonal CD-ROM. To do this,
type:
expand
<CD-ROM drive>:\i386\I8042prt.sy_
%SystemRoot%\System32\drivers\I8042prt.sys
Shutdown and
restart the system.
360 » Installing
Network Components from a batch file.
When you install
Network Components using Control Panel, the Ncpa.cpl applet configures
setup.exe to call Ncpashel.inf with the appropriate parameters. If you know the
INF file to use and the OPTION, you can create a batch file to perform the
task. You will, unfortuneatly, have to make any adjustments to Binding
manually. Here is the syntax: (on one line)
SETUP.EXE /f
/i%systemroot%\system32\ncpashel.inf /T NTN_InstallMode = Install
/T
NTN_Origination = install /T NTN_Infname = <PATH>\OEMSETUP.INF
/T NTN_SRCPATH =
<CD-ROM>:\I386 /T NTN_Infoption = OPTION
Where:
Parameter D e s
c r i p t i o n
/f Turns off
blue background.
/T
NTN_InstallMode = Install, Remove,
Update, Configure or Bind
/T NTN_Origination
= Install
/T NTN_Infname
= Path/Name of the INF file.
/T NTN_SRCPATH
= Path to the distribution files.
/T NTN_Infoption
= Name of the option. To figure out
which option has to be installed, open the INF file and search for the section
[Options].
To install
Microsoft TCP/IP Printing with a batch file: (The Setup command must be on one
line.)
cd %systemroot%
setup /f
/i%systemroot%\system32\ncpashel.inf /T NTN_InstallMode = Install
/T NTN_Origination = install /T NTN_Infname =
.\OEMNSVTP.INF
/T NTN_SRCPATH = <CD-ROM>:\I386 /T
NTN_InfOption = TCPPRINT
EXIT
Oemnsvtp.inf is
the INF file that directs installation of the Microsoft TCP/IP Printing
component. It contains the following section:
[Options]
TCPPRINT
361 » Windows NT
and/or Windows 95 client fails Netware login.
If you have
Client or Gateway Services for Netware installed, your Netware login may fail
with:
You Cannot Be
Authenticated On <server name> Due To The Following Reason:
Logon Failure:
Account Currently Disabled.
Do You Want To
Select Another Preferred Server?
This will happen
if:
- Your Microsoft
UserName and your Netware log on ID are the same.
- Your Microsoft
password is different than your Netware password
- The Netware
Intruder Detection/Lockout is set to lockout user accounts after 1 incorrect
login attempt.
Windows NT and
Windows 95 use the Microsoft password for the first attempt at logging on to
other network resources. Because the lockout is set to 1, the account will be
disabled after the first bad attempt.
Set the
Incorrect Logon Attempts in the Intruder Detection/Lockout on the NetWare
server to something greater than 1 attempt.
362 » How to
configure the RestrictRun registry key.
In tip 050 we
learned that setting the RestrictRun Value in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
key to 1 would allow us to configure allowed programs at the RestrictRun key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun
RestrictRun can
only works from the Explorer process. It does not prevent users from running
programs, such as Task Manager, that are started by the system process or by
other processes such as CMD.EXE.
For WindowsNT to
operate properly, users must be permitted to run Systray.exe and setup.exe
(both are in %SystemRoot%\System32).
The value
entries in this subkey represent local programs which can appear in any order.
The value entries have the following syntax:
Decimal number
(starting with 1) of type REG_SZ with a data string which is the name of
executable file.
Example:
1REG_SZsetup.exe
2REG_SZsystray.exe
3REG_SZIexplore.exe
4REG_SZJSITTARH.EXE
364 » How do I
get a program to start at high priority from a shortcut and/or association?.
The Windows NT
Start command can set the priority of a program it initiates. The syntax is:
start
["title"] [/dpath] [/i] [/min] [/max] [/separate] [/low] [/normal]
[/high] [/realtime] [/wait] [/b] [filename] [parameters]
Parameter D e s
c r i p t i o n
none Without any
parameters, START opens an additional CMD prompt.
"title"
Title to display in the title bar.
/dpath The
startup directory.
/i Passes the
CMD.EXE startup environment to the new window.
/min Starts
minimized.
/max Starts
maximized.
/separate Starts
16-bit Windows programs in a separate memory space.
/low Starts the
application in the idle priority class.
/normal Starts
the application in the normal priority class.
/high Starts the
application in the high priority class.
/realtime Starts
the application in the realtime priority class.
/wait Starts the
application and waits for it to terminate.
/b Does not
create a new window.
CTRL+C handling
is ignored unless the application enables CTRL+C processing.
Use CTRL+BREAK
to interrupt the application.
filename Specifies
the command or program to start.
parameters Any
parameters to pass to the program or command.
Using this
functionality, we can modify a shortcut to start an application in high
priority. To start Microsoft Word in high priority, modify the Target:
CMD.EXE /C
"Start /High /B /DC:\MSOFFICE\Winword\
C:\MSOFFICE\Winword\WINWORD.EXE"
Set it's icon
back to WinWord.
To modify .doc
file associations to open at high priority:
assoc .doc
ftype <string
returned from assoc>=CMD.EXE /C
"Start
/High /B /DC:\MSOFFICE\Winword\ C:\MSOFFICE\Winword\WINWORD.EXE %1"
where the above
command is on one line.
365 » Copy
Profile Error. The operation completed successfully.
If you receive
the subject error while copying a profile in Control Panel / System / User
Profiles, you may be able to fix it by setting registry permissions on the
\SOFTWARE\Microsoft\Protected Storage System Provider\<SID> key in the
approriate hive.
To set
permissions for the profile you are currently logged on as, use regedt32 to
select:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Protected
Storage System Provider\<SID>
To locate your
SID, see tip 295.
Use the Security
menu to select Permissions and Add Read permissions for Administrators.
To copy the
profile of a user that is not logged on, use the technique in tip 182 by
starting with the HKEY_LOCAL_MACHINE key and loading the hive ( Ntuser.dat ) of
the appropriate user and setting permissions on:
HKEY_LOCAL_MACHINE\<key
name>\SOFTWARE\Microsoft\Protected Storage System Provider\<SID>
If this does not
work, you can just copy a profile (either the whole UserName directory or just
the NTuser.dat) if the user is not logged on. To copy your profile, you will
need to boot to an alternate instance of NT.
366 » How do I
create a custom form for a printer?
To create a
custom form:
Start / Settings
/ Printers. Select add printer. Click the File menu and then Server Properties.
Check the Create new form box, name it and configure it.
To use the new
form as the default, select the printer and choose Document Defaults from the
FileMenu.
367 » How can I
configure who receives Administrative alerts via the registry?.
Normally, you
would use Control Panel / Server / Alerts but you can edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Alerter\Parameters
Edit or Add
Value of AlertNames as a type REG_MULTI_SZ
Each UserName
and/or ComputerName is entered on a seperate line.
You can alter
how often the Server service checks for alert conditions by editing:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters
and changing
AlertSched which is a type REG_DWORD. The default is 5 minutes and the
allowable range is 1–65,535 minutes.
368 » How many
locally cached profiles are stored?
By default,
Windows NT stores up to 5 locally cached profiles. You can alter this default
by editing:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon
Edit or Add
Value of CachedLogonsCount as type REG_SZ. The valid range is 0 - 50.
See tip 237 for
additional Winlogon entries.
369 » Code Page
error in batch file or command prompt?
If you receive a
Code Page error in a batch file or command prompt while running a non-USA
version of Windows NT, it may be that the command you issued requires the 437
Code Page. Issue a:
chcp 437
in the beginning
of the batch or command session.
370 » Event ID:
41, The file system structure on the disk is corrupt and unusable.
If chkdsk
<drive_letter>: /f generates the following System event log entry:
Event ID: 41
Source: Disk
Description: The file system structure on the
disk is corrupt and unusable. Please run the chkdsk utility on the device
Device\Harddiskx\Partitionx with label
"xxxx".
you will be
happy to know that Chkdsk reports the wrong text message in the event log. The
message should read:
Autochk will be
run on this volume because user has selected it.
371 » Logging
your RAS connection.
Depending on
whether your using UniModem (default for NT 4.0) or Modem.INF ( see tip 234 ),
the method for enabling logging of your RAS connection is different. To insure
that logging is enabled:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RasMan\Parameters
and change Logging, a type REG_DWORD to 1.
This will
generate a device log at %SystemRoot%\System32\ras\DEVICE.LOG.
Using the
UniModem driver, you can also enable %SystemRoot%\Modemlog_<model>.txt by
using:
Control Panel /
Modems to select your modem and click on Properties /Connection tab /Advanced
and checking Record a log file.
Here is a sample
of %SystemRoot%\System32\ras\DEVICE.LOG:
Remote Access
Service Device Log 12/26/1997 12:13:43
---------------------------------------------------------------
Port:COM2
Command to Device:ATE1&F&C1 &D2 &A1 &B1 V1 Q0 S0=0 S2=128
S7=55
Port:COM2 Echo
from Device :ATE1&F&C1 &D2 &A1 &B1 V1 Q0 S0=0 S2=128 S7=55
Port:COM2
Response from Device:
OK
Port:COM2
Command to Device:AT&R2&H1&K0&M4M1
Port:COM2 Echo
from Device :AT&R2&H1&K0&M4M1
Port:COM2
Response from Device:
OK
Port:COM2
Command to Device:ATDT4048178166X7
Port:COM2 Echo
from Device :ATDT4048178166X7
Port:COM2
Response from Device:
CONNECT
33600/ARQ
Port:COM2
Connect BPS:115200
Port:COM2
Carrier BPS:33600
Port:COM2
Command to Device:
Port:COM2 Echo
from Device :
Port:COM2
Response from Device: UQKT2 Max1.Atlanta.GA.MS.UU.NET
Login:
Port:COM2
Command to Device:MSN/my MSN id
Port:COM2 Echo
from Device :MSN/my MSN id
Port:COM2
Response from Device:
Password:
Port:COM2
Command to Device:my password
Port:COM2 Echo
from Device :
Ente
Port:COM2
Response from Device:ring PPP Mode.
IP address is
153.35.41.39
MTU is 1524.
372 » Windows NT
Security Alert..
The default
security on:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
allows ordinary
users the right to write these keys, thus gaining full access to your server.
Use Regedt32 to
change the Security / Permissions on these keys and their Subkeys to Read for
Everyone.
374 » Speed up
your over the network installs or upgrades.
When doing a
WinNT32 /B install or upgrade, you can use multiple (up to 10) distribution
servers to share the file copy load. At least one of these servers must to
available at the start of the copy operation.
Here is a
command to pull distribution files from 4 sources, 3 servers and the local
CD-Rom:
WINNT32 /B /S:\\JSI1\i386 /S:\\JSI2\I386
/S:\\JSI3\I386 /S:F:\i386
375 » The Trust
Relationship Between Workstation and Domain Failed.
If you receive the
subject message during a Net Use or Net View or in User Manager while trying to
add an account from a Workstation or Member Server or you can not log onto the
console because the computer account is missing, then:
The computer's
machine account has the incorrect role or its password has become mismatched
with that of the domain database.
To resolve the
problem, log on locally as a local administrator. In Control Panel / Network,
select Change and enter a Workgroup name, leaving the domain and reboot, logging
on locally. Join the domain by either of the following methods:
In Control Panel
/ Network, select Change and enter the Domain Name if you can provide an
administrator username and password on the domain.
-or-
You can delete
the existing computer account in Server Manager, recreate the computer account,
synchronize the domain, and then on the client, rejoin the domain.
376 » How can I
tell if the 128 bit version of Service Pack 3 is installed?
Right click on
%systemRoot%\System32\schannel.dll and click Properties. On the Version tab,
the Description should be:
PCT / SSL
Security Provider (U.S. and Canada for the 128 bit version.
377 » Hide a
Boot Menu selection.
If you edit
C:\boot.ini and insert
[JSI hidden
entries]
after an entry,
all subsequent entries will be hidden from the Boot Menu. This could be usefull
when you only want an alternate install of NT to be visible when using a boot
floppy ( see tip 012 ).
378 » How do I
create a shortcut to the Sounds applet of Control Panel?
In tip 009 we
learned how to create a shortcut to a Control Panel applet.
The Sounds tool
does not have a unique .CPL file. It uses the Mmsys.cpl file.
To create a
Sounds tool shortcut, the Target should be:
%SystemRoot%\System32\Mmsys.cpl
sounds
379 » Do you
experience multi-minute delay when you launch Windows NT Explorer and Control
Panel?
If you
experience multi-minute delay when opening RPC-Aware applications, including
the initial load of your desktop, you may have set the StartUp type of the
Remote Procedure Call (RPC) service to Manual or Disabled. The RPC Locator
service may also be set to Automatic.
Use Control
Panel / Services to set the StartUp type of the RPC Service to Automatic and
set the startup type of the RPC Locator to Manual. Start the RPC Service.
380 » How do I
determine if a user logged on via RAS in a login script?.
Unfortuneatley,
there is no universal method of checking wether a user logged on via RAS or via
their LAN connection. Some of the examples in this tip use Kixtart ( see tip
120 ) as the logon script processor.
For a home user,
who always logs on via RAS, you can have them place a RASLOG.TXT file in their
%Windir% and test for its presence:
if exist
%Windir%\raslog.txt goto RAS endif
....
For Windows NT
users, you can use the CHECKRAS.EXE utility from the BackOffice Resource kit:
if exist
%windir%\checkras.exe goto CRNC endif
copy
%logonserver%\netlogon\checkras.exe %windir%
:CRNC
shell
"%windir%\checkras"
if @error 1 goto
RAS endif
....
For Windows 95
users, check the registry:
$is_ras=readvalue("hkey_local_machine\system\currentcontrolset\services\remoteaccess","remote
connection")
if @error=0 goto
RAS endif
....
For DOS/WFW/WIN
users, use the NETSPEED.COM utility from SMS.
381 » Floppy
tape driver makes Drive A: not accessible.
If you have the
Qic117.sys driver installed and your Floppy drive is alway inaccessible, check
Control Panel / Devices for your device. If Startup is set to SYSTEM, change it
to automatic and reboot.
When the driver
loads, your floppy device is disabled. Changing the startup to automatic
prevents the driver from loading until the backup program does a Tape
Device/Detect. Your Floppy won't be usable after a backup until you reboot. The
Qic117.sys driver is used by the following devices:
HP Colorado
T3000
HP Colorado
T1000
Wangtek QIC-3010
floppy
382 » Tired of
moving that mouse to File/New/Folder or Keying ALT+FWF to create a New Folder?
When you select
a folder object in explorer to create a new sub-directory, you must perform the
subject action to create a new folder. Wouldn't it be nice to just right click
and choose NewFolder? While there might be a real way to do this, here is a
method that works:
1. Per tip 060
select view/options/file types in explorer.
2 Scroll to
folder and select it.
3. Press Edit
and then New.
4. Type
NewFolder in Action.
5. In
Application...., type:
c:\winnt\system32\cmd.exe
/c MD """%1\NewFolder"""
6. OK out of the
dialogue.
Now when you
select a folder object and right click, you can choose NewFolder. A
sub-directory named NewFolder is created which you can rename.
383 » Printing
fails occassionally with heavy traffic, multiple printers, and the Line Printer
Daemon (LPD) service.
If you have the
latest Service Pack, you can change the default TCP ports (721-731) for LPR
connections. A registry hack will allow ports >1024 to be used for LPR
connections (this deviates from RFC 1179). The registry setting is configured
on a per LPR port basis. To implement, navigate to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\LPDSVC\lpr
Add Value name
IP address of LPR printer as type REG_DWORD. A data value of 0 uses the default
(ports 721-731) while a data value of 1 enables ports >1024.
At a minimum,
you need to stop and restart the spooler service. Type:
net stop spooler
net start
spooler
If this doesn't
work, a reboot is required.
384 » Can I have
a local Policy for my Workstation?
Normally,
Windows NT Policies are used when a user logs on to a Domain.
You can set up
Policies for the local account database.
Create a
Netlogon share for %SystemRoot%\System32\Repl\Import\Scripts with Read
permissions for Everyone and Full Control for the Administrators group.
Use Poledit.exe
and create your policy.
Double-click
Local Computer, double-click Network, double-click System Policies Update, and
then select Remote Update.
Click Automatic
in the Update Mode box, and then click OK.
Save the policy
to the Netlogon share as Ntconfig.pol.
NOTE: This will
allow you to use both a local and a domain-wide system policy, depending on
which user account database the user logs on to.
385 » Help with
Ping.
When you type
help ping at a command prompt, Windows NT displays:
This command is
not supported by the help utility. Try "ping /?".
When you type
ping /?, Windows NT displays:
Bad IP address
/?.
To get help,
just type ping or ping -? at a command prompt.
To get
additional help on the Packet Inter Net Groper:
Click Start /
Help / Index Tab and type ping and double-click the Ping Utility topic.
You may wish to
read the following KB articles:
Q102908 - How to
Troubleshoot TCP/IP Connectivity with Windows NT.
Q169790 - How to
Troubleshoot Basic TCP/IP Problems in Windows NT 4.0.
386 » RAS client
receives error 2 - can't find file specified.
Browse the
registry on the RAS client at:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\NetworkCards
For each
numbered Sub-key, verfiy that the the ServiceName value has an entry for that
service at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services.
If it does not,
delete the key at:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\NetworkCards\<number>
387 » Failed PDC
can't be promoted?
If your PDC went
off-line before promoting a BDC, the registry entry on the PDC which governs
the server role was not changed. When you bring the PDC on-line, it comes up as
a PDC. When it finds that another computer is the PDC, it simply stops its'
NetLogon service. The only way to fix this is to edit the registry at:
HKEY_LOCAL_MACHINE\Security
Choose Security
/ Permissions and insure that Administrators have Full Control on this key and
all sub-keys. Navigate to:
HKEY_LOCAL_MACHINE\Security\Policy\PolSrvRo
and change the <no name> value entry from 03000000 to 02000000 where the
3 indicates Primary and the 2 indicates Backup.
Shutdown and
restart Windows NT on the old PDC. It will restart as a BDC which you can then
promote.
388 » How do I
create a custom Separator Page for my printer?
Windows NT
provides 3 .SEP files in the %SystemRoot%\System32 directory. You can modify
these or create a new one using the following command syntax:
Command D e s c
r i p t i o n
@ Escape
character - Defined by typing any character as the 1st and only character on
the 1st line of the file. @ is used in this example.
@N Prints the
%UserName% that submitted the job.
@I Prints the
job number.
@D Prints the
date in the format defined in Control Panel.
@T Prints the
time in the format defined in Control Panel.
@Lxxxx Prints
all the characters (xxx) until the next @ is encountered.
@Fpathname
Prints the contents of the file starting on the next line.
@Hnn Sends a
printer specific hexadecimal control code.
@Wnn Sets the
width of the separator page. The deault is 80 and the max is 256.
@U Turns off
block character printing.
@B@S Prints text
in single-width block characters until @U is encountered.
@E Ends the page
by ejecting it or starts a new one.
@n Skips n lines
(0-9). @0 starts a new line.
@B@M Prints text
in double-width block characters until @U is encountered.
Here is a simple
searator page I wrote for my HP1600C:
@
@1
@B@S@N@4
@I@4
@U@D@L@T@4
@E
389 » How can I
configure the IIS Object Cache Size?
The IIS Object
cache is used to store hard to retrieve items such as file handles, Directory
listings, and parsed Internet Database Connector queries and their results.
By default, the
size of the cache is set at 10% of physical memory.
You can
configure the cache size by editing:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\InetInfo\Parameters
and edit or Add
Value of MemoryCacheSize which is a type REG_DWORD. A value of 0 disables the
cache (bad idea) while any other value in bytes is valid.
Stop and start
the IIS service or reboot.
390 » Registry
entries for the FTP service.
Registry entries
that are specific to the FTP Service are located at:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSFTPSVC\Parameters
Value Type
Default D e s c r i p t i o n
AccessCheck
REG_DWORD 0 Designed for FAT volumes. 0=No Access check, 1=Access will be
verified against the permissions you set on a new sub-key of Parameters, also
called AccessCheck.
AllowAnonymous
REG_DWORD 1 0=Anonymous users are not permitted to connect to or download files
from the FTP service. This will expose the username/password in clear test.
1=Anonymous allowed.
AnnotateDirectories
REG_DWORD 0 0=no annotation. 1=FTP annotates by displaying the contents of the
hidden ~ftpsvc~.ckm file in each directory.
AnonymousOnly
REG_SZ 0 0=IIS permits both anonymous and non-anonymous connections.1=IIS does
not permit non-anonymous connections to the FTP service.
EnablePortAttack
REG_DWORD 0 0=The FTP service does not establish connections to ports with
numbers lower than IP_PORT_RESERVED (1024), except for the standard FTP data
port (20). 1=Allow clients to destroy the server.
ExitMessage
REG_SZ Blank The text sent in response to a QUIT.
GreetingMessage
REG_SZ or REG_MULTI_SZ Blank The message sent by the FTP service when a user
logs on.
LogAnonymous
REG_SZ 1 0=Don't log anonymous connections in the Application Event log. 1=Do
log.
LogNonAnonymous
REG_DWORD 1 0=Don't record non-anonymous connections in the Application Event
log. 1=Do log.
LowercaseFiles
REG_DWORD 0 0=Native file System functionality. 1=Convert to lowercase before
searching.
MaxClientsMessage
REG_SZ Blank Text of message when logon is rejected due to maximum connections
limit.
MsdosDirOutput
REG_DWORD 1 0=UNIX. 1=DOS.
391 » IIS
Services registry entries.
The IIS services
are:
MSFTPSVC FTP
Service
GOPHERSVC Gopher
service
W3SVC WWW
service
These registry
entries are located at:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\
Services\<ServiceName>\Parameters
Value Type
Default D e s c r i p t i o n
AdminName REG_SZ
Administrator The Gopher service uses this name when sending responses to
Gopher Plus queries.
AdminEmail REG_SZ Admin@corp.com Specifies the e-mail
address for the administrator of the Gopher service.
AllowGuestAccess
REG_DWORD 1 0=IIS rejects Guest logins. 1=IIS accepts Guest logons. This entry
is only used by FTP and WWW.
AnonymousUserName
REG_SZ IUSR_ComputerName The user name used by anonymous users connecting to
this service. Because the password is stored in a protected area in the
Registry, you cannot set it by editing the Registry.
Authorization
REG_DWORD 1 Specifies the user authentication methods used by the IIS service.
This value is a binary bit mask as follows:
0=(None) FTP,
WWW, Gopher.
1=Anonymous
logons FTP, WWW, Gopher.
2=Clear text
logons FTP and WWW only.
3=Anonymous and
clear text logons FTP and WWW only.
4=WindowsNT
Challenge/Response logons WWW only.
5=Anonymous and
WindowsNT Challenge/Response logons WWW only.
6=Clear text and
WindowsNT Challenge/Response logons WWW only.
7=Anonymous,
Clear text and WindowsNT Challenge/Response logons WWW only.
CheckForWAISDB
REG_DWORD 0 0=The IIS service does not perform content-based searches using the
WAIS toolkit. 1=The IIS service performs searches if the WAIS toolkit
(Waislook.exe) is installed in the system.
ConnectionTimeOut
REG_DWORD 900 (seconds - decimal) How long IIS maintains an idle connection.
DefaultLogonDomain
REG_SZ ? The logon domain used to
validate a clear-text logon when no domain is specified in the user name field.
If IIS is running on a stand-alone computer, the default is the ComputerName.
If the computer is in a domain, the default is the machine name of the PDC.
EnableSvcLoc
REG_DWORD 1 0=You can not use the Internet Service Manager to configure the IIS
Service. 1=You can.
InstallPath
REG_SZ Systemroot\System32\Inetsrv The path to the location where the IIS
service is installed.
LogFileDirectory
REG_EXPAND_SZ Systemroot\System32\Logfiles Each IIS service can be configured
to record information in a transaction log file.
LogFileFormat
REG_DWORD 0 0=Standart. 3=National Center for Supercomputing Applications
(NCSA) Common Log File format.
LogFilePeriod
REG_DWORD 1 0=No time limit. Instead, logs are limited by the size specified in
the LogFileTruncateSize. 1=New log each day. 2=New log each week. 3=New log
each month.
LogFileTruncateSize
REG_DWORD 0x01388000 (20 MB) 0=Limited by free space.
LogonMethod
REG_DWORD 0 0=Only users who log on locally can access IIS. 1=Users must have
permission to logon as a batch job. 2=Users must have permission to access the
computer over the network. If you are running SQL Server through an ODBC
connector with SQL Integrated Security enabled, you must set this value to
either 0 or 1.
LogSqlDataSource
REG_SZ ? WWW=HTTPLOG. FTP=TSLOG. Gopher=TSLOG
LogSqlPassword
REG_SZ sqllog The ODBC password for the user designated in LogSqlUserName.
LogSqlTableName
REG_SZ ? WWW=InternetLog. FTP=ftplog. Gopher=gophlog.
LogSqlUserName
REG_SZ InternetAdmin The user name used for accessing the data source for
ODBC-based logging.
LogType
REG_DWORD 1 0=No logging. 1=Log to file. 2=Log to ODBC data source.
MaxConnections
REG_DWORD ? WWW=0x186A0 (100,000). FTP=0x3E8 (1,000). Gopher=0x3E8 (1,000).
Pathname
REG_EXPAND_SZ Systemroot\System32\Inetsrv This value is not used.
ServerComment REG_SZ Blank The text that appears in the
Comment box on the Internet Service Manager Properties dialog box for each IIS
service.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ServiceProvider\ServiceTypes\<ServiceName>\TcpPort
is a REG_DWORD which defaults as:
GOPHERSVC 70
(0x46)
MSFTPSVC 21
(0x15)
W3SVC 80 (0x50)
Microsoft
Internet Information Server 1368 (0x558)
392 » Shared IIS
registry entries.
Registry entries
shared by:
MSFTPSVC FTP
Service
GOPHERSVC Gopher
service
W3SVC WWW
service
are located at:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\InetInfo\Parameters
Value Default D
e s c r i p t i o n
AcceptExOutstanding
40 The minimum number of idle sockets maintained when using AcceptEx, an IIS
optimizing feature that allows IIS to establish a new connection and read its
initial data request in the same step. The range is 0-1000.
AcceptExTimeout
0x78
(120 seconds)
The length of time an AcceptEx socket waits for operation completion. Limiting
the time improves overall performance and reduces memory usage.
BandwidthLevel
0xFFFFFFFF Limiting bandwidth prevents IIS from using a disproportionate share
of the network when it sends data. The default does not limit bandwidth. If the
bandwidth approaches the limit you set, it is throttled back.
CacheSecurityDescriptor
0 0=IIS retrieves each object to check user rights. 1=IIS caches objects so
they don't have to be re-retrieved.
DisableMemoryCache 0 0=IIS caches objects to improve
performance. 1=IIS is slow.
ListenBackLog 15
If the server is rejecting requests when it is most active, increase this
value. The max is 250.
LogFileBatchSize
0x40 (64KB) Signals when to write a logfile record. Larger values improve
performance at the expense of memory.
LogFileFlushInterval
0x12C
(300 Seconds) A
value of 0xFFFFFFFF never forces the log. It waits for the batch size. Lower
values are designed for less active servers.
MaxPoolThreads
0xA (10) 20 threads are maximum.
MemoryCacheSize
10% of
memory A value
of 0 disables the cache (bad idea) while any other value in bytes is valid.
MinFileKbSec
1000 The greater of ConnectionTimeout or File size divided by this value,
calibrated in seconds, is the maximum time that IIS will allow to send a file.
The largest number you can use is 8192.
ObjectCacheTTL
0x1E
30 seconds 0=IIS
does not cache. 0x1-0x7FFFFFFF is the maximum time an inactive object can
remain in cache. 0xFFFFFFFF=An object remains in cache until it is overwritten.
PoolThreadLimit
MB of RAM*2 This value is optimal for most systems and changing it might impair
performance.
ThreadTimeout 0x 15180
86,400 sec.
Inactive I/O threads that exceed this limit are stopped.
UseAcceptEx 1
0=AcceptEx is disabled.1=AcceptEx is enabled.
UserTokenTTL
0x384
900 seconds
0=security tokens are not cached. This value determines how long an
unreferenced security token remains in the cache.
You must reboot
the server for any changes to take effect.
393 » Domain
Password is invalid or Access to logon server denied while using IPX/SPX?.
On the logon
server, edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LANMANSERVER\Parameters
Add Value name
MinClientBufferSize as type REG_DWORD and set it to 500 (decimal).
Restart your
server.
394 » Another
way to set the number of rings on a RAS Server.
In tip 114 we
used one method to set the number of rings before a RAS Server answers, here is
another:
Edit
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RasMan\Parameters\
and Add Value
name of NoOfRings as a type REG_DWORD and set the data value to the number of
rings desired.
395 » What are
the default NTFS permissions?
When you convert
to NTFS, all files and directories default to Everyone - Full Control.
When you format
a drive as NTFS and install Windows NT, the following default permissions apply
(assuming drive C:):
C:\
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
System - Full
Control
C:\Msapps and
<subdirectories>
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\Program Files
and <subdirectories>
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\Temp
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
System - Full
Control
C:\Users
Administrators -
Special (RWXD)
Everyone -
List(RX)
System - Full
Control
C:\Users\Default
Creator/Owner -
Full Control
Everyone -
Special (RWX)
System - Full
Control
C:\Win32app
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Read(RX)
Server Operators
- Full Control
System - Full
Control
C:\%SystemRoot%
Administrators-
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\Config
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\Cookies
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\Cursors
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\Desktop
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\Fonts
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\Help
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\History
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\Inf
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\Java
and <subdirectories>
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\Media
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\Nwspool
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\Profiles
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\profiles\Administrators
Administrators -
Full Control
System - Full
Control
C:\%SystemRoot%\profiles\All
Users and <subdirectories>
Administrators -
Full Control
Everyone - Read
System - Full
Control
C:\%SystemRoot%\profiles\Default
User and <subdirectories>
Administrators -
Full Control
Everyone - Read
System - Full
Control
C:\%SystemRoot%\Profiles\<username>
and <subdirectories>
Administrators -
Full Control
<username>
- Full Control
System - Full
Control
C:\%SystemRoot%\Repair
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone - Read
Server Operators
- Full Control
System - Full
Control
C:\%SystemRoot%\Shellnew
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone - Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\System
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\System32
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\System32\Cache
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\System32\Config
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone - List
Server Operators
- List
System - Full
Control
C:\%SystemRoot%\System32\Dhcp
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Read(RX)
Server Operators
- Full Control
System - Full
Control
C:\%SystemRoot%\System32\Drivers
and <subdirectories>
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Read(RX)
Server Operators
- Full Control
System - Full
Control
C:\%SystemRoot%\System32\Inetsrv
and <subdirectories>
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\System32\Lls
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\System32\Logfiles
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\System32\Netmon
and <subdirectories>
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\System32\Os2
and <subdirectories>
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\System32\Ras
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change(RWXD)
Server Operators
- Full Control
System - Full
Control
C:\%SystemRoot%\System32\Repl
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Read(RX)
Server Operators
- Full Control
System - Full
Control
C:\%SystemRoot%\System32\Repl\Export
and <subdirectories>
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Read(RX)
Replicator-
Change(RWXD)
Server Operators
- Change(RWXD)
System - Full
Control
C:\%SystemRoot%\System32\repl\import
and <subdirectories>
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone - Read(RX)
Replicator-
Change(RWXD)
Server Operators
- Change(RWXD)
System - Full
Control
C:\%SystemRoot%\System32\Spool
and <subdirectories>
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Read(RX)
Print Operators-
Full Control
Server Operators
- Full Control
System - Full
Control
C:\%SystemRoot%\System32\Viewers
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
C:\%SystemRoot%\System32\Spool\Wins
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change(RWXD)
Server Operators
- Change(RWXD)
System - Full
Control
C:\%SystemRoot%\Temporary
Internet Files and <subdirectories>
Administrators-
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
Other
directories
Administrators -
Full Control
Creator/Owner -
Full Control
Everyone -
Change
Server Operators
- Change
System - Full
Control
396 » Using
Regedit to backup the registry.
In addition to a
regular tape backup, RDISK to generate a new ERD, ConfigSafe NT to backup the
registry, and RegBack from the reskit, I also use Regedit.exe, The Windows 95
Registry Editor, to backup the registry.
When you start
Regedit.exe, My Computer is highlighted. Click Export Registry File from the
Registry menu. In the Save in: dialgue box, you can choose anyplace but I press
the Up Folder Icon until my Desktop is selected. Type a file name, like
Registry, in the File Name box and click Save. Exit Regedit.
To restore the
registry, I double-Click the Registry icon on my desktop, but you can simply
double-click the .REG file that you saved.
397 » Minor bug
in Explorer can cause big problems.
When you change
Permissions from the Security tab of a Properties sheet, and then OK out,
Explorer will erroneously turn off the archive bit. This will cause the file or
directory to be skipped during an incremental backup.
The bug is a
result of the way that Explorer orders its' actions on a Properties sheet.
Changes made to permissions are applied immediately. When you OK, the General
tab "sees" no reason to have the archive bit on so it turns it off.
When the Permissions tab exits, it does nothing because it "knows" it
has done its' work.
A workaround is
to not click OK from the Security tab but switch to the General tab before you
OK.
398 » How to set
the time zone by editing the registry.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation
Value Type D e s
c r i p t i o n
Bias REG_DWORD Negative
offset from GMT in seconds.
StandardName
REG_SZ Standard name of this time zone.
StandardBias
REG_DWORD Offset applied to Bias for Standard Time.
StandardStart
REG_BINARY A coded year, month, day of week, week, hour, minute, second, and
millisecond of when the switch to Stand Time occurs. This is detailed at the
end of the tip.
DaylightName
REG_SZ Standard name for Daylight time.
DaylightBias
REG_DWORD Offset applied to StandardBias wich is applied toBias for Daylight
Time.
DaylightStart
REG_BINARY A coded year, month, day of week, week, hour, minute, second, and
millisecond of when the switch to Daylight Time occurs. This is detailed at the
end of the tip.
ActiveTimeBias
REG_WORD The currently active offset from GMT.
If your browse
to your time zone starting at:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\Current Version\Time Zones
you will find
Display contains your StandardName, DLT contains your DaylightName, and TZI
contains everything else. Here is the TZI for Western Europe Standard Time and
its' meaning:
C4 FF FF FF 00
00 00 00 C4 FF FF FF 00 00 0A 00 00 00 05 00 03 00 00 00 00 00 00 00 00 00 03
00 00 00 05 00 02 00 00 00 00 00 00 00
TDI Bytes Hex
Value Decimal Meaning
C4 FF FF FF
ffffffc4 -60 Bias
00 00 00 00
00000000 0 StandardBias
C4 FF FF FF
ffffffc4 -60 DaylightBias
00 00 0A 00 00
00 05 00 03 00 00 00 00 00 00 00 Switch to Standard time (last Sun in Oct, 3:00
am) StandardStart
00 00 03 00 00
00 05 00 02 00 00 00 00 00 00 00 Switch to Daylight time (last Sun in March,
2:00 am) DaylightStart
Where (looking
at StandardStart)
00 00 - is the
Year from a 1900 time base.
0A 00 - The
first byte is the Month (January is 01).
00 00 - The
first byte is the DayOfWeek (Sunday=0).
05 00 - The
first byte is the Week (starts at 1 and 5 means last).
03 00 - The
first byte is the Hour.
00 00 - The fist
byte is the Minute.
00 00 - The
first byte is the Seconds.
00 00 - the
first byte is the Millisecond.
If no switch
to/from DST is required, Month is 0.
If the switch
happens on a date specified in absolute terms, Year not = 0, then all the
fields are the date when the switchover happens.
If the switch
date is variable, Year = 0, then Month is the month for the switch, DayOfWeek
is the weekday, and Week selects the Nth occurrence of the specified weekday
within the month.
399 » How do I
balance the load between two NICs on the same wire?.
You will need to
add two Value entries of type REG_DWORD at:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetBT\Parameters
RandomAdapter
should be set to 1 and SingleResponse should be set to 1.
Setting either
value to 0 disables this feature.
400 » How do I
set permission to give users control of their own directory but No Access to
anyone elses?
I receive this
query so many times that I have decided to post 2 solutions. These solutions
work for the C:\Users directory and any others that you want to set up.
For these
examples, we will set permissions on Local Groups on the assumptions that you
have users in Global Groups and Global Groups in Local Groups:
Jerry
Domain
Administrators
Administrators
Jennifer
Domain Users
Users
--------------------------------------------------------------------------------
The one share
for Everyone approach.
1. Share the
directory with Change for Everyone.
2. Set NTFS
permissions on the directory as:
Administrators
Special (RWXD)
System Full
Control (All)(All)
Check the
Replace Permissions on Subdirectories box. Then set:
Everyone List
(RX)(Not Specified)
and do not check
the Replace Permissions on Subdirectories box.
3. Set NTFS
Permissions on each users subdirectory as:
Domain/UserName
Note: Remove any
other extraneous users and groups. Add & Read, Special File Access
(RWX)(ALL)
4. In a login
script, map a drive letter to the share.
--------------------------------------------------------------------------------
The Good:
1. Easy to setup
either manually or in an automated script.
2. Users will
not be able to see or read the contents of another users directory.
The Bad:
1. Users will
see that other directories exist.
2. Users must
navigate to their directory (unless they use Windows NT where you can map a
drive letter below a share).
--------------------------------------------------------------------------------
The one hidden
share for each user approach.
1. Do not share
the parent directory.
2. Set NTFS
permissions as in step 2 and 3 of The one share for Everyone approach..
3. Create a
hidden share for each user as UserName$ (See A better way later in this tip).
4. In a login
script, map a drive letter to the share.
--------------------------------------------------------------------------------
The Good:
1. Users will
not see the existance of other directories.
2. Users will
not be able to see or read the contents of another users directory.
3. Users will
not have to navigate to their directory.
The Bad:
1. A little
harder to set up.
2. You need a
little more memory on the server to manage the shares.
3. Won't work
well if you have 25k+ users (I have heard of success with more users and fast
muli-processors).
--------------------------------------------------------------------------------
Mapping a drive.
net use
<drive:> /delete
net use
<drive:> \\Server\Share /persistent:yes
note:
/persistent:no is better if you turn off Autodisconnect and don't manually
disconnect users.
--------------------------------------------------------------------------------
A better way
Even with a
hidden share, a knowledgeable hacker may still find those sensitive documents
when flubadub writes his/hers password on a post-it and attaches it to the
monitor.
Try this in
conjunction with The one hidden share for each user approach:
1. If you have
W95 users, use WINSET, with or without Kixtart (see tip 120), and SET (or SETL
for Kix) to set environment variables, but specifically set UserName.
2. Create a
hidden share for the parent directory that only trusted administrators know.
Grant Read permissions to Everyone on the share. Do not map a drive letter to
it.
3. When creating
the hidden share, use a different meaningless string such as z1q34uz$ for each
user.
4. Create files
in the parent directory called UserName.bat (Jerry.bat) which contains the
drive mapping and grant the specific user read (RX) permission to it: (If you
use Kix, then use a .scr extention)
net use x:
/delete
net use x:
\\Server\z1q34uz$ /persistent:yes
5. Call this
file to perform the mapping:
if exist
\\Server\ParentHiddenShare$\%UserName%.bat
call
\\Server\ParentHiddenShare$\%UserName%.bat
With this modification,
a hacker would have to have an administrators name and password to get to a
users files (or the user would have to leave there machine unlocked and My
Computer open for the hacker to see the hidden share name and they would still
need the users password. If you don't map the drive but just modify the command
prompt shortcut for each user (see tip 121) and configure each user in your
Office Suite to point to the UNC name, you are even safer.
401 » What files
are different between the 40-bit and 128-bit versions of a Service Pack?.
There are 4
files that are different in the two versions:
Ndiswan.sys
Security.dll
Ntlmssps.dll
Schannel.dll.
See tip 376 to
determine which version is installed on your system.
402 » How do I
install SBS if the disk controller is not auto detected?
If the disk
contoller is not auto detected, SBS will blue screen with a STOP: 0x0000007b
Inaccessible Boot device during the first reboot. To continue the install, boot
from the 3 setup diskettes and press F6 when you see Windows NT is now
detecting your hardware. When asked to specify devices to install and you are
prompted for the OEM drivers, choose skip. At the next reboot you will receive
another STOP: 0x0000007b Inaccessible Boot device. As the conversion to NTFS has
not yet occured, boot to a MS-DOS floopy and copy the OEM driver to
winnt.sbs\system32\drivers.
When you
restart, setup will continue normally.
403 » How do I
open a command prompt with my favorite DOSKEY macros defined?
In tip 294 we
learned how to create DOSKEY macros.
To open a
Command Prompt with DOSKEY macros defined, modify the command prompt shortcut
Target:
%SystemRoot%\system32\cmd.exe
/k <Drive:>\path\file.cmd
where
<Drive:>\path\file.cmd contains your macros.
Example:
%SystemRoot%\system32\cmd.exe
/k%HOMEDRIVE%%HOMEPATH%\Jerry.cmd
where
%HOMEDRIVE%%HOMEPATH%\Jerry.cmd contains:
@echo off
doskey
/macrofile=jsidoskey
and jsidoskey
contains the doskey macros which you saved by typing:
doskey /macros
> jsidoskey
If you want to
see your macros being defined, then %HOMEDRIVE%%HOMEPATH%\Jerry.cmd would only
contain the DOSKEY macros, such as:
doskey nd=md
$1$Tcd $1
doskey CD=@CD /d
$1
doskey qf=format
A: /q
404 » Why does
it take Explorer longer than File Manager to view a file over the network?
Explorer
supports OLE (Object Linking and Embedding) and File Manager does not.
Explorer must
download the file header information and other details such as associations and
icon information to compose the view. File Manager simply reads the file label
to compose the view.
405 » Reduce
network delay.
When TCP/IP
network activity is light, delays may be encountered with the default request
buffer size (4356 decimal).
The range of
this parameter is 512 - 65536 bytes. Testing has shown that, in most standard
Ethernet environments, 14596 (decimal) is a better choice, if the memory is
available. Edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters
and Add Value
name SizReqBuf as a type REG_DWORD.
Restart the computer.
406 » Frequently
asked questions about SBS..
Q. Can I connect
Small Business Server to an existing ISP that is not on the ISP referral server
so that I can get Internet Email?
A. Yes.
Instructions for this can be found http://www.microsoft.com/backofficesmallbiz/default.asp,
you will also find information on what is required from the ISP in order to
support the features of Small Business Server.
--------------------------------------------------------------------------------
Q. Can fax
server be installed onto an existing Windows NT Server?
A. No. Fax
Server can only be installed onto Small Business Server.
--------------------------------------------------------------------------------
Q. How can I get
the full version of Windows NT?
A. An upgrade
disk can be purchased that provides this upgrade. It was just released. JSI
part# 454237 at http://www.jsiinc.com/catalog.htm. The standard version of
Windows NT cannot be installed onto the Small Business Server. This results in
a crash because the Service Pack 3 files are over written.
--------------------------------------------------------------------------------
Q. What are the
limitations of Small Business Server versus the standard version of Windows NT?
A. The SBS
limitations for Windows NT are no trusts, 25 users maximum, Small Business
Server must be a Primary Domain Controller. SQL Server has a 1gig database size
limit with only one database permitted. Exchange is the standard single site
version and cannot have a single global address list across multiple sites.
Exchange cannot replicate stores across sites.
--------------------------------------------------------------------------------
Q. What if I
already have Windows NT and/or Exchange/IIS/Proxy?
A. If the
customer already has Windows NT they must recreate the user accounts for Small
Business Server. Existing data can be backed up and restored for existing
applications such as the Exchange message stores and other data. The customer
can start from scratch or have a dual boot system between Small Business Server
and the previous version of Windows NT. Small Business Server is a completely
separate installation.
--------------------------------------------------------------------------------
Q. Can other
servers be added to the Small Business Server network?
A. Yes. Backup
Domain Controllers and stand alone servers can be added as well as NetWare,
Unix, OS2, etc. As long as a protocol exists to connect them, they can be on
the same network. Gateway Services for NetWare is in Small Business Server and
can be used to connect existing Novell servers just as with Windows NT 4.0.
--------------------------------------------------------------------------------
Q. Where can I
purchase Small Business Server? Nobody seems to have it in stock?
A. JSI has all
the various part numbers at http://www.jsiinc.com/catalog.htm.
--------------------------------------------------------------------------------
Q. Can I upgrade
the 2 user Preview Version I got with the Direct Access Reseller Kit/SBS Launch
event?
A. No. This
product is not upgradable due to the licenses. Standard NFR (Not For Resale) 5
user versions can be upgraded.
--------------------------------------------------------------------------------
Q. Will fax
server be sold separately?
A. No. Telecom
Fax is available at http://www.jsiinc.com/catalog.htm
--------------------------------------------------------------------------------
Q. Do I need to
install Service Packs? How do I do it?
A. The latest
Service Packs for all applications are included in Small Business Server as of
the time of release.
See KB article
Q151419 for a list of documentation errors.
--------------------------------------------------------------------------------
Q. How do I
upgrade from version 4.0 to version 4.0a
A. See KB
article Q179729.
407 » Improve
multi-processor performance.
Microsoft has
released an affinity tool (intbind.zip) which allows you to set processor
affinity for disk and network adapters, increasing performance by improving
processor cache locality.
You might also
want to visit the Windows NT Server performance and scalability site for
general information on where Windows NT is at and where it is going.
408 » Measure
your router throughput.
SNMPlogs is a
donnationware service that provides router throughput logging and is brought to
us by Martin DEVERA, the provider of FastCon.
409 » Record the
Disk Administreator data about your Mirror, Volume Sets, and Stripe Sets.
If you ever
loose and need to rebuild any of the subject volumes, having information from
Disk Administrator can mean the difference between success and failure.
Always save the
information to diskette by selecting Partition / Configuration / Save.
In addition, a
printout of the Disk Administrator screens can be invaluable.
Adjust the
screen size so as much disk information is visible as possible. Make sure the
Disk Administrator window is selected and hold down the Alt key as you press
the Print/Scrn key.
Open Paint and
paste the image from the Clip Board. Do any cropping required. Print the image,
preferably in color.
You may have to
repeat the process if you must scroll the Disk Administrator windows to see
additional data.
410 » Logon
failure - System's computer account missing or password incorrect?.
You may receive
this error along with event id 3210 or 5721 (5722 on the domain controller) if
you changed the name of your computer, you used an old ERD, or your computer
account was removed from the domain.
The secure
channel between the member computer and the domain controller has been broken.
To fix this, you would normally perform many steps using Server Manager and
booting of the member machine to a workgroup before being able to rejoin the
domain.
Using NETDOM
from NT resource kit, vol II
you
can reset the secure channel from the command line of the wounded member
computer (or any domain controller or working member that has admin access to
the wounded member):
NETDOM MEMBER
\\WoundedMember /JOINDOMAIN
If your domain
is named MyDomain, you will receive messages similar to:
Searching PDC for domain MyDomain
Found PDC \\MyDomainPDC
Querying domain information on PDC
\\MyDomainPDC
Querying domain information on computer
\\WoundedMember
Computer \\WoundedMember is already a member
of domain MyDomain.
Verifying secure channel on \\WoundedMember
Verifying the computer account on the PDC
\\MyDomainPDC
Resetting secure channel ...
Changing computer account on PDC
\\MyDomainPDC
Stopping service NETLOGON on \\WoundedMember
.... stopped.
Starting service NETLOGON on \\WoundedMember
.... started.
Querying user groups of \\WoundedMember
Adding MyDomain domain groups on
\\WoundedMember
The computer \\WoundedMember joined the
domain MyDomain successfully.
Logoff/Logon \\WoundedMember to take
modifications into effect.
411 » Can not
use a roaming profile.
If the account
that you logon as is also used to start a service on your computer, the roaming
profile can not be used to log you on.
412 » Is your
RAS connection using LMHOSTS slow?
If you are using
LMHOSTS to resolve the IP address of your RAS server, Windows NT must wait for
the connection attempts over your local LAN to timeout before the RAS
connection is accepted. This could take 90 seconds.
Try lowering the
value of TcpMaxConnectRetransmissions. If you set it too low, you may
experience connection problems over a slow link. Edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
and set the type
REG_DWORD value name of TcpMaxConnectResponseRetransmissions to 1. The default
for this value is 3 which results in the 90 second delay, while a value of 1
only causes an 18 second delay. This entry determines how many times a response
to a TCP connection request is retransmitted. The initial delay between connection
attempts is 3 seconds and is doubled after each attempt. The valid range is 0 -
0xFFFFFFFF.
413 » How to
create a default profile.
Windows NT 4.0
asks the following questions before creating a new profile:
Is there a
roaming profile defined in User Manager for Domains and does it exist? If yes,
use it.
Does this user
have a local profile? If yes, use it.
Does Default
User exist on the Netlogon share of the validating Domain Controller? If yes,
use it.
Does Default
User exist in %SystemRoot%\Profiles?, if yes, use it. If no, I don't every want
to find out.
To create a new
default profile for your domain:
Log on to a
workstation as a new generic user (one that does not have Administrator rights
in the domain).
Set up the
desktop and change any settings. Log off the workstation. The profile is
actually created at this point.
Log back onto
the workstation as someone who has Administrator rights to the local computer
and in the domain.
In the Control
Panel / System /User Profiles, select the user's profile that you created in
the previous step and click Copy To.
Permit the group
Everyone to be able to use the profile.
Specify the
server name and the share name, as well as the name of the profile that you
want to copy this profile to in \\Servername\Sharename\Profilename format.
NOTE: The name
of the profile will actually be a directory name. The entire directory and its
subdirectories and files are the profile.
Copy this
profile to the Netlogon share and rename it to Default User. This will enable
Windows NT to create a new profile based on this profile for a user who does
not already have a central or local profile. You should also copy it to
%SystemRoot%\Profiles on this server for the sake of consistency.
NOTE: This
Default User profile will be used to create new Roaming Profiles as well as new
local profiles.
If you apply any
of the registry hacks mentioned for HKEY_CURRENT_USER to these profiles, they
will be applied to all new users. Don't forget to replicate this to all domain
controllers.
414 » Dates on
the Post-SP3 Hotfix binaries.
When building a
combined hotfix, it is important to use the latest binaries of duplicate files.
Enclosed is a list of the Post-SP3 hotfixes and the files they contain. You can
download the USA version from ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfixes-postsp3.
/archive/oob-fix
05/22/9709:06a
217,416oobfix_i.exe
05/20/9704:50p143,472tcpip.sys (x86)
/asp-fix
05/28/9705:16a
1,323,068ASPFIX.EXE
05/07/9710:01p379,504ASP.DLL (x86)
/archive/java-fix
05/28/9702:04p
1,270,904javafixi.exe
05/23/9705:59p1,233,200win32k.sys (x86)
/dns-fix
06/09/9703:11p
177,744dnsfix_i.exe
05/30/9706:09p116,496dns.exe (x86)
/iis-fix
06/20/9702:06p
165,168iis-fixi.exe
06/20/9709:34a113,936w3svc.dll (x86)
/lsa-fix
06/25/9702:25p
220,560lsa-fixi.exe
06/25/9712:56p152,336lsasrv.dll (x86)
/archive\dblclick-fix
06/30/9709:00a
1,271,168w32kfixi.exe
06/23/9705:06p1,233,616win32k.sys (x86)
/icmp-fix
07/01/9701:38p
221,312icmpfixi.exe
06/30/9707:58p139,792tcpip.sys (x86)
/lm-fix
07/10/9704:12p
306,904disbllmi.exe
07/10/9704:40p 40,208msv1_0.dll (x86)
07/10/9704:40p 20,240nddenb32.dll (x86)
07/10/9704:41p118,544netdde.exe (x86)
07/10/9704:40p 34,576ntlmssps.dll (x86)
07/10/9704:41p 47,888security.dll (x86)
/zip-fix
07/14/9708:50a
99,576zip-fixi.exe
05/28/9712:32p13,680class2.sys (x86)
05/28/9712:33p15,248disk.sys (x86)
05/28/9712:33p 8,368sfloppy.sys (x86)
/getadmin-fix
07/15/9711:41a
1,375,936admnfixi.exe
07/11/9711:28a 935,040ntkrnlmp.exe (x86)
07/11/9711:27a 915,648ntoskrnl.exe (x86)
07/11/9710:18p 323,344user32.dll (x86)
07/12/9705:34p1,233,776win32k.sys (x86)
/winsupd-fix
08/07/9712:59p
241,664winsfixi.exe
08/05/9704:29p191,248wins.exe (x86)
/ndis-fix
08/08/9710:19a
191,776ndisfixi.exe
07/22/9706:54p130,384ndis.sys (x86)
/scsi-fix
09/05/9709:01a
91,080scsifixi.exe
07/02/9706:41p34,096scsiport.sys (x86)
/2gcrash
10/31/9704:16p
766,9282gcrashi.exe
07/29/9706:29p 40,208dumpchk.exe (x86)
07/29/9706:29p122,128dumpexam.exe (x86)
07/29/9706:29p140,048i386kd.exe (x86)
08/29/9709:36a935,872ntkrnlmp.exe (x86)
08/29/9709:35a916,032ntoskrnl.exe (x86)
07/30/9712:14p 23,312savedump.exe (x86)
/simptcp-fix
10/31/9704:17p
288,632chargeni.exe
10/21/9704:04p 44,304msafd.dll (x86)
08/06/9703:49p 20,752simptcp.dll (x86)
07/09/9706:36p139,856tcpip.sys (x86)
10/21/9704:06p 18,704wshtcpip.dll (x86)
/ide-fix
11/18/9711:38a
111,472idefix-i.exe
08/19/9712:39p 26,352atapi.sys (x86)
10/20/9710:07p 26,416atdisk.sys (x86)
/wan-fix
11/20/9711:06a
120,840wanfix-i.exe
11/17/9701:35p57,744ndiswan.sys (x86)
/roll-up
11/24/9702:49p
1,207,368roll-upi.exe
11/05/9710:50a 67,568mup.sys (x86)
11/05/9710:45a934,272ntkrnlmp.exe (x86)
11/05/9710:44a914,944ntoskrnl.exe (x86)
11/10/9711:07a705,296ole32.dll (x86)
11/07/9703:15p 37,648rpcltccm.dll (x86)
11/10/9711:07a 34,064rpcltscm.dll (x86)
11/13/9704:22p317,200rpcrt4.dll (x86)
11/13/9704:22p103,696rpcss.exe (x86)
/land-fix
11/26/9712:01p
221,368landfixi.exe
11/25/9704:54p143,472tcpip.sys (x86)
/roll-up/CLUSTER
12/10/9704:58p
2,329,344clusfixi.exe
11/04/9701:14p 43,280clusapi.dll (x86)
11/04/9701:17p 15,632clusprxy.exe (x86)
11/04/9701:16p 156,432clusres.dll (x86)
11/04/9701:13p 453,392clussvc.exe (x86)
05/28/9711:45a 68,288halmps.dll (x86)
11/04/9701:16p 21,776iisclus3.dll (x86)
10/07/9710:51a 72,464mswsock.dll (x86)
11/05/9710:50a 67,568mup.sys (x86)
12/04/9709:40p 119,856netbt.sys (x86)
11/12/9701:30p 374,096ntfs.sys (x86)
08/22/9704:37p 935,936ntkrnlmp.exe (x86)
08/22/9704:36p 916,096ntoskrnl.exe (x86)
11/10/9711:07a 705,296ole32.dll (x86)
10/07/9710:51a 40,720rnr20.dll (x86)
11/07/9703:15p 37,648rpcltccm.dll (x86)
11/10/9711:07a 34,064rpcltscm.dll (x86)
11/13/9704:22p 317,200rpcrt4.dll (x86)
11/13/9704:22p 103,696rpcss.exe (x86)
07/09/9712:58p1,233,680win32k.sys (x86)
10/22/9712:48p 59,664ws2_32.dll (x86)
10/13/9703:01p 20,240wsock32.dll (x86)
/pent-fix
12/10/9704:58p
802,792pentfix.exe
11/24/9712:24p 51,968hal.dll (x86)
11/24/9712:24p 48,384hal486c.dll (x86)
11/24/9712:25p 66,400halapic.dll (x86)
11/24/9712:24p 46,112halast.dll (x86)
11/24/9712:25p 82,208halcbus.dll (x86)
11/24/9712:25p 80,320halcbusm.dll (x86)
11/24/9712:24p 46,400halmca.dll (x86)
11/24/9712:25p 68,544halmps.dll (x86)
11/24/9712:25p 67,552halmpsm.dll (x86)
11/24/9712:26p 79,008halncr.dll (x86)
11/24/9712:25p 40,192haloli.dll (x86)
11/24/9712:25p 56,608halsp.dll (x86)
11/24/9712:25p 40,768halwyse7.dll (x86)
11/20/9706:23p938,816ntkrnlmp.exe (x86)
11/20/9706:22p918,848ntoskrnl.exe (x86)
/joystick-fix
12/10/9704:59p
66,200joy-fixi.exe
11/24/9702:48p7,760joystick.sys (x86)
/SAG-fix
12/10/9704:59p
526,072dcomfixi.exe
12/08/9710:16a680,208ole32.dll (x86)
12/08/9710:17a312,592rpcrt4.dll (x86)
12/08/9710:17a104,720rpcss.exe (x86)
/iis4-fix
12/11/9704:40p
340,848iis4fixi.exe
12/11/9709:16a 65,488afd.sys (x86)
12/01/9703:15p147,632tcpip.sys (x86)
/pptp-fix
01/08/9803:46p
103,528pptpfixi.exe
12/05/9701:47p40,144raspptpe.sys (x86)
/teardrop2-fix
01/09/9812:23p
221,464tearfixi.exe
01/09/9808:16a143,664tcpip.sys (x86)
/tapi21-fix
01/12/9810:29a
172,112tapi21fi.exe
01/05/9801:34p 140,560tapisrv.exe (x86)
415 »
Double-clicking problem with RestrictRun.
In tip 362, we
learned how to setup the RestrictRun entries in the registry.
If you are
receiving:
Restrictions: This operation has been
cancelled due to restrictions in
effect on this computer. Please contact your
system administrator.
when you
double-click on an associated document, it is probably due to the fact that the
parsing algorithm in this shell restriction does not properly deal with paths
that have spaces.
To fix the
problem for a given extension, edit:
HKEY_CLASSES_ROOT\xxxfile\shell\open\command
where xxxfile is the string associated with the extension. You can determine
this at a command prompt by typing:
assoc .EXT where
.EXT is the extension. It will return a string which you substitute for
xxxfile. Double-click the command and put quotes around the entire string:
"C:\Program
Files\JSI\Binary Files\JSITTARH.EXE %1" or change it to use the 8.3 exquivalent
(type dir /x).
416 » Suppress
the "A domain controller for your domain could not be contacted...."
message.
In tip 237, I
had documented the ReportDC registry value for preventing the subject message.
The Resource Kit is incorrect. Here is the correct procediure: On your Windows
NT 4.0 Workstation with Service Pack 3 installed, and a locally cached copy of
your profile, edit:
HKEY_CURRENT_USER\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon
Add Value name
ReportDC as a type REG_DWORD.
A data value of
0suppresses:
"A domain
controller for your domain could not be contacted.
You have been
logged on using cached account information.
Changes made to
your profile since you last logged on may not be available."
A data value of
1 does not suppress the message.
417 » How to
disable that leaky, resource stealing FindFast.
If you remove
the FindFast shortcut from the StartUp group, the index files are not removed
from your partition. The Microsoft Office apps still continue to use these old
index files whenever you use the Open dialogue box, which can cause delays in
finding documents. The proper ways to remove FindFast is:
1. Start /
Settings / Control Panel / Find Fast
2. Select an
entry in Index for documents in and below and click Delete Index from the Index
menu. Click OK until the index is deleted.
3. Repeat step 2
until Index for documents in and below is empty.
4. On the Index
menu, click Close and Stop.
5. Remove the
FindFast shortcut from the StartUp group.
418 » How do I
get IIS to play MIDI to Netscape Navigator?.
Edit
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\InetInfo\Paramenters\MimeMap
From the Edit
menu, Add Value of type REG_SZ
audio/midi,mid,,
with a blank data value and
audio/midi,midi,,
with a blank data value.
You must
shutdown and restart the server for these changes to take effect.
419 » The most
popular Knowledge Base articles are available via fax.
Microsoft has
taken the most popular Knowledge Base articles and made them available (for
free) via a touch-tone fax service.
To use the
service:
1. Dial 1 (800)
936-4400.
2. Select
Windows NT from the menu (currently option 1).
3. Enter 1 for
Catalogue Orders.
4. Enter 1 to
order items from the catalog.
5. Enter the 5
or 6 digit Q number (without the Q) followed by the # key.
6. Follow the
prompts to enter your fax number.
7. When you have
ordered all the items you want, hang up.
8. If you
experience difficulty, you can call 1 (425) 635-3199.
ARTICLE LISTING
Dial-Up
Networking
ITEM ID ARTICLE
TITLE PAGES
Q148154 RAS
Client Cannot Browse RAS Server With IPX Only 2
Q149907 Browsing
a Remote Network from a DUN Client Using Only TCP/IP 2
Q151760 Error
20091 When Client Dials RAS Server Using TCP/IP 3
Q161516
Troubleshooting Modem Problems Under Windows NT 4.0 4
Q162293
Troubleshooting RAS Client Issues in Windows NT 4.0 5
Q171015 How to
Install and Configure Windows NT 4.0 Dial-Up Networking 4
Hardware
ITEM ID ARTICLE
TITLE PAGES
Q126380
Troubleshooting CD-ROM Problems in Windows NT 4
Q139986 CD-ROM
Drive Not Recognized After Installing Windows NT 2
Q155053 Black
Screen on Boot 3
Q156344 Plug and
Play Devices Not Detected or Installed 2
Q170995 How to
Install Third-Party Network Adapter Drivers 2
Q122926
Troubleshooting STOP: 0x0000007B or "0x4,0,0,0" Error 6
Internet
ITEM ID ARTICLE
TITLE PAGES
Q121877 Using
RAS for Routing of IP Packets 23
Q152220 How to
View and Remove Information from AutoDial 4
Q156569 How to
Connect to Internet Service Providers from Windows NT 3
Q157807 Enabling
AutoDial with Internet Explorer in Windows NT 4.0 3
Q161410 How to
Set Up a Private Network Over the Internet Using PPTP 3
Q163391
Troubleshooting Problems Communicating on the Internet 8
Q169843 PPTP
Connection to Multihomed Server May Not Succeed 2
Q161986
Troubleshooting Internet Service Provider Login Problems 8
Q166090 MSN
Support in Windows NT 7
Miscellaneous
ITEM ID ARTICLE
TITLE PAGES
Q121517 How to
Recover From a Corrupt NTFS Boot Sector 7
Q124550 Err Msg:
Windows NT Could Not Start...Ntoskrnl.exe 3
Q131735 How to
Create Windows NT Boot Floppy Disks 2
Q135527 Err Msg:
Windows NT Could Not Be Started As Configured 2
Q136547
Restoring Windows NT Dual Boot After Installing Windows 95 3
Q142065
Connecting Windows NT to Windows 95 with a Null-Modem Cable 3
Q151237 Error
Message When Installing TCP/IP or Adding TCP/IP Service 3
Q166090 MSN
Support in Windows NT 7
Printing
ITEM ID ARTICLE
TITLE
PAGES
Q135406 Steps to
Manually Remove and Reinstall a Printer Driver 3
Q156082 Windows
NT Printer Driver Support 4
Q160861 Printers
May Produce Garbled Output After Print Job Is Deleted 2
Q163551 Troubleshooting
Printing Problems in Windows NT 4.0 6
Setup
ITEM ID ARTICLE
TITLE PAGES
Q100108 Overview
of FAT, HPFS, and NTFS File Systems 9
Q103049 How to
Manually Remove Windows NT 4
Q130087 How to
Troubleshoot Windows NT Boot Floppy Disk Problems 2
Q142865
Microsoft Support Policy on Hardware Not On Windows NT HCL 4
Q151414 Windows
95 Partition Types Not Recognized by Windows NT 2
Q151581 Cannot
Upgrade Windows 95 to Windows NT Workstation 4.0 3
Q154538 WinNT
4.0 Upgrade CD Will Not Upgrade WinNT 4.0 Installation 4
Q155034
Dual-Booting Between Windows NT Workstation 4.0 and Windows 95 2
Q155563 Toshiba
T4900CT Laptop Computer Hangs at NTDETECT Screen 2
Q155621
Comparison of Windows 95 and Windows NT Workstation 4.0 2
Q155717 Windows
NT 4.0 Installations Cannot Be Copied or Moved 2
Q156530 Setup
Stops When Inspecting Computer Hardware Configuration 3
Q156903 Boot
Loader Screen Keeps Repeating During Setup 2
Q160495 Err Msg:
STOP: C000026C Unable to Load Device Driver... 2
Q161703 Stop:
0x0000001E Error Message During Setup 3
Q163003 Compatibility
Tool for Microsoft Windows NT 4.0 Available 5
Q168931 Err Msg:
Setup Was Unable to Verify Your <X>: Drive 3
Q171003 Stop
0x50 Error Message While Installing Windows NT 4.0 3
Q122926
Troubleshooting STOP: 0x0000007B or "0x4,0,0,0" Error 6
Q126690 Windows
NT 4.0 Setup Troubleshooting Guide 26
Deployment and
Unattended Setup
ITEM ID ARTICLE
TITLE PAGES
Q153768 Changing
the Default Installation Drive Using Unattended Setup 2
Q155099 Creating
Network Component .inf File for Unattended Setup 4
Q155197
Unattended Setup Parameters for Unattend.txt File 36
Q155614
Unattended Installation of Microsoft Windows NT 4.0 3
Q155643 Case
Studies Available Describing Windows NT 4.0 Deployments 2
Q155644
Available Resources for Windows NT 4.0 Deployment 2
Q156654 How to
Disable the Installation of Exchange During Setup 3
Q156795 Using
Sysdiff.exe with Unattended Setup and Windows NT 4.0 5
Q156823 How to
Install an OEM Network Adapter Card in WinNT 4.0 Setup 4
Q156876 Using
UDF Files with Windows NT 4.0 Unattended Setup 4
Q157361 How to
Automatically Log On After an Unattended Setup 3
Q157576
Troubleshooting Problems Using Sysdiff.exe Tool 10
Q157920 How to
Prevent Welcome to Windows NT Screen During Setup 5
Q158447 How to
Run a Program Only Once After Unattended Setup of WinNT 5
Q158484 How to
Set the Administrator Password During Unattended Setup 2
Q159624 Err Msg:
Incorrect Arguments. Consult the Windows NT... 3
Q163303 Sysdiff
Cannot Be Used to Apply Service Pack 3
Q163554
Determining NIC Parameters for Setup Using Unattend.txt 4
Q170271
Description of Zero Admin Kit for Windows NT Workstation 4.0 4
420 » Don't
remove the Bypass traverse checking user right.
By Default,
Windows NT Workstation grants Everyone the Advanced Right to Bypass traverse checking.
If you remove
this Right, you may get a BSOD (Blue Screen of Death):
Stop 0x00000024
(0x001901f9, parameter, parameter, 0x80224493)
Under heavy
load, a zeroed IRP, causes this stop.
421 » How do I
create a Mandatory Profile for my Windows 95 users?
To create a
manadatory profile for Windows 95 users, you must perform the following steps:
1. You must
share the user home directory, not the C:\Users directory. See the The one
hidden share for each user approach in tip 400.
2. In User
Manager for Domains, set H: (or any other drive letter) to the UNC path of the
home directory (\\ServerName\UserName or \\ServerName\UserName$).
3. Grant the
user (only the user) Full Control or Change permissions on the share.
4. Create a
JSI_MODEL user and log on to the Windows 95 computer as JSI_MODEL.
5. Click Start /
Settings / Control Panel. Double-click the Passwords icon and click the User
Profiles tab. Select the Users can customize their preferences and desktop
settings. Windows switches to your personal settings whenever you log in radial
button. Click OK.
Note: This is
not the default setting.
6. Customize
JSI_MODEL with all the settings that you want for the mandatory profile and log
off to create the User.dat in JSI_MODEL's home directory.
7. On the
Windows NT Server, rename the User.dat file to User.man and copy it to each
Windows 95 user's home directory. Don't forget to configure them as per step 2.
8. When the
Windows 95 computer is restarted and a user logs on, they will receive the
mandatory profile.
422 » Freeware
SHORTCUT.EXE replacement.
In tip 177 we
talked about using SHORTCUT.EXE to disable link tracking for a shortcut.
SCUT.EXE is a
freeware program which, while not as flexible, can disable link tracking for an
entire drives shortcuts because it supports wildcards:
SCUT C:\*.LNK -s
-q will disable link tracking for all .Lnk files on the C: drive.
423 » Move your
most frequently used programs to the top of the Open With... list.
If you are tired
of scrolling that Open With list because your most often used programs are not
at the top of the list:
1. Type: Copy
"<Drive:>\Directory\ProgramName.exe"
"<Drive:>\Directory\_ProgramName.exe"
2. Type: ftype
JSIfilen="<Drive:>\Directory\_ProgramName.exe" "%1"
Example: If you
want to have Notepad and Wordpad at the top of the list:
Copy
%SystemRoot%\Notepad.exe %SystemRoot%\_Notepad.exe.
Copy
%SystemRoot%\System32\Write.exe %SystemRoot%\System32\_Write.exe.
ftype
JSIfile1="%SystemRoot%\_notepad.exe" "%1"
ftype
JSIfile2="%SystemRoot%\System32\_Write.exe" "%1"
424 » Speed up
DNS searches at your remote offices..
If you have a
server located at your remote office, you can reduce the network traffic to
your DNS Server by installing a caching only Domain Name System on each remote
site.
A caching only
server looks up names for clients and caches them. After a while, many local
requests may be satified from the local DNS cache, reducing network traffic.
To create a
caching only server on your remote server, install DNS and run the Domain Name
System Manager. Click on DNS in the menu, select New Server, and type in the IP
address of the new caching only server.
425 » When I
query the ACL of an object with CACLS, what does the (OI), (IO), (CI), and (NP)
mean?.
CACLS is an
command for querying and change the permissions of directories and files.
If you use CACLS
to query the ACLs (Access Control Lists) of a directory, it displays the
permissions of the directory. If you use a wild card, it displays the
permissions of the included directories and files.
CACLS displays
directory permissions for each user or group as two entries. The first entry
lists the file (inherited) permissions and the second lists the directory
permissions. The letters in parentheses represent the inheritance flags:
File
Permissions:
OI =
MSG_CACLS_OBJECT_INHERIT
This ACE (Access
Control Entry) is inherited by noncontainer objects, such as files created
within the
container object to which the ACE is assigned.
IO =
MSG_CACLS_INHERIT_ONLY
This ACE does
not apply to the container object, but to objects contained by it.
Normally both
references are displayed.
Directory
Permissions:
CI =
MSG_CACLS_CONTAINER_INHERIT
This ACE is
inherited by container objects, such as directories.
NP =
MSG_CACLS_NO_PROPAGATE_INHERIT
Displayed when a
permission is not to be inherited. The MSG_CACLS_OBJECT_INHERIT
and
MSG_CACLS_CONTAINER_INHERIT bits are not propagated to an inherited ACE.
A directory's
ACL will normally contain at least two ACEs. If CACLS output only contains one
ACE, then permissions for the other ACE have not been specified.
426 » How do I
remove the Documents menu from the Start button?
You can't remove
the Documents menu from the Start button, but you can keep it empty.
The Documents
menu displays the contents of the users profile Recent folder. Simply delete
the contents and set the permissions to:
System Full
Control
Creator Owner
Full Control
You can create a
batch file to do this by using the DEL and CACLS commands.
427 » Do you get
an error when you double click on a file with a known extension?.
If the path to
this file has a space in one of the directory names, and/or the path to the
.exe has a space in one of the directory names, chances are that the command
and parameter at the
HKEY_CLASSES_ROOT/string/shell/open/command
are not enclosed in double-quotes.
To find the
string, at a CMD prompt, type: assoc .ext where .ext is the extension of the
file you double-clicked. This will return the string.
Navigate to the
<No Name> value, double click it, and enclose the full path in quotes and
each parameter in quotes. Example:
C:\Program
Files\Windows NT\Accessories\wordpad.exe %1 at
HKEY_CLASSES_ROOT/Wordpad.Document.1/shell/open/command
would become
"C:\Program Files\Windows NT\Accessories\wordpad.exe" "%1"
Note: Some
programs work regardless of wether the quotes are there or not. Some programs
use 8.3 convention instead of quotes.
While your
there, if there are other Actions for this string, such as print, correct them
also.
429 » Freeware
Gina provides the ability to bypass CTRL+ALT+DEL and/or run a logoff script
and/or run a shutdown script.
If you don't
want to auto-logon (see tip 004) but would like the Logon Dialogue to appear
without the need to press CTRL+ALT+DEL and/or you want to run a script when you
logoff and/or shutdown, then the msgina.dll replacement from Alexander Frink is
for you.
Before you
download this software, you must insure that you can recover an unbootable
system, either by backing up, and/or having a dual NT boot, and/or running a
Repair from a newly created ERD. During testing, I had to boot to an alternate
NT install and load the Software hive of my unbootable install to correct an
problem I had created.
Installation and
usage:
Copy
gina_x86.dll from the archive to %SystemRoot%\System32\gina_x86.dll. Edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon
Add Value name
GinaDLL as type REG_SZ and set the string to gina_x86.dll
Add Value name
NeedCtrlAltDel as type REG_SZ:
0 = CTRL+ALT+DEL
is not required to logon. The Logon Dialogue box will automatically display.
1 = CTRL+ALT+DEL
must be pressed to receive the Logon Dialgue box. Use this setting if you also
enable auto-logon (see tip 004).
To define a
logoff script, select:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon and
Add Key using a
Key Name of Logoff. Leave Class null. Select
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon\Logoff
Add Value name
UserScript and/or SystemScript as type REG_SZ and set the string to the full
path of your .bat or .exe.
The UserScript
is run under the context of %UserName% while the SystemScript is run under the
SYSTEM context.
Optionally, Add
Value name LogFile as type REG_SZ and set it to the full path of a file that
will log the execution (The file is appended for each logout).
Optionally, Add
Value name Timeout as type REG_SZ and set it to the number of seconds that must
elapse before the hung script is terminated. A value of 0 does not cause a
timeout.
To define a
shutdown script, select:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon and
Add Key using a
Key Name of Shutdown. Leave Class null. Select
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon\Shutdown
Add Value name
Script as type REG_SZ and set the string to the full path of your .bat or .exe.
Optionally, Add
Value name LogFile as type REG_SZ and set it to the full path of a file that
will log the execution (The file is appended for each shutdown).
Optionally, Add
Value name Timeout as type REG_SZ and set it to the number of seconds that must
elapse before the hung script is terminated. A value of 0 does not cause a
timeout.
When you run
shutdown and a user is logged on, the logoff script is also run. If you run
shutdown.exe from the resource kit, the script(s) are also run.
Unistall
Instructions:
Edit
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon and
delete the GinaDLL value name.
You can
optionally delete %SystemRoot%\System32\gina_x86.dll.
430 » Prevent
users from using the Lock Workstation button on your Kiosk or in your lab.
In tip 429,
Alexander Frink brought us a msgina.dll replacement to bypass CTRL+ALT+DEL
and/or run a logoff script and/or run a shutdown script. In this tip, he
provides us a with a method of modifying our gina.dll to disable/enable the
Lock Workstation button. See the warnings in tip 429 before you download
nolockws.zip.
To implement
this change:
1. Close all
programs.
2. Copy your gina.dll
(%SystemRoot%\System32\msgina.dll or %SystemRoot%\System32\gina_x86.dll) to
c:\Temp\msgina.dll
3. Run NOLOCKWS
(You can interrupt the program at any time with Ctrl-C or Ctrl-Break):
4. At the Where
is msgina.dll located? prompt, type c:\Temp. See the readme.html (in the
archive) if your using Novell's IntraNetware Client.
5. At the Type
in exactly.... prompt, press enter if the default is correct. If you are not
using the U.S. English or the deault is not correct, see the readme.html.
6. At the Do you
want to (a)llow or (d)isallow workstation locking?, answer d, the default. Do
NOT reboot when prompted.
7. Copy the
c:\Temp\msgina.dll to %systemroot%\system32\msgina_nolock.dll
8. Edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon
and Add Value
name GinaDll as type REG_SZ and set the string to:
msgina_nolock.dll
9. Reboot.
You can allow
workstation locking by deleting the GinaDll value or setting it to msgina.dll.
431 » Freeware
Close gracefully stops an application from the command line.
The Windows NT
Resource Kit provided Kill to forceably stop an application from the command
line or batch file.
Alexander Frink
brings us close. to gracefully stop an application from the command line or
batch.
To use close:
Close
"Title Bar text"
where Title Bar
text is case sensitive and may end in a * (wildcard).
Typing Close at
a command prompt displays a short help.
432 » Where can
I place contact information for my users/clients?
You can place
contact information on the General tab of the System Properties which is
displayed when you run the Control Panel System applet.
Create a 180 x
114 .BMP file as %SystemRoot%\System32\OEMLOGO.BMP (hopefully you will do a
better job than I did).
Using a text
editor, create a %SystemRoot%\System32\OEMINFO.INI:
[general]
Manufacturer=
JSI Inc.
Model=Your
Windows NT Resource
[Support
Information]
Line1="
Free support "
Line2="for
our > $500"
Line3="
Customers"
The [Support
Information] displays when you press the Support Information button. At my
screen resolution (1152 x 882), I had no trouble fitting 16 lines of 55
characters, but your mileage will vary.
You do not need
to to logoff or restart as the information is read each time Control Panel
starts.
433 » Logon
Scripts and Directory Replication.
If you have a
BDC (Backup Domain Controller) or if you use SMS (System Management Server),
you must replicate the logon scripts.
Following is a
list of Knowledge Base articles (see tip 144) about the most common replication
problems:
Q101473 Replication Overview in the Windows NT
Operating System
Q101602 Configuring Windows NT for Replication
Q104204 Troubleshooting the Directory Replication
Service
Q132522 Quick Directory Replication Troubleshooting
Tip
Q152083 Replicator Service Failed Due to Improper
Login Account
Q120582 Directory Replicator Service Will Not
Start
Tip 273 Little Know DOS trick assists logon
scripts
If you use SMS,
the Automatically Configure Workstation Logon Scripts option allows SMS to update
the Windows NT Server scripts for each user, and to amend the NetWare system
logon scripts on all servers within the site. The SMS client software
information is passed from the site server to the SMS logon servers. When a
user logs on, the client software is installed, inventory is taken, and passed
back to the SMS logon servers and from there to the database on the site
server.
Q123318 Checklist for Enabling SMS in Logon
Scripts
Q138348 Manually Copying SMS Login Script Files
Q121388 Controlling LM and NT Logon Script
Configurations with SMS
Q150878 SMS Added to NetWare Login Script Twice
Q134970 Login Scripts are Not Modified on NetWare
Servers
Q148944 Login
Script Without Extension Will Not Be Modified
Q154722 Administrator and Guest Accounts Are Not
Modified
434 » A painless
way to get that Q#.
If you don't
have time to visit http://support.microsoft.com/support/c.asp to retrieve that
Q# (Knowledge Base Article) somebody referred you to, simply email
mshelp@microsoft.com with the Q# in the subject line. MShelp will automatically
reply with the article text.
Response time is
good.
435 » Unattended
Setup sometimes ignores Win31Upgrade=no in your unattended answer file?
If you do not
want to upgrade an existing Windows 3.x installation during Unattended Setup,
you should hava a Win31Upgrade=no in your unattended answer file.
You must also
hide the old Windows installation from Windows NT Setup. If you don't hide it,
setup will only honor your Win31Upgrade=no if it has insufficent room on the
Windows drive or if it suspects that Windows 95 is installed. If it finds
Shell32.dll, User32.dll, Kernel32.dll, and Gdi32.dll in the system directory,
it will think W95 is installed.
If setup finds
Win.com, Win.ini, or System.ini the Windows directory, and autoexec.bat in the
root, it will think Windows 3.x is installed.
Since setup only
searches for Windows in the PATH as defined in C:\autoexec.bat, the best way to
hide the Windows 3.x installation is to edit autoexec.bat and remove all reference
to Windows from the path.
436 » How do I
configure SBS to receive e-mail notification of a successful fax transmittion?
Small Business
Server
Control Panel
/Fax Server / Routing tab.
Check Allow
Routing via E-Mail and select Administrator from the Profile Name list box, and
press OK.
Double-click
Services in Control Panel.
Browse to the
Fax Service and press Stop. After it stops, press Start.
SBS Client
In Control
Panel, double click Fax Client.
On the General
tab, enter the Email Address of the user who will be sending faxes from the
workstation. Click OK.
When you send a
fax using Exchange client, Outlook client, Fax Send Utility, or File Print to
Fax from within an application, a sent confirmation will be received in your
mailbox.
This applies to
both Windows NT and Windows 95 clients.
437 » How do I
remove Dial-Up Networking from My Computer?
To remove the
Dial-Up Networking icon from My Computer, close My Computer and use
Regedt32.exe to edit:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace
As it is too
easy to mess this up, first Save Key from the Registry menu, and save a backup
copy of the NameSpace key. If you must subsequently restore, select the
NameSpace key and click Restore from the Registry menu and choose this file.
Navigate to the
{a4d92740-67cd-11cf-96f2-00aa00a11dd9} sub-key and make sure that the only
value is <No Name> of type REG_SZ with a string of Dial-Up Networking.
Select the
{a4d92740-67cd-11cf-96f2-00aa00a11dd9} key and press the Delete key on your
keyboard. Confirm the deletion and exit the Registry Editor.
Open the My
Computer folder and verify that the Dial-Up Networking link is no longer
present. If it is, logoff / logon and it should be gone.
438 » Do your
users close the logon script window?
If your users
close the logon script window, hide it.
Navigate to
HKEY_USERS\<each user>\Console
Edit or Add
Value the following two REG_DWORD values:
WindowSize and
with the Radix at Hex, set it to 050005
WindowPosition
and with the Radix at Hex, set it to 04FF06FF
This makes the
Window very small and positions it off screen so they can't see it and hence
can't close it.
If when running
a command prompt, this windows is invoked, just maximize it, right click the
title bar, and size/position it using the Layout tab in Properties. When you
click OK, check Modify shortcut....
439 »
Configuring Logon Hours from the command line.
You can use the
NET USER command:
net user
jennifer /time:M-F,08:00-17:00 /Domain
would allow
Jeniffer to logon to the server between 08:00 and 17:00 on weekdays.
The format of
the /times parameter is:
/times:{times |
all}
Specifies the
times the user is allowed to use the computer. The times value is expressed as
day[-day][,day[-day]]
,time[-time][,time[-time]]
It is limited to
1-hour time increments. Days can be spelled out or abbreviated
(M,T,W,Th,F,Sa,Su). Hours can be 12- or 24-hour notation. For 12-hour notation,
use AM, PM, or A.M., P.M. The value all means a user can always log on. A null
value (blank) means a user can never log on. Separate day and time with commas,
and units of day and time with semicolons (for example, M,4AM-5PM;T,1PM-3PM).
Do not use spaces when designating /times.
/domain
Performs the
operation on the primary domain controller of the computer's primary domain.
This parameter applies only to WindowsNT Workstation computers that are members
of a WindowsNT Server domain. By default, WindowsNT Server computers perform
operations on the primary domain controller.
440 » I can't
get NT to detect the devices in my docking station.
Some Portable
computers use a PCI bridge to link to the docking station. During installation,
Windows NT is not able to dectect devices in this type of docking station.
The HAL
(Hardware Abstraction Layer) in Service Pack 3 can detect devices across a PCI
bridge.
Create a
distribution share which contains the i386 directory or copy the i386 directory
to the local disk. Rename the following files or move them to a backup
directory:
Hal.dl_
Halast.dl_
Halcbus.dl_
Halcbusm.dl_
Haloli.dl_
Halsp.dl_
Halwyse7.dl_
Copy the
following files from Service Pack 3 (You can expand it with the /x switch):
Hal.dll
Hal486c.dll
Halapic.dll
Halast.dll
Halcbus.dll
Halcbusm.dll
Halmca.dll
Halmps.dll
Halmpsm.dll
Haloli.dll
Halsp.dll
Halwyse7.dll
When you install
Windows NT using WINNT /B /S:SourcePath, the devices in the docking station
will be detected.
441 » Automate
detection of Logon failures in a domain environment.
If you have
multiple BDCs and/or trust relationships, the logon event may be in any
%LogonServer%. Instead of checking all the Security event logs, use the
DUMPEL.EXE from the NT resource kit, vol II.
with a batch file to filter for logon
failures:
@echo off
Dumpel.exe -s
pdcname -l security -m security -e 529 539 >Drive:\Directory\failure.log.txt
Dumpel.exe -s
bdc1name -l security -m security -e 529 539 >>Drive:\Directory\failure.log
Dumpel.exe -s
bdc2name -l security -m security -e 529 539
>>Drive:\Directory\failure.log
Dumpel.exe -s
bdc3name -l security -m security -e 529 539
>>Drive:\Directory\failure.log
This will append
all Event 529s and Event 539s to the <Drive:>\Directory\failure.log file
which you can then examine for problems.
Event ID 529
Logon Failure
Reason: Unknown
user name or bad password
Event ID 539
Logon Failure
Reason: Account
locked out
Common causes
for invalid logon events are:
Someone is
entering the wrong password.
An unauthorized
individual is trying to gain access
There is a
persistent network connection with an invalid password.
There is a
service using a user account with an invalid password.
A Trust
relationship has been broken.
442 » Old
version of protocols in the registry?
When you browse
the registry or run Srvinfo.exe from the reskit on a server that was upgraded
to Windows NT 4.0, old versions of the protocols may be listed.
The following
keys were not updated during the upgrade process:
WINS CLIENT
(TCP/IP)
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\NETBT\CurrentVersion\MajorVersion
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\NETBT\CurrentVersion\MinorVersion
NETBEUI Protocol
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\NBF\CurrentVersion\MajorVersion
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\NBF\CurrentVersion\MinorVersion
NWLink NetBIOS
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\NwlnkNB\CurrentVersion\MajorVersion
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\NwlnkNB\CurrentVersion\MinorVersion
NWLINK IPX/SPX
Compatible Transport
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\NwlnkIpx\CurrentVersion\MajorVersion
HKEY_HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\NwlnkIpx\CurrentVersion\MinorVersion
Use Regedt32.exe
to edit:
MajorVersionREG_DWORD4
MinorVersionREG_DWORD0
443 » Freeware
NT User Wizard.
Microsoft has
written a freeware NT User Wizard. Here is the readme, which you can also
download:
The NT User
Wizard is an administration utility built for use with Windows NT Server 4.0.
The NT User Wizard allows you to import user lists and automatically set up
mail accounts, NT logon accounts, groups, and permissions. Save hours, even
days of time in setting up and administering accounts.
The NT User
Wizard allows you to create a single user account, or hundreds of accounts in a
single batch process. Accounts created by the NT User Wizard can incorporate
nearly all of the elements provided by the NT User Manager. In general, the
process is as follows:
1. Create a list
of users. You could do this by exporting an existing list of usernames to a
delimited text file. The NT User Wizard can import a comma- or tab-delimited
text file. If Microsoft Excel version 5.0 or higher is installed on the same
machine as the NT User Wizard, you can use any file format that Microsoft Excel
can import. Information contained in this file should at a minimum include,
FirstName, LastName, UserName and Password.
2. Start the NT
User Wizard. You must be logged on to the server as a member of the server's
local Administrator's group.
3. Choose Import
and create new user accounts from the main menu, then click on Next.
4. Click on
Browse to open the Find Import File dialog. Locate and select the import file
containing the user information for the accounts you want to create, then
choose OK.
5. Click on
Next.
6. The import
specification tells the wizard in which order the data appears in the import
file, selected in the previous step. Select the import specification associated
with your import file, or choose New to create a new import format. If you
selected new, specify which order the data appears in your import file and save
the specification under whichever name you wish. Then click on Next.
7. (optional)
Select an existing user account to use as a template for the new user accounts.
For further detailed help on the use of template accounts, please see the NT
User Wizard online help, by clicking the help button at any time.
8. Click on
Next.
9. (optional)
Select a location for the creation of user home directories.
10. Click on
Next.
11. Select the
group in which you want the new users to be added, then click on Next.
12. (optional)
Choose whether or not to create a Microsoft Exchange mailbox for each user.
This option will be available only if Microsoft Exchange 4.0/5.0 is installed
on your NT Server, and the Exchange services are running.
13. Click on
Next.
14. Click on
Finish to complete the process. The NT User Wizard will import the file, create
the users, and automatically log any errors to the NT Event Log.
In addition to
creating users, the NT User Wizard can:
1. Delete users
singly or in batch.
2. Manage groups
3. Assign
permissions to printer and disk shares
*Note: If you
already have Microsoft Communications Tools for Schools and the NT User Wizard
installed on your Windows NT Server, you do not need this NT User Wizard.
**Note:
Additional help may be obtained by clicking the Help button at any time.
444 » Bad
environment variable will prevent logon.
If Winlogon gets
an error when trying to set an environment variable, the logon will fail.
Make sure that
all the environment variable are valid and do not contain an = in the name.
445 » How to
delete a stuck print job.
Logon to the
print server with Administrative priviledges.
Close the
Printers Folder.
In Control Panel
/ Services, browse to the Spooler service and stop it.. If you are using TCP/IP
Printing Services, stop it also.
Delete the .spl
and .shd files from %SystemRoot%\System32\Spool\Printers that have the
approximate time and date of the print job causing the problem.
Restart the
sevices that you stopped.
NOTE: In some
cases, Windows NT may not allow the *.spl file(s) to be deleted or renamed.
Renaming the *.shd file and restarting the spooler service may be enough to
clear the problem.
446 » How can I
remove My Computer from the desktop?
There is no way
to remove MY Computer from the desktop without removing the entire desktop (see
NoDesktop at tip 050).
You can attempt
to hide it.
0. Drag the icon
as far to the bottom of the screen as you can.
1. Edit:
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
and empty the
<No Name> REG_SZ value.
2. Edit:
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\DefaultIcon
and set the
<No Name> REG_SZ value to a see through icon like
C:\WINNT\SYSTEM32\TWEAKUI.CPL,3
3. Logoff and
log back on. My Computer will be invisible.
447 » How can I
get Windows NT to use my keyboard layout during logon?
Edit:
HKEY_USERS\.DEFAULT\Keyboard
Layout\Preload
Double click on
1 and change the number to your local layout which is at
HKEY_CURRENT_USER\Keyboard
Layout\Preload\1.
You may also
change
HKEY_USERS\.DEFAULT\Control
Panel\International\Locale to this value but it is not mandatory.
Logoff and then
logon.
448 » Local
Group file permissions in trust relationships.
When you examine
permissions, a local group from a trusted domain has permissions on a trusting
domain, but access is denied.
Local group
permissions from one domain have no effect on permissions in another domain. If
a users only permissions to an object in a trusting domain come from their
membership in a trusted domain's local group, they do have have permission in
the trusting domain.
If SCOPY from
the Resource kit is used to copy from the trusted to the trusting domain, remove
local group permissions before using SCOPY /O.
449 » This page
has no content rating....?
Someone has set
a Content Advisor password. Exit Internet Explorer and edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ratings
Delete all the
value entries.
450 » Creating a
global Servers group in your domain can cause errors.
When you create
a global Servers group on your PDC, Windows NT Server and Workstations may be
mistaken for LanMan BDCs. This is because Windows NT will use the secure
channel account password to authenticate with the PDC. The PDC finds a matching
user account in the Servers group for the Windows NT system and considers it to
be a LanMan BDC. During challenge/response authentication, the PDC uses the user
account password instead of the secure channel password to authenticate the
Windows NT system. This causes the logon failure.
If no LanMan BDC
exists, remove the Servers group. Stop and restart the Netlogon service.
If LanMan BDCs
exist, then remove the user accounts from the Servers group for the Windows NT
systems experiencing this problem.
451 » How do I
configure supported hard drives and storage devices?
I have included
links that assist you in configuring jumper settings and other configuration information
for the following, which appear on the HCL (Hardware Compatibility List):
Storage
Configuration Information Locations
Fujitsu:
http://www.fcpa.com/supmenuhd.html
Seagate and
Conner: http://www.seagate.com/support/disc/specs/specfind.shtml
Hewlett Packard:
http://hpcc920.external.hp.com/isgsupport/index.html
I.B.M:
http://www.storage.ibm.com/storage/techsup/hddtech/hddtech.htm
Quantum:
http://support.quantum.com
Western Digital:
http://www.wdc.com/support/FAQ/jumpers.html
Maxtor:
http://www.maxtor.com/idx2.html
452 »
Synchronization failure may be due to a corrupt Netlogon.chg file on the PDC.
Synchronization
failure can be caused by:
The Read-Only
attribute could be set on %SystemRoot%\Netlogon.chg.
The
%SystemRoot%\Netlogon.chg file could be corrupted.
The permissions
for the System account on %SystemRoot%\Netlogon.chg is not Change or Full
Control.
If the
Netlogon.chg file has been corrupted:
Set the
permissions so that the %SystemRoot%\Netlogon.chg file has No Access for the
System account.
Restart the
system and delete the file when prompted.
Restart again.
The file will be recreated at startup.
453 » Error 53
after you rename a print server.
Windows NT
Service Pack 3 began writing the full UNC (Universal Naming Convention) name of
the printer in the registry. When you change the name of the server, Windows NT
does not update the registry and the printer shares no longer appear. Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\LANMANSERVER\SHARES
Double-click
each of the printers listed under the Shares key to open the Data dialog box
and update the Path= to reflect the new UNC name of the server.
454 »
Environment Variables.
Windows NT has
three levels of environment variables, the system environment variables, the
user environment variables, and the environment variables that are set in the
AUTOEXEC.BAT file. There are also some predefined environment variables that
are set when the user logs on.
System
Environment Variables
System
environment variables can be viewed in Control Panel / System / Environment.
These variables apply to all users and cannot be changed by any user. There are
some predefined variables, some of which do not appears in the System dialog
box:
USERNAME
USERDOMAIN
USERPROFILE
WINDIR
OS
Os2LibPath
Path
PATHEXT
ComSpec
PROCESSOR_ARCHITECTURE
PROCESSOR_LEVEL
NUMBER_OF_PROCESORS
PROCESSOR_IDENTIFIER
PROCESSOR_REVISION
PROMPT
HOMEPATH
HOMEDRIVE
HOMESHARE
LOGONSERVER
COMPUTERNAME
SystemRoot
SystemDrive
If the home
directory uses universal naming conventions:
HOMESHARE=\\<server
name>\<share name>
If the home
directory is a local path:
HOMESHARE=
All above
environment variables are always present and therefore may be used in log on
scripts (see tip 120 for W95 clients).
User Environment
Variables
User environment
variables can be viewed from Control Panel also. The user may add, delete or
modify the user environment variables. These variables take precedence over
system environment variables. The user path is appended to the system path.
AUTOEXEC.BAT
Environment Variables
All environment
variables and the paths set in the AUTOEXEC.BAT file are used to create the
Windows NT environment. Any paths in the AUTOEXEC.BAT file are append to the
system path.
Environment
variables are set in the following order:
- System
variables
- AUTOEXEC.BAT
variables
- User variables
The Path is
constructed by appending the User path to the System path and then appending
the path from the AUTOEXEC.BAT file.
If you type SET
from a CMD.EXE prompt, you will see the environment variables.
See tip 170 for
a freeware batch environment editor.
455 » Can't
establish a trust relationship?.
If you have
restricted anonymous logons (also known as NULL session connections), you will
not be able to have a trusting domain establish a connection to the trusted
domain. Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA
and set the
Value Name RestrictAnonymous, a type REG_DWORD to 0.
456 » Disabling
"Automatically detect slow connections".
The System
Policy Editor does not allow you to disable the "Automatically detect slow
connections" policy because of an error in the Winnt.adm file.
You can edit the
%SystemRoot%\inf\Winnt.adm file and locate:
POLICY
!!SlowLinkDetectEnabled
VALUENAME
"SlowLinkDetectEnabled"
END POLICY
Modify it as
follows:
POLICY
!!SlowLinkDetectEnabled
VALUENAME
"SlowLinkDetectEnabled"
VALUEON NUMERIC
1 VALUEOFF NUMERIC 0
END POLICY
Configure and
reapply the policy.
You can also
edit the registry at:
Hkey_Local_Machine\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon\SlowLinkDetectEnabled
and set this
REG_DWORD to 0 (a value of 1 is enabled).
457 » Can't
create or rename a new object?
Explorer first
creates the object with a default name and then must delete it during the
rename. If the account does not have delete permissions, you receive an access
denied message.
You can:
1. Add the
Creator Owner user with delete permission to that directory. This gives the
user the right to delete his or her own creations.
2. Run WINFILE,
which doesn't use a default name when creating a file.
458 » Freeware
Con2prt is useful in a logon script.
Microsoft's ZAK
(Zero Administration Kit) contains Con2Prt which "Lets the user disconnect
all existing connections to Windows NT printers and connect to newly specified
Windows NT printers". You do not need to implement ZAK to use Con2prt.
To use Con2prt
in a logon script:
copy Con2prt.exe
%SystemRoot%\Con2prt.exe
Typing Con2Prt
/h returns:
CON2PRT: Lets
the user disconnect all existing connections to Windows NT printers and connect
to newly specified Windows NT printers.
Usage: CON2PRT [
/? | /h | /f | [/c \\printserver\share | /cd \\printserver\share]+]
where:
/? - displays
usage.
/h - displays
usage.
/f - deletes all
existing printer connections.
/c - connects to
\\printserver\share printer.
/cd - connects
to \\printserver\share printer and sets it as the default printer.
NOTE: /?, /h can
only be the first parameter and if specified further interpretation of the
command line is stopped. /f can also only be the first parameter, however it
doesn't stop further interpretation of the command line. Any number of /c and
/cd parameters can be specified however only the first /cd sets the printer
specified as the default.
Hint: Use --Net
View \\printserver-- to determine available print shares.
459 » Changing a
Windows NT password.
A Windows NT
User Account password can be changed on any Windows NT computer from any other
Windows NT computer regardless of whether the User Account is on a Workstation,
a stand-alone Server, or a Windows NT domain controller.
You do not have
to be logged on from the User Account Database that contains the Username, and
you don't have to be logged on as that Username.
This is
especially useful if you want to change your password in a User Account
Database that is not in your default logon domain.
Press CTRL + ALT
+ DEL to bring up the Windows NT Security dialog box and press the Change
Password button. Enter the Username whose password you want to change. In the
From dialog box, select the Computer Name or Domain Name where the User Account
Database exists, from the drop-down list box, or type it. Type the Old Password
and New Password, and Confirm New Password.
You should
receive Your password has been changed.
This procedure
will work even if the User Right Access this computer from network is disabled
for the group Everyone. The ability to change a password without requiring the
user to be logged on allows a user to change his or her password outside of the
user's logon hours, or when the password has expired and the user is not able
to log on.
460 » How do I
schedule a job to run every hour?.
Using SOON from
the resource kit and the DOS trick from tip 273, you can create a batch job
that self schedules:
SOON 3600
"%0"
...other
commands...
exit
This
re-schedules your batch file to run again in 3600 seconds (one hour). To start
the process, use the SOON or AT command.
To Stop it from
rescheduling, type AT to get the current ID and then type:
AT
\\ComputerName ID /DELETE
461 » New PCI
device is not working or makes the system hang?.
On a
x86-processor-based computer running Windows NT, the Windows NT Hardware
Abstraction Layer (HAL) may assign an I/O port address or memory resource for
the new PCI device that overlaps with an existing PCI device, causing a PCI
resource conflict.
Normally, the
system BIOS is responsible for setting the PCI device resource requirements.
When Windows NT loads, the HAL sometimes moves the PCI device resources as they
are dynamically configurable.
To prevent the
HAL from moving PCI resources, add a /PCILOCK switch to the end of your
boot.ini file.
Note: Only those
HALs shipped by Microsoft will recognize this switch, if the system BIOS
settings appear to be correct and complete. The Windows NT 4.0 HALs that
currently have this fix are: HAL.DLL, HALMPS.DLL, and HALAPIC.DLL.
If the adding of
a PCI adapter causes the system to hang during boot, remove the PCI adapter and
reboot the system. Modify the BOOT.INI file by adding the /PCILOCK switch. Shut
down the system, add the new adapter card, and reboot the system.
Other things you
can try are:
- Insert the PCI
adapter card in a different PCI slot.
- Change the
driver load order for the conflicting PCI adapters. This is not always possible
when the types of drivers loaded have to be in a pre-determined order.
462 » How do I
move scheduled jobs to a different "Server"?
If you need to
take a computer offline, it may be useful to copy the scheduled jobs to another
server.
Note: In
addition to the procedure describe below, you will have to manually copy
programs and files used by the scheduled jobs.
To move the
schedule from MachineA to MachineB:
On MachineA:
Use Control
Panel / Services to navigate to the Schedule Service and Stop it.
Run Regedit.exe
and navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule
On the Registry
menu, choose Export Registry File and save the file as MachineA on a share
accessible to both servers or on removeable media.
Start the
Schedule Service.
Use a text
editor (Notepad) to edit the MachineA.reg file created and remove the
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule]
line and the Values listed below it, so that only the sub-keys of the Schedule
Service and their Values remain. Example:
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule\22CDB7B4]
"Schedule"=hex:c0,42,c0,00,00,00,00,00,40,01,00,00
"Command"="\"C:\\Program
Files\\NAVNT\\navwnt\" /L"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule\4DCBA1C7]
"Schedule"=hex:00,7c,92,00,00,00,00,00,00,00,00,00
"Command"="C:\\scrnsave.cmd"
Change the
sub-keys so that they are unique on MachineB. I prefer to just number them.
This makes them easily identifiable for subsequent removal. Example:
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule\001]
"Schedule"=hex:c0,42,c0,00,00,00,00,00,40,01,00,00
"Command"="\"C:\\Program
Files\\NAVNT\\navwnt\" /L"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule\002]
"Schedule"=hex:00,7c,92,00,00,00,00,00,00,00,00,00
"Command"="C:\\scrnsave.cmd"
On MachineB:
Use Control
Panel / Services to navigate to the Schedule Service and Stop it.
Double click the
MachineA.reg file to install it.
Start the
Schedule Service.
463 » How do I
get a specific BDC to validate my logon using TCP/IP?
Many factors go
into determining which Domain Control will validate a logon. Here is a number
of methods that help insure that a specific Domain Controller on a local
sub-net validates the logon:
1. Use
Regedt32.exe to browse:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetBT\Parameters
Edit or Add
Value the following type REG_DWORD values:
NodeType - set
to a 4 (m-node/mixed node).
EnableLMHOSTS
set to a 1 to enable LMHOSTS.
2. Use a true
ASCII editor like Edit from a cmd prompt (not NotePad) to edit:
%SystemRoot%\system32\drivers\etc\LMHOSTS
(you may need to copy LMHOSTS.SAM) and add an entry at the top for the BDC:
IP_ADDRESS_OF_BDC
"DOMAINNAME \0x1C" #PRE where the entire entry in quotes is exacly 20
characters.
Make sure there
are a few (3 or 4) blank lines at the bottom of the file.
Then type
NBTSTAT -R (use exact case) to reload the LMHOSTS file and NBTSTAT -c to verify
that the 1C entry is in the cache.
You can either
reboot the client or use NLTEST or NETDOM from NT resource kit, vol II.
NLTEST
/SC_QUERY:<DOMAINNAME> to check and NLTEST /SC_RESET:<DOMAINNAME>
to reset the secure channel.
NETDOM
/Domain:<DOMAINNAME> MEMBER <YourComputer> /JOINDOMAIN to reset the
secure channel.
464 » ACE
(Access Control Entry) limit.
If you exceed
the 1,820 ACE limit in an ACL (Access Control List), you may receive the
following error message:
You have
exceeded the operating system's limit on the number of users and groups that
can be in a security information structure. Remove some users or groups and try
the operation again.
When using
Cacls.exe, you may receive the following error message:
The parameter is
incorrect.
465 » Using
Sc.exe and Netsvc.exe to manage a remote service.
NT resource kit,
vol II contains many new and updated
utilities.
Sc.exe is a tool
that provides a way to communicate with the Service Control Manager to
retrieve/manage information about services.
Netsvc.exe is a
tool to remotely start, stop, and query the status of services from the command
line.
You can use
these tools to configure the Startup of a service and to remotely Start and
Stop a service while registering the change with the Services Control Manager,
as long as you have Admin priviledges on both machines.
The following
example will configure the Schedule service on \\NTWORK1 to start
Automatically, start it, check it's configuration and status:
sc \\NTWORK1
config Schedule start= auto
[SC]
ChangeServiceConfig SUCCESS
netsvc /start
\\NTWORK1 "Schedule"
Service is
pending start on \\NTWORK1
sc \\NTWORK1 qc
Schedule
[SC]
GetServiceConfig SUCCESS
SERVICE_NAME:
Schedule
TYPE : 10
WIN32_OWN_PROCESS
START_TYPE : 2
AUTO_START
ERROR_CONTROL :
1 NORMAL
BINARY_PATH_NAME
: C:\WINNT\System32\AtSvc.Exe
LOAD_ORDER_GROUP
:
TAG : 0
DISPLAY_NAME :
Schedule
DEPENDENCIES :
SERVICE_START_NAME
: LocalSystem
netsvc /query
\\NTWORK1 "Schedule"
Service is
running on \\NTWORK1
466 » How do I
manually add support for multi-processing?
The simplest way
to add support for multi-processing is to use UPTOMP from the resource kits.
To do it manually:
1. Backup.
2. Generate an
new ERD by running RDISK /S.
3. Install a
copy of Windows NT to a seperate folder (a seperate drive would be preferable).
4. Boot your new
install and rename the following files in your original %SystemRoot%\System32
folder:
Ntoskrnl.exe
Hal.dll
Kernel32.dll
Ntdll.dll
Winsrv.dll
Win32k.sys (additional file in Windows
NT 4.0 only)
NOTE: Some
Compaq computers require a different HAL -- Halsp.dll. Refer to the latest
Compaq Software Support Disk SSD for details.
5. Determine
which multiprocessor HAL your computer requires using the following list:
Halast.dll = "AST Manhattan SMP"
Halsp.dll = "Compaq SystemPro Multiprocessor or 100%
Compatible"
Halcbus.dll = "Corollary C-bus Architecture"
Halmca.dll = "IBM PS/2 or other Micro Channel-based PC"
halmpsm.dll = "Micro Channel Multi Processor PC"
Halapic.dll = "MPS Uniprocessor PC"
Halmps.dll = "MPS Multiprocessor PC"
Halncr.dll = "NCR System 3000 Model 3360/3450/3550"
Haloli.dll = "Olivetti LSX5030/40"
Hal.dll = "Standard PC"
(single processor HAL)
Hal486c.dll = "Standard PC with C-Step i486"
Halwyse7.dll = "Wyse Series 7000i Model 740MP/760MP"
Copy the
Ntkrnlmp.exe file, Ntdll.dll, and the appropriate HAL file from the Windows NT
CD-ROM,
or expanded
service pack, to the %SystemRoot%\system32 folder of your original Windows NT
installation,
and then rename
Ntkrnlmp.exe to Ntoskrnl.exe and the Hal to Hal.dll.
6. Using the
same source location:
expand kernel32.dl_
%OriginalSystemRoot%\system32\kernel32.dll
expand winsrv.dl_
%OriginalSystemRoot%\system32\winsrv.dll
expand Win32k.sy_ %OriginalSystemRoot%\system32\Win32k.sys
7. Edit
%OriginalSystemRoot%\Repair\Setup.log and change the Hal.dll and NToskrnl.exe
lines to reflect the changes that you just made.
If you want to
remove this maintenance copy of Windows NT, boot the 3 setup floppies and
choose repair. Repair only the boot records. When you boot your original
install, you may delete the new install folder.
8. Reapply your
hotfixes, if they contain any of these files.
9. When you boot
your original install, generate an new ERD by running RDISK /S.
467 » Is your
NETDDE application limited to 16 nodes?
By default,
NETDDE applications are limited to 16 connections. When the application
attempts the 17th connection, it will fail and post an error to the event log.
You can set the
number of connections by navigating to:
HKEY_LOCAL_MACHINE\Software\Microsoft\NetDDE\Parameters\NetBIOS
Edit or Add
Value a type REG_DWORD named MaxSessions and set it, using the Decimal Radix,
to a data value between 0 and 254.
A data value of
0 defaults to 16, as does a missing entry.
You will need to
reboot.
468 » Internet
Explorer can not open a secure site.
If you receive
Internet
Explorer cannot open the Internet site https://<address>.
An error
occurred in the secure channel support.
This may be due
to reinstalling Service Pack 3 for Windows NT 4.0 after you installed Internet
Explorer.
To fix this:
Click Start and
Run and type:
regsvr32
rsabase.dll and then click OK.
If you reapply
Service Pack 3 for Windows NT 4.0 after IE is installed, choose No when you are
prompted to replace newer files.
469 » Windows 95
Print jobs (to an NT printer) don't, and disappear.
The Windows NT
print processor may be set to NT EMF 1.003.
Configure the
printer to use the RAW Datatype by clicking Start / Settings / Printers and
right-click the printer, and click Properties. On the General tab, click Print
Processor.
470 » How to
launch a program before the shell (Explorer) starts.
In tip 074, I
explained how to change the Shell for selected users.
Using the same
technique, you can launch an application before the Shell, so as to avoid any
interaction with it.
Leaving the
Shell as Explorer.exe, edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\Userinit
Double-click
Userinit and change the string which begins with USERINIT,NDDEAGNT.EXE..... to
YourOwn.exe,NDDEAGNT.EXE..... or YourOwn.bat,NDDEAGNT.EXE.....
Place your EXE
or BAT file in the %SystemRoot%\System32 directory.
Since USERINIT
is responsible for executing the shell program, you must start it yourself at
the end of your program or batch file.
Explorer.exe is
the standard shell in Windows NT 4.0. It can operate in either of two modes:
Browser mode
Shell mode (to
manage the desktop, taskbar, and Start button)
When USERINIT
launches Explorer.exe, Explorer.exe checks that no instances of Explorer.exe
are running and that it is the Shell. If both conditions are true, it starts in
shell mode.
Example: (we
changed the registry entry to USERINIT.BAT,NDDEAGNT.EXE.....)
@echo off
REM JSI
USERINIT.BAT
call
%SystemRoot%\System32\DelTemp.bat
%SystemRoot%\System32\Userinit.exe
exit
where
%SystemRoot%\System32\DelTemp.bat contains:
@echo off
RD /q /s C:\Temp
MD C:\Temp
Note: Don't use
an Exit command in any called batch file.
Your EXE or BAT
file will execute without any interaction with the Shell.
471 » How do I
allow ordinary users to monitor server performance?
Grant read
access to the following server files:
%windir%\system32\PERFCxxx.DAT
%windir%\system32\PERFHxxx.DAT
where xxx is the
basic language ID for the system, 009 for English
(subtract 400
from HKEY_USERS\<SID of local server user>\Control
Panel\International\Locale).
If the files are
missing or corrupt, expand them from the cd.
Using REGEDT32,
give the user at least READ access to:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Perflib and all its' sub keys and to
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurePipeServers\winreg
When adding
objects to monitor, the user can select the \\Server.
472 » STOP or
error when using Performance Monitor.
When you use
Performance Monitor to monitor a computer (either locally or from a remote
computer), the monitored computer may experience a STOP:0xC000021A or you get
WinLogon.exe
App. Error - The instruction at xzzzzzzzz referenced memory at xyyyyyyyy. The
memory could not be read. Click OK to terminate the app
when you add an
object.
This normally
indicates a problem with an extensible Performance Counter overwriting its'
buffers.
Disable the
malfunctioning performance counter's .dll by renaming or removing its entry
from the Windows NT registry. Use Regedt32 to browse to:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
Click Find Key
on the View menu and enter performance and press Find Next. For each
performance key, select the Library value and modify the library name by
prefixing it with xx so that name.DLL becomes xxname.DLL.
Now find the
next performance key and repeat the process. When you have changed all the
performance keys, restart Performance Monitor. If it works, restore the first
library value and retry Performance Monitor until you locate all the failing
counters.
If you have
Exctrlst.exe from the resource kits, you can get a list of all the extensible
counters in the registry, making your task somewhat easier.
473 » Do PCL or
PostScript codes print using the Line Printing Demon (LPD) service?
You can ignore
format control commands for Line Printer Remote (LPR) clients and always assign
the RAW datatype by editing:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LPDSVC\Parameters
Add Value name
SimulatePassThrough of type REG_DWORD and set it to 1.
A data value of
0 (the default), instructs the LPD service to assign a datatype based on the
control commands.
474 »
%SystemRoot% is not expanded in the Path.
When you type
SET or PATH at a command prompt, you notice that the %SystemRoot% environment
variable has not been expanded. To correct this problem, edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session
Manager\Environment\Path and make sure that Path is a type REG_EXPAND_SZ.
If it is not,
double click on Path and press Ctrl / C to copy the string to the clipboard.
Delete the Path value and re-add it using Add Value. Set the type to
REG_EXPAND_SZ. Paste the string by pressing Ctrl / V. Now edit:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\SystemRoot and make sure that this REG_SZ value conains the
proper path (C:\WinNT).
475 » What is
the proper way to change a domain name?.
A domain is
identified by its' NetBIOS name and by a Security Identifier (SID). Since most
security features and Access Control Lists (ACLs) use the SID, you can change
the domain name if you follow proper procedure. This applies to a single
domain, an accounts domain or a resource domain in a network using the master
domain model.
Some BackOffice
products are adversely affected by renaming a domain so please read this tip
before making any changes.
Note: During the
course of this procedure, do NOT install any domain controller and do not
promote any domain controller. Do NOT manage any users. All clients should be
logged off.
It would be wise
to backup and to generate a new ERD before and after the change.
Have a copy of
the 3 setup disks, the NT Server CD, and your latest Service Pack and Hotfixes
available.
If you have
NETDOM from the nt resource kit, vol II, you can change the domain name
remotely without a visit to each computer involved.
Document and
then break all trust relationships between the domain whose name you will be
changing and all other domains. Be sure to remove the trust entry on both sides
of the trust (in User Manager for Domains for both domains in the trust).
Stop all
BackOffice services such as Microsoft Exchange Server, SQL Server, and Internet
Information Server. Set startup to manual on all these services. Change the
domain name on the PDC (Control Panel / Network / Identification).
Restart the PDC.
This will cause the <1Bh> entry for the new domain to appear in the WINS
server.
If you are using
WINS for NetBIOS over TCP/IP name resolution, force replication from the PDC's
primary WINS server to all other WINS servers to propagate the <1Bh>
entry for the new domain. Name resolution to the PDC is necessary for each BDC
to successfully change to the new domain name. If you are using TCP/IP without
using WINS, create an LMHOSTS file with a <1Bh> entry for the new domain
and put it on each BDC (IP_ADDRESS_OF_DC "DOMAINNAME \0x1b" #PRE
where the entire entry in quotes is exacly 20 characters - see tip 463).
On each BDC,
change the domain name and restart. The restart is necessary for the BDC to
correctly register its <1Ch> entry with WINS.
Force
replication from all WINS servers to propagate the <1Ch> entry.
Reestablish the
trust relationships. Using Server Manager, synchronize both domains involved in
each trust.
Using Control
Panel / Services, browse to renter the account for each BackOffice service that
was stopped and reconfigure its' Startup. Start the services in the correct
order.
Service accounts
are stored textually in the Service Control Manager database, not as SIDs.
Therefore, any services, on any computer, that use domain user accounts as
their service account will have to be manually adjusted. The Sc.exe utility
from the Windows NT Server Resource Kit may be useful for making this change on
remote computers.
If you are using
integrated security in SQL Server, you will need to reset the "Default
Domain" field in SQL Security Manager. If the users are not part of the
"Default Domain" you may need to remove and re-add users and groups
from the renamed domain or local groups containing groups from the renamed domain.
Microsoft Exchange
Server service accounts will need to be reassociated with the new domain name.
You will need to change the default Windows NT domain name to the new domain
name in the Exchange Administrator program, select Tools, select Options, and
then click the Permissions tab. Security settings on all Exchange Server public
folders will be lost. Before renaming the domain, use the command line utility
Pfadmin.exe to export the public folder security settings to a text file to
make reconstruction of the permissions easier.
If Systems
Management Server primary or secondary sites exist in the domain that is being
renamed, Systems Management Server will have to be uninstalled and then
reinstalled with the new domain name. You will not be able to restore the
existing Systems Management Server database after reinstallation; you will have
to start with a clean database. If the domain being renamed is part of an
Systems Management Server site but has no primary or secondary sites located in
it (only logon servers and clients), the domain should be removed from the site
prior to the name change and added back into the site after the change. Please
refer to the Systems Management Server Installation and Configuration Manual,
Chapter 3, "Adding Domains, Servers, and Clients."
If you are
running Internet Information Server, you may need to change the account
specified in virtual paths.
Change the
domain name on each member server or workstation. For clients such as Windows
95 or Windows for Workgroups, change the workgroup name to the new domain name.
Check all batch
files for domain names.
Synchronize the
entire domain.
Any problems you
encounter on a BDC are likely to be name resolution or synchronization
problems. Use Server Manager to sync it with the PDC and/or fix the LMHOSTS
file.
476 » Service
doesn't start error.
If you receive:
At Least One
Service or Driver Failed... and event viewer has:
Could not start
<service name> service on \\<computer name>
Error 0005:
Access is Denied
and/or
Event ID: 7000
Source: Service
Control Manager
Description:
<service name> service failed to start due to the
following error:
The system cannot find the file specified.
it may be
because the <service name> is a long name with spaces. To check/fix the
problem, edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\<service
name>
if there are
spaces in the data value string, double click it and put a " at the
beginning and end of the string.
477 » Are group
policies ignored on your Windows 95 client?
if group
policies are ignored, but all other policies work as expected:
1.Grouppol.dll
is not in the \WINDOWS\SYSTEM directory.
2. The group in
question is not a Global Group. (or group priority isn't set in correct order)
3. The policy
file for a specific user exists which overwrites the group policy.
4. The registry
has not been updated to include the grouppol.reg entries.
These entries
can be added by "double-clicking" on the grouppol.reg file. If you
don't have the grouppol.reg file, add them manually on the client:
- Registry key:
HKEY_LOCAL_MACHINE\Network\Logon
Value name
(STRING): PolicyHandler
Value data:
GROUPPOL.DLL, ProcessPolicies
- Registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSNP32\NetworkProvider
Value name
(STRING): GroupFcn
Value data:
GROUPPOL.DLL, NTGetUserGroups
- Registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NWNP32\NetworkProvider
Value name
(STRING): GroupFcn
Value data:
GROUPPOL.DLL, NWGetUserGroups
478 » Logon
failures on BDC due to secure channel problem.
The NETDOM
utility from NT resource kit, vol II makes it easy to reset the secure channel
of the BDC. If the NetLogon service on the BDC cannot start due to a secure
channel problems, NETDOM is the simplest solution.
The BDC secure
channel can be reset by typing:
NETDOM BDC
JSIBDCn /RESET
You can run this
on the PDC, BDC, or any member of the domain, provided that you are logged on
with administrator priviledges.
The output looks
like:
NetDom 1.2
@1997.
Querying domain
information on computer \\JSIBDCn ...
The computer
\\JSIBDCn is a domain controller of JSIINC.
Searching PDC
for domain JSIINC ...
Found PDC
\\JSIPDC
Verifying secure
channel on \\JSIBDCn ...
Verifying the
computer account on the PDC \\JSIPDC ...
The computer
account for \\JSIBDCn doesn't exist or has an invalid password.
Resetting secure
channel ...
Changing
computer account on PDC \\JSIPDC ...
Stopping service
NETLOGON on \\JSIBDCn .... stopped.
Starting service
NETLOGON on \\JSIBDCn .... started.
The BDC
\\JSIBDCn secure channel was reset successfully.
Logoff/Logon
\\JSIBDCn to take modifications into effect.
The above
command resets the BDC secure channels only if required. If the password for
the BDC secure channel was good, then you receive:
NetDom 1.2
@1997.
Querying domain
information on computer \\JSIBDCn ...
The computer
\\JSIBDCn is a domain controller of JSIINC.
Searching PDC
for domain JSIINC ...
Found PDC
\\JSIPDC
Verifying secure
channel on \\JSIBDCn ...
Verifying the
computer account on the PDC \\JSIPDC ...
Secure channel
checked successfully.
479 » How to I
create a printer panel (Start/Settings/Printers) on my desktop or Start Menu?
Right click the
desktop and choose New and Folder. Name the folder:
Printers.{2227A280-3AEA-1069-A2DE-08002B30309D}
If you want it
on your Start Menu, see tip 051.
480 » Win 95
client network logon hangs in MPREXE (on W95).
This is almost
always a corrupt .pwl file.
Delete all .pwl
files and restart W95.
481 » I can not
select a print monitor in Print Manager.
If you are
unable to select a print monitor, it is most likely that the Spooler service is
not configured to interact with the desktop.
In Control Panel
/Services, scroll to Spooler and stop it. Configure Startup to be Automatic,
use the System Account, and interact with the desktop. Start the Spooler
service.
If you find
invalid network printer port names, you can delete them in Print Manager.
482 » How do I
open a file with a different program than the one normally associated?
In Explorer,
select the file and hold down the Shift key while you right click. Choose Open
with ...
Be carefull to
uncheck the Always use this program... if it is checked, unless you wish to
change the association.
483 » How can I
hide files from Explorer and/or Dir?
If you want to
hide files from everyone and you have an NTFS partition, you can do it by using
streams. NTFS allows a file to have multiple streams using
<filename>:<StreamName> syntax.
Open a CMD
prompt and type:
notepad
"MyFile.txt"
You will be
prompted to create it. Click Yes. Enter some text and save the file. Do a DIR
and record the size of the file. Now type:
notepad
"MyFile.txt:secret"
You will be
prompted to create it. Click Yes. Enter some text and save the file. Now type:
notepad
"MyFile.txt:HideMe"
You will be prompted
to create it. Click Yes. Enter some text and save the file. Now type:
DIR MyFile.txt
You will see
that the streams are invisible and that the file size is the same as you
originally recorded. Likewise, you will not see them in Explorer.
You may read/edit
your data by typing:
notepad
"MyFile.txt:secret"
The only way I
know to remove the streams is to copy the file to a FAT partition and then back
again:
Copy MyFile.txt
A:\
Copy
A:\Myfile.txt MyFile.txt
A copy from an
NTFS partition to an NTFS partition will preserve the streams.
484 » How do I
disable the the Windows key on my Kiosk?
In various tips
on these pages, you learned how to really lock down that desktop. You have
eliminated everything except the allowed applications, removed the taskbar,
elimated right click context menus, removed the run command, and you even
removed all desktop icons. You're sitting pretty.
Then you observe
junior press the WIN + E keys and launch Explorer (see tip 061) and all your
hard work is down the tubes.
You were about
to commit Hara-kiri when out of the blue, JSIman comes to the rescue. He
gentley brushes junior aside, navigates to Regedt32.exe, and edits:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard
Layout
He uses Add
Value to add Scancode Map as a type REG_BINARY and enters
00000000000000000300000000005BE000005CE000000000
Then he reboots
the Kiosk and junior is foiled, no Windows key. He hands me a Regini script
\Registry\Machine\SYSTEM\CurrentControlSet\Control\Keyboard
Layout
Scancode Map =
REG_BINARY 24 \
0x00000000
0x00000000 3 \
0xE05B0000
0xE05C0000 \
0x0
and a winkey.reg
file
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard
Layout]
"Scancode
Map"=hex:00,00,00,00,00,00,00,00,03,00,00,00,00,00,5b,e0,00,00,5c,e0,\
00,00,00,00
and shouts, use
whichever you prefer, as he disappears in a flash before you can thank him and
order a resource kit (his costume was looking a little tattered).
Relieved, you
figure out that if you every want to enable the Windows key, you can just
delete the Scancode Map value name and reboot.
485 » You have
Operator Assisted and/or Manual Dialing set, but RAS doesn't prompt.
You have
Unimodem support enabled. To disable Unimodem support, see tip 234.
486 » You
deleted the %SystemRoot%\Repair directory and/or %SystemRoot%\Repair\Setup.log.
You must be
running NT 4.0. At the end of this fix, you will have applied Service Pack 3
(or later).
Install a
maintenance copy of NT (preferably on a different drive) and call it NTMAINT.
You will need ~160MB of free space but the folder may be compressed afterwards.
If you don't intend to keep NTMAIN after the fix, first:
attrib -r -s -h
c:\boot.ini
copy c:\boot.ini
c:\boot.bak
Apply SP3 (or
later) to NTMAINT.
Do an update
install of your original installation.
Boot to NTMAINT
(first entry on the boot menu) and:
copy
<Drive:>\NTMAINT\System32\Samlib.dll
<Drive:>\WinNT\System32\Samlib.dll
copy
<Drive:>\NTMAINT\System32\Samsrv.dll
<Drive:>\WinNT\System32\Samsrv.dll
copy
<Drive:>\NTMAINT\System32\winlogon.exe
<Drive:>\WinNT\System32\Winlogon.exe
Boot to the
original install (third menu item)
Reapply the
latest Service Pack.
If you intend to
delete NTMAIN:
attrib -r -s -h
c:\boot.ini
copy c:\boot.bak
c:\boot.ini
attrib +r +s +h
c:\boot.ini
and then delete
NTMAIN
If you want to
keep NTMAIN, use Control Panel / System / Startup/Shutdown to change the
default to your original install. Then:
attrib -r -s -h
c:\boot.ini
Edit boot.ini at
rearrange the entries and change the text of the NTMAIN entries to NTMAIN.
Then:
attrib +r +s +h
c:\boot.ini
487 » What is
the MFT (Master File Table) and how can I manage it?
The MFT is the
heart of an NTFS partition. There is at least one entry in the MFT for every
file on an NTFS volume. All the information about a file, including its' size,
time and date stamps, permissions, data content, etc. are stored in the MFT (or
in space described by the MFT).
To prevent
fragmentation of the MFT, NTFS reserves space for the MFT in an effort to keep
it as contiguous as it grows. This is important because defraggers can not move
MFT records and fragmentation of the MFT can severely impact performance.
When you add
files to an NTFS volume, entries are added to the MFT. When files are deleted
from an NTFS volume, their MFT entries are marked as free and may be reused,
but the MFT does not shrink. Thus, space used by these entries is not reclaimed
from the disk.
NTFS reserves a
percentage of the volume for exclusive use of the MFT. Space for files and
directories will not be allocated from this MFT zone until all other space is
allocated first. Depending on the average file size and other variables, either
the reserved MFT zone or the unreserved space on the disk may be filled first.
Volumes with a few large files will exhaust the unreserved space first, while
volumes with a large number of small files will exhaust the MFT zone space
first. When either the MFT zone or the unreserved space fills, fragmentation of
the MFT starts. If the unreserved space becomes full, space for user files and
directories will be allocated from the MFT zone. If the MFT zone becomes full,
space for new MFT entries will be allocated from the remainder of the disk.
You can impact
the amount of space NTFS reserves for the MFT by editing:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\FileSystem
Add Value name
NtfsMftZoneReservation as a type REG_DWORD and set the data value. The valid
range is 1 - 4.
1-The minimum
percentage (undocument and changing in SP4) will be used.
4-The maximum
percentage will be used.
The ratio
between these values is also undocumented and will also change with SP4.
NOTE: This is a
run-time parameter and does not affect the format of a volume. It affects the
way NTFS allocates space on all volumes. To be completely effective, this entry
should in effect at the time you format a volume.
488 » Your
desktop has gone blank.
In tips 246,
358, and 065, we discussed various reasons for a blank desktop. Here is another
one:
You installed
ZAK (Zero Administration Kit) for Windows 95 to a server based installation
point. This creates a ZAK95\Setup\Win95 directory which includes two W95
executables, Runshell.exe and Rsreset.exe. If you run either of these programs
on Windows NT (or double-click them), they proceed to modify:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Shell
changing this
REG_SZ string to Runshell.exe which causes the blank user interface.
The standard
Shell is:
Windows NT 4.0 shell: EXPLORER.EXE
Windows NT 3.51 Shell: PROGMAN.EXE
You can fix this
by editing the registry remotely, loading hive from an alternate install,
running the REG from tip 170 or running Regedit in batch, just to name a few.
489 » How can I
disable Start / Help ?.
You can't. When
you use Start / Help, Explorer (the Shell), runs
%SystemRoot%\System32\WinHlp32.exe
which opens
%SystemRoot%\System32\Windows.hlp.
By replacing the
Windows.hlp with an inconsequential help file, you have essentially disabled
Start / Help.
Download ZAK.zip
(from the Zero Administration Kit)
and copy the
unzipped ZAK.HLP to %SystemRoot%\System32\Windows.hlp.
When a user
clicks Start / Help, they will receive:
Zero
Administration Kit Message
The standard
Windows NT 4.0 online Help has been disabled by your administrator.
490 » How big
can I configure an event log?
While you can
configure each of the 3 logs to be 4GB, the actual implementation limits each
log to ~300MB.
You should back
up and empty the event log on a schedule that will prevent the log from filling.
You can use the
NT resource kit.
491 » How can I
relocate the event logs?
By default, the
event logs are stored in the %SystemRoot%\System32\Config folder. You can alter
the location and/or file name by editing:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EventLog
Double click
this key to display the 3 log sub-keys. Select the log you wish to relocate and
in the right hand pane, double click the File value which is a type
REG_EXPAND_SZ. Change this string to the full path of the new location/name.
I suggest that
you reboot.
492 » Pop-up
error when copying files over a slow link?
If you receive a
pop-up message, Cannot complete input operation, when copying files over a slow
link, it is probable that your session has timed out.
You can increase
the the amount of time that NetBIOS uses before timing out by editing:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters
Double click on
SESSTIMEOUT and set this REG_DWORD value to a decimal number between 10 and
65,535. The default is 45 seconds.
Windows NT uses
a dynamic SMB response timer algorithm. The redirector determines the bytes per
second rate and calculates how long the transfer should take. It adds this to
SESSTIMEOUT which you can think of as a safety factor.
493 » Windows NT
Command Extensions.
Command
Extension are automatically enabled in Windows NT. You can alter this behavior
of the command enterpreter with the following switches:
CMD /y Disable
extensions to the Windows NT version of CMD.EXE
CMD /x Enable
extensions to the Windows NT version of CMD.EXE
You may also
edit:
HKEY_CURRENT_USER\Software\Microsoft\Command
Processor\EnableExtensions
Setting this
REG_DWORD value to 0 disables Command Extensions for all CMD.EXE sessions (a 1
enables them).
The command
extensions involve changes and/or additions to the following commands:
DEL or ERASE
COLOR
CD or CHDIR
MD or MKDIR
PROMPT
PUSHD
POPD
SET
SETLOCAL
ENDLOCAL
IF
FOR
CALL
SHIFT
GOTO
START (also includes changes to external
command invocation)
ASSOC
FTYPE
To get the
details, type HELP <CommandName>.
494 » How to
parse a batch parameter.
When you invoke
a batch file with a parameter (%1), you are able to parse it to extract
meaningfull information (if Command Extension are enabled). See the following
examples:
Parameter D e s
c r i p t i o n
%1 The normal
parameter.
%~f1 expands %1
to a fully qualified path name.
%~d1 expands %1
to a drive letter only.
%~p1 expands %1
to a path only.
%~n1 expands %1
to a file name only (prefix)
%~x1 expands %1
to a file extension only.
%~s1 changes the
meaning of n and x options to reference the short name.
You can use
these modifiers in combination:
Parameter D e s
c r i p t i o n
%~dp1 expands %1
to a drive letter and path only.
%~nx1 expands %1
to a file name and extension only.
See tips 523 and
273.
495 » How do I
manage Domain Synchronization over a slow link?
You can reduce
the network traffic caused by replication by configuring the
ReplicationGovernor on each BDC (Backup Domain Controller) if the PDC (Primary
Domain Controller) is running NT 3.5 or later.
The
ReplicationGovernor defines the size of the data transferred on each call to
the PDC and the frequency of the calls. When you adjusting the
ReplicationGovernor:
It reduces the
size of the buffer used on each call from the BDC to the PDC,
so that a single
call does not occupy the WAN link for too long.
It causes
NetLogon to hibernate between calls, so other applications can access the WAN
link.
Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
From the Edit
menu, Add Value as a type REG_DWORD. ReplicationGovernor is a percentage (0 -
100) of the 128KB buffer size and that same percentage of WAN usage. The
deafult is 100%.
If you set
ReplicationGovernor to 50, synchronization will use a 64KB buffer (128 x 0.50)
and will only have an call on the net for a maximum of 50 percent of the time.
If you set
ReplicationGovernor too low, synchronization may never complete.
496 » How can I
prevent users from running Explorer.exe?
Even if you
Locked down that desktop and are using RestrictRun, educated users can still
gain access to Explorer by inserting an object (Explorer.exe) from a Microsoft
Office application.
To prevent this,
remove the Read (R) permission (retain the Execute (X) permission) from the
Everyone Group. If the file can not be read, they can't insert an object, yet
the Execute permission still allows Explorer to function as the shell.
In Explorer,
highlight %SystemRoot%\Explorer.exe, right-click, and select Properties /
Security / Permissions. Double-click the Everyone Group and clear the Read(R)
attribute in the Special Access dialog box. You can also use XCACLS from the NT
resource kit, vol II.
xcacls.exe
explorer.exe /t /e /p everyone:x
497 » How can I
make Explorer Icons bigger?
In Explorer, You
can select Large Icons, Small Icons, List, and Details from the View menu. You
can alter the size that explorer uses by adding a Value to the registry and/or
modifying an existing Value. Both Values are type REG_SZ. Edit:
HKEY_CURRENT_USER\Control
Panel\Desktop\WindowMetrics
Double click on
Shell Icon Size, if you have Large Icons selected, and change the default (32)
to 48 or 64.
I prefer the to
leave Shell Icon Size at 32 and add Shell Small Icon Size which defaults to 16
and set it to 32, 48, or 64. This also effects the Start Menu and Open Dialogue
boxes.
Both these
Values work in consort so you may have to play around if you want to change
both.
Setting View to
Details and Shell Small Icon Size to 32 works well at high monitor resolutions.
You can also
change the color depth by double clicking on Shell Icon BPP. The values are:
Value Colors
4 16
8 256
16 65536
24 16 million
32 True Color
If you had Large
Icons set and you change Shell Icon Size, the change will happen instantly. For
all others, Logoff/Logon.
498 » Let
Explorer display a thumbnail of your .BMP files.
When you look at
the contents of a folder in Explorer, files with a known open association
display a mini-thumbnail icon of the associated program.
For bitmaps
(.BMP), you can cause Explorer to display the actual bitmap. Use Regedt32 to
browse to HKEY_CLASSES_ROOT\.bmp.
In the right
hand pane, you will find a <noname> that contains an openCommandString.
Navigate to
HKEY_CLASSES_ROOT\openCommandString\DefaultIcon
Change the
string value to %1. Logoff/Logon and display a folder that contains bitmaps. If
your Explorer View is not set to Large Icon, temporarily switch to that View.
See tip 497 if you wish to permantently increase the size of this thumbnail.
499 » Remove the
arrow (Shortcut Overlay) from your desktop shortcuts.
To remove the
Shortcut Overlay, browse to HKEY_CLASSES_ROOT\Lnkfile
Select the
IsShortcut value name in the right hand pane and delete it.
You will need to
Logoff/Logon to see the change.
500 » How do I
expand all the compressed files in the \i386 (or \Alpha) folder of the NT
CD-ROM?
If you want to
expand many (all) of the compressed files from the NT CD-ROM, run WinNT32.exe
from the \i386 (or \Alpha) folder. Press the Options button and uncheck the
Create boot floppy disks box. On the main screen, press Continue. When
finished, simply Exit (do not reboot). You will find a new folder on your C:
drive named $win_nt$.~ls. Rename the folder. In it, all the compressed files
have been expanded.
If you prefer to
use a different drive, at a cmd prompt, type:
<CD-ROM>\i386\winnt32
/t:driveletter /x or <CD-ROM>\Alpha\winnt32 /t:driveletter /x
where
driveletter is the hard disk letter you want the $win_nt$.~ls folder created
on. The i386 directory expands to 82MB.
501 » How do I
pipe the entire contents of a batch file (commands and responses) to a log
file?
The syntax is:
Drive:\BatFolder\BatchName.bat>Drive:\LogFolder\LogName.log
2>&1
To test this,
create c:\zzz\batch1.bat which contains:
@echo on
REM z: is an
invalid drive letter
z:
c:
cd c:\zzz
copy batch1.bat
copy.tmp
ren copy.tmp
ren.tmp
dir
exit
At a command
prompt, type:
c:\zzz\batch1.bat>c:\temp\batch1.log
2>&1
When you open
c:\temp\batch1.log, you will see:
X:\>REM z: is
an invalid drive letter
X:\>z:
The system
cannot find the drive specified.
X:\>c:
C:\>cd c:\zzz
C:\ZZZ>copy
batch1.bat copy.tmp
1 file(s)
copied.
C:\ZZZ>ren
copy.tmp ren.tmp
C:\ZZZ>dir
Volume in drive
C is NTDISK
Volume Serial
Number is 1C91_4321
Directory of
C:\ZZZ
04/21/98 11:09a
<DIR> .
04/21/98 11:09a
<DIR> ..
04/21/98 11:04a
319 batch1.bat
04/21/98 11:04a
319 ren.tmp
4 File(s) 638 bytes
834,271,232 bytes free
C:\ZZZ>exit
If you wish to
fully log a scheduled job, put the command in another batch file. Example:
c:\zzz\batch0.bat contains:
c:\zzz\batch1.bat>c:\temp\batch1.log
2>&1
Then schedule
c:\zzz\batch0.bat:
AT hh:mm cmd /c
"c:\zzz\batch0.bat"
502 » The
Dialing Properties Country dropdown list is incomplete..
If a new (since
NT 4.0) country code needs to be added, edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Telephony\Country
List
From the Edit
menu, Add Key and set it to the Telephone Country Code. Leave Class blank.
Select this new key and Add Value for the following:
Value Name Type
D a t a
CountryCode
REG_DWORD CountryCode (in decimal). Same as the new Key.
Name REG_SZ
Country Name
SameAreaRule
REG_SZ provided by telephone provider
LongDistanceRule
REG_SZ provided by telephone provider
InternationalRule
REG_SZ provided by telephone provider
Reboot your
computer for the new country to appear in the Country Code list.
503 » Does your
WINS server contain entries from non-functioning WINS Servers?
If you have
removed a WINS servers, other WINS servers on your network still contain and
still replicate the entries from the non-functioning WINS server. To remove
these entries, edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WINS\Partners
On the Edit
menu, Add Value and entrer PersonaNonGrata as a type REG_MULTI_SZ and set the
data value to the IP address of the non-existent WINS server. As this is a
REG_MULTI_SZ data type, mulpiple entries made be made.
You must stop
and start the WINS service for the entry to be enabled.
When a IP
address is given PersonaNonGrata status, it can be deleted as an owner in WINS
Manager (Mappings-Show Database), and its entries will not be replicated from
other servers.
504 » IE 4
intercepts run FTP xxx.xxx.xxx.xxx.
If internet
Explorer is intercepting an FTP command typed into Start / Run, edit:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes
and delete the
ftp and ftp. values.
505 » When you
run a Repair, Setup refuses to recognize/repair your installation.
While hacking
the registry for a future tip, I destroyed my installation so thoroughly that
NT would not boot and setup would not repair it. The NTFS file system was still
intacted but the registry was so damaged that setup did not recognize a valid
installation. While I could have restored, I would have lost 4 hours work.
To fix it, boot
to an alternate install of NT and expand the each hive on your ERD (or original
%SystemRoot%\Repair folder)
to the original
%SystemRoot%\System32\Config folder:
expand
c:\winnt\Repair\Software._ C:\WINNT\system32\config\Software
expand
c:\winnt\Repair\Software._ C:\WINNT\system32\config\Software.sav
expand c:\winnt\Repair\Default._
C:\WINNT\system32\config\default
expand
c:\winnt\Repair\Default._ C:\WINNT\system32\config\default.sav
expand
c:\winnt\Repair\SAM._ C:\WINNT\system32\config\sam
expand
c:\winnt\Repair\SAM._ C:\WINNT\system32\config\SAM.sav
expand c:\winnt\Repair\Security._
C:\WINNT\system32\config\security
expand
c:\winnt\Repair\Security._ C:\WINNT\system32\config\security.sav
expand
c:\winnt\Repair\System._ C:\WINNT\system32\config\system
expand
c:\winnt\Repair\System._ C:\WINNT\system32\config\SYSTEM.ALT
expand
c:\winnt\Repair\System._ c:\WINNT\system32\config\system.sav
Here is an
example of the response from
expand
c:\winnt\Repair\Software._ C:\WINNT\system32\config\Software
Microsoft (R)
File Expansion Utility Version 2.50
Copyright (C)
Microsoft Corp 1990-1994. All rights reserved.
Expanding
c:\winnt\repair\software._ to C:\WINNT\system32\config\Software.
c:\winnt\repair\software._:
1242580 bytes expanded to 6377472 bytes, 413% increase.
If the files
required to boot your alternate install are damaged or missing, you will need a
boot floppy (see tip 012). After doing this, I was able to boot and in my case,
I was fully recovered. You may need to repair boot records using your ERD.
506 » How do I
get a dual monitor Matrox Millenium system to not split dialog boxes?
Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mgax64\Device0
Double click
User.CenterDialogs and set to 1.
507 » Phone
company answering services may hamper modem functionality.
If you use a
phone comany answering service that beeps you when you have messages, Windows
NT may detect this as no dial tone.
You can remove
the messages from the service prior to dialing or you can open the Modems
applet in Control Panel and select the first effected modem. Click on Dialing Properties.
Add three commas at the begining of the To access and outside line...... text
box. Click OK. Click the Properties button. On the Connection tab, uncheck Wait
for dial tone.... Click OK.
Repeat these
steps for each modem effected.
508 » What
workstation did UserName logon from?
If you are
auditing logons (see tip 264), look in the security event log. If your protocol
is TCP/IP, you can use the following method:
1. Open a
command prompt (CMD.EXE).
2. Type: net
send "UserName" "** auto-locator - do NOT respond. **"
3. type: nbtstat
-c
Name Type Host
Address Life [sec]
<SNIP>
JENNIFER
<03> UNIQUE xxx.xxx.xxx.xxx ...
JSI0013
<03> UNIQUE xxx.xxx.xxx.xxx ...
<SNIP>
4. Locate the
Type <03> record for UserName and record the Host Address.
5. Locate the
other Type <03> record for that Host Address.
You can
partially automate this with LOCATENM.BAT
@echo off
echo Usage:
LOCATENM "UserName"
net send
"%1" "** auto-locator - do NOT respond. **"
nbtstat
-c>%TEMP%\LOCATENM.LOG
findstr /b /i /c:"%1"
%TEMP%\LOCATENM.LOG
findstr /i
/c:"<03>" %TEMP%\LOCATENM.LOG>%TEMP%\LOCATEIP.LOG
echo Type:
echo LOCATEIP
xxx.xxx.xxx.xxx
where
LOCATEIP.BAT contains:
@echo off
findstr
"%1" %TEMP%\LOCATEIP.LOG
509 » How can I
remove items from a right click of the
Start button?
Use Regedt32.exe
to edit:
HKEY_LOCAL_MACHINE\Software\Classes\Directory\Shell
or
HKEY_CLASSES_ROOT\Directory\shell
Double Click
Shell and delete any of these sub-keys like DOS Here and Find. Navigate to:
HKEY_LOCAL_MACHINE\Software\Classes\Folder\Shell
or
HKEY_CLASSES_ROOT\Folder\shell
Double Click
Shell and delete any of these sub-keys like root explore, open, explore, etc..
510 » "The
server on which the printer resides does not have a suitable <type of
printer> printer driver installed".
If you receive
the subject message but you know the appropriate printer driver is installed
for downloading, you probably have a permissions problem on the
%SystemRoot%\System32\Spool\Drivers folder or subfolders and/or the permissions
on the printer share are incorrect.
The printer
share must offer Read permissions (the default is Everyone).
The default NTFS
permissions for the %SystemRoot%\System32\Drivers (and subfolders) are:
Administrators - Full Control
Creator/Owner - Full Control
Everyone - Read (RX)
Server Operators - Full Control
System - Full Control
511 » Does your
Server service fail to start?.
If your Server
service fails to start and you received Event ID 7023 or 7001, and when you
attempt to start it manually you get system error 8 or 234, you may have too
many entries in the REG_MULTI_SZ value at:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters\NullSessionPipes
The default
information stored in this value is:
COMNAP
COMNODE
SQL\QUERY
SPOOLSS
LLSRPC
EPMAPPER
LOCATOR
If there are
more than 32 KB in that entry, the Server service will fail to start and return
the error More data is available, or Not enough storage is available.
The solution is
to remove any unnecessary entries from the NullSessionPipes value.
See tip 153
512 » How can I
MAP ROOT?
If you use the
Microsoft Distributed File System (DFS) in a narrow way, you can simulate
Netware's MAP ROOT.
If the users
home directories are in a folder called Users, you can set the Users share as
the root of the DFS. You will then be able to issue a
net use
<Drive:> \\<DFSserver>\Users\UserName1 even though Users is the
share point.
You can also use
the \\<DFSserver>\Users\UserName1 format to map drives from within
Explorer.
You must have
SP3 (or later) installed on all Windows NT machines for this to work.
Do NOT set Users
as a Leaf in a DFS tree, as a bug in DFS will prevent you from accessing the
DFS root.
513 » Unable to
browse the network, error 1222?
If you receive
the subject message and/or \\<ComputerName> the network is not started,
it may be that you have a missing or incorrect entry in the registry,
preventing Mpr.dll (Multiple Provider Router) from determining the network
provider. Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\NetworkProvider
There should be
an Order sub-key which contains a value name of ProviderOrder, a type REG_SZ,
which should have a text string of LanmanWorkstation. If these are not present
or different, add or change them.
514 » How do I
install the Sound Blaster Plug N Pray drivers?.
To install the
Sound Blaster Plug N Play drivers, first remove all Audio Devices from Control
Panel / Multimedia. Reboot.
If PnPIsa is not
installed (Control Panel / Devices), install it by right clicking the
Drvlib\Pnpisa\x86\Pnpisa.inf file from the NT CD-ROM and pick install. Reboot.
If SP3 (or
greater) is not yet installed, install it.
If you are going
to install the drivers from Creative Labs, expand SP3 (nt4sp3_i.exe /x) into a
temporary directory, switch to that directory, and type devpre devupd.inf. When
prompted, enter the path to the Create Lab drivers.
To install the
Microsoft drivers instead, respond to the New Hardware Found message by
clicking Driver from disk provided by hardware manufacturer in the Select
Device box. Enter drvlib\audio\sbpnp\x86 and click OK.
If you are
prompted for a driver for the Creative Labs 3D Stereo Enhancement Technology
device, click Windows NT Default Driver, and then click OK.
If you are
prompted for a driver for the IDE CD-ROM (ATAPI 1.2) /Standard IDE/ESDI Hard
Disk Controller device, click Do not install a driver (Windows NT will not
prompt you again).
If you are
prompted for a driver for the Microsoft Joystick Port Enabler device, click
Windows NT Default Driver, and then click OK.
NOTE: If this
choice is not available, click Driver from disk provided by hardware
manufacturer and type <cdrom>:\drvlib\audio\sbpnp\i386.
Reboot.
515 » What
switches are available in boot.ini?
In tip 055, we
introducted c:\boot.ini. The following switches are supported:
/3GB - Moves the
starting point of kernel memory to 3 GB, allowing user-mode applications to
access 3 GB of memory instead of the default 2 GB.
/BASEVIDEO -
forces the system into standard 640x480 16-color VGA mode. This is the default
on the second boot menu entry and is used if you installed a video driver that
won't boot or display properly.
/BAUDRATE=nnnn -
sets baudrate of the debug port. If you do not set the baud rate, the default
baud rate is 19,200. 9,600 is the normal rate for remote debugging over a
modem. This will also enable the /DEBUG switch. See Q148954.
/CRASHDEBUG -
enables the COM port for debugging if Windows NT crashes, but allows you to use
the COM port for normal operations. See Q151981.
/DEBUG - enables
the kernel debugger. This allows live remote debugging of a Windows NT system
through the COM ports. Unlike /CRASHDEBUG, /DEBUG will use the COM port whether
or not you are debugging. See Q121543.
/DEBUGPORT=comx
- selects a COM port for the debug port. The default is COM2 if it exists,
otherwise the default is COM1.
/HAL=filename
defines the actual hardware abstraction layer (HAL) to be loaded at startup.
This switch is useful in trying out a different HAL before renaming it to
hal.dll. This switch is also useful when you want to try booting between
multiprocessor and single processor mode when used in conjunction with the
/KERNEL switch. See tip 466.
/KERNEL=filename
- allows you to define the actual KERNEL to be loaded at startup.
/NODEBUG -
disables the kernel debugger, causing a blue screen if a piece of code has a
debug hardcoded breakpoint in its software.
/NOSERIALMICE:COMx
- disables the mouse port check for this com port. Ports may be separated with
commas to disable more than one port. If no serial port is specified then ALL
ports will be disabled for mouse devices. If you have a UPS on COM1, you would
use /NOSERIALMICE:COM1. See tip 317.
/NUMPROC=n -
sets the number of processors that Windows NT will use. This is usefull in load
simulation. If you use this switch, it should never to set to more processors
than are actually installed. See tip 066.
/PCILOCK -
prevents Windows NT from enumerating the PCI bus every time it starts.
/SOS - causes
the loader to print the name of loaded modules instead of displaying the dots.
/ONECPU - is
part of Compaq's HAL and tells Windows NT to use only 1 CPU.
/WIN95 - loads
bootsec.dos - See Q157992.
/WIN95DOS -
loads bootsec.w40 - See Q157992.
516 » How do I
delete and/or rename the Inbox?.
To enable a
Rename option on the right click context menu for the Inbox, use Regedt32 to
edit:
HKEY_CLASSES_ROOT\CLSID\{00020D75-0000-0000-C000-000000000046}\ShellFolder
Double click on
the Attributes value and change change the REG_DWORD to Hex 50.
If you want a
Delete option, change it to Hex 60. If you wish to have both Rename and Delete,
change it to Hex 70.
If you delete
the inbox and subsequently wish to restore it, edit:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace
From the Edit
menu, choose Add Key and enter a Key Name of:
{00020D75-0000-0000-C000-000000000046},
leaving Class blank. Select this new key and Add Value leaving Value Name blank
and set the REG_SZ string to Inbox.
Logoff/Logon.
517 »
Automatically change Home Page as you move from your intranet to the internet.
I have a need to
use one home page for my intranet and a different one when I connect to the
internet. Using IE 4.x, I could not find a standard method for accomplishing
this.
In tip 090, I
created D-I-Y autodial. Using that technique and setting IE 4.x for an intranet
home page, I changed my autodial to modify the registry at:
HKEY_CURRENT_USER\Software\Microsoft\internet
Explorer\Main\Start Page
Here is how (the
changes are bolded):
REM Switch to
prefered download directory
C:
CD C:\ZIPNEW
c:\winnt\regedit.exe
/s c:\util\HomeInt.reg
REM Dial your
ISP
C:\Winnt\system32\RasPhone
-d EntryName
REM Run your
browser
"C:\Program
Files\internet Explorer\IEXPLORE.EXE"
REM When you
exit, hang up
c:\winnt\regedit.exe
/s c:\util\HomeLoc.reg
c:\winnt\system32\rasdial
EntryName /DISCONNECT
exit
where
HomeInt.reg contains:
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\internet
Explorer\Main]
"Start
Page"="http://www.jsiinc.com/default.html"
and HomeLoc.reg
contains:
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\internet
Explorer\Main]
"Start
Page"="http://JSI001/default.html"
You can also
modify Search Page.
518 » Are you
prompted for another user's password when you logon?
If you are
prompted for another user's password when you logon, chances are that the
profile used to create your account had a persistent connection. Before copying
a profile, an Administrator should edit:
HKEY_USERS\<SID>\Network\<Drive
Letter>
They should
double click on Username and empty this REG_SZ value by removing the
<Domainname>\<User> string.
NOTE: Do NOT
delete the value, just the string data.
520 » How can I
connect to the same resource using different credentials?
Normally, a
single user would receive an error indicating that the supplied credentials
conflict when attempting to connect to a resource with different credentials.
If you use the
TCP/IP protocol, you can fake it out:
net use * \\ServerName\Share1
/U:UserName1
net use *
\\IPAddress\Share1 /U:UserName2
521 » WinNT RAS
client can Use current username and password.
If you wish your
WinNT desktop logon, entered at CTRL+ALT+DEL, to be used for a RAS connection,
configure the phonebook entry, on the Security tab, to Accept only Microsoft
encryted authentication and check the Use current username and password box.
This feature eliminates the need to re-enter credentials, even if your using
cached account information. It also obviates the need to log off/on when
changing your password over RAS. Locally cached account information is also
updated. To disable storing locally cached account information, see tip 368 or
use REGKEY from the NT resource kit, vol II.
522 » How can I
change a Service or Driver Startup if I can't access it in Control Panel?
To change the
Startup of a Service or Driver, edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
Navigate to the
Service or Driver and select it. In the right hand pane, double-click the Start
value and change this REG_DWORD to:
Value D e s c r
i p t i o n
0 Boot: Loaded
by kernel loader. Components of the driver stack for the boot (startup) volume
must be loaded by the kernel loader.
1 System: Loaded
by I/O subsystem. Specifies that the driver is loaded at kernel initialization.
2 Automatic: Loaded by Service Control Manager. Specifies that the service is
loaded or started automatically.
3 Manual:. The
service does not start until the user starts it manually, such as by using Services
or Devices in Control Panel.
4 Disabled:
Specifies that the service should not be started.
523 » How can I
determine the current drive and path in a batch, and/or walk up the tree?
You will need to
create a number batch files in a folder that is in your path.
CALL JSIDP.BAT
will set the following environment variables for the current session:
JSIDP is the
current drive and path in the form
Drive:\Directory\SubDirectory1\SubDirectory2\SubDirectoryN
JSIDRIVE is the
current drive - Drive:
JSIPATH is the
current path - \Directory\SubDirectory1\SubDirectory2\SubDirectoryN
To switch to the
root of the current drive - cd %jsidrive%\
...Start....JSIDP.BAT........................
@echo off
for /f
"tokens=*" %%i in ('cd') do set JSIDP=%%i
for /f
"tokens=1 delims=:" %%i in ('cd') do set JSIDRIVE=%%i:
for /f
"tokens=2 delims=:" %%i in ('cd') do set JSIPATH=%%i
...End......JSIDP.BAT........................
CALL JSITOP.BAT
will set the JSITOP environment variable for the current sesssion to the
top most root
directory of the current drive / path. If the current path is the root of the
drive, JSITOP will be Drive:\, otherwise it will be Drive:\RootDirectory
...Start....JSITOP.BAT........................
@echo off
for /f
"tokens=1 delims=:" %%i in ('cd') do set JSITOP=%%i:\
for /f
"tokens=2 delims=\" %%i in ('cd') do set JSITOP=%JSITOP%%%i
...End......JSITOP.BAT........................
CALL JSIUPLVL
will set the JSIUP environment variable for the current session to the
immediate parent
of the current drive / path.
...Start....JSIUPLVL.BAT........................
@echo off
call jsidp
call jsitop
set
jsiup=%jsitop%
if
"%jsidp%"=="%jsitop%" set jsiup=%jsidrive%\
if
"%jsiup%"=="%jsidrive%\" goto end
call JSIPARSE 3
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
:end
...End......JSIUPLVL.BAT........................
...Start....JSIPARSE.BAT........................
:loop
set
jsiupw=%jsiup%
if
"%jsidrive%\"=="%jsiup%" goto end
for /f
"tokens=%1* delims=\" %%i in ('cd') do call jsiparm %%i %%j
shift
if "%jsiupw%"=="%jsiup%"
goto end
if not
"%1"=="" goto loop
:end
set jsiupw=
...End......JSIPARSE.BAT........................
...Start....JSIPARM.BAT........................
@echo off
if
"%2"=="" goto end
set
jsiup=%jsiup%\%1
:end
...End......JSIPARM.BAT........................
To walk up the
tree, Call JSIWALK <Drive:>\Directory\YourBAT.BAT
YourBAT.BAT does
whatever you want.
...Start....JSIWALK.BAT........................
@echo off
call jsidp
:loop
call jsiuplvl
cd %jsiup%
call %1
if
"%jsiup%"=="%jsidrive%\" goto end
goto loop
:end
...End......JSIWALK.BAT........................
See tips 494 and
273 for related topics.
524 » How to
recover a fault tolerant disk configuration.
If your Windows
NT server is using software fault tolerance and you have lost the configuration,
Disk Administrator will show the partition as type unknown. The best way to
recover is to restore your disk configuration using the Disk Administrator /
Partition / Configuration / Restore. If you didn't save your configuration, be
sure to do it after you recover. You will need FTEDIT from the NT resource kit,
vol II.
To use it, see KB article Q131658.
526 » Does your
computer continually reboot on the Blue Screen during startup?
Possible reasons
for the subject disaster are:
1.A fatal system
error (STOP error) causes the computer to stop and the Automatically Reboot
option is enabled in Control Panel / Startup/Shutdown.
2. Pagefile.sys
is smaller than the amount of physical memory installed in the computer or
there is not enough free space to write the Memory.dmp.
To help resolve
these problems, install another copy of Windows NT on a Different Drive or
Partition or Folder. Run Regedt32 and select HKEY_LOCAL_MACHINE. Load the
original System hive (see tip 182) and set AutoReboot to 0 in each ControlSet
at:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSetxxx\Control\CrashControl
Collapse the
HKEY_LOCAL_MACHINE subkey and unload the hive. With AutoReboot disabled, you
may be able to research the stop message.
If the problem
is an improperly sized pagefile, load the System hive as above and edit:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSetxxx\Control\Session
Manager\Memory Management
Set the pagefile
to at least RAM + 12meg by double clicking PagingFiles which should be a
REG_MULTI_SZ type and formated like:
<drive>:\pagefile.sys
nnn nnn
where each drive
is a separate line and nnn nnn is the minimum and maximum pagefile size. Do not
set it greater than the available free space. Edit:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSetxxx\Control\CrashControl
and set CrashDumpEnabled to 1.
Collapse the
HKEY_LOCAL_MACHINE subkey and unload the hive.
Restart your
original installation. A dump should be written to the pagefile. Boot the new
alternate install and use dumpchk.exe -v or dumpexam.exe (CD-ROM debug folder
or updated from a service pack) to read the NewNTFolder\Memory.dmp to help
resolve the problem.
527 » Can I
install a font from a cmd prompt or a batch file?.
When you install
a font, the .ttf is copied to %SystemRoot%\Fonts and a font name Value is added
to the registry at:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Fonts
as a type
REG_SZ. The data string contains the font file name.
Here is a batch
file that adds the "Bitstream Cyberbit (TrueType)" font:
copy
<Drive:>\Folder\CYBERBIT.TTF %SystemRoot%\fonts\*.*
regedit /y
<Drive:>\Folder\bitstream.reg
exit
where
bitstream.reg contains:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Fonts]
"Bitstream
Cyberbit (TrueType)"="CYBERBIT.TTF"
You must reboot
Windows NT to use the font.
528 » Stop:
c0000135 {Unable to Locate DLL}.
If you receive
the subject message at start up, the file is either missing from
%SystemRoot%\System32 or the Software Hive of your registry is corrupt.
There are
various ways to fix the problem:
1. Use tip 181
to copy the file from the CD-ROM. You may have to reapply your latest Service
Pack.
2. Boot to an
alternate install of Windows NT and look in the original \System32. If the file
is missing, copy it from the alternate install or expanded Server Pack
(SPName.exe /X).
3. Check the
Software Hive for corruption by booting to an alternate install of Windows NT
and loading the original Software Hive using tip 182. When locating the
Software Hive, it is the Software file with the Windows Icon, not the Notepad
icon. If you receive a Registry Editor could not load ..... message, the
software Hive is corrupt. You must restore the registry or run a repair /
repair registry files.
529 » Your NT
RAS client can command your NT RAS Server how long to wait before calling back.
If your Windows
NT RAS server has the Callback feature enabled, your Windows NT RAS client can
configure the callback delay. The default is 12 seconds. Navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP
From the Edit
menu, Add Value name DefaultCallbackDelay as a type REG_DWORD and set the
decimal value to any number between 0 and 255 seconds.
530 »
\\<ServerName> is not accessible.
When you try to
access a network resource within your domain, you will receive the subject
message and possibly
The user must
change his password before he logs on the first time if the Administrator
checked the
User must change
password at next logon while you where logged on and
the session
between your computer and the domain controller timed out due to inactivty.
Log off, log on,
and change your password.
Tell your
administrator that he/she should insure that the user is logged off before
setting a policy that requires changing a password at the next logon.
531 » How do I
parse a date into month, day, and year?
There is no
standard functions in NT to do this. The method that you use differs based on
the source and format of the date. Here are two examples for a USA locale:
1. To parse
todays date in a batch and return environment variables TDDAY, TDMM, TDDD, and
TDYY, call JSIToday which contains:
@echo off
for /f
"tokens=1,2,3,4* delims=/ " %%i in ('date /t') do set
TDDAY=%%i&set TDMM=%%j&set TDDD=%%k&set TDYY=%%l
Note: the above
is one line.
2. To parse the
logged on user's password expiration date in batch and return environment
variables XMM, XDD, and XYY, call JSIExpDT which contains:
@echo off
net user
"%UserName%" /domain | find /i "Password expires" >
"%UserName%.tmpX"
for /f
"tokens=1,2,3,4,5* delims=/ " %%i in ('type
"%UserName%.tmpX"') do set XMM=%%k&set XDD=%%l&set XYY=%%m
del /q
"%username%.tmpX"
if %XMM% EQU
Never goto end
if %XYY% GTR 97
goto Y19
set XYY=20%XYY%
goto end
:Y19
set XYY=19%XYY%
:end
You can then
test if the password never expires:
if /i %XMM% EQU
never goto Never
532 » Freeware
Performance Monitor Screen Saver.
QMon110.zip is a
Windows NT screen saver that provides a simplified version of the Performance
Monitor tool that ships with the operating system. QuickMon is particularly
suited to monitoring servers, and can be configured to be the default screen
saver to be used when there is no interactive logon.
QuickMon
includes the following features:
· Provides
access to all Performance Monitor counters.
· Up to eight performance
counters can be monitored simultaneously.
· Can access
local computer and remote computer counters.
· Chart display
is easy to read and provides auto-scaling for all counters.
· Low-overhead
design ensures minimal impact on server or workstation performance.
533 » Stress
test your system.
SQLHDTST is a
Win32 file system stress program. Because of the rigorous system demands made
by a production database server, sometimes Microsoft SQL Server for Windows NT
will uncover problems in the underlying platform.
These may appear
as instabilities or other errors. This may be despite the fact that hardware
diagnostics run without error, and other use of the system also is without
error.
To help isolate
these cases, Microsoft Product Support has written SQLHDTST, which is a
high-intensity, multithreaded file system stress test. It also exercises the
Win32 overlapped, or asynchronous I/O APIs. If it ever detects a problem it
will indicate this with an on-screen error. Any problem detected by SQLHDTST means
you have a significant platform problem, not a SQL Server problem. These
problems can exist at the hardware, controller, firmware, device driver, or
operating system layers.
534 » How do I
get that brain-dead Office Assistant to leave me alone?
Rename the
Actors folder at <Drive:>\Program Files\Microsoft Office\Office\Actors to
Dead_Actors.
535 » Stop
0x00000078?
If your system
BSODs with a STOP 0x00000078, it may that the NonPagedPoolSize value in the
registry is set at more than 7/8 RAM. Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session
Manager\Memory Management
Double click on
NonPagedPoolSize and make sure it is less than seven-eighths of the physical
memory. The default for this type REG_DWORD value is 0, which allows the system
to calculate the Non-Paged Pool size. Be sure you're using the decimal radix.
Reboot.
536 » Does your
system hang and Event ID 2019 is in the System Event Log?
If your system
hangs and the System event log contains:
Event ID: 2019
Description: The
server was unable to allocate from the system nonpaged pool because the pool
was empty
it may be that
an application or service is using a COM port and Serial.sys is allocating
memory that it does not release, due to IRQ sharing on COM port devices.
Windows NT does
not support this. I do it without any problems (other than a System event at
boot) because the shared IRQ COM ports are never in simulaneous use.
537 »
Environment Variable string substitiution.
You can replace
a character in an Environment Variable using the following syntax:
set
VariableName=%VariableName:<ReplaceCharacter>=<ReplacementCharacter>%
If you want to
rename a file from filename.ext to UserName.YYYYMMDD where YYYYMMDD is todays
date and any spaces in UserName are replaced with an _,
the following
batch file would work for a USA locale: ( call JSIUsrDT
<Drive:>\Directory\filename.ext)
for /f
"tokens=1,2,3,4* delims=/ " %%i in ('date /t') do set
JSIUsrDT=%UserName%.%%l%%j%%k
set
JSIUsrDT=%JSIUsrDT: =_%
pushd %~dp1
rename %1 %JSIUsrDT%
popd
Note:There is a
space after the : in the set JSIUsrDT=%JSIUsrDT: =_% statement.
See tip 494 for
the %~dp1 syntax.
538 » How do I
implement system policies on a standalone Workstation or Server?
Windows NT
system policies were created for when users log on to a domain account
database. You can create a system policy for use when logging onto a local
account database. If a user logs on to the local account database, the policy
will be applied (to everyone, including Administrators). If they logon to a
domain database, domain policies will be applied.
To create a
local policy, log on locally as an Administror and create a NETLOGON share on
the local computer at
%SystemRoot%\System32\Repl\Import\Scripts.
Grant the Everyone group Read permission and the Administrators group full
control on this share.
In Poledit.exe,
configure a simple policy to start with.
Double-click
Local Computer.
Double-click
Network.
Double-click
System Policies Update.
Click Remote
Update to select it.
Click Automatic (Use
Default Path) in the Update Mode box.
Click OK.
Save the policy
as NTConfig.pol (it will be saved in the
%SystemRoot%\System32\Repl\Import\Scripts folder).
Note: If you
don't want to create a NETLOGON share, choose Manual (Use Specific Path) in the
Update Mode box and type the path into the Path for Manual Update dialog box.
In this case, you can name your policy anything you wish.
I prefer using
the registry hacks at tips 050, 070, and 215, so I can control who they are
applied to (tip 105).
539 » How do I
recover from running REGSEC.EXE from the Resource Kit?
If you run
REGSEC.EXE from the resource kit, local users will experience:
. Desktop icons
as plain yellow folders.
. Lose of
double-click on My Computer and other desktop shortcuts.
. Explorer.exe
will display default Windows icons for all files.
REGSEC remove
the Everyone group permissions on:
HKEY_LOCAL_MACHINE
HKEY_USERS
HKEY_CURRENT_USER
HKEY_CLASSES_ROOT
There is no help
file and when you run REGSEC.EXE /? or similar, it executes, removing the
permissions.
To restore
normal behavior, add the Everyone group with Read permissions to the above
keys, using Regedt32.exe.
540 »
Applications fail with no error, dump, or event?
Some
applications, like Visual C++ v5.0, change the default debugger during
installation. If the app is installed in a folder with a long file name or
space in the folder name, the subject symptoms will happen.
You can either
set Dr. Watson as the default debugger (see tip 241) or you can fix the
problem. Edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion
\AeDebug Double-click on Debugger which is a type REG_SZ and set it to the full
path to the debugger, followed by the parameters already present, enclosed in
" marks. To fix Visual C++ v5.0, set it to:
"C:\Program
Files\DevStudio\SharedIDE\Bin\Msdev.exe %ld -e %ld"
541 » Renamed
User account is not replicated if only the case changed.
If you rename a
User account and only the case changes, the account change will not be
replicated. Since the User account is not case sensitive, the Netlogon Service
will not ask the SAM on the BDC to change the account. To workaround this
feature:
1. Rename the
account (JOHNDOE) to JSIacct.
2. Synchronize
the BDCs with the PDC.
3. Rename
JSIacct to JohnDoe.
4. Synchronize
the domain.
542 » Does a
document created on computer A have different printed dimensions on computer B?
The subject
problem will occur if the document contains a font that does not exist on
computer B. Depending on the installed fonts, the GDI font mapper may
substitute diiferent fonts for the unknown font on different computers. This
may cause text to be larger or small, causing the printed document to expand or
shrink relative to the original.
To work around
this problem, determine the missing font and create an explicit substitution by
editing:
HKEY_LOCAL_MACHINE\
SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes On the Edit menu,
click Add Value and enter the Facename of the unknown font
as a type REG_SZ
with a string value of Facename of the substitute font
If your system
is mapping Geneva to Helvetica, but Helvetica-Narrow would be a better choice,
Add Value
Geneva as a type
REG_SZ and set the string to Helvetica-Narrow.
543 » Multimedia
properties Windows closes when you click the Devices tab?
If you have
Netscape Communicator Professional Edition installed and you upgraded from NT
3.x, edit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\Drivers.desc and delete the Nsmlaw32.dll value and
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\Drivers32 and delete the Msacm.nsmlaw value.
544 » Alter .REG
file default behavior.
If you ever
accidentally double-clicked on a .reg file, you know that it merged the
contents into your registry. To prevent this in the future, open explorer (My
Computer) and select Options from the View menu. On the File Types tab, scroll
to Registration Entries and select it. Click the Edit button. In the Actions
list, select Edit and press the Set Default button.
These actions
change the default behavior so that doubled clicking a .reg file will open it
in notepad. If you want to merge it with the registry, right click and select
Merge from the menu.
545 » How do I
print Duplex with an HP LaserJet 5 PostScript Printer?
To print on both
sides of the paper (Duplex) on a Hewlett-Packard LaserJet 5/5M PostScript
printer, you must meet the following conditions:
1. The optional
duplex unit must be installed and recognized by the printer (use the self
test).
2. On the Device
Setting tab of the print driver, click Duplex Unit in the Installable Options
folder and make sure that the setting is Installed.
3. In an
application, select Print Setup on the File menu and make sure that the Page
Setup tab has the option Print on both sides (duplex printing) set to either
short edge or long edge.
4. Set the
resolution for the print job based upon how much printer memory is installed.
Additional memory is required to print duplex at 600 dpi or on larger paper
sizes. Here is a chart you can use: (less memory is required for PCL mode)
Size/ 300 dpi simplex 300 dpi duplex 600 dpi simplex 600 dpi
duplex
Option
Letter/A4 4 Megabytes 4 Megabytes 4
Megabytes 10 Megabytes
Legal 4 Megabytes 5 Megabytes 4
Megabytes 12 Megabytes
I/O 4 Megabytes 12 Megabytes 4
Megabytes 12 Megabytes
buffering
Resource 8 Megabytes 13 Megabytes 8
Megabytes 13 Megabytes
546 » How do I
keep junior administrators from logging on to the PDC locally?
In tip 119, we
prevented junior administrators from editing the registry. There is no way to
remove the Logon locally user right from the administrators group. You can
prevent them from logging on locally by using NFTS permissions on the files
listed at:
HKEY_LOCAL_MACHINE\HKLM\Software\Microsoft\Windows
NT\CurrentVersion\WinLogon\Userinit
For each of
these files (in %SystemRoot%\System32), grant the specific UserName (not a
group) No Access. Make sure that at least one Admin Account can logon locally.
The easiest way is to run a batch ( JSIjr "Username"):
cacls
%SystemRoot%\System32\nddagnt.exe /E /D "%1"
cacls
%SystemRoot%\System32\userinit.exe /E /D "%1"
cacls
%SystemRoot%\System32\win.com /E /D "%1"
cacls
%SystemRoot%\System32\wowexec.exe /E /D "%1"
exit
547 » Common
causes of profile error - Event ID: 1000 - Source: Userenv.
If you receive
an error concerning the loading of your profile and Event ID 1000 - Source:
Userenv appears in the Application Event Log, chances are:
1. You changed
Permissions on the local %system root%\Profiles folder. The EVERYONE group
needs Change permissions to load the profile. You also need at least Read on
the system root and drive root.
2. If the system
partition is low on space, or the registry size limit has been exceeded, the
profile can fail to load.
3. The profile
is corrupted. Either the local Ntuser.dat, Ntuser.man or the roaming copy of
Ntuser.dat is corrupted. When this occurs, there is usually an event indicating
a RegLoadKey failure.
When you look at
the Application Event Log, Event ID 1000 will have one of the following details
where %s is the UserName and %d is the system error:
- The operating system was unable to load
your profile. Please contact
your Network Administrator. (%d)
- You do not have permission to access
your central profile located at
%s. The operating system is attempting
to log you on with your local
profile. Please contact your Network
Administrator.
- The operating system was unable to
create a profile directory %s.
Another file exists with the same name.
You will be logged on with a
local profile only. Please contact your
Network Administrator.
- The operating system was unable to
create profile directory %s. You
will be logged on with a local profile
only. Please contact your
Network Administrator. (%d)
- Your roaming profile is not available.
You will be logged on with the
locally stored profile. (%d)
- The operating system was unable to
create a temporary profile
directory %s. Please contact your
Network Administrator. (%d)
- The operating system was unable to load
the locally stored profile. A
new local profile will be created. (%d)
- The operating system was unable to set
security on your registry.
Please contact your Network
Administrator. (%d)
- The update of your roaming profile
failed. Please contact your
Network Administrator. (%d)
- Your profile was not successfully
loaded, but you have been logged on
with the default system profile. Please
correct the problem and log
off. (%d)
- Your roaming profile is not available,
the operating system is
attempting to log you on with your local
profile. (%d)
- Your roaming mandatory profile is not available,
the operating system
is attempting to log you on with your
local profile. (%d)
- The operating system is unable to log
you on because your roaming
mandatory profile is not available.
Please contact your Network
Administrator. (%d)
- This computer is in manual policy mode,
but the policy file can not
be found. You will be logged on without
policy. (%d)
- RegLoadKey failed with error %d for %s
548 » Corrupted
EMF file uses 100% of a CPU and the Spooler is in a never ending loop..
A corrupted
enhanced meta file (EMF) record embedded within the print stream can cause the
Spooler to enter an infinite loop. This uses all the CPU time for a single
processor machine and prevents the print job from completing.
Boot to an
alternate install of NT and delete the *.shd and *.spl file from the Spool
folder.
If you have a
multi-processor, you can pause the printer and delete the files.
549 » Corrupt or
3rd party Setupapi.dll causes strange problems.
If your Setupapi.dll
is corrupt or has been replaced by a 3rd party, you may experience any of the
following:
. Control Panel
/ Add/Remove Programs / Windows NT Setup tab generates an error dialog box with
a header information of E and a dialog box with a red X and the letter S.
. Internet
Explorer 3.02 Setup may fail with Installation failed. An error occurred while
trying to open the Ohrome.inf file.
. The Appearance
tab in the Display Properties window has no fonts are available for text-based
items.
. The Pointers tab
in the Mouse Properties window has no schemes listed in the Scheme list.
. When you
attempt to add a SCSI device, you receive Error occurred getting driver list
from INF file Err=0.
. When you try
to install a device that uses an .inf file, nothing happens.
. When you try
to add a printer, you receive Printer operation cannot continue due to lack of
resources and no printers are availalble.
. To fix the
problem, type the following at a CMD prompt:
Rename
SystemRoot%\System32\Setupapi.dll setupapi.old
Expand
<CD-ROM:>\i386\setupapi.dl_ %SystemRoot%\system32\setupapi.dll
550 » How do I
allow NT Workstation users to only End Task their Applications?
The following
approach is not perfect but it will work in most shops:
01. On the users
Workstation, open Taskmgr.
02. Select the
process tab and temporarily check or uncheck a box in the View / Colums
dialogue.
03. Exit
Taskmgr.
04. open
Taskmgr.
05. Select the
process tab and undo step 2.
06. Select the
Applications tab.
07. Double click
on the top border, just below the word Applications. This will hide the menu.
08. Create the
following JSITask.bat file and set permissions to Read and the attributes to R
S H: (This example assumes the Resource Kit utilities (Soon and Kill) are in
the path)
@echo off
soon 10 cmd /c
"kill.exe taskmgr.exe"
start /high
taskmgr.exe
exit
09. Create a
shortcut to this JSITask.bat and rename it Task Manager.
10. Move the
shortcut to the All Users Start Menu (See tip 051).
11. Right click
the shortcut and choose Properties. Set it to run Minimized.
12. Double click
the shortcut to close Taskmgr.
Each time the
user clicks the shortcut, they will have ten seconds to kill their application
before Taskmgr closes.
If they right
click the Taskbar and bring up Task Manager, they will have to use the shortcut
to close it.
551 » Ordinary
users can create local groups on your PDC.
An ordinary
users can create local groups on your PDC. This functionality allows then to
assign permissions to more easily manage access to their shared resources. The
Sales Manager could create a local Sales group and place users and global
groups in it. They can then assign permissions to the local Sales group. To do
this, they would:
net localgroup
groupname ["UserName1" "UserName2" "GlobalGroup1"
...] /add /comment:"text" /domain
To subsequently
add additional users or groups they would:
net localgroup
groupname "UserName3" "SalesDom\UserName4"
"GlobalGroup2" /add /domain
To remove users
or global groups:
net localgroup
groupname "UserName2" "SalesDom\UserName4" /delete /domain
and to remove
the local group:
net localgroup
groupname /delete /domain
If you are
attacked by repeated submissions, you can use KB article Q140380 to compact
your SAM after you have manually deleted the unwanted groups. Use method three,
If you wish to disable a users ability to
add local groups to the domain, download creatals_x86.exe or creatals_axp.exe.
The default
Microsoft Windows NT user rights allow non-administrative users to create
domain local groups. The CREATALS command line utility is used to modify the
DOMAIN_CREATE_ALIAS rights on the domain. This utility applies to Windows NT
4.0 and previous versions on Windows NT and will not be required or supported
in future releases.
552 » How do I
use my domain profile on my laptop when I am not connected?.
Assumptions:
01. You are a
member of the local Administrators group on your PC.
02. Your Domain
Account has a local profile.
To create a
local account that shares your domain profile:
01. Logon
locally as Admininstrator and create a local account with the same UserName as
your domain account.
Note: Your PC
can not be a domain controller.
02. Logon as
this new account and logoff.
03. Logon
locally as Admininstrator.
04. Verfiy that
you now have a %Systemroot%\Profiles\UserName.000 folder.
05. Use Regedt32
and select the HKEY_USERS hive.
06. Load your
domain profile by clicking Load Hive from the Registry Menu. Select your domain
profile at
%SystemRoot%\Profiles\%UserName%\Ntuser.dat
where UserName is your domain account.
07. At the Key
Name prompt, enter your UserName.
08. Select your
UserName in HKEY_USERS and click Permissions from the Security menu.
09. Grant your
local UserName Full Control
(Add / List
Names From <Local Machine> / Show Users).
Click Replace
Permissions on Exist Subkeys.
10. Click OK.
11. Select your
UserName in HKEY_USERS and Unload Hive from the Registry menu.
12. Navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
and locate your
SID by inspecting each ProfileImagePath for the path in step 04.
13. Double click
this ProfileImagePath and remove the .000 so it is equal to your domain
profile.
14. Exit
Regedt32.
15. Delete the
%Systemroot%\Profiles\UserName.000 folder.
16. Logoff and
logon locally as UserName
You will see
your domain (and local) profile.
553 » Start Menu
/ Programs (and/or Desktop and/or .....) is empty or messed up.
Use Regedt32 to
check the data at each of the following type REG_EXPAND_SZ Value Names at:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User
Shell Folders
Value Name
Default
Desktop
%USERPROFILE%\Desktop
NetHood
%USERPROFILE%\NetHood
Programs
%USERPROFILE%\Start Menu\Programs
Start Menu
%USERPROFILE%\Start Menu
Startup
%USERPROFILE%\Start Menu\Programs\Startup
554 » Lost your
Administrator password and need the ultimate hack?
There is no
security without physical security!
If you have lost
the Administrator password, you must have the following to recover:
1. A regular
user account that can logon locally to your Windows NT Workstation, Server,
or PDC whichever
you are recovering.
If you already
have an alternate install of NT, skip to The Process, Set 02.
2. The Windows
NT CD-ROM and setup diskettes (winnt /ox to make them from the CD-ROM).
3. Enough room
to install a temporary copy of NT (Workstation will suffice, even to recover on
a PDC).
4. Your latest
Service Pack.
The Process:
01. Install a
copy of Windows NT as TEMPNT, on any drive. Install your latest Service Pack.
02. Boot the
alternate install.
03. At a command
prompt, type AT HH:MM /INTERACTIVE CMD /K where HH:MM is 10 minutes from now
(or however much
time you need to complete the remaining steps and logon to your primary
installation).
04. Use Regedt32
to edit:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Schedule
05. Double click
Schedule and click the one sub-key.
06. Double click
the Schedule value name in the right hand pane and copy the REG_BINARY string
to the clipboard.
07. Select
HKEY_LOCAL_MACHINE and Load Hive from the Registry menu.
08. Navigate to
your original installation\System32\Config folder and double-click System.
09. At the Key
Name prompt, type ORIGSYS.
10. Navigate to
ORIGSYS\Select and remember the value of Current; i.e. n.
11. Browse to
ORIGSYS\ControlSet00n\Services\Schedule and if Start is not 0x2, set it to 0x2.
12. With
Schedule selected, Add Key from the Edit menu.
13. Type 001 in
Key Name and click OK.
14. Select 001
and Add Value name Command as type REG_SZ and set the string to CMD /K.
15. Select 001
and Add Value name Schedule as type REG_BINARY and paste the string from step
06.
16. Select
ORIGSYS and Unload Hive from the Registry Menu.
17. Use Conrol
Panel / System / Startup... to make your original install the default.
18. At a CMD
prompt:
attrib -r -s -h
c:\boot.ini
edit c:\boot.ini
and either change the id of the TEMPNT lines to Maint 4.0 on both entries
if you intend to
keep this maintenance install or delete them. attrib +r +s +h c:\boot.ini
19. Shutdown and
restart your original install.
20. Logon as
your user account and wait for HH:MM from step 03.
21. When the CMD
prompt opens, it will be under the context of the Schedule user,
either the
System account or an administrative account.
If this machine
is the NOT the PDC, type MUSRMGR.EXE, if it is the PDC, type USRMGR.EXE.
If you get an
error, click YES and type your domain name.
22. Set the
Administrator password and logoff.
23. Logon as
Administrator.
24. If you are
deleted the TEMPNT entries in step 18, delete <Drive:>\TEMPNT
25. Promise to:
never forget the
Administrator password again
implement
physical security
buy all your
future software from JSI, Inc.
Note: If the
Schedule service runs under the context of a Domain Administrator on any member
workstation, all you need to recover the PDC Administrator is a network login.
555 » System
event log has ID 7009 and ID 7000?
If you monitor
the event logs on your network, you may notice that the System event log on a
Workstation (or Server) contains:
ID 7009 Timeout
(120000 milliseconds) waiting for service to connect.
ID 7000 The
service failed to start due to the following error:
The service did
not respond to the start or control request in a timely fashion.
This combination
of errors is generally caused by a user who can't make up their mind.
The user starts
to logon and immediatly logs off. If a service is configured to interact with
the desktop, it may fail to start. The user receives:
The application
failed to initialize because the window station is shutting down.
When they logon
again, the Service Control Manager (SCM) logs the two events in the system
event log.
See tip 099 and
tip 162.
556 » Do you
have problems downloading .EXE files?
If you can't
download .EXE files, it may be that that the EditFlags at
HKEY_CLASSES_ROOT\exefile
is incorrectly set. Using Regedt32, the data in this REG_BINARY
value should
look like xx xx 00 xx where xx is any value. If it is set to xx xx 01 xx,
change it.
Reboot.
557 » More on
user permissions.
In tip 400, I
described two methods of setting up user directories on your server.
If you also want
to grant the user the ability to create and delete subdirectories within their
folder, add Change permission for Creator Owner to the parent directory and
replace permissions on subdirectories. Since the user is not the Creator Owner
of their top level directory, they will not be able to delete it. Any new
subdirectories they create will inherit Creator Owner (and other permissions
such as [RWX][RWXD] that you set on the parent folder) allowing them to only
delete the subdirectories that they create.
For novice
users:
In Explorer,
right click on the Parent Folder ( c:\Users ) and press Security / Permissions.
Click the Add button and double-click Creator Owner. In the Type of Access:
drop-down list, select Change and press OK. Check Replace Permissions on
Subdirectories. You may uncheck Replace Permissions on Existing Files since
they already have RWXD. Click OK and OK to confirm.
An alternate
method is to open a CMD prompt and type:
cacls
<drive:>\Path_to_Parent_Folder /T /E /C /G "Creator Owner":C
559 » DATE math.
In tip 531, we
created JSIToday to parse today's date and JSIExpDT to parse a user's password
expiration date.
You can
configure when Windows NT issues a password expiration warning by using tip
141.
If you want to
issue your own password expiration warning, you need the ability to do DATE
math. The Windows NT CMD processor offer no such capability. Create your own:
call JSIExpDT
call XDate
%UserName% %XMM% %XDD% %XYY% Day28.DAT Day30.DAT Day31.DAT
Where:
XDate.bat @echo
off
if /i %2 EQU
never goto finish
call Todayp %5
%6 %7
if %TDYYP% GTR
%4 goto notify
if %TDMMP% GTR
%2 goto notify
if %TDDDP% GTR
%3 goto notify
goto finish
:notify
call XNotify %1
%2 %3 %4
:finish
Todayp.bat
@echo off
REM Add XX days
to today's date based on the Day tables.
REM The 3 Day
tables in this example add 10 days.
REM Day31 is for
Jan, Mar, May, Jul, Aug, Oct, & Dec.
REM Day30 is for
Apr, Jun, Sep, & Nov.
REM Day28 is for
Feb. Leap year is ignored.
cd
%SystemRoot%\System32\Repl\Import\Scripts
call JSIToday
set TDMMP=%TDMM%
set TDYYP=%TDYY%
goto month%TDMM%
:month01
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDDD%-" %3') do
set TDDDP=%%j
goto year
:month02
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDDD%-" %1') do
set TDDDP=%%j
goto year
:month03
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDDD%-" %3') do
set TDDDP=%%j
goto year
:month04
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDDD%-" %2') do
set TDDDP=%%j
goto year
:month05
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDDD%-" %3') do
set TDDDP=%%j
goto year
:month06
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDDD%-" %2') do
set TDDDP=%%j
goto year
:month07
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDDD%-" %3') do
set TDDDP=%%j
goto year
:month08
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDDD%-" %3') do
set TDDDP=%%j
goto year
:month09
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDDD%-" %2') do
set TDDDP=%%j
goto year
:month10
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDDD%-" %3') do
set TDDDP=%%j
goto year
:month11
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDDD%-" %2') do
set TDDDP=%%j
goto year
:month12
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDDD%-" %3') do
set TDDDP=%%j
:year
if %TDDDP% GTR
%TDDD% goto yymmdd
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDMM%-"
Month.DAT') do set TDMMP=%%j
If %TDMMP% GTR
%TDMM% goto yymmdd
for /f
"tokens=1,2 delims=-" %%i in ('findstr /B "%TDYY%-"
Year.DAT') do set TDYYP=%%j
:yymmdd
XNotify.bat
@echo off
REM echo %1
%2/%3/%4
REM You can use
any form of notification that you wish:
REM Net Send %1
Your password expires on %2/%3/%4. Please change it today.
REM or use a
freeware command line mailer like Blat.
Day28.DAT
01-11
02-12
03-13
04-14
05-15
06-16
07-17
08-18
09-19
10-20
11-21
12-22
13-23
14-24
15-25
16-26
17-27
18-28
19-01
20-02
21-03
22-04
23-05
24-06
25-07
26-08
27-09
28-10
Day30.DAT
01-11
02-12
03-13
04-14
05-15
06-16
07-17
08-18
09-19
10-20
11-21
12-22
13-23
14-24
15-25
16-26
17-27
18-28
19-29
20-30
21-01
22-02
23-03
24-04
25-05
26-06
27-07
28-08
29-09
30-10
Day31.DAT
01-11
02-12
03-13
04-14
05-15
06-16
07-17
08-18
09-19
10-20
11-21
12-22
13-23
14-24
15-25
16-26
17-27
18-28
19-29
20-30
21-31
22-01
23-02
24-03
25-04
26-05
27-06
28-07
29-08
30-09
31-10
Month.DAT
01-02
02-03
03-04
04-05
05-06
06-07
07-08
08-09
09-10
10-11
11-12
12-01
Year.DAT - You
only need a few years. Each Jan. add 1 and remove the previous year.
1998-1999
1999-2000
2000-2001
2001-2002
2002-2003
2003-2004
2004-2005
2005-2006
2006-2007
2007-2008
2008-2009
2009-2010
2010-2011
2011-2012
2012-2013
2013-2014
2014-2015
2015-2016
2016-2017
2017-2018
2018-2019
2019-2010
2020-2021
560 » Schedule
positive notification of password expiration.
If your users
tend to ignore the systems password change requestion and implementing tip 559
in a login script doesn't seen to help, try scheduling it in batch. You will
need two batch files (in addition to JSIToday and TodayP):
Expire.bat uses
Showmbrs from NT resource kit, Supplement 2
@echo off
cd
%SystemRoot%\System32\Repl\Import\Scripts
Set Domain=JSI
del /q user.log
del /q info.log
for /f
"Tokens=*" %%i in ('showmbrs "%DOMAIN%\Domain Users"') do
(for /f "tokens=1-3" %%j in ('net user %%i /domain') do echo
%%i~%%j%%k~%%l>>user.log)
findstr /i
"Passwordexpires" user.log>info.log
findstr /v
"~Never" info.log>user.log
del /q info.log
REM Notice.bat
is the notify or posting batch file. You can use a process similar to
Xnotify.bat from tip 559 or create a new one.
REM You can
easily create a file and import it to a database for reporting to management
and/or send email.
REM To create a
comma seperated value file in Notice.bat,
REM echo
%1,%4,%2,%3,%5,%6,%7 >>
%SystemRoot%\System32\Repl\Import\Scripts\csvfile.csv
REM and add del
/q csvfile.csv here (before the for statement).
for /f
"Tokens=1-5 delims=~/" %%i in ('type user.log') do call XYDATE %%i
%%k %%l %%m Day28.DAT Day30.DAT Day31.DAT %SystemRoot%\System32\Repl\Import\Scripts\Notice.bat
exit
XYDate.bat
@echo off
if /i %2 EQU
never goto finish
If %4 EQU 98 SET
XYY=19%4
If %4 EQU 99 SET
XYY=19%4
If %4 EQU 20 SET
XYY=20%4
call Todayp %5
%6 %7
if %TDYYP% GTR
%XYY% goto notify
if %TDMMP% GTR
%2 goto notify
if %TDDDP% GTR
%3 goto notify
goto finish
:notify
call %8 %1 %2 %3
%4 %TDYY% %TDMM% %TDDD%
:finish
To schedule the
process on your PDC, the Schedule Service must run under a Domain Admin account
or have the Scheduler run under the System account and impersonate a Domain
Admin for this job, using SU (see Supplement Two):
AT 00:00
/Every:M,T,W,Th,F,S,Su CMD /C
"%SystemRoot%\System32\Repl\Import\Scripts\Expire.bat"
561 » The
Microsoft Scriptit Utility.
Microsoft®
ScriptIt, "a tool for automating interactive software installations and
system configuration tasks. ScriptIt can be used to start a process, monitor
the window titles of active processes, and, when appropriate, send a set of
keystrokes to the correct window. The keystrokes can be predetermined or they
can be determined at run time. ScriptIt can be configured to differentiate (and
respond appropriately) between multiple windows that have the same title bar
but different instructional text. Note that ScriptIt is not a traditional
scripting language and does not offer many of the traditional programming
language constructs. The ScriptIt command must be started by a user with
sufficient security privileges to perform the designated installation or
configuration task."
... snip ...
"Microsoft®
ScriptIt is a command-line utility for automating interactive software
installations and system configuration tasks. ScriptIt works by monitoring the
window titles of active processes. When it finds a window with which it should
interact, it sends a set of keystrokes to that window. ScriptIt uses the window
title or a combination of the window title and text that appears on controls
within the window to identify the window that will receive the keystrokes. The
use of the window title combined with text allows ScriptIt to differentiate
between multiple windows that have the same title bar."
562 » Tired of
the RAS dialer stealing focus when it redials?.
To quote the
author:
RASConnectNT -
This project is a replacement for the idiotic RAS dialer in Windows NT. I've
written it so that it doesn't constantly grab the focus while it's dialing and
has a reliable RedialOnLinkFailure. It also allows you to execute a command
after connecting. I've just released version 1.01, which fixes a bug causing
the program to crash if it reaches the maximum number of redial tries without
connecting. I have lots of ideas for features in a new version, as well as
feedback from users. Unfortunately, development on this project has been placed
on hold; I've just got too many things going on right now to put any time into
it. I do intend to do a new version at some point, though.
Introduction:
RASConnect for
NT is a replacement for the RAS dialer that is included with Windows NT. I
don’t know about you, but I absolutely hate the way the NT dialer constantly
grabs the window focus while it’s redialing. After reading a thread on the
microsoft.public.windowsnt.misc newsgroup where lots of people were complaining
about the same thing, I realized I wasn’t alone. So I decided to write my own
dialer to correct this annoying behavior. It doesn’t have every feature that
NT’s dialer has, but it has the most basic ones, and I’ll be adding some new
features in the near future.
I have only
tested this program running on Windows NT4, so I have no idea if it will work
under version 3.51 or not. If you try this I'd like to hear about it so I can
pass the information on to others. I've also received feedback that RASConnect
works under Windows 95.
I use RasConnect
in conjunction with tip 090. It replaces the following line in the batch file:
C:\Winnt\system32\RasPhone
-d EntryName
563 » How can I
plan for an eventual repair without a CD-ROM available?
If you do not
have a CD-ROM available, Windows NT can NOT run a normal repair process. You
can workaround this limitation if you do some configuration now, while you can
still boot. Perform the following steps:
1. Create a
folder off the root of any drive called Repair.
2. Using the
network (or a CD-ROM if currently available),
copy the CDROM_W.40
or CDROM_S.40 to the new \Repair folder.
3. Copy your
platform directory to the new \Repair folder (\i386 to \Repair\i386).
4. Create a new
set of setup diskettes by running Winnt32 /ox from the CD
(Winnt /ox from
a non-NT platform).
5. If you are running
SP2 or greater, copy setupdd.sys from the expanded service pack
(service_pack_file.exe
/x) to diskette 2.
6. Edit
txtsetup.sif from diskette 1.
In the
[SetupData] section,
remove the ;
from the SetupSourceDevice = \device\harddisk0\partition1 line
and modifiy it
to point to the drive/partition of the new \Repair folder.
harddisk0 is the
1st disk, harddisk1 is the 2nd disk, etc...
partition1 is
the 1st partition on the disk, partition2 is the 2nd partition on the disk,
etc..
7. Modify the
SetupSourcePath = \ to SetupSourcePath = \Repair.
8. Modify the
DefaultPath=\WINNT to point to your %SystemRoot% folder
( \WINNT or
\WINNT35 if you upgraded or whatever).
9. Save
txtsetup.sif to the floppy.
Label these 3
diskettes as No CD - Repair. If you ever have to run a repair, boot from
diskette 1.
564 »
"Can't access this folder. Path is too long."
If you manage
your server remotely, you can create a directory structure beyond the 256
character MAX_PATH. If you subsequently logon locally and use explorer, you
will receive the subject messages.
If you try to
create a new folder, you may receive:
Unable to create
the folder <name>.
The filename or
extension is too long.
To fix the
problem, navigate to the immediate parent folder and choose View / Details. In
the right hand pane, click the folder that returned the error and rename it to
make it shorter. You may also rename higher level folders.
565 » How can I
have non-Administrator help desk personnel manage the event logs?
To allow
non-Admin personnel to manage the event logs, use Regedt32 / Security /
Permissions to grant the users or group Full Control on:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EventLog
Click the
Replace Permissions on Existing Subkeys and then click OK.
566 » LPR print
job spools in an endless loop or the jobs hang?
Check the
Idle-timeout using the printers control panel or via a telnet session. The
default is 90 seconds. If the value is set too low, the subject behavior will
occur.
Check your
JetDirect documentation for how to make the change. If the setting is too low,
you may not be able to use a telnet session as it will time out before you can
type the commands.
567 » How do I
configure a W9x client to only have to change the network (domain) password?
On the W9x
client, use regedit to navigate to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network
Add a New DWord
value named DisablePwdCaching and set it to 1.
Reboot. This
will disable the local Windows 9x password.
Instruct your
clients to only use the bottom half of the dialog box at Control Panel /
Password to change their network (domain) password.
568 » How do I
convert a file name to lowercase?
If you have a
folder with numerous mixed case names, locating a file may be difficult due to
the sort sequencing. You may have other reasons for using a constant case when
naming files.
In tip 537, we
learned about environment variable string substitution. In tip 494 we learned
how to parse a batch filename parameter into it's constituent parts.
We can combine
these techniques in a batch file that I will name LwrCase.bat which should be
located in your path:
@echo off
set LC1=%~nx1
set
LC1=%LC1:"=%
set
LC1=%LC1:A=a%
set
LC1=%LC1:B=b%
set
LC1=%LC1:C=c%
set
LC1=%LC1:D=d%
set LC1=%LC1:E=e%
set
LC1=%LC1:F=f%
set
LC1=%LC1:G=g%
set
LC1=%LC1:H=h%
set
LC1=%LC1:I=i%
set
LC1=%LC1:J=j%
set
LC1=%LC1:K=k%
set
LC1=%LC1:L=l%
set
LC1=%LC1:M=m%
set
LC1=%LC1:N=n%
set
LC1=%LC1:O=o%
set
LC1=%LC1:P=p%
set
LC1=%LC1:Q=q%
set
LC1=%LC1:R=r%
set LC1=%LC1:S=s%
set
LC1=%LC1:T=t%
set
LC1=%LC1:U=u%
set
LC1=%LC1:V=v%
set
LC1=%LC1:W=w%
set
LC1=%LC1:X=x%
set
LC1=%LC1:Y=y%
set
LC1=%LC1:Z=z%
ren %1
"%LC1%"
We can call the
LwrCase.bat batch file with the full path name of a file (or just the file name
if it is in the current folder) that we wish to rename. Example:
call LwrCase
"%SystemRoot%\System32\Ancient Pathways.dll"
If you wanted to
change all the files in a folder, call LwrCase_Folder
"<Drive:>\<Path>" where LwrCase_Folder contains:
@echo off
pushd %1
for %%i in (*.*)
do call lwrcase "%%i"
popd
If you want to
change all the files in a folder, including all sub-folders, call LwrCase_Tree
"<Drive:>\<Path>" where LwrCase_Tree contains:
@echo off
pushd %1
dir *.* /b /a-d
/s > lwrcase.log
for /f %%i in
('type lwrcase.log') do call lwrcase "%%i"
del /q
lwrcase.log
popd
569 » How do I
get NTBackup to erase a tape that generates errors?
If you try to
mount a tape and receive:
Tape Drive Error
Detected.
Tape Drive Not
Responding.
Bad Tape.
you will need to
start NTBackup with the /nopoll parameter and erase the tape. The /nopoll
parameter prevent NTBackup from scanning the tape.
Note: Do NOT use
the /nopoll parameter with any other parameters. After erasing the tape, quit
NTBackup and remove the /nopoll parameter.
570 » Freeware
command line / batch account rename.
Netuser is a
freeware command line / batch program that will rename a user account.
usage: netuser
username <settings>
<settings>:
/name:newname
/pwnexp:{y|n}sets
Password Never Expires
Examples:
netuser
Administrator /name:"My Domain Admin"
netuser
"John Doe" /name:DoeJ
571 » How do I
remove the Recycle Bin during an unattended install?
Create a
DELcycl.inf which contains:
[Version]
Signature =
"$Windows NT$"
[DefaultInstall]
AddReg = AddReg
DelReg = DelReg
UpdateInis =
UpdateInis
[AddReg]
[DelReg]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}
[UpdateInis]
Create a $EOM$
folder in the i386 root on your distribution server and copy DELcycl.inf to it.
Edit or create a Cmdlines.txt in the $EOM$ folder which contains:
[Commands]
"rundll32
setupapi,InstallHinfSection DefaultInstall 128 .\DELcycl.inf"
572 » How do I
edit a Windows 95 Registry from Windows NT?
1. Install the
Remote Registry Service from the W95 CD (Admin\NetTools) on the NT machine and
on the W95 machines.
2. Configure the
W95 machines for User-Level security and enable remote administration.
To edit the
remote W95 registry from Windows NT, run Regedit. On the Registry menu, choose
Connect Network Registry. Enter the W95 computer name.
NOTE: If you
upgraded from Windows 3.1x to Windows NT 4.0, see tip 262.
573 » How can I
change the color that explorer uses to display compressed objects?
Set AltColor, a
type REG_BINARY value name to the RGB (Red, Green, Blue) equivalent of the
prefered color. Example:
white would be
ffffff00. You would set this value at:
HKEY_Current_User\Software\Microsoft\Windows\CurrentVersion\Explorer
You can also set
it at:
HKEY_USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer
If you want to
set it for each user, you can run regedit /s compclr.reg in a login script.
Compclr.reg would contain:
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer]
"AltColor"=hex:rr,gg,bb,00
where rr is the
Red component, gg is the Green component, and bb is the Blue component.
You will have to
logoff/logon for the change to take affect.
Here is a table
of common colors:
Color Red Green
Blue
white ff ff ff
red ff 00 00
yellow ff ff 00
green 00 ff 00
cyan 00 ff ff
blue 00 00 ff
magenta ff 00 ff
brown a5 2a 2a
black 00 00 00
JSI burgundy 99
00 00
574 » When I
right click on an .INF file, I am not offered an Install option.
Use Regedt32 to
verify that the following registry entries exist:
HKEY_CLASSES_ROOT\.inf
Value Name: <No Name>
Data Type : REG_SZ
Data : inffile
HKEY_CLASSES_ROOT\inffile\shell\Install
Value Name: <No Name>
Data Type : REG_SZ
Data : &Install
HKEY_CLASSES_ROOT\inffile\shell\Install\command
Value Name: <No Name>
Data Type : REG_EXPAND_SZ
Data : %SystemRoot%\System32\rundll32.exe
setupapi,InstallHinfSection DefaultInstall 132 %1
575 » DOTCRASH
creates memory dump of hung or leaking process.
"When an
application runs on Windows NT you might experience problems, like a memory
leak, or hanging at 0% (dead lock) or 100% (busy loop) CPU utilization.
If the computer
is used in a production environment you usually do not have the time for
debugging the process. In this situation, you can use DOTCRASH to create a user
mode memory dump of the offending process and continue production much faster.
DOTCRASH uses
Win32 API to create the memory dump. Here is how it works:
1. Get Debug
privilege (if it doesnt work, were not an Admin-like user)
2. Resolve
process name to process ID, if needed
3. Open the
target process with Full Access
4. Change
AeDebug and Dr. Watson configuration to write <process name>.dmp
5. Create thread
in target process with starting address 0xDEAD. This requires privileges
acquired in 1) and 3)
6. Return Debug
privilege
7. Restore
original AeDebug and Dr. Watson configuration
DOTCRASH will
not check if the files required to run Dr. Watson are installed in the system.
You can check this if you run DRWTSN32 from the Start/Run dialog. While Dr.
Watson is working on the memory dump it will put up a dialog. Do not click the
Close or Cancel button. Wait until the OK button is enabled and then press OK.
There is a known
problem with Dr. Watson on the Alpha platform on Windows NT 4.0:
Q170057: Dr.
Watson Dialog Box Stops Responding on DEC Alpha Platform
A fix for this
problem is scheduled for Service Pack 4. The fixed file for the English version
of Windows NT and Q170057 are included in the SOFTLIB file.
DOTCRASH
requires PSAPI.DLL. The SOFTLIB file contains versions of this file for Windows
NT 3.51 and 4.0, for the Intel and Alpha platform. If you happen to have a
newer version on your system, skip this step.
The memory dump
created by Dr. Watson can be loaded in WinDBG.
...........................................................
SNIP ......................................................
Heres the
command line help and errorlevel information for DOTCRASH:
DotCrash 1.0b by
Herbert Mauerer
Contact
HerbertM@microsoft.com for suggestions and problem reports
usage:
dotcrash |
<process EXE name>
pid: process ID
in decimal or hex (use 0x)
process EXE
name: name of EXE file
If multiple EXE files with the same name are
found,
errorlevel will be 1 and a list of process
IDs will
be printed to STDOUT.
Errorlevel
values:
0 - Success,
dumped a process.
1 - Multiple
processes found for %s, use process ID.
2 - Process %s
not found.
3 - Invalid or
out-of-range process ID.
4 - Could not
open process %s, error:
5 - Could not
create thread to crash the process, error:
6 - Can't get
Debug Privilege. Aren't you Administrator?
7 - Could not
access registry to configure Dr. Watson. Tried to fix it...
8 - This
application only runs on Windows NT 3.51 or later.
9 - Ain't no
killing of Process IDs 0 and 2"
576 » SBS Setup
Computer Wizard does not display all Accounts.
The SBS Setup
Computer Wizard checks:
1. UserName
exists in %SystemRoot%\Users Shared Folders.
2. The account
is configured to use a logon script.
To resolve the
problem:
1. Create a
UserName folder at %SystemRoot%\Users Shared Folders and make sure it as shared
as UserName. Make sure that UserName has Full Control over this folder.
2. Make sure
that the account is configured to use a logon script. You can use the Small
Business Server Console by selecting Manage Users from the Tasks tab. Select
the user and click Review or Change User Information. Do not change any of the
user information. The wizard will check the account profile and add the necessary
logon script information. You can also use User Manager for Domains.
Correcting these
items should cause the Setup Computer Wizard to display the account.
577 » Where did
Testdir.tmp come from and why can't I delete it?
When a file or
folder is copied to a share and the underlying file system is NTFS, a
Testdir.tmp may be created and then deleted. If you do not have delete
permissions, the delete will fail.
Have an
administrator delete the file and add Creator Owner, as Special File Access with
the Delete check-box marked, to the shared folder. Check Replace Permissions on
Subdirectories and if they wish, uncheck Replace Permissions on Existing Files.
They could also use the NT resource kit, supplement 2.
xcacls <Drive:>\<FolderName> /T
/E /G "CREATOR OWNER":C;RW
Note: If the
copy operation involves a UNC path or involves copying a multiple directory
tree, a testdir.tmp file is created and deleted in each new directory to make
sure the copy process can continue.
578 » More on
replacing inuse files.
In tip 181 I
described one method for replacing inuse files.
You can also
replace inuse files by editing:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session
Manager and ammend or Add Value name PendingFileRenameOperations, a type REG_MULTI_SZ
value. Each rename use two lines
Line 1 contains:
\??\<Drive:>\<SourcePath>\SourceFileName.Extension
Line 2 contains:
!\??\<Drive:>\<DestinationPath>\DestinationFileName.Extension
If you had
additional files, they would be line 3 and 4, 5 and 6, etc....
At the next
boot, the <Drive:>\<SourcePath>\SourceFileName.Extension
is moved to the
<Drive:>\<DestinationPath>\DestinationFileName.Extension
and the
PendingFileRenameOperations value name is deleted.
579 » What
default printer did I have the last time I logged off?
In tip 263, we
saw that your default printer was set at:
HKEY_CURRENT_USER\Software\Microsoft\Windows
NT\CurrentVersion\Windows\Device as a type REG_SZ value. The default string
value is PrinterName,winspool,LPT1:
When you log off,
the default printer is stored as DeviceOld, a type REG_SZ value at:
HKEY_CURRENT_USER\Printers.
580 »
IntelliType version 1.1 generates an error message.
Windows NT 4.0
provides default support for the Microsoft Natural Keyboard.If you install IntelliType
version 1.1, you receive:
You attempted to run IntelliType under a
newer or different version of
Windows.
Re-run the IntelliType Setup to upgrade the
software and determine if
this version of IntelliType is supported by
your version of Windows.
IntelliType
version 1.1 is incompatible with Windows NT 4.0. Download and apply itupd.exe.
581 » Microsoft
Windows Alternative Mouse Pointers.
The Microsoft
Windows Alternative Mouse Pointers (altpnt.zip) are easy-to-see mouse pointer
schemes designed to work with Windows 95/98 and Windows NT 4.0. These pointer
schemes are helpful for laptop computer users and users with low vision. The
schemes included are:
Windows Black
Windows Black (large)
Windows Black (extra large)
Windows Inverted
Windows Inverted (large)
Windows Inverted (extra large)
Windows Standard (large)
Windows Standard (extra large)
To install the
Alternative Mouse Pointer Schemes, double- click the Altpnt.exe file you
downloaded and follow the on screen instructions.
To use the
Microsoft Windows Alternative Mouse Pointers:
1. Click the
Mouse icon in Control Panel.
2. On the
Pointers tab, click the scheme you want to use, and then click OK.
To remove the
Alternative Mouse Pointer Schemes
1. In Control Panel,
double-click Add/Remove Programs.
2. On the
Install/Uninstall tab, click Microsoft Alternative Pointer Set, and then click
Uninstall.
582 » How do I
resize the Taskbar?
To resize the
Taskbar:
Press CTRL+ESC
which will select the taskbar and display the Start menu.
Press the ESC
key which causes the Start menu to disappear and leave the Taskbar selected.
Press
ALT+SPACEBAR and click Size.
Resize the
Taskbar using the mouse or the arrow keys.
583 » Registry
entries installed by RRAS.
When you install
the Routing and Remote Access Service Update for Windows NT Server 4.0 [RRAS]
and/or the Point to Point Tunneling Protocol [PPTP], see tip 345, the following
registry keys are added or updated. This list may be usefull if an uninstall or
reinstall fails:
Registry Keys
for RRAS:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AsyncMac
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AsyncMac(Number_based_on_bindings)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPFilterDriver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IpxPing
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisTapi
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisWan
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisWan(Number_based_on_bindings)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Adapters\NdisWan(Number_based_on_bindings)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NwLnkFlt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NwLnkFwd
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NwlnkIpx\NetConfig\NdisWan(Number_based_on_bindings)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasAcd
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasAuto
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasRad
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Router
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tracing
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WanArp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AsyncMac
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NdisWan
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RAS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RasAuto
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RasMan
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoteAccess
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Router
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Router Phonebook
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\NetworkCards\(Number_based_on_bindings)
HKEY_CURRENT_USER\Software\Microsoft\RAS
Autodial
HKEY_CURRENT_USER\Software\Microsoft\RAS
Monitor
HKEY_CURRENT_USER\Software\Microsoft\RAS
Phonebook
HKEY_CURRENT_USER\Software\Microsoft\Router
HKEY_CURRENT_USER\Software\Microsoft\Routing and RAS Admin
Registry Keys
for PPTP:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisWan(Number_based_on_bindings)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Adapters\NdisWan(Number_based_on_bindings)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RASPPTPE
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RASPPTPF
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RASPPTPM
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RASPPTPM(Number_based_on_bindings)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RAS\TAPI DEVICES\RASPPTPM
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RASPPTP
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RASPPTPE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RASPPTPM
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\TAPI
DEVICES\RASPPTPM
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\NetworkCards\(Number_based_on_bindings)
584 » DHCP fails
to start on SBS with Event ID 20036.
If DHCP on your
SBS fails to start due to:
Event ID
: 20036
Source
: DHCP Server
Description: The DHCP Server is shutting
down because another DHCP
Server with IP Address <IP Address>
is active on the network.
it is due to
having another DHCP server on your network.
SBS
automatically installs and configures DHCP. You can not have any other DHCP
server on your SBS network.
Multiple DHCP
servers are only allowed with the full retail version of Windows NT Server
and/or Backoffice Server.
585 » Event ID
8003 every 12 minutes?
If your System
event log receives Event ID 8003 from Source Rdr from your BDC which believes
it is the master browser on transport NetBT_xxxxx, you may have a router that
is forwarding UDP broadcasts.
In Windows NT,
each subnet will have a master browser. If the router(s) forward UDP broadcasts
up to UDP ports 137 and 138, then the election broadcasts from one subnet are
being forwarded to other subnets.
Bridges or
switches between two dissimilar network segments within the same subnet can
also cause this problem.
Make sure your
router(s) are not forwarding UDP broadcasts and enable WINS or lmhosts for
netbios name resolution.
NOTE: Switches
configured for VLAN's (virtual segmentation) have to be configured on a per
VLAN basis to prevent UDP broadcast propagation.
586 » Uninstall
RRAS, re-install RAS.
1. Control Panel
/ Network / Services tab.
2. Select
Routing and Remote Access, and click Remove.
3. Click Close.
Click Yes to restart.
4. Expand
<CD-ROM>:\I386\Oemnsvra.In_ %SystemRoot%\System32\Oemnsvra.Inf
5. Control Panel
/ Network / Services tab.
6. Install
Remote Access Service - DO NOT RESTART WHEN PROMPTED
7. Re-apply your
latest Service Pack. If you are Running SBS 4.0 or 4.0a, DO NOT reapply SP3 as
it is already included.
8. Shutdown and
restart.
587 » Your
COMPAQ server experiences performance degradation and/or hangs.
The Task Manager
/ Process tab shows that 10 to 100 instances of Cpqdbg.exe are running.
The Compaq
cpqdebugger is installed by Compaq's SSD 2.04 and may start multiple instances
of Cpqdbg.exe.
Change the
default debugger from the Compaq debugger to Dr. Watson. Edit
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurentVersion\AeDebug\debugger
If the string
value is cpqdbg -p%Id -e %Id -g, change it to drwtsn32 and leave options the
same.
588 » Running
Dhcploc.exe on a DHCP server may cause it to malfunction.
The NT resource
kit, vol II contains the Dhcploc.exe
utility which is designed to assist in determining what Dynamic Host
Configuration Protocol (DHCP) servers are available to clients on a particular
network segment. If you run Dhcploc.exe on a DHCP server, DHCP may no longer
responds to all requests for IP addresses from DHCP clients.
Only run
Dhcploc.exe on a computer that is not a DHCP server.
589 » What is
the affect of pausing a service?
When you pause a
service:
. Existing
connections are not affected.
. New
connections are blocked for ordinary users.
. New
connections are allowed for members of the Domain Admins, Administrators, and
Power Users groups.
How a service
behaves when it is paused depends on the service, but mostly revolve around
granting special privileges to accounts belonging to privileged groups.
590 » Static
mapping in WINS displays only 1 entry.
If you type a
static mapping in the Windows Internet Name Service (WINS) database, you expect
to see 3 entries but only 1 appears. This entry has no sixteenth character
hexadecimal identifier.
Example:
If you type
192.168.1.10 for a computer named ALRMP01, you should see:
ALRMP01(00h)192.168.1.10
ALRMP01(03h)192.168.1.10
ALRMP01(20h)192.168.1.10
If you see:
ALRMP01192.168.1.10,
the WINS Manager is not configured to display the database using LAN Manager-
compatible conventions.
To enable the
LAN Manager-compatible feature:
. Open WINS
Manager.
. Click Options
/ Preferences.
. Click LAN
Manager-Compatible
. Click OK.
591 » Control
Panel error - Explorer.exe - DLL Initialization Failed .....
When opening
Control Panel, if you receive:
Explorer.exe - DLL Initialization Failed
Initialization of the dynamic link library
E:\WINNT\System32\RASSCRPT.dll failed.
The process is terminating abnormally.
Your RAS
installation is corrupt or modem files are damaged / missing. To fix this:
01. Rename
%SystemRoot%\System32\Rascpl.cpl %SystemRoot%\System32\Rascpl.old
02. Rename
%SystemRoot%\System32\Rasscrpt.dll %SystemRoot%\System32\Rasscrpt.old
03. Expand
<CD-ROM:>\<Platform>\rascpl.cp_ %SystemRoot%\System32\Rascpl.cpl
04. Expand
<CD-ROM:>\<Platform>\rasscrpt.dl_
%SystemRoot%\System32\Rasscrpt.dll
05. Control
Panel / Network / Services and select Remote Access Service, and then click
Remove.
06. The
following warning message is displayed:
WARNING: This action will permanently
remove the component from the
system. If you wish to reinstall it, you
will have to restart the
system before doing so.
Do you wish to continue?
Click Yes and
then click Close.
07. Restart you
computer when prompted.
08. Control
Panel / Modems.
09. Select the
device and click Remove. Click Close.
10. Restart your
computer.
11. Control
Panel / Modems.
12. Click Add to
start the Install New Modem wizard and follow the instructions.
13. Control Panel
/ Network / Services and click Add.
13. Select
Remote Access Service, and then click OK.
14. If you have
a Service Pack installed, reapply it before restarting.
592 » Error
adding NetBEUI - Registry Service Subkey already exists.
The subject
problem is generally caused by registry corruption, perhaps as a result of a
failed install. To correct the problem:
1. Run Rdisk /S
to backup the registry.
2. Delete the
following registry keys using Regedt32 (You may need to alter the key
permissions - Security / Permissions):
HKEY_LOCAL_MACHINE\SYSTEM\CCS\Services\NBF
HKEY_LOCAL_MACHINE\System\CCS\Enum\Root\Legacy_NBF
3. Shutdown and
restart.
4. Install
NetBEUI.
593 » Program
component not found.
When you try to
run a program from the Start menu, you receive an error message that the
program or one of its' components can not be found.
If another user
has removed the application from their profile, the application may have been
removed from the computer, but the shortcuts / registry entries are still in your
profile.
Reinstall the
application.
594 » How can I
open a command prompt at the folder that I am browsing (in Explorer)?
To add a Command
Prompt Here to the right click in Explorer which will open a command prompt in
the Folder that you have selected, double-click the following CmdHere.REG file:
REGEDIT4
[HKEY_CLASSES_ROOT\Folder\shell\DosHere]
@="Command
&Prompt Here"
[HKEY_CLASSES_ROOT\Folder\shell\DosHere\command]
@="C:\\WINNT\\System32\\cmd.exe
/k cd \"%1\""
595 » How can I
build a file of all currently logged on UserNames?
Create
whoison.bat in your path and call it with the full path to the file you want
created:
whoison
"<Drive:>\Folder\FileName.Txt"
@echo off
del /q %1
for /f
"tokens=1,2,3* delims= " %%i in ('net session') do call whoisonp.bat
%1 %%i %%j %%k %%l
Create
whoisonp.bat in your path:
@echo off
if
"%3"=="" goto none
if
"%3"==" " goto none
if /i
"%3"=="User" goto none
if /i
"%3"=="command" goto none
if /i
"%3"=="Windows" goto none
if /i
"%4"=="Windows" goto u1
if /i
"%5"=="Windows" goto u2
goto none
REM If you also
want their ComputerName, add %2 to the echo(s) below
:u1
echo
%3>>%1
goto none
:u2
echo %3
%4>>%1
:none
Note: If you
have non Windows NT clients, you may have to add tests of %3, %4, and %5 for
them also.
Type net session
to see the Client Types returned.
596 » How do I
"print" the permissions on a directory tree?
To
"print" the permissions on a directory tree:
dirperm
"<Drive:>\Folder"
"<Drive:>\Directory\Output.txt" [/S] were:
"<Drive:>\Folder"
is the directory whose tree you wish to enumerate.
"<Drive:>\Directory\Output.txt"
is the full path to the output file.
/S will get all
sub-directories, not just the 1st level.
dirperm.bat
should be in your path and contains:
@echo off
if exist %2 del
/q %2
if /i
"%3"=="/s" goto sub
CACLS %1
>>%2
CACLS %1\*.*
>>%2
exit
:sub
if exist
%TEMP%\DirPerms.srt del /q %TEMP%\DirPerms.srt
if exist
%TEMP%\DirPerms.log del /q %TEMP%\DirPerms.log
CACLS %1
>>%2
for /f
"Tokens=*" %%i in ('dir %1\*.* /B /AD /ON /S') do echo %%i>>%TEMP%\DirPerms.srt
sort <
%TEMP%\Dirperms.srt >%TEMP%\dirperms.log
for /f
"Tokens=*" %%i in ('type %TEMP%\dirperms.log') do CACLS "%%i
">>%2
del /q
%TEMP%\dirperms.srt
del /q
%TEMP%\dirperms.log
exit
Examples:
dirperm c:\users
c:\temp\perm.log
dirperm
"c:\program files" c:\temp\perm.log /s
597 » IE 4.x
requires change to RestrictRun.
In tip 362, we
learned how to configure RestrictRun.
If Internet
Explorer 4.x is installed, the computer runs a program called Loadwc.exe which
must also be added.
598 » Compare
local or remote Registry keys on computers running Windows NT or Windows 95.
NT resource kit, supplement II, contains
Compreg, a 32-bit, command-line utility that compares local or remote Registry
keys on computers running Windows NT or Windows 95..
Command-line
syntax:
compreg key1
key2 [-v] [-r] [-e] [-d] [-q] [-n] [-h] [-?]
where:
key1 key2 Local or remote Registry keys to
compare (default:
HKEY_CURRENT_USER)
(example:
\\HOTDOG\HKEY_LOCAL_MACHINE\Software)
The Registry subtrees can be
abbreviated as follows:
HKEY_LOCAL_MACHINE
lm
HKEY_CURRENT_USER
cu
HKEY_CLASSES_ROOT
cr
HKEY_USERS us
If key2 is the name of a
computer, the key name specified in key1 is
appended automatically.
-v Verbose.
Prints both differences and matches.
-r Recurse
into subkeys that only exist in one key.
-e Sets
the error level to the error code that was in effect the last time the
utility was run. By default, the
error level is set to the number of
differences that were found.
-d Prints
only the value entry names, not the actual values.
-q Quiet.
Prints only the number of differences.
-n No
color in output. By default, color is used.
-h Displays
additional help.
-? Displays
this screen.
Examples:
compreg
"\lm\system\currentcontrolset\control\session manager" \\JSI002
compreg
HKEY_CURRENT_USER\Jerry HKEY_CURRENT_USER\Jennifer
Sample output:
2 \DOS
Devices!Mouse REG_SZ,[\Device\PointerClass0]
. . . . . . . .
. . . . . snip . . . . . . . . . . .
1
\Environment!PROCESSOR_IDENTIFIER REG_SZ,[x86 Family 5 Model 2 Stepping 5,
GenuineIntel]
2
\Environment!PROCESSOR_IDENTIFIER REG_SZ,[x86 Family 6 Model 3 Stepping 4,
GenuineIntel]
. . . . . . . .
. . . . . snip . . . . . . . . . . .
1 \Memory
Management!IoPageLockLimit REG_DWORD,[8192]
2 \Memory
Management!IoPageLockLimit REG_DWORD,[4096]
1 \Memory
Management!PagingFiles REG_MULTI_SZ,[C:\pagefile.sys 108 108|D:\pagefile.sys
108 108|]
2 \Memory
Management!PagingFiles REG_MULTI_SZ,[C:\pagefile.sys 96 96|]
2 \Memory
Management!SecondLevelDataCache REG_DWORD,[0]
. . . . . . . .
. . . . . snip . . . . . . . . . . .
1
!RegisteredProcessors REG_DWORD,[4]
2
!RegisteredProcessors REG_DWORD,[2]
End of search :
29 differences found.
Notes:
Output produced
by this utility consists of blocks of lines. Each block describes one
difference. Each line starts with 1 or 2 (indicating whether it concerns key1
or key2), then the name of the key or value entry, and optionally the value type
and data. Lines starting with an 'X' indicate values and subkeys that exist in
both keys. Blocks containing one line indicate that a particular subkey or
value entry is present only in that key. Blocks containing two lines indicate
that there is a difference between the data types or actual values of the
entries.
599 » How do I
configure Windows NT for LPR with a HP JetDirect?
The steps
necessary to configure Windows NT to print to a HP JetDirect print server
device using Line Printer Remote are:
1. Install the
TCP/IP Printing service.
Control Panel /
Network / Services tab and press Add.
Click TCP/IP
Printing, press OK and click Close.
Shutdown and
Restart when prompted.
Re-apply your
latest Service Pack / Hotfixes.
2. Setup the LPR
Port.
Start / Settings
/ Printers.
Double-click Add
Printer.
Click My
Computer and click Next.
Click Add Port
when prompted.
Click LPR Port
and New Port.
Enter the IP
address of the HP JetDirect external print server or the internal
HP JetDirect
adapter in Name or address of server providing lpd.
Enter raw1 in
Name of printer or print queue on that server for an internal
HP JetDirect
adapter or raw1, raw2, or raw3 for an external HP JetDirect print server device
(based on the HP
JetDirect port that the printer is connected to).
Click OK, click
Close, and then click Next to complete the installation of the printer.
3. Verify TCP/IP
settings.
Make sure that
you have Firmware revision A.05.05/6 or later.
PING <IP
address> where<IP address> is the HP JetDirect device's IP address.
600 » PPTP
registry entries.
PPTP registry
entries are at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RASPPTPE\Parameters\Configuration
AuthenticateIncomingCalls
is a type REG_DWORD which defaults to 0. A 1 forces the PPTP protocol to only
accept calls from IP addresses listed in the PeerClientIPAddresses value.
PeerClientIPAddresses
is a type REG_MULTI_SZ and contains a list of IP addresses, one per line.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\<adapter
name>\Parameters\Tcpip
DontAddDefaultGateway
is a type REG_DWORD which defaults to 1. An entry of 0 will disable a default
route for your LAN adapter.
PPTPFiltering is
a type REG_DWORD which defaults to 0. A value entry of 1 causes the adapter to
only accept PPTP connections.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
PPTPTcpMaxDataRetransmissions
is a type REG_DWORD which defaults to 9. It represents the number of times that
a PPTP packet will be retransmitted if it is not acknowledged. The value is set
higher than the default TCPMaxDataRetransmissions value to prevent dead gateway
detection from occurring on congested Internet links.
601 »
Poolmon.exe from NT CD tracks paged and nonpaged memory usage.
If you receive
Query pooltags Failed c0000002 when starting Poolmon.exe, the GlobalFlag value
in the registry must be set using Regedt32.
As setting this
value causes NT to use extra resources to gather pooltag information, record
the current value of GlobalFlag so it can be reset when you are done using
Poolmon.exe. Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session
Manager
and set the
GlobalFlag value which is a type REG_DWORD by turning on the bit that
corresponds to a Hex 400.
If you have the
NT resource kit, supplement 2, you can
use Gflags.exe to do this.
To use this
utility to enable Pool tagging:
Double-click on
the Gflags.exe file in the resource kit directory or open a MS-DOS command
prompt and type in GFLAGS and press Enter. After the GFLAGS window opens, set the
destination in the upper window to System Registry. In the lower portion of the
window, click to select the Enable Pool Tagging check box. Windows NT will have
to be restarted for the change to take affect.
GFLAGS can also
set the flag required for the kernel feature of Oh.exe, a tool that shows the
handles of open windows. For usage information, at a MS- DOS command prompt
type: gflags /?
GlobalFlag
consists of 32 bits that are used as switches to enable or disable several
different advanced internal system diagnostics and troubleshooting tests. For
more information, see the definition of Ntexapi.h FLG_ in the Win32 SDK.
602 » TCP/IP
Printing service hangs..
Your TCP/IP
Printing service hangs and the Stop and Start buttons in Control Panel / Services
don't function. You may also receive
Could not start
the TCP print server service on (servername)
Error 2186: The
service is not responding to the control function.
If the TCP/IP
Printing service starts before the Spooler service, the above will happen. Use
tip 069 to configure the LPD Service at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LPDSVC
Add Value name
DependOnService as a type REG_MULTI_SZ and set the data value to Spooler.
Stopping the
Spooler service will now stop the TCP/IP Printing service and starting the
TCP/IP Printing service will first start the Spooler service (if it is not
already started).
603 » How do I
install a BDC using TCP/IP?.
When you install
a BDC, the PDC must be available to establish a computer account and to assign
the SID to the BDC.
Name resolution
for the PDC can be established by using WINS or a LMHOSTS file:
- Enter a
primary (optionally, a secondary) WINS server where the PDC has registered the
domain<1Bh> entry.
- Use an LMHOSTS
file that has at least an entry for the PDC as follows:
<PDC IP
address> "DOMAINNAME \0x1B" #PRE
There must be
exactly 20 characters inside the double quotes.
If a WINS server
is not available, the LMHOSTS file can be used by importing it from a floppy
disk or from an existing physical drive on the computer being installed. The
location for importing the LMHOSTS file is in the Advanced options in the
TCP/IP configuration dialog during Network setup. This must be completed during
the portion of Setup where you configure the properties of the TCP/IP protocol.
If the PDC
cannot be located during setup, you will get the following error message:
The domain controller for this domain cannot
be located.
If you get this
message, check:
- Adapter
configuration settings.
- Default
gateway configuration on the adapter.
- If using WINS,
make sure the WINS server you are pointing to contains the 1Bh registration for
the domain name.
- Check the
syntax of the LMHOSTS file.
If you fixed
anything, restart the server. It will start at the GUI portion of setup.
See tip 463 for
how to get clients to validate against this BDC.
604 » Monster
Truck Madness 2 needs help installing on multi-processor.
Monster Truck
Madness 2 runs fine on a multi-processor, but it won't install. The installation
creates a temporary program named Ebunn.exe, where nn is a random number. This
program is brain dead and can't run on a multi-processor. To fake it out:
- Start the
Monster Truck Madness 2 Setup program.
- When the Setup
screen is displayed, give it the Three Finger Salute (CTRL+ALT+DELETE).
- Click Task
Manager.
- Click the
Processes tab.
- Right-click
the Ebunn.exe process.
- Click Set
Affinity.
- Clear the
check mark from each CPU except CPU 0 and then click OK.
- On the File
menu, click Exit Task Manager.
Continue the
installation.
The Ebunn.exe
program is deleted when Monster Truck Madness 2 Setup is finished.
605 » Winmsd.exe
displays incorrect IRQ on Multi-Processor.
When you run
Windows NT Diagnostics, Winmsd.exe, on a computer that adheres to Intel
Multi-Processor Specification (MPS) v1.4, the IRQ displayed for Peripheral
Component Interconnect (PCI) devices may be wrong.
The problem
occurs because Winmsd.exe displays IRQ information directly from the MPS
interrupt table and the MPS v4.1 specification changes the format of PCI
devices in the MPS interrupt table to improve support for multiple PCI bus PCs.
To troubleshoot possible IRQ conflicts on a MPS v1.4-based computer using
Winmsd.exe , you must use the uni-processor HAL.
To temporarily
use the uni-processor HAL and kernel files:
1. Copy Hal.dll
and Ntoskrnl.exe from the CD or expanded Service Pack (SPfileName.exe /x) to
the %TEMP% folder. Then:
Rename
%TEMP%\Hal.dll %TEMP%\UniHal.dll
Rename
%TEMP%\Ntoskrnl.exe %TEMP%\UniKrnl.exe
Move
%TEMP%\UniHal.dll %Windir%\System32\UniHal.dll
Move
%TEMP%\UniKrnl.exe %Windir%\System32\UniKrnl.exe
2. Attrib -r -s
-h c:\Boot.ini
3. Edit
c:\boot.ini and add an additional entry, which is the same as your default
execpt it should look something like:
multi(0)disk
....\WINNT40="Windows NT Version 4.00 - UNIHAL" /hal=unihal.dll
/kernel=unikrnl.exe ....
4. Save
c:\boot.ini
5. Attrib +r +s
+h c:\Boot.ini
When you need to
get an accurate IRQ listing, boot to the UNIHAL entry and run Winmsd.exe
606 » Error 1326
when running the Remote Command Service (RCMD).
RCMD.EXE from
the NT resource kit, supl II, is a Client (RCMD.EXE) / Server (RCMDSVC.EXE)
tool for remotely issuing commands on a Windows NT Server.
If you receive
the subject error when using RCMD.EXE, there has been a logon failure to the
server. Correct this by opening a command prompt on the client and typing:
net use
\\<ServerName>\IPC$ /User:<DomainName>\<UserName>
where
<ServerName> is the server on which you are attempting to run a remote
command
and
<DomainName>\<UserName> is a Domain Administrator account.
See tip 239 for
a "donnationware" remote console facility.
607 » How do I
remove the WINS server entry for an old WINS server?
When a WINS
server is removed from the replication network, its' entry is not removed from
the WINS database of the other WINS servers. These entries are replicated
indefinetly.
To remove these
PersonaNonGrata, edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WINS\Partners
Add Value name
PersonaNonGrata as a type REG_MULTI_SZ. Set it to the IP address of the
non-existent WINS server. If there are more than 1, each IP address is entered
on a seperate line.
Stop and restart
your WINS server. You can now use WINS Manager to delete it is an owner.
608 » My
Computer does not remember column widths that I set while viewing Details.
Changes to the
column width while viewing Details are not always remembered in My Computer.
To cause these
to be retained, view Details in Windows NT Explorer. Adjust the column widths
at the drive level. When you exit Explorer, the settings will be saved and
migrated to My Computer.
609 » A better
way to replicate.
The Directory
Replicator Service that is provided by Windows NT Server requires exclusive
access to Netlogon and REPL$. When it doesn't get exclusive access, replication
fails.
A better way to
replicate is to use the ROBOCOPY utility from the NT resource kit, supl 2.
Unlike the Replicator Service, ROBOCOPY can
replicate any number of directories, handle very large files, and doesn't
require exclusive access. ROBOCOPY /? returns:
ROBOCOPY v
1.71 :
Robust File Copy for Windows NT (from Supplement Two)
Usage : ROBOCOPY
source destination [file [file]...] [options]
source : Source
Directory (drive:\path or \\server\share\path).
destination :
Destination Dir (drive:\path or
\\server\share\path).
file : File(s)
to copy (names/wildcards - default is
"*.*").
/S : copy
Subdirectories, but not empty ones.
/E : copy
subdirectories, including Empty ones.
/R:n : number of
Retries on failed copies - default is 1 million.
/W:n : Wait time
between retries - default is 30 seconds.
/REG : Save /R:n
and /W:n in the Registry as default settings.
/X : report all
eXtra files, not just those selected.
/V : produce Verbose
output, showing skipped files.
/L : List only -
don't copy, timestamp or delete any files.
/ETA : show
Estimated Time of Arrival of copied files.
/MOVE : Move
files and dirs (delete from source after copying).
/PURGE : delete
dest files/dirs that no longer exist in source.
There are at
least 4 ways that you can use ROBOCOPY to do your replication:
1. A manually
invoked batch file:
robocopy
\\<SourceServer1>\admin$\system32\repl\export\
\\<SourceServer1>\admin$\system32\repl\import /s /v /r:1 /w:1 /eta
robocopy
\\<SourceServer1>\admin$\system32\repl\export\
\\<DestinationServer1>\admin$\system32\repl\import /s /v /r:1 /w:1 /eta
NOTE:
<SourceServer1> and <DestinationServer1> are the names of the
computers being synchronized.
The first time
that you replicate, use SCOPY to preserve permissions and then use ROBOCOPY
which will maintain the permissions.
2. You can cause
the above batch file to continuously loop:
:LOOP
robocopy
\\<SourceServer1>\admin$\system32\repl\export\
\\<SourceServer1>\admin$\system32\repl\import /s /v /r:1 /w:1 /eta
robocopy
\\<SourceServer1>\admin$\system32\repl\export\
\\<DestinationServer1>\admin$\system32\repl\import /s /v /r:1 /w:1 /eta
Sleep 1800
goto LOOP
Sleep is a
Resource Kit utility. The above sleeps for 1800 seconds, ½ hour.
3. Schedule the
batch file from number 1.
The schedule
service runs under the context of the system account which is local and has no
network access. Create a new user account that is a member of the domain admin
group with a non-blank, non-expiring password. In user manager for domains,
give it all the advanced rights it may ever need including logon as a service
and batch job.
In control panel
services, stop the schedule service. Configure it to start automatically and to
use this new account. Start the scheduler service.
AT 12:00AM
/every:m,t,w,th,f,sa,su <Drive:>\Folder\replicate.bat
AT 08:00AM
/every:m,t,w,th,f,sa,su <Drive:>\Folder\replicate.bat
AT 12:00PM
/every:m,t,w,th,f,sa,su <Drive:>\Folder\replicate.bat
AT 08:00PM
/every:m,t,w,th,f,sa,su <Drive:>\Folder\replicate.bat
4. Run it as a
service
You can use the
batch file from number 2 and Instsrv.exe to create the regiistry entries for
the SRVANY service. These utilites are also from the Resource Kit.
NOTES:
You use the
/purge option to delete files on the destination that have been removed from
the source if you wish to emulate this replicator service function.
You may wish to
limit the default retries as the destination files may be in an open status.
Using /R:5 /W:5 will timeout faster.
If you pipe the
output, check that your log file isn't consuming too much space.
You can run
ROBOCOPY on any machine, even a Workstation. It does not have to run on the
source or destination computer.
If absolute
symmetry between the source and destination directories is needed, the /purge,
/e, /t, and event /is switches can be used. See the online help and the
Robocopy.wri file, you may not need to be this exacting.
610 »
"Access to the specified device, path or file is denied.".
When you start a
program from the desktop, the Start menu, a shortcut, or from a file
association, you will receive one of the following messages if the application
is located in \Program Files and the path is not enclosed in double quotes in
either the shortcut or the registry:
Access to the
specified device, path or file is denied.
Access to the
driver, specified path, or file is denied.
This can also
happen if you have a \Program folder on the same drive as \Program Files
Right click the
shortcut and enclose the Target in double quotes.
Use regedit to
search the registry for a data string equal to the Target and enclose it in
quotes.
611 » Your
system hangs during heavy I/O and you can only restart.
There is a bug
in NT 4.0 that causes the system to stop responding during very heavy I/O
operations such as multiple file copies. You have to reboot.
Microsoft has
confirmed the above is a problem and no fix has yet been found. If the problem
is pervasive, consider setting UtilizeNTCaching to 0 until a hotfix is available.
See tip 231.
612 » How do I
delete multiple users from a group?
I use a batch
job to do this. I create a comma delimited text file that contains entries with
the following syntax:
GroupType,Group
Name,User Name where:
Group Type is G
for a Domain Global Group, W for a Workstation Local Group, and L for a Domain
Local Group.
Create the
following two batch files in your path:
DELFROMG.BAT
@echo off
del /q %2
for /f
"tokens=1-3 delims=," %%i in ('type %1') do call DELUSRG %%i
"%%j" "%%k" >>%2 2>>&1
exit
DELUSRG.BAT
@echo off
if
%2=="" goto err
if
%3=="" goto err
if /i
"%1"=="g" goto dgg
if /i
"%1"=="l" goto dlg
if /i
"%1"=="w" goto wlg
:err
@echo
Error:%1,%2,%3
goto end
:dgg
@ECHO ON
net group %2 %3
/DELETE /DOMAIN
@ECHO OFF
goto end
:dlg
@ECHO ON
net localgroup
%2 %3 /DELETE /DOMAIN
@ECHO OFF
goto end
:wlg
@ECHO ON
net localgroup
%2 %3 /DELETE
@ECHO OFF
:end
To run the batch
file, I create as many entries in the text file as I need and then invoke
DELFROMG:
DELFROMG
"<Drive:>\folder\textfile.txt"
"<Drive:>\Directory\logfile.log"
614 »
IntelliPoint can hang Windows NT 4.0 with ½ dozen 16-bit apps running.
If you have
Microsoft IntelliPoint software versions 2.0, 2.1, or 2.2, your computer may
hang when a ½ dozen 16-bit apps are open.
Install
IntelliPoint 2.2a or later from the Microsoft Web site.
615 » Speed up
your SBS shutdown.
If SBS takes
forever to shutdown, add:
net stop
"microsoft exchange information store" /y
net stop
"microsoft exchange internet mail service" /y
net stop
"microsoft exchange message transfer agent" /y
net stop
"microsoft exchange directory" /y
net stop
"microsoft exchange system attendant" /y
net stop
"modem sharing service" /y
net stop
"microsoft winsock proxy service" /y
net stop
"microsoft proxy server administration" /y
net stop
"microsoft fax service" /y
net stop
"microsoft dhcp server" /y
net stop
"computer browser" /y
net stop
"net logon" /y
net stop
"alerter" /y
net stop
"messenger" /y
net stop
"server" /y
to the batch at
tip 166.
You might also
want to look at tip 083 and tip 033.
616 » Restore,
COPY and XCOPY do not preserve short file names.
Short file name
(8.3) equivalents of long file names (LFN) are created dynamically. If you have
an application (or user) that relies on the 8.3 equivalent, restoring or copy
these files will regenerate the short file name.
There is no fix
other than to adhere to a strict 8.3 naming convention if your app must
reference 8.3 names and/or your user can't be educated.
617 » How do I
remove all files and sub-directories from a folder, without removing the
folder?
Typing RD /S /Q
<Drive:>\FolderName will delete all files, sub-directories and the
<Drive:>\FolderName also. If you wish to not remove the target folder,
create DELTREE.BAT in your path:
@echo off
pushd %1
del /q *.*
for /f
"Tokens=*" %%i in ('dir /B') do rd /s /q "%%i"
popd
exit
To delete all
the files and sub-directories in <Drive:>\My Test Folder, type:
DELTREE
"<Drive:>\My Test Folder"
619 » You
installed a full retail Windows NT Server over an NFR Server but can't connect
more than 10 clients.
Use Regedt32 to
navigate to:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\Users
Double-click the
Users value name, a data type of REG_DWORD, and change the value from 10 (Hex 0a),
to Hex FFFFFFFF.
You will need to
reboot the server for this change to take effect.
Note: You can
not use the NFR Setup diskettes. Discard these and only use the full retail
ones when performing an update or repair. If you lost these, run Winnt32 /OX or
Winnt /OX from the retail server CD.
Note: You can
not use a version upgrade to update an NFR version. It must be the full retail
product.
Note: If you
receive Evaluation Period Expires on Non-Evaluation Copy of Windows NT, see
Q173507.
620 » How do I
delete a network connected printer?
The proper way
to delete a network connected printer, specially if you intend to ever add it
back, is:
1. Start /
Settings / Printers, select the printer and File / Delete.
2. Start /
Settings / Control Panel / Services, scroll to the Spooler service and press
Stop.
3. Use Regedt32
to delete the following keys:
HKEY_CURRENT_USER\Printers\DevModes2
HKEY_CURRENT_USER\Printers\Settings
4. Shutdown and
Restart your Windows NT computer.
623 » What
should I name my computer?
A Windows NT
computer name can be up to 15 alphanumeric characters with no blank spaces and
must be unique on the network. It can contain the following special characters:
! @ # $ % ^
& ( ) - _ ' { } . ~
It may not
contain:
\ * + = | : ;
" ? ,
If you have non
Windows NT clients, I would restrict the name to 12 alphanumeric characters.
DNS does not
like % # _ and some applications do not like - so I wouldn't use them.
I personally
only use alphanumeric characters.
Do NOT use all
numeric characters.
624 » IOMEGA ZIP
utility makes name disappear during Explorer rename.
After installing
the IOMEGA ZIP utilities, the name disappears during an Explorer rename.
To solve the
problem, remove the imgicon.exe shortcut from your StartUp folder.
You must leave
the nstart.ex or you won't be able to access your zip drive.
625 » Windows 95
can't log on after running C2CONFIG.
If you run
C2CONFIG from the Resource Kit on your DC (Domain Controller), W95 clients may
receive:
User not allowed
to log on at this computer.
-or-
You are not
allowed to log on from this workstation.
The NT Security
log contains event ID 533.
To resolve the
problem, edit the DC's registry and delete:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\CrashOnAuditFail
626 » You added
an additional NIC and RRAS generates errors.
If the subject
actions causes a System Event Log error:
Event ID : 20101
Source : Router
Type : Warning
Description:
Using the default value for Registry parameter Enabled
because the value
given is not in the legal range for the parameter.
This error does
not prevent RRAS from functioning properly. It is caused by an incorrect value
in the registry. Edit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Router\Interfaces\(x)
where (x) varies
based on the number of NICs installed. Look for the Enabled value name of each
key, a type REG_DWORD value. The valid enties are:
0 - False
1 - True
(default)
When you find
the Enabled value name that is not set to 0 or 1, set it to 1.
627 » Error code
87 is not a Windows NT bug.
If an
application stops functioning and Dr. Watson generates:
Could not attach
to the application. Windows NT error code = 87
-or-
Windows NT Error
Code 87
it is due to the
application self terminating or being shutdown by another application, causing
an access violation. Dr. Watson can't attach as the application is already
shutdown. The Dr. Watson log contains:
Could not Attach
to the application
Windows NT Error
Code 87
with no
additional debugging information.
628 » Exchange
client validation is eating my WAN's lunch.
When you access
an Exchange Server from your domain account, you must be authenticated.
If the Exchange
Server is a BDC for the users domain, no additional traffic is generated. If
the Exchange Server is not a BDC or the client is from a trusted domain,
pass-through authentication must find a domain controller. If you have WINS, a
broadcast of up to 25 domain controllers will sent. The first computer to
respond will be the authenticating server, even if it is remote or not on the
same network segment. This process is responsible for all that network traffic.
The solution is
to place a BDC on the same network segment as the Exchange Server and to use
tip 463 to insure local authentication.
629 » SBS users
folder must have specific permissions.
Unlike Windows
NT, the SBS Users Shared Folders must have a share name of users and must have
specific permissions. With Windows NT, you can setup the share(s) and
permissions using tip 400 and tip 557. With SBS you must:
Share the Users
Shared Folders as users with Full Control for Everyone.
Set NTFS
permissions as:
Administrators Full Control (All)(All)
CREATOR OWNER Full Control (All)(All)
Domain Admins Full Control (All)(All)
Domain Users Read (RX)(RX)
Server Operators Change (RWXD)(RWXD)
SYSTEM Full Control (All)(All)
If the Users
Shared Folders has been move or renamed, (or if the above permissions are not
set) the Add a New User wizard in Manage Server will genrate:
Unable to create a shared folder for
<username>.
When you click
OK:
The Wizard successfully created a user
account for <user_fullname> with the username <username>.
If the directory
has been moved or renamed, you should unshare the folder and set it up
properly. Then you must restart the SBS computer.
630 »
Application Event log - Frontpage Server Extensions.
If receive many
error from Frontpage Server Extension like:
Frontpage Server
Extensions
Error 20002:
cannot open file "isapi stream out" for writing
or
OS Error 2: no
such file or directory
you should edit:
Hkey_Local_Machine\System\CurrentControlSet\Services\W3SVC\Parameters
Double click the
Filter DLLs key and insure that only valid paths are listed. Remove any invalid
paths.
631 » Desktop
and Start Menu shortcuts don't run.
Your exefile
entry(s) in the registry have become corrupt. Run REGEDIT and import:
REGEDIT4
[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content
Type"="application/x-msdownload"
[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:d8,07,00,00
[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"
[HKEY_CLASSES_ROOT\exefile\shell]
[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\"
%*"
[HKEY_CLASSES_ROOT\exefile\shellex]
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PifProps]
@="{86F19A00-42A0-1069-A2E9-08002B30309D}"
If REGEDIT won't
run, see tip 271.
632 » Event ID
5711 occurs every five minutes on the PDC.
Event Id 5711 -
Source: NETLOGON
Description: The
partial synchronization request from the server <BDC> completed
successfully. X changes(s) has(have) been returned to the caller.
You may also
receive any of the following on your BDCs:
Event Id 5730 - Source: NETLOGON
Description: Replication of the SAM Global
Group "Rid: 0x201" from
primary domain controller failed with the following error:
Cannot perform this operation on built-in
accounts.
Event Id 5731 - Source: NETLOGON
Description: Replication of the BUILTIN
Local Group "Rid: 0x220" from
primary domain controller failed with the following error:
Cannot perform this operation on built-in
accounts.
Event Id 5716 - Source: NETLOGON
Description: The partial synchronization
replication of the BUILTIN
database from the primary domain
controller failed with the
following error:
Cannot perform this operation on built-in
accounts.
This is
generally caused by modifiy the group membership of a built-in account. You may
have removed Administrator from the Administrators group on a Domain
Controller. You may have:
Made the
Administrator's account a non-Administrator account.
Disabled the
Administrator's account by clicking the disable account check box.
Set the
Administrator's account to expire.
Removed the
Domain Admins global group from the Administrators local group.
Removed
Administrator from the Domain Admins global group.
To fix the
problem, reverse your action(s).
633 » How do I
keep my development IIS from broadcasting its' availability on the network?
You can disable
the SAP boradcast by editing:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\<ServiceName>\Parameters
and setting
EnableSvcLoc, a type REG_DWORD to 0. The default is 1.
<ServiceName>
is:
MSFTPSVC,
GOPHERSVC, and W3SVC.
See tip 391.
634 » Are you
unable to browse your local LAN when connected via RAS?
Add a persistent
route to your local subnet.
After a fresh
reboot (or if RAS has not been used since the last reboot), type:
ROUTE PRINT
To add a
peristent route for your local subnet:
route -p <ip
network> mask <subnet mask> <local gateway>
If you have a
Class C network with the gateway at 123.45.1.10, then:
route -p 123.45.1.0
mask 255.255.255.0 123.45.1.10
635 » Does your
Internet connection seem slow?
By default,
Windows NT attempts to discover the maximum transmission unit (MTU) of all
connections beyond your local subnet. Limiting TCP segments to this size reduces
fragmentation at the routers along your connection path, increasing your
throughput. You may have inadvertantly disabled this feature while tuning your
network. Navigate to:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
If you have a
value name of EnablePMTUDiscovery, a type REG_DWORD that is set to 0, discovery
is turned off. The lack of this value means that discovery is turned on. The
possible data values are:
0TCP uses an MTU
of 576 bytes for all connections to computers outside the local subnet.
1TCP attempts to
discover the MTU of the path to a remote host. This is the default.
636 » Number of
files in a FPNW folder is limited to 16K.
When a client
connects to an FPNW (Microsoft File and Print Services for NetWare) volume,
they can not see files in very large directories. If more than approximately
16,000 files exist in an FPNW folder, clients can not see them.
There is
currently no solution other than to reduce the file count in the folder to
something below 16,000 files.
637 » Microsoft
Windows NT Server Support Tools, version 1.0.
The Microsoft
Windows NT Server Support Tools, version 1.0 have been developed for the x86
platform and include:
1. New debugger
extensions to facilitate examination and analysis of a wider
range of Kernel data structures than is
conveniently possible today,
especially when dealing with crash dumps.
This set of tools is known as
the "Kernel Debugger Extensions."
2. Tools for
memory pool caller-tracking/tail-checking and increasing
available pool statistics. This set of
tools is known as the "Pool Enhancements."
3. A
heuristics-based kernel memory crash dump analysis tool to aid in
diagnosing memory corruption problems. This
tool discovers and analyzes
anomalies in the kernel memory space and is
known as the "Kernel Memory
Space Analyzer."
To install the
tools, double-click the OEMTools.exe in a temporary directory to extract them.
Read the readme.txt file in the root of the temporary folder.
638 » How do I
interpret \Device\Hardisk#\Partition#?
If you receive a
message that includes this type of disk identifier, you need to edit the
registry. The process is different for SCSI versus IDE drives.
IDE
HKEY_LOCAL_MACHINE\Hardware\Devicemap\Atdisk
Controller0 look at the controller address and interrupt.
disk0 look at identifier string for manufacturer and model#
disk1 look at identifier string for manufacturer and model#
Controller1 look at the controller
address and interrupt.
disk0 look at identifier
string for manufacturer and model#
disk1 look at identifier string for manufacturer and model#
SCSI
HKEY_LOCAL_MACHINE\Hardware\Devicemap\Scsi
Scsiport0 look at driver, Interrupt, and IOAddress
Scisbus0
Targetid0
Logical Unit Id 0 look at identifier and type.
Targetid1
Logical Unit Id 0 look at identifier and type.
Targetid4
Logical Unit Id 0 look at identifier and type.
Scsibus1
Targetid0
Logical Unit Id 0 look at identifier and type.
Targetid1
Logical Unit Id 0 look at identifier and type.
Targetid2
Logical Unit Id 0
Scsiport1 look at driver, Interrupt and I/O Address.
Scsibus0
Targetid0
Logical Unit Id 0 look at identifier and type.
Using the
identifier and type values, determine which entries are disks and which are
CD-ROMS, Tapes, Scanners, etc. In each value name of Type, a type REG_SZ value,
the entry DiskPeripheral equates to a Disk # in Disk Administrator and to a
\device\harddisk#, where # starts at 0.
To find
\device\harddisk3, find the 4th DiskPeripheral. Note that SCSIPORT is a SCSI
controller, SCSIBUS is a channel (some controllers have dual channels), and
TARGETID is the SCSI ID (0 -6 with 7 being the controller). If you are not sure
which SCSIPORT represents which SCSI controller, look at the driver, I/O
Address, and Interrupt of the SCSIPORT entry and match it with the hardware
configuration set on the controller. For IDE Devices, the drives are in
master/slave configuration order on each controller.
Partition#
starts at 1.
639 » Your RAS
clients are registered with WINS using the IP address of the RAS Server's NIC.
This shouldn't
be. Your RAS clients should be registered with their RAS assigned IP address.
To solve this:
Configure your
RAS clients to use only the TCP/IP protocol.
-or-
Configure your
RAS Server to accept connections using only the TCP/IP protocol.
The NetBIOS
Gateway portion of the RAS Server allows RAS Clients to communicate with non-IP
or IP-only Local Area Network (LAN) clients.
640 » Guest
group membership can cause loss of a Domain Users profile.
If a user is
added to the Guest group, Windows NT may delete the users profile when they log
off.
Guest group
profiles are stored temporarily. Regular users should not be a member of the
Guest group.
Note: If an
Administrator is a member of the Guest group, their profile will not be
deleted.
641 » Language
differences may cause Print Paper Tray settings to be ignored.
If you have A4
format configured on your print server, a client running a different language
version may have Letter format configured.
This is caused
by an inadvertant mis-match when the client side Rasddui.dll library compares
the its' own paperbin settings with the print server's. The language difference
causes the names to be different.
There is
currently no fix for this problem.
642 » How do I
add support for the HPFS file system?
Windows NT 4.0
does not support the HPFS file system unless it was installed prior to
upgrading. If you wish to add support for HPFS to a new Windows NT install,
copy Pinball.sys from the NT 3.51 CD or an existing computer to
%SystemRoot%\System32\Drivers. Use Regedit on an existing Windows NT Platform
that supports HPFS and export:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Pinball
Import it to
your Windows NT 4.0 computer.