Friday, June 12, 2009

disable ctrl shift esc

Most of you probably know that ctrl+shift+esc brings up the task manager.

Today i learned a sneaky way to disable that combination

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"debugger"="Disabled"

Wednesday, June 10, 2009

Office 2007 Quick Access Toolbar and roaming profiles

Office 2007 features a new toolbar in all applications, called the Quick Access Toolbar.
A user may add or remove their own buttons.

By default, the .qat files containing the user’s settings are saved in the following location in Windows XP or Windows Server 2003:
C:\Documents and Settings\username\Local Settings\Application Data\Microsoft\Office

And for Windows Vista or Windows Server 2008 in:
C:\Users\usernameAppData\Local\Microsoft\Office

Here’s how to make sure this bar roams with the user:

Locate and then click to select the following registry subkey:
HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Toolbars
If you use policies, select the following registry subkey:
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Common\Toolbars

New DWORD value called “QuickAccessToolbarRoaming” with value “1”

regfile:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Toolbars]
"QuickAccessToolbarRoaming"=dword:00000001

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Common\Toolbars]
"QuickAccessToolbarRoaming"=dword:00000001

Microsoft’s article on this:
http://support.microsoft.com/kb/958062

Office 2007 customizing (VLK)

If you want to customize your Office 2007 setup, here’s how:

setup.exe /admin

Then go through all steps in the customization wizard.
Be sure to have “completion notice” turned on and “suppress modals” turned off (this is to get to see errors, if any exist). Once you’re done with testing, go through the customization again to modify the MSP to disable completion notice and enable suppress modals. For completely silent install, you MUST set the DisplayLevel to “none”.
Save the resulting patch file in the same folder as o2k7 setup files.
Now just execute this command for silent install:

setup.exe /adminfile CUSTOM.MSP

OR

If you have Office 2007 Enterprise VLK, you could even drop the CUSTOM.MSP file in the “Updates” folder and setup will pick it up automatically (without any switches being used). For this, ensure you have WindowsInstaller 3.1 already installed. You can add in further MSP files (e.g. extracted from SP2 update EXE) as well, to have updates applied during install.

Sunday, June 7, 2009

disable IntelPPM service

The IntelPPM should be enabled on all Intel systems. If not, the processor will overheat.
But it can not be enabled on systems with an AMD processor. The system won’t boot and result in a 0×000007 bluescreen.

This is something you need to know if you want to create images and deploy it on different systems.

_disable_intelppm.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelppm]
"Start"=dword:00000004

_enable_intelppm.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelppm]
"Start"=dword:00000001

areca master password

It’s actually a pretty big security issue, but i’m glad it exists :)
Can’t access your raid configuration anymore? Forgot your password?

areca master password: MNO974315743924 (works on 1160, 1210 (McBIOS), …)

And just a reminder:
areca default archttp32 user/pass: admin/0000

remove Windows Messenger

RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove

rebuild 3ware array

Just a reminder for myself on how to rebuild degraded 3ware arrays on some of my linux machines with the cli tool.

Scenario:
The degraded drive is connected to port 2.
The drive is connected to controller 0.
Port 0 is member of unit 0.

  1. Remove the drive
    tw_cli maint remove c0 p2
  2. Now replace the drive
  3. Enable the new drive
    tw_cli maint rescan c0
  4. Assign the drive to a temporary unit
    tw_cli maint createunit c0 rspare p2
  5. rebuild the array
    tw_cli maint rebuild c0 u0 p2

prevent usb disk from going into standby mode

This week i was copying large amounts of data to a Maxtor USB disk using the midnight commander. While the midnight commander was gathering information about the amounts of data to be processed (taking at least 20 minutes or more), the usb disk was going into standby mode.
By the time it was ready and wanted to start copying data, i got all kinds of i/o errors on /dev/sdb (the usb disk).
So i did a filesystem check on the usb disk and started over again. The same happened.

Then it occured to me: the usb disk was going to standby mode. It will come back alive whenever the OS wants to read or write data, but it takes too long resulting in i/o errors.

This command prevents the disk from going to standby mode:

sdparm --clear STANDBY -6 /dev/sdb 

edit:
Today i played around with some usb disks that don’t support the command above, so i had to dig further.
Seems like i missed this option in my (custom compiled) kernel: ” [*] USB selective suspend/resume and wakeup “. This is actually the real fix.

Saturday, June 6, 2009

roaming profiles and corruption

When logging off from a Windows 2000, XP or 2003 machine system processes and applications occasionally maintain connections to registry keys in the user profile after a user logs off. In those cases the user session is prevented from completely ending. This can result in problems when using Roaming User Profiles in a server environment.

Therefor, always install the User Hive Cleanup service from Microsoft:
http://www.microsoft … 18-b570-42470e2f3582.

After doing so i’ve seen some errors in the eventviewer when using Symantec Antivirus v10 or Endpoint Protection. These programs have “Tamper Protection” which means they will block programs from messing around with the main processes from Symantec.
In this case it’s actually pretty clear who’s blocking the registry :)

portforwarding on linux router

When using linux as a router you also might want to forwards some ports.

This should do the trick (it will when using my script from the other post):

iptables -A PREROUTING -t nat -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.1.50:80
iptables -A INPUT -p tcp -m state --state NEW --dport 80 -i eth1 -j ACCEPT

But more generally it might be necessary to add an extra line first to allow traffic to your nic connected to the internet at all:

iptables -A FORWARD -i eth1 -o eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A PREROUTING -t nat -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.1.50:80
iptables -A INPUT -p tcp -m state --state NEW --dport 80 -i eth1 -j ACCEPT