1. Click on Start and select Run.
2. Type in regedit and click OK.
3. Browse to the registry key HKEY_USERS\.DEFAULT\Control Panel\Colors
4. The values will most likely all be 0's. You need to change them to have the values as per the settings below.
HKEY_USERS\.DEFAULT\Control Panel\Colors]
"ActiveBorder"="212 208 200"
"ActiveTitle"="0 84 227"
"AppWorkSpace"="128 128 128"
"Background"="0 78 152"
"ButtonAlternateFace"="181 181 181"
"ButtonDkShadow"="113 111 100"
"ButtonFace"="236 233 216"
"ButtonHilight"="255 255 255"
"ButtonLight"="241 239 226"
"ButtonShadow"="172 168 153"
"ButtonText"="0 0 0"
"GradientActiveTitle"="61 149 255"
"GradientInactiveTitle"="157 185 235"
"GrayText"="172 168 153"
"Hilight"="49 106 197"
"HilightText"="255 255 255"
"HotTrackingColor"="0 0 128"
"InactiveBorder"="212 208 200"
"InactiveTitle"="122 150 223"
"InactiveTitleText"="216 228 248"
"InfoText"="0 0 0"
"InfoWindow"="255 255 225"
"Menu"="255 255 255"
"MenuText"="0 0 0"
"Scrollbar"="212 208 200"
"TitleText"="255 255 255"
"Window"="255 255 255"
"WindowFrame"="0 0 0"
"WindowText"="0 0 0"
"MenuHilight"="49 106 197"
"MenuBar"="236 233 216"
Tuesday, August 10, 2010
Windows 2003 RDP Black login screen
Tuesday, August 3, 2010
Command Line Hack for: "Terminal Server Has Exceeded the Maximum Number of Allowed Connections"
Here’s a command line hack that you can use to figure out what sessions are connected to the server. Note that you could substitute the IP address for the server name.
query session /server:servername
Sample output:
Now we know that the session ID of the offending session is 2. We can use that in the next step, which is using the reset command to log off that user.
reset session [ID] /server:servername
Sample:
This command won’t display any output, but when we run the query command again, we should see that the session has now been disconnected:
Tuesday, May 11, 2010
change eventlog Appication/Security MaxLogSize and Retention value via logon to the Active Directory
'This script will change eventlog Appication/Security MaxLogSize and Retention value via logon to the Active Directory
Const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
Set StdOut = WScript.StdOut
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colOperatingSystems = objWMIService.ExecQuery ("Select * from Win32_OperatingSystem")
For Each objOperatingSystem in colOperatingSystems
'Wscript.Echo objOperatingSystem.Caption
OSVER = objOperatingSystem.Caption
Next
'Wscript.Echo OSVER
If OSVER = "Microsoft Windows XP Professional" Then
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &strComputer & "\root\default:StdRegProv")
'Application Retention and MaxSize
strKeyPath = "SYSTEM\CurrentControlSet\Services\Eventlog\Application"
strValueName = "Retention"
dwValue = 0
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
strValueName = "MaxSize"
dwValue = 20971520
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
'Security Retention and MaxSize
strKeyPath = "SYSTEM\CurrentControlSet\Services\Eventlog\Security"
strValueName = "Retention"
dwValue = 0
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
strValueName = "MaxSize"
dwValue = 20971520
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
End If
SMS Client Installation Issues
The SMS 2003 Advanced Client may fail to install on some systems, and the ccmsetup.log file won't be of much use, providing a generic MSI failure message. The client.msi.log file in the CCMSetup directory contains detailed installation information that is of use in these cases. Before I get to the specifics of this particular issue, note that using the SMSTrace tool in the toolkit will highlight lines with the words "error" and "failed" by default. However, in the client.msi.log file there are lines near the end of the installation that contain "error" and "failed" text that would appear if you used the client installation wizard, yet an error didn't acutally occur. This is just an FYI so the next time you're scrolling through the log file, you have an explanation for the bright red highlighted lines that don't seem to make much sense.
However, one interesting error I hit recently was a 25001 error in the client.msi.log file. The error was as follows:
[21:00:53] Queuing object FIL:C:\WINDOWS\system32\CCM\Bits_v15_Client_Setup.exe with permissions D:
[21:00:53] @@ERR:25001
MSI (s) (30!14) [21:00:53:535]: Product: SMS Advanced Client -- Error 25001. Setup failed due to unexpected circumstances
The error code is 80070534
Error 25001. Setup failed due to unexpected circumstances
The error code is 80070534
This error appeared on a number of servers with IIS installed. After some research, the systems appeared to be copies of an image that was not properly sysprepped. They contained IWAM and IUSR accounts with the name of the imaged machine. While I notified the appropriate folks about the sysprep issue, I still had to address the client installation issue.
Error 80070534 is "No mapping between account names and security IDs was done", so it appeared that this might be an issue.
According to KB 822165, the accounts get recreated if they're deleted, and you bounce the IIS Service. After deleting the accounts and executing IISReset, the IWAM account came back, but still with the old machine name attached.
To address the situation, I created new IWAM and IUSR accounts with the proper names and a secure password. Then, following the steps in KB 909847, I opened the command prompt, navigated to the INETPUB\ADMINSCRIPTS directory, and executed the following commands:
Adsutil.vbs set w3svc/wamusername IWAM_Computer_Name
Adsutil.vbs set w3svc/wamuserpass Password
Adsutil.vbs set w3svc/anonymoususername IUSR_Computer_Name
Adsutil.vbs set w3svc/anonymoususerpass Password
I opened the Component Services console and expanded the component services node to get to the COM+ applications. I went to the properties of IIS Out of Process Pooled, Identity Tab, entered the new IWAM account that I'd created, and clicked OK. I deleted the old IWAM and IUSR accounts and kicked off IISRESET from the Command Prompt.
Afterwards, the client installed correctly.
While this doesn't address the SYSPREP issue, the client did get installed and I'll let the server owner give the box a new ID. Other issues that may have been related to this issue appeared in the application and system event logs. I'm adding these entries to broaden the exposure of this solution through the search engines, in case they pertain:
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10016
Date: xx/xx/xxxx
Time: 11:38:22 AM
User: NT AUTHORITY\SYSTEM
Computer: XXXXXXXX
Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.
and
Event Type: Warning
Event Source: COM+
Event Category: (106)
Event ID: 4434
Date: xx/xx/xx
Time: 10:55:50 AM
User: N/A
Computer: XXXXXX
Description:
A method call to an object in a COM+ application was rejected because the caller is not properly authorized to make this call. The COM+ application is configured to use Application and Component level access checks, and enforcement of these checks is currently enabled. The remainder of this message provides information about the component method that the caller attempted to invoke and the identity of the caller.
Destination of the rejected call:
Application Id: {1512F761-164A-409B-A6F1-1ED00F1CD986}
CLSID: {1C864233-BE46-4D65-B26C-01850DC5424C}
IID: {00020401-0000-0000-C000-000000000046}
Method #: 18
Class: CSRBSL.cBSLPerformance
Interface: (unknown)
Method: (unknown)
Caller Information:
Svc/Lvl/Imp = 10/6/2, Identity = XXXXXX
and
Event Type: Warning
Event Source: Perflib
Event Category: None
Event ID: 2003
Date: xx/xx/xxxx
Time: 8:50:29 AM
User: N/A
Computer: XXXXXXX
Description:
The configuration information of the performance library "C:\WINDOWS\system32\inetsrv\w3ctrs.dll" for the "W3SVC" service does not match the trusted performance library information stored in the registry. The functions in this library will not be treated as trusted.
Use full links -
Thursday, February 11, 2010
Picassa to Facebook Uploader
If you haven't already, you can download it here.
Click the button above to launch Picasa and install the plugin.
In the list that pops up, select the new "Facebook" button and click "Add" to place it in the button tray.
Click on photos to select them in the photo tray, then press "Hold" to keep them there if you need to select more. You can use the control and shift keys to select photos individually and in groups, or you can click and drag.
Photos selected in the photo tray will be uploaded to Facebook. You will be prompted to log in to Facebook and, if you haven't already, to allow this plugin to access your Facebook account. You will need to allow this so the plugin can place the photos in your account.
You can put the photos in an existing album, or create a new one.
Note: Facebook restricts you to 60 photos per album, so you won't see any albums that can't fit all of the newly uploaded photos.
Another Note: If you select "Create a New Album" but don't enter a name, photos will be placed in a default "Picasa Photos" album which can hold up to 1000 photos. After you add photos, it'll show up in your list in the future.
When you click the Upload button, Picasa prepares your images and sends them. This may take some time if you have a slow connection.
You must approve all photos uploaded to Facebook by third party applications before they'll show up in your albums. After Picasa finished uploading your photos, you'll be redirected to a page where you can confirm that you want your photos to show up.
I hope you find this plugin useful.
Thursday, February 4, 2010
Saturday, January 16, 2010
Removing a dead Exchange 2007 server from Organization
Removing a dead Exchange 2007 server from Organization
Mahesh posted on Thursday, June 05, 2008 6:40 AMHi,
We have an Exchange 2007 organization and one of the server was removed
without uninstalling Exchange 2007 properly.Pls let us know how we can remove
an dead exchange 2007 Server from console/organization....
Thanks and Regards
Mahesh
ADSIEDIT to delete the server object.
Jamestechman posted on Friday, June 06, 2008 4:55 AMADSIEDIT to delete the server object. Note that this is not supported
as it only deletes the server context and is not a clean graceful
removal as doing an uninstall. There is no KB article to manually
delete as there was for 2000\2003. The proper way would be to recover
the system then uninstall using the \recoverserverswitch.
Recovering an Exchange 2007 Server using the RecoverServer switch
http://www.msexchange.org/tutorials/Recovering-Exchange-2007-Server-RecoverS=
erver-switch.html
How to remove Exchange 2007 from a computer
http://support.microsoft.com/kb/927464
However; if you want to remove the server object from AD delete the
server object.
1. Click Start, point to Programs, point to Windows 2000 Support
Tools, point to Tools, and then click ADSI Edit.
2. Expand each of the following items:
Configuration Container
CN=3DConfiguration, DC=3DDomain_Name,DC=3Dcom
CN=3DServices
CN=3DMicrosoft Exchange
CN=3DYour_Organization_Name
CN=3DAdministrative Groups
CN=3DYour_Administrative_Group_Name_Or_Exchange5.5_Site_Name
CN=3DServers
Note In this procedure, Domain_Name is a placeholder for the name of
your domain, Your_Organization_Name is a placeholder for the name of
your organization, and
Your_Administrative_Group_Name_Or_Exchange5.5_Site_Name is a
placeholder for the name of your administrative group or Exchange 5.5
site.
3. Right-click the Exchange 2003 server object, and then click
Delete.
4. Click Yes in every adsiedit dialog box that prompts you to confirm
the deletion.
James Chong (MVP)
MCITP | EMA; MCSE | M+, S+,
Security+, Project+, ITIL
msexchangetips.blogspot.com