WSUS Client Self Update has stopped working

If I manually install WindowsUpdateAgent20-x86.exe /wuforce on the clients
and then run wuauclt /detectnow updates will pop immediately and all is fine
after that.

Source: http://forums.techarena.in/server-update-service/466615.htm

WSUS client problem

Failure Software Synchronization Windows Update Client failed to detect with error 0×8024400e.

Try issuing the command ‘proxycfg -u’ on a few of the clients. Then
issue ‘wuauclt /resetauthorization /detectnow’.

Source: http://forums.techarena.in/server-update-service/753433.htm

WSUS – Client Troubleshooting Tool Requirement

Client Troubleshooting Tool Requirement

I’d like to see either one tool (i.e wuauclt.exe) that does “everything”, or two tools: wuauclt (that runs client stuff) and waucltLINT (that sorts out issues, ala DNSLINT, etc). I can live with either, although there might be value in having 2. But in what follows, I’ve assumed that JUST wuauclt.exe is to be used.

The following feartures/switches are needed.

1. /? – list parameters and usage

/? – describes usage of wuauclt.exe

The /? switch should be supported and give details of wuauclt usage. If client options are in error, this summary is displayed following an explanation of why the error occured. ALL command line tools should support this option.

2. Verbose mode console logging, with multiple levels

/v – verbose mode
/vv – very verbose mode

Both switches cause wuauclt to output normal log information to the command line (STDIO). /v provides basic information, while /vv logs greater detail. /vv is what is logged in normal logs. While wuauclt can log to a log file, it’s more work for the admin when troubleshooting, The admin has to run the command, then navigate over to another folder, find the log, the navigate to the end of it, to find out where the run began. This is harder than it needs to be, and the /v, /vv options could just pipe log entries to stdio.

3. List client configuration

/configlist – lists WUAUCLT configuration.

This option lists all configuration items current by the client, and includes the client version number, AU policy/registry settings and provide details of all AU clients files, version numbers, file dates, etc.

This helps admins (and MS) to ensure that the right client versions are loaded.

4. Install the correct AU client by force

/installAUclient
/installAUclientFromMicrosoft

This option causes the system to contact either the confiugred WSUS server, or Microsoft’s WU server, and to reinstall forefully the latest version of the AU client.

This enables admins (and MS) to ensure that the latest client versions are loaded, and enables download from Microsoft for roaming systems.

5. Make /DetectNow a little less silent

/DetectNow – forces a client AU detection and logs details

The /detectnow option should log to stdio what it is doing. This includes what WU server is it contacting, how many updates are on the WU server, and how many are needed by the client, etc, and any information being sent back the server. This is really no change, just requesing some level of output to stdio. This makes troubleshooting quicker.

6. Clear Log File

/clearlogfile – clears the client update log file
/clearandsaveogfile – saves the current client update log file to a named file, then clears the update log.

Currently, the client log appears to be non deletableand just grows. This is a potential DOS vector. Also, for troubleshooting, it’s helpful to be able to clear the log (possibly saving it first for later detailed exam).

7. Download Updates Now

/downloadnow – initiates an immiate downoad of any requried update using BITS
/downloanowfast – initiates an initiates an immiate downoad of any requried update using HTTP.

This option forces the AU client to start downloading of any outstanding updates. the secton version downloads using HTTP, and is therefore much faster in elapsed time and is mainly used for troubleshooting isues (or possibly to speed up larger updates). Often, expecially for laptops that have been ‘abroad’ for awhile, you want to just get all the approved updates NOW, and not wait for the next detection time.

8. Stop Downloading AU Updates

/stopdownload – stops any AU updates being downloaded (either using HTTP, or BITS).

This option stops the downloading of any AU updates either queued, or in progress. Just as you can invoke a download, you need to be able to stop it.

9. Test WSUS Server Connecttion

/TestWSUSServer – checks connection with configured WU Server

This option attempts to coonect to the WSUS server configured, and checks that a connection can be made, and that communcations between AU client and WSUS server is working. This would be useful for example, to diagnose network communications failures, or an internal firewall that might be accientally blocking some traffic between client and server.

Source: http://www.wsuswiki.com/ClientTroubleshootingTools

Auto logon for Windows XP

Would you rather not have to log on after your computer starts? If you’re the only person who uses your computer, you can make life a little easier by skipping the Welcome screen completely and having Microsoft Windows XP take you straight to your desktop.

To automatically log on to Windows XP upon startup

Click Start, and then click Run.

Note: Remember your user name at the top of the Start menu, because you’ll need it later.

In the Open box, type control userpasswords2 and click OK.

Clear the Users must enter a user name and password to use this computer check box. Click OK.

Click the User name box, type the user name that was displayed on the Start menu in step 1. If you normally type a password to log on, type your password in both the Password and Confirm Password boxes. Otherwise, leave these boxes blank. Click OK.

Automatically Log On dialog box

Auto logon now allows anyone to start and use your computer without typing a password.

Source: http://www.microsoft.com/windowsxp/using/setup/tips/advanced/autologon.mspx

How can I hide a user from the Welcome Screen in Windows XP?

To hide a user’s account from the welcome screen in Windows XP:

1. Open Registry Editor.

2. In Registry Editor, navigate to the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList

1. Create the following entry:

Username: REG_DWORD

(Where Username is the username of the user you want to hide from the Welcome Screen).

1. Assign a value of 0.

2. Close Registry Editor.

3. Reboot.

This will prevent the user from showing up on the welcome screen. You will need to press CTRL-ALT-DEL twice at the logon screen to get the old W2K logon style box to be able to logon to the account you’ve hidden. Adding a username and setting the value to 1 will cause that user, such as Administrator, to show up on the Welcome screen as well.

Source: http://www.petri.co.il/hide_a_user_from_the_welcome_screen_in_windows_xp.htm

How to create an “Offer Remote Assistance” shortcut

One of the features I like most about Windows XP (and SBS 2003) is Remote Assistance. In particular, I love being able to offer unsolicited remote assistance to my users (i.e. without them initiating the RA session, this way the user only has to click “ok” on the RA popup). This translates on helping users faster, not to mention that you can enjoy margaritas from the confort of your home while you help users. ow that I think about it… those “Earn $$$ while sitting in front of your PC at home” scams on the internet might be true after all.

Anyway, going back to the point… since I use this feature a lot and its somewhat hidden on XP (not so much in SBS) I thought it would be a good idea to create a link in my desktop (and/or the server desktop) to offer RA to users in distress. To do this, simply create a shortcut that points to:

%windir%\explorer.exe “hcp://CN=Microsoft%20Corporation,L=Redmond,S=Washington,C=US/Remote%20Assistance/Escalation/Unsolicited/Unsolicitedrcui.htm”

msra.exe /expert   (for Windows 7)

Now, I only have to connect to the site, double click there and type the address (talk about being lazy!).

Happy RA-ing!

Source : http://msmvps.com/blogs/javier/archive/2004/11/13/19044.aspx

AutoCAD Error: Unable to load profile file

Issue

During the startup of your Autodesk software, you received the following error message:

Unable to load profile file. Some profile information saved in last session may not be restored.

After you clicked OK to dismiss this error, the program operated very slowly and certain commands did not function properly.

Solution

This error message will occur if the Microsoft® XML parser is not installed or has become corrupted. To resolve this error, use one of the following procedures, depending on your product version:

For AutoCAD 2008-based products:

1. Exit the affected Autodesk product.
2. Insert the AutoCAD 2008-based product disk into the appropriate drive.
3. Close the installer, if it appears.
4. Browse to and run one of the following files:
   • For 32-bit operating systems:
     \support\msxml\msxml6.msi
   • For 64-bit operating systems:
     \support\msxml\msxml6_x64.msi

Note: If you are unsure whether you are running a 32- or 64-bit operating system, stop this procedure and contact your system administrator before proceeding.

5. Complete the installation by accepting all of the default settings.
6. Click Start menu (Windows) > Run.
7. In the Run dialog box, enter REGSVR32 MSXML6.DLL
8. Click OK.
9. Restart AutoCAD.

For AutoCAD 2007-based products and previous versions:

1. Exit the affected Autodesk product
2. Click Start menu (Windows) > Run,
3. In the Run dialog box, enter XMLINST. Click OK.
   Note: If you receive an error that this file cannot be found, visit Microsoft’s website and download and extract this file to your System32 folder (by default, C:\Windows\System32)
4. Click Start menu (Windows) > Run,
5. In the Run dialog box, enter REGSVR32 MSXML3.DLL
   Note: If you receive an error that this file cannot be found, visit Microsoft’s website and download and extract this file to your System32 folder (by default, C:\Windows\System32)
6. Restart AutoCAD.

For more information or questions about downloading, installing, or configuring the Microsoft XML Parser, contact Microsoft directly.

Source:  http://usa.autodesk.com/adsk/servlet/ps/item?siteID=123112&id=9450291&linkID=9240617

How can I enable the RAS Dial-in tab on Windows XP computers that run Administration Tools?

To enable the RAS Dial-in tab in the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in on an XP machine running the Administration Tools distribution package (Adminpak.msi), perform the following steps:

1. Create a registry file called dialin.reg. To do this, open a new file in a text editor such as Notepad, copy and paste the following text in the file, and name it dialin.reg:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\RasDialin.UserAdminExt]
@=”"

[HKEY_CLASSES_ROOT\RasDialin.UserAdminExt\CLSID]
@=”{B52C1E50-1DD2-11D1-BC43-00C04FC31FD3}”

[HKEY_CLASSES_ROOT\RasDialin.UserAdminExt.1]
@=”"

[HKEY_CLASSES_ROOT\RasDialin.UserAdminExt.1\CLSID]
@=”{B52C1E50-1DD2-11D1-BC43-00C04FC31FD3}”

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\NodeTypes\{19195a5b-6da0-11d0-afd3-00c04fd930c9}\Extensions\NameSpace]
“{B52C1E50-1DD2-11D1-BC43-00C04FC31FD3}”=”RAS Dialin – User Node Extension”

2. Merge dialin.reg with your XP registry, or run the following command from the command prompt:

regedit /s dialin.reg

3. Open a command prompt in XP and type the following commands, where ServerName is a Windows Server 2003 domain controller (DC) that has the Adminpak.msi installed:

cd /d %SystemRoot%\System32
copy \\ServerName\Admin$\System32\mprsnap.dll *.*
copy \\ServerName\Admin$\System32\rasuser.dll *.*
copy \\ServerName\Admin$\System32\rtrfiltr.dll *.*
regsvr32 rasuser.dll

4. Click OK to acknowledge the registration of the rasuser library. Your remote XP system should now have the RAS Dial-in tab.

Source : http://www.ntsecurity.net/article/articleid/42428/q-how-can-i-enable-the-ras-dial-in-tab-on-windows-xp-computers-that-run-administration-tools.html

How to silently and remotely remove Symantec Antivirus

How to silently and remotely remove Symantec Antivirus

Getting away from the Linux game a bit I thought I would share a gem from my Windows side of things. This is how to remotely and silently remove Symantec’s Antivirus Corporate Edition from Windows computers.

I wanted to remove the antivirus programs remotely because the computers are too far away and my chair is rather comfortable having been moulded to my ample behind. I also wanted to do this removal silently to both allow the end users to continue working undisturbed and as an added bonus I don’t have to talk to them and have them put me off because they are just too busy at that moment.

The corporate edition of Symantec’s antivirus suite (version 10.x BTW) has a great tool for remotely installing to client computers but it has a nasty habit of not wanting to upgrade its minor version. That is to say it goes through the motions and talks the talk but it just didn’t walk the walk.

This means that there were several computers floating around using an older version of the antivirus program and they weren’t updating to the server. Nope not good at all. Unfortunately while I could install there was no way to remotely uninstall.

This is where I started talking to my good friend google again and after several conversations we worked out a method of remotely and silently uninstalling those wayward antivirus program so I could install (again remotely) those updated versions and have everything working hunky dory again.

What I first needed to do is find out how it manually uninstalls. This is found by going to the (I am not on a windows machine at the moment so this is going from memory) HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\ WINDOWS\CURRENT VERSION\UNINSTALL registry key and looking for the subkey dealing with uninstalling symantec antivirus.

For version 10.0 it is {BA4B71D1-898E-4306-AE87-8BA7A596F0ED} (that’s not from memory

There is even a line there showing what program it calls to actually uninstall which is (surprise, surprise) MsiExec.exe. Just typing that line in a console starts the removal process just as if you called it from add and remove programs. That is not what we want however. The actual line needed with all of the proper arguments is.

MsiExec.exe /norestart /q/x{BA4B71D1-898E-4306-AE87-8BA7A596F0ED} REMOVE=ALL

Typing msiexec /? will give you a dialog box with what all the arguments mean but basically it just tells windows to remove that program and all of its parts quietly with no fuss and don’t reboot when you have finished. Nothing would upset an end user more than having the computer reboot on them when they were just about to save a presentation that they worked on for four hours.

This is not the end of it though. First the command is done locally so you still have to be sitting in front of the computer and have the end user breathing down your neck. Secondly the corporate edition of Symantec’s antivirus can require a password to be uninstalled. Actually it should require a password to be uninstalled or you haven’t done your job properly.

This can all be fixed from the comfort of our well worn chair. First, to fix the password issue, we can start up regedit and from the file menu connect via the network to the remote machines registry. Then navigate to the following key.

“[HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\ VirusProtect6\CurrentVersion\AdministratorOnly\Security]“

In that key make sure the two following values “LockUnloadServices” and “UseVPUninstallPassword” are zero. That takes care of the password asking problem.

Finally the last thing we need to do is remotely execute the msiexec program. This is done by a great set of tools that were originally done by Sysinternals which have since been bought out by Microsoft. They are called PSTools and are freely downloaded from the Microsoft web site. The particular tool I used is called psexec and is used for remotely running a command on a machine.

So to uninstall Symantec’s antivirus program all I had to do was type the following line from a command prompt.

psexec \\computer_name MsiExec.exe /norestart /q/x{BA4B71D1-898E-4306-AE87-8BA7A596F0ED} REMOVE=ALL

Lo and behold the remote computer dutifully uninstalls that pesky virus program ready for a fresh install. The good thing about this is the end users have no idea what just happened and more importantly they had no interruption to their work. Most importantly I didn’t have to get up from my chair

There is one caveat. The account that you do all this work under has to have domain administrator privileges and the remote computer has to be joined to said domain. So random hackers, your out of luck. This operation is only for legitimate purposes.

Source: http://blogs.ittoolbox.com/linux/locutus/archives/how-to-silently-and-remotely-remove-symantec-antivirus-14625

Ad blocking with ad server hostnames and IP addresses

A list of ad servers and how to use them to easily block 90% of ads on the web.

http://pgl.yoyo.org/adservers/