Blog: Windows XP

While working with Windows XP users, sometimes you need to add a local printer to their PC but they don’t have permissions to add a local printer.  Usually to get around something like this in the control panel, we hold shift and right click the icon to bring up a “Run as..” option where we can use admin credentials to get the task done.  However, you will not be able to “Run as..” for adding a printer in Windows XP unless you modify the folder view. 

From within the printers and faxes window, go to tools, options, and select “Use Windows classic folders.”  You will now see an icon for “Add Printer” that you can shift + right click on to add a printer with admin credentials.

Windows Vista Easy Transfer Utility is a product that comes with all Vista machines that allows you to move user settings and profiles over to your new Vista system from your old XP or Vista PC.  The utility supports both XP and Vista as sources, but only Vista can be a destination.

If you are using the Windows Vista Easy Transfer Utility, there are several things that you need to consider. Moving the settings over the network is supported, but it is time consuming and often fails.  I recommend that you use an external hard drive. This takes about 20 minutes to blow onto the drive and another 20 to blow onto the new machine but it is very reliable.

Another thing to consider is that if you are transferring a user's domain account to the new PC, you will want to add the new PC to the domain first. This will allow it to retain the correct settings and will keep you from having to create a new account for that user on the new computer.

Sans.org published a notice today that there is a 0-day exploit for Internet Explorer in the wild.  The updates released by Microsoft yesterday did not fix this vulnerability.  The specific exploit checks to be sure it is running in IE7 on XP or 2003 before it does anything, but whether other versions are exploitable is not yet known.

The article says "At this point in time it does not appear to be wildly used, but as the code is publicly available we can expect that this will happen very soon."

http://isc.sans.org/diary.html?storyid=5458

There is a small, simple utility called clip, which takes whatever is given on it’s input stream and places it on the Windows clipboard.  There are many useful things this can be used for.  Here are a couple of things that save a lot of time and work for me.

1)  Add the clipboard to your Sendto menu.  Make a command file, like clipboard.cmd, that has this command in it.

clip < %1

Then create a shortcut to this command file in %userprofile%\sendto.  Then you can right click on a file and send it to your clipboard.

2)  Generate passwords to your clipboard.  I use wapg by Adel I. Mirzazhanov (http://www.adel.nursat.kz/apg/download.shtml) by running a command file like this: [more]

@echo off
set /p PWSIZE="Enter size of password to generate: "
wapg -M SCNL -E"?!|" -n1 -a1 -m%PWSIZE% -x%PWSIZE% | clip

Just think about all the things that you can pipe to your clipboard!

If you are using XP, you will have to copy clip.exe from a Windows 2003 server (%windir%/system32) to your machine.

I would like to mention that using a clipboard extension program will also let you see what you are about to paste.  Ditto will even let you edit it right there before pasting it.

I came across an issue where WSUS and Microsoft Update kept getting an error installing .NET Framework 3.0 SP1 update on Windows XP PC.  I went to add/remove programs to uninstall .NET Framework 3.0 but there was no button to uninstall it. 

I thought that something was goofed up, so I came across a .NET cleanup tool that automated a manual uninstall of all .NET versions.  After this was done, I tried Microsoft update again and it still failed during installation of .NET 3.0 SP1. 

I ran the cleanup tool again and tried manually installing each version using the direct downloads from Microsoft and installation still failed. [more]

After some more researching, I found mention that .NET 3.5 SP1 would try to install .NET 3.0 if it was not installed.  The installation of .NET 3.5 SP1 worked and I saw that .NET 3.0 SP2 was actually packaged in with it. 

I ran Microsoft Update again and verified that there were no longer any updates needed by the PC.

I had an issue with an XP workstation this week where a user could not connect to a certain dfs link in the dfs tree. The tree contained three root shares, one of those being the Apps folder. None of the PCs could map a network drive to the \\domain\Apps folder from explorer or using NET USE command. However, if the direct referral location was used (\\server\data\apps$), everything worked, so it wasn’t a permissions issue. After much troubleshooting and a couple reboots later, I came across an article regarding this issue (http://social.technet.microsoft.com/Forums/en-US/winserverfiles/thread/f64f87c2-76bd-4e0d-a34e-31fd5f321ba2/). The issue is with XP SP3, of which each computer that was having issues had installed. The issue results from a corrupted DFS link entry in AD. XP prior to SP3 would ignore it, but SP3 will not. The solution is to delete and recreate the DFS link and then purge the DFS mup cache on the client by using the following commands (dfsutil is part of windows 2k3 support tools) [more]

Dfsutil /pktflush

Incase you didn't know, there is a command line interface for WMI - wmic.

Some documentation is here http://technet.microsoft.com/en-us/library/bb491034.aspx, and http://technet.microsoft.com/en-us/library/bb742610.aspx.

You can write simple scripts to manage just about anything that your might write a short VB program for – printers, accounts, scheduled jobs, processes, etc. It has a lot of aliases you can use that are documented in the online help, but you can use the actual class commands.  If you just enter wmic on the command line and let it prompt, it sets your command window width to 1500 so output from most commands will not wrap.  You can enter /? At any point for help.  Some examples: [more]

• wmic process get Caption,Commandline,Processid
• wmic /node:server1 cpu get description, manufacturer, maxclockspeed, revision
• wmic process where name='iexplore.exe' call terminate

While working on a task to try and synchronize thousands of a users files using Windows’ Offline Files feature, I decided to investigate this feature more closely. I haven’t used offline files much, so while reading up on this feature I discovered that there are two kinds of offline files: Regular Offline Files, and Temporary Offline Files. The regular offline files are the ones that you specify to synchronize manually by right clicking on a file/folder and choosing “Make Available Offline”. These offline files are always available offline and there isn’t a limit to the amount of data you can synchronize this way. Temporary Offline files are a different story…[more]

Temporary Offline Files:

Upon reconnection on the network, the modified files will be resynchronized with their copy on the servers (According to the Offline  files settings available thru Tools->Synchronize->Setup in any Windows explorer window). These kind of files are called temporary offline files. They are temporary in the sense that the cached copy might be erased locally after use. Usually files that have not been accessed recently will NOT be available while offline. The “Amount of disk space to use for temporary offline files” slider (seen below), applies only to these temporary offline files, NOT to the ones you manually specify. 

Windows Steady State has been around for some time. It used to be called Shared Computer Toolkit for XP.  It saves changes to the system disk in a cached area and then when a user logs off, the system is right back like it was before they logged in.  Microsoft calls this Windows Disk Protection.  An admin can log in and make changes that are retained.  User documents can be redirected to another drive letter and those changes will be retained.  This software will work on XP, Vista, standalone, workgroup, domains – with group policies.  Windows Steady State could be very helpful with computers that are shared by multiple people such as those in a training classroom setting.