Saturday, March 24, 2012

Managing Your Servers Remotely using the RSAT Tools

Enter the Remote Server Administration Toolkit (RSAT).
Unless you are using System Center to administer your servers, chances are you are either using PowerShell or, more likely at this point, MMC (Microsoft Management Console) consoles. As we learned in Microsoft Windows 2000 Server, MMC consoles can connect to remote servers (or desktops) as long as Windows Remote Management (WinRM) is enabled (Actually WinRM and the Windows Firewall were only introduced in Windows Server 2003 R2 if memory serves, but MMC consoles were remoteable 
You can enable WinRM in Windows Server 2008 R2 from the Server Manager main screen (as shown):
clip_image004
clip_image006
clip_image008
(Note: For those of you running Server Core installations… good for you! you can do all of this with a simple command line: WinRM /quickconfig)
Now that we can remotely manage our servers, we can do so from any Windows Server 2008 R2 box by adding the appropriate feature from the Add Feature Wizard:
clip_image010
I should mention that you will not be able to manage systems on which you do not have credentials, and although the RSAT tools can work in a workgroup, they are much more fluid and trouble-free in a domain environment. Also remember that adding the role or feature under RSAT does not install the actual role or feature, only the consoles required to manage them.
This is great for administrators who want to manage their servers remotely from another server… but what about managing them from your desktop? There’s a simple solution for that. Simply download the Remote Server Administration Tools (RSAT) for Windows 7 (http://www.microsoft.com/download/en/details.aspx?id=7887) from the Microsoft Download Center. Using another version of Windows? There is an RSAT download available for WIndows Vista, but if you are still running Windows XP then I am afraid you are out of luck (…and have 777 days until #EndOfDaysXP!).
Once you have downloaded and installed RSAT into your Windows 7 machine you will see no difference. However if you go to Turn Windows features on or off, things start to change. To get there, open Windows Explorerand navigate to Computer. If you do not see the option to Uninstall or change a program chances are you have not clicked on Computer.
clip_image012
You should see a list of your installed programs on the right, but to the left there should see an option ‘Turn Windows features on or off (shown). Click there.
clip_image014
clip_image016
It will take a couple of minutes, but when it is done you are ready to start administering your servers from Windows 7… just click on the Start pearl, expand Administrative Tools, and the new consoles should be there.
clip_image018
You can load any of them up (for this example we will use Hyper-V Manager) and you have… nothing. However you can right-click on Hyper-V Manager in the Navigation pane, and click Connect to Server…
clip_image020clip_image022
You can add multiple remote servers to the same MMC console (seen below), including full installations of Windows Server, as well as Server Core installations and (in the case of Hyper-V hosts) Windows Hyper-V Server, which have to be managed remotely as they have no graphical user interface (GUI).
clip_image024
Manage your servers from your desktop without ever having to leave your office/cubical/desk/cafeteria. Wherever you like to work from!
By - No comments:
Labels:

Friday, March 23, 2012

TVS MSP 345 Champion Plus Driver


                                    TVS MSP 345 Champion Plus Driver

Driver Download
Win 3.1
Win 95 / 98 / ME
Win NT
Win 2000
Win 2003
Win XP
Win Vista
Word Star 7
Word Perfect 5.1
Harvard Graphics
Linux
By - No comments:
Labels: ,

Windows won't boot after installing a McAfee security suite


Problem
After installing a McAfee security suite, the system will no longer load Windows after the first reboot.
Solution
If you are already experiencing this issue you can recover your computer using a recent Restore Point (only required if the system will not complete booting).

If you have already recovered the computer, or have not yet installed and want to proactively remove the risk of having this issue, follow the steps below:
CAUTION: This article contains information about opening or modifying the registry.
  • The following information is intended for System Administrators. Registry modifications are irreversible and could cause system failure if done incorrectly.
  • Before proceeding, McAfee strongly recommends backing up your registry and understanding the restore process.
  • Do not run a .REG file that is not confirmed to be a genuine registry import file.
Begin a normal installation of your McAfee software. Follow all the prompts until you are asked to restart your computer. Cancel the restart. You must not restart your computer until the steps below are completed, or you may have this issue.
  1. Double-click the M icon in your taskbar.
  2. Click Navigation.
  3. Click General Settings and Alerts.
  4. Open the Access Protection drawer.
  5. Remove the check beside Use Access Protection.
  6. Click Apply.
  7. Click Start, Run, and type regedit.exe.
  8. Click OK.
  9. Navigate to the registry key below:

    HKEY_LOCAL_MACHINE\SYSTEM\​CurrentControlSet\services\​mfeavfk\ImagePath
     
  10. Double-click to change the value of 'ImagePath' from system32\drivers\mfeavfk.​sys to:

    C:\windows\system32\drivers\​mfeavfk.sys
     
  11. Navigate to the registry key below:

    HKEY_LOCAL_MACHINE\SYSTEM\​CurrentControlSet\services\​mfefirek\
     
  12. Double-click to change the value of 'ImagePath' from system32\drivers\​mfefirek.sys to:

    c:\windows\system32\drivers\​mfefirek.sys
  13. Restart your computer.
  14. After your computer restarts you can replace the check beside Use Access Protection following steps 2-7 above.
By - No comments:
Labels: ,

Manually sync the time of a client computer with the domain?




 You might need to manually synchronize the time of a client computer within a domain. Note that this need should be the exception rather than the rule; Windows 2000 (Win2K) and later


computers in a domain should automatically synchronize time with a domain controller.
Manually synchronizing the time will not resolve the underlying time sync issue, but might
temporarily resolve any other problems that arise from a lack of proper time sync (such as userand computer logon issues).


One common reason to manually synchronize a computer’s time is as a troubleshooting step. For example, if you notice System event log entries from the W32Time service, which indicate that time synchronization failed, you might attempt to manually sync the time as a troubleshooting step.
Typically, failed time synchronization is the result of the computer being unable to contact a domain controller, and you should troubleshoot that problem directly. Once the W32Time service fails to locate a domain controller, it will reduce its activity to location attempts every 16 hours until restarted. You’ll see
System event log messages to this effect, with Event ID 64, whenever the service is unable to locate a domain controller for a long period of time.


To manually synchronize time, open a command-line window, and run
net stop w32time
Run
w32time –update
Run
net start w32time
Manually verify the synchronization between the client computer and a domain controller. Also check the System event log to ensure that the W32Time service has not logged additional error messages.
By - No comments:
Labels: ,

Thursday, March 22, 2012

The Windows Firewall Service Fails to start


There can be several causes that will prevent the Windows Firewall from starting and I will attempt to cover them in this series of five blog posts. In this first post, I will cover Windows XP and Windows Vista / Windows 7 separately as they are two different services. Last I will cover one issue with OneCare. Note: Specifics on Windows Vista and Windows 7will come in a later blog post.

Windows XP

In Windows XP, the firewall service is named "Windows Firewall/Internet Connection Sharing (ICS)", or SharedAccess service.
Typical errors seen as either popups or within event logs when the service fails to start are:
  • Cannot start the Windows Firewall/Internet connection sharing (ICS) Service on local computer
  • Error 2: The system cannot find the file specified
  • Error 1705: While starting windows firewall and internet connection sharing services
Problems starting the Firewall Service in Windows XP are most commonly related to an issue with the Shared Access registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess
The quickest resolution is generally to rebuild the key. Instructions for doing this are in the following article, along with a FIXIT link:
Other things you will want to check are:
  • Verify that the "Remote Procedure Call (RPC)" service is started
  • Verify that the service is configured to logon as Local System Account, as shown below:
clip_image001
The above 3 items cover the vast majority of the issues with starting the Firewall in Windows XP.

Windows Vista and later (Windows 7, Windows Server 2008, and Windows Server 2008 R2)

In Windows Vista and later, the firewall service is "Windows Firewall" (MPSSVC); it combines both Firewall and IPsec functionality.
The first thing to check is that the Base Filtering engine (BFE) is running. There are a number of services dependent on the BFE service (including the Windows Firewall) that may also fail to start:
  • IPsec Policy Agent (PolicyAgent)
  • Windows Firewall
  • IKE and AuthIP IPsec Keying Modules
  • Internet Connection Sharing (ICS)
  • Routing and Remote Access
In my experience most of the issues starting these services are related to permissions.
Typical errors seen in relation to starting this service are:
  • Event ID: 7024 - The Windows Firewall service terminated with service-specific error 5 (0x5)
  • Windows could not start the Base Filtering Engine service on Local Computer. Error 5: Access is denied.
  • Windows could not start the IPsec Policy Agent service on Local Computer. Error 1068: The dependency service or group failed to start.
  • Windows could not start the Network Location Awareness on Local Computer. For more information, review the System Event Log. If this is a non-Microsoft service, contact the service vendor, and refer to service-specific error code -1073741288.
  • The Windows Firewall service terminated with service-specific error 87 (0x57)
  • Error 0x80004015: The class is configured to run as a security id different from the caller.
  • The Windows Firewall service terminated with service-specific error 6801 (0x1A91).
  • "net start mpssvc" in cmd.exe returns the system error 1297.
What to look for (specific details will be shared in a future blog post):
  • Verify Log On permissions
  • Verify registry permissions
  • Verify privilege permissions
  • Verify Service Dependencies
  • Reset the default security permissions
  • Verify that the TxR folder exists : %systemroot%\system32\config\TxR
  • Verify the following registry keys by comparing them to a default Windows installation:
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ShareAccess

Windows OneCare

Lastly, I am including information about one issue that may be seen with the Windows OneCare Firewall Service. The following messages may be seen:
The Windows OneCare Firewall Service Could not Start
Urgent - Turn on Firewall
You will see this error in the Windows OneCare interface, with a red status action item asking you to enable the firewall. The action listed does not enable the firewall, however.
This issue is also very specific because the firewall settings in Windows OneCare are grayed out and cannot be modified.
To resolve this issue:
Use the steps below to ensure that the PATH environment variable contains the following path:
%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM
  1. Click Start / Control Panel and open the System Icon.
  2. In System, click the Advanced tab and then Environment Variables.
  3. Ensure that in the lower box "System variables" that PATH exists. If Path does not exist click NEW and type in PATH as the variable name and enter the above path in the variable value.
  4. If PATH already exists, highlight it and click Edit.
  5. Under variable name, click at the end of the line to append the above mentioned path to the end of the current path. NOTE: BE SURE TO SEPERATE THE OLD PATH AND THE NEW PATH WITH A SEMI-COLON ( ; ).
  6. Click OK to close the windows and restart the computer.
If this does not resolve the issue, try the following step:
  1. Click Start / Run and type Regsvr32 %SystemRoot%\System32\wbem\wmidcprv.dll and click OK.
  2. Restart the computer and test the firewall again.
If this does not resolve the issue, or if the problem does not match the description, please follow the steps in KB article 910659.
By - No comments:
Labels: , , , ,

Uninstall Trend Micro Office Scan without the password




Release
Trend Micro Office Scan

Problem
 To Uninstall Trend Micro Office Scan without the password

Solution

Method 1:
·         Search for the file called ofscan.ini. It is usually located in the C:\Program Files\Trend Micro Folder
·         Open the file using the notepad or any text reader and search for Uninstall_Pwd= 
·         The line should look something like this:
Uninstall_Pwd=!CRYPT!523F81805821877E0B01581347A29A8A7832308289578B8F175DF692BF
·         Remove everything on the line that is behind Uninstall_Pwd=
·         After Uninstall_Pwd= write 70 it should look like this Uninstall_Pwd=70.
·         Save the file.
·         Go to Add Remove Program and uninstall Trend Micro OffieSan.
·         When prompted for the password enter 1 as the password

Method 2:

  • Disconnect the computer from the network.
  • Open regedit.
  • Go to HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc.
  • Change the dword “Allow Uninstall” from 0 to 1
  • Use Add remove programs to uninstall Trend Micro.
  • Restart your computer.
By - 1 comment:
Labels: ,

Cannot change Desktop Background Changing Option in windows 7


                                         
Release
Windows 7

Problem
“This image can't be set aswallpaper. An internal error occurred”.
Causes
v  CorruptedTranscodedWallpaper.jpg
v  Thereare third-party applications like DisplayManager from Samsung. (Resolution, uninstall)
v  TheRemove background images option is incorrectly checked
v  Domainpolicy disables the background changing

Solution
Sometimesyou cannot change your desktop wallpaper in Windows 7. For example, you see ablack background even though you change your background picture. Anotherinstance is, when you try to right-click a picture and then select ‘Set asdesktop background’, you will get an error message “This image can't be set aswallpaper. An internal error occurred”, etc.

Ø  Start à Run à type %USERPROFILE%\AppData\Roaming\Microsoft\windows\themes->enter.
     

Ø  Delete the file TranscodedWallpaper.jpg.

By - No comments:
Labels:
Subscribe to: Posts (Atom)

Procedure to clearing the ConfigMgr (SCCM) client local cache (CCM cache) -Resolving Disk space isssue

Essentially the client cache is a temporary download location for software, applications and software updates that are deployed to a clie...