Archive | Windows

A PowerPoint 2010 pptx file from a network share opens read-only

Credit for this one goes to @xrobx99. He did all the work behind this post. I felt that it was such an obscure “bug”, that maybe my posting of the solution might help someone that is expereincing the same issue.

The problem we were having was that when a user would open a large PowerPoint (.pptx) file from a network share,  it would always open as read-only. Looking like this :

Now, if you try and search for PowerPoint 2010 and read-only, all I can say is, good luck. You quickly get lost in “your permissions are wrong” ,and “people telling you to right click and deselect Read-only”. We had been trough all of that, and we could not lick the problem.

The symptoms we were experiencing were:

  • If a user double clicks on a large pptx in a network share through windows explorer, the file is opened read-only
  • If a user right clicks the file and selects open through windows explorer, the file opens correctly
  • If the file is opened either by “double click” or “right click open” on the local machine, the file opens correctly
  • If the file is opened either by “double click” or “right click open” in the PowerPoint file open dialog on either a network share or local machine, the file opens correctly

The solution that @xrobx99 figured out is that if you disable the “Preview Pane” and the “Details Pane”, the file will open correctly every time. Of course you can disable these via group policy:

User Configuration/Administrative Templates/Windows Components/Windows Explorer/Explorer Frame Pane/Turn off Details Pane
And
User Configuration/Administrative Templates/Windows Components/Windows Explorer/Explorer Frame Pane/Turn off Preview Pane

@xrobx99 concluded that if you leave these two panes enabled, windows explorer will open the file to generate a tumbnail, and if you double click the file during that time, it will open read-only.

Hope that helps some one.

Server ran out of space and not accepting connections after freeing up space

I was away on vacation, and a dev box ran out of space. Once I got back, I cleaned it up, rebooted and still could not connect to it. @xrobx99 noticed an IPSec message in the event logs:

The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions.

We thought that was suspect as we weren’t using IPSec policies. It seems that our server ran out of space and the IPSec policy became corrupted.

I ran the command :

regsvr32 polstore.dll

This command rebuilds the local policy store. I rebooted and all was fine.

Hope that helps someone.

PowerShell script to force download and install WindowsUpdates

I have been using the UpdateHF.vbs vbscript for years to patch all my servers. I wrote a simple HTA to wrap it, and it gets executed by psexec. I wanted to take that script, strip it down, and convert it to PowerShell. My intension was to  run it through a PSSession but I get access denied. Maybe I will try launching it with SCCM?

I found these three scripts, that I chopped to together for a script that I wanted:

Function JBMURPHY-Install-WindowsUpdates {
PARAM([switch]$Install,[switch]$reboot)
	if($(Test-Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired")){
		if (!($reboot)){
    		write-host "There are pending reboots, please pass the reboot command"
    		return
		}
		else{
		restart-computer
		return
		}
	}

	Write-Host -nonewline " + Searching for Updates: "
	$UpdateSession = New-Object -ComObject Microsoft.Update.Session
	$Updates=$updateSession.CreateupdateSearcher().Search("IsAssigned=1 and IsHidden=0 and IsInstalled=0").Updates
	Write-Host " Found [$($Updates.count)] Updates to Download and install`n`n"

	$UpdatesCollection = New-Object -ComObject Microsoft.Update.UpdateColl
	$UpdatesDownloader = $UpdateSession.CreateUpdateDownloader()
	foreach ($Update in $Updates){

		# Add Update to Collection
		if ( $Update.EulaAccepted -eq 0 ) { $Update.AcceptEula() }
		$UpdatesCollection.Add($Update) | out-null

		# Download
		Write-Host -NoNewline " + Downloading Update $($Update.Title)"
		$UpdatesDownloader.Updates = $UpdatesCollection
		$DownloadResult = $UpdatesDownloader.Download()
		$DownloadResultResultCode = switch -exact ($DownloadResult.ResultCode)
		{
		  0   {"NotStarted"}
		  1   {"InProgress"}
		  2   {"Succeeded"}
		  3   {"SucceededWithErrors"}
		  4   {"Failed"}
		  5   {"Aborted"}
		}
		$Message = " [{0}] " -f ($DownloadResultResultCode)
		Write-Host -ForegroundColor Green $message
	}
	if (($Install) -and ($($Updates.count) -gt 0)) {
	write-host "`n`nInstalling updates"
	$Installer = $UpdateSession.CreateUpdateInstaller()
	$Installer.Updates = $UpdatesCollection
	$InstallerResult = $Installer.Install()
	$InstallerResultCode = switch -exact ($InstallerResult.ResultCode)
		{
		  0   {"NotStarted"}
		  1   {"InProgress"}
		  2   {"Succeeded"}
		  3   {"SucceededWithErrors"}
		  4   {"Failed"}
		  5   {"Aborted"}
		}
		$Message = " Installation [{0}] " -f ($InstallerResultCode)
		Write-Host $message
		Write-Host
	}
	if (($reboot) -and ($($Updates.count) -gt 0)) {
	if($(Test-Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired"))
		{
    		write-host "Rebooting"
    		restart-computer
		}
	}
}

Thanks to those that put the original scripts together

Dotted (period) NetBIOS Domain Name issues

I inherited a Dotted Netbios Domain Name. Technically it is allowed, but it is not recommended. With every new version of software, I cringe in fear that it will come back to bite us again. For example:

  1. Moving from Exchange 2003 to 2010 was a problem for a while, but it seemed to been resolved and we migrated from 2003 to 2010 with out issue.
  2. When I tried to upgrade SCCM 2007 to SP 2, it failed as I describe in this thread. I had to install fresh from a slipstreamed  installer.
  3. Most recently, when I try to install CRM 2011 in our dotted domain, it failed. In my reading yesterday, I realized Rollup 4 has the following: “When the NetBIOS name of the domain contains a period (.), the installation of Microsoft Dynamics CRM 2011 fails.”
    • I still can’t add a new organization, but I was able to restore an organization from a dev server in a non-dotted netbios domain.
  4. I will add more as I find them.
The problem seems to be that with each new installer, the developers assume that if there is a period in the domain name, then the user has supplied a FQDN by accident.

Specifying Firefox setting (like proxy) on a machine across the enterprise.

We are interested in how to “push” proxy settings for Firefox across the environment. There are custom builds that claim to work with Group policy, but I wanted to manage the standard Firefox. A little digging shows that you need to create 2 files.

First, a file named mozilla.cfg and place it in “C:\Program Files\Mozilla Firefox”. This file contains the setting you want to “Set”/Lock down. For example:

//
lockPref(“network.proxy.type”, 1);
lockPref(“network.proxy.http”, “poxyserver.domain.com”);
lockPref(“network.proxy.http_port”, 80)

Second you place a file named “local-setting.js” in “C:\Program Files\Mozilla Firefox\defaults\pref”. The contents of that file would be something like this:

pref(“general.config.obscure_value”, 0); // only needed if you do not want to obscure the content with ROT-13
pref(“general.config.filename”, “mozilla.cfg”);

Here is some PowerShell code to create these files.

echo 'pref("general.config.obscure_value", 0);' >> "C:\Program Files\Mozilla Firefox\defaults\pref\local-etting.js"
echo 'pref("general.config.filename", "mozilla.cfg');' >> Out-File -filepath "C:\Program Files\Mozilla Firefox\defaults\pref\local-etting.js"
echo '//' >> "C:\Program Files\Mozilla Firefox\mozilla.cfg"
echo 'lockPref("network.proxy.type", 1);' >> "C:\Program Files\Mozilla Firefox\mozilla.cfg"
echo 'lockPref("network.proxy.http", "poxyserver.domain.com");' >> "C:\Program Files\Mozilla Firefox\mozilla.cfg"
echo 'lockPref("network.proxy.http_port", 80);' >> "C:\Program Files\Mozilla Firefox\mozilla.cfg"

PowerShell script to change default prf imported when Outlook starts up for the first time

In this previous post, I talk about how we use Office Customization Tool (OCT) and “.prf” files to deploy Office 2010. Continuing with the idea that  I want to know if a person is visiting from another office, I want to be able to switch from our default of “cached mode” to “online mode” for that visitor. I wrote this script with the logic of: IF {visiting from other office}, THEN {JBMURPHY-Install-ChangeDefaultOutlookPRF -CachedMode $false}.

This script would change where the ImportPRF registry entry points (in this example to a “.prf” file with cached mode disabled)

function JBMURPHY-Install-ChangeDefaultOutlookPRF {
 PARAM($CachedMode=$TRUE)
foreach ($PATH in (gci "HKLM:\SOFTWARE\Microsoft\Office\14.0\User Settings\*{*")){
 $ImportPRFRegPATH=$PATH.Name.Replace("HKEY_LOCAL_MACHINE","HKLM:")+"\Create\Software\Microsoft\Office\14.0\Outlook\Setup"
 If (Test-Path $ImportPRFRegPATH){
  $ImportPRFPath=$(get-itemproperty($ImportPRFRegPATH)).ImportPRF
  write-host -NoNewline "`nIportPRF=$ImportPRFPath - "
  if ($CachedMode) {
	if ($ImportPRFPath -eq "C:\PROGRA~1\MICROS~1\WITHCA~1.PRF") { write-host "Already in CachedMode"}
	else {write-host "Enabling CachedMode"
	Set-ItemProperty $ImportPRFRegPATH -Name ImportPRF -Value "C:\PROGRA~1\MICROS~1\WITHCA~1.PRF"
	write-host "Now IportPRF=$($(get-itemproperty($ImportPRFRegPATH)).ImportPRF)"
	}
  }
  else {
	if ($ImportPRFPath -eq "C:\PROGRA~1\MICROS~1\WITHOU~1.PRF") { write-host "CachedMode already turned off"}
	else {write-host "Turning Off CachedMode"
	Set-ItemProperty $ImportPRFRegPATH -Name ImportPRF -Value "C:\PROGRA~1\MICROS~1\WITHOU~1.PRF"
	write-host "Now IportPRF=$($(get-itemproperty($ImportPRFRegPATH)).ImportPRF)"
	}
  }
 }
}

PowerShell script to email users if password expires soon, and send a summary to IT

I wanted to expand on my previous script: powershell-to-list-all-users-and-when-their-password-expires, so that it would send the user an email if their password was going to expire soon. Additionally I wanted to send a summary to our IT staff of accounts that were going to expire soon.

Here is that script:

$maxdays=(Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge.TotalDays
$summarybody="Name `t ExpireDate `t DaysToExpire `n"

(Get-ADUser -filter {(Description -notlike "IfYouWantToExclude*") -and (Enabled -eq "True") -and (PasswordNeverExpires -eq "False")} -properties *) | Sort-Object pwdLastSet |
foreach-object {

$lastset=Get-Date([System.DateTime]::FromFileTimeUtc($_.pwdLastSet))
$expires=$lastset.AddDays($maxdays).ToShortDateString()
$daystoexpire=[math]::round((New-TimeSpan -Start $(Get-Date) -End $expires).TotalDays)
$samname=$_.samaccountname
$firstname=$_.GivenName
if ($daystoexpire -le 3){
	$ThereAreExpiring=$true

	$emailFrom = "from@yourdomain.com"
	$emailTo = "$samname@yourdomain.com"
	$subject = "$firstname, your password expires in $daystoexpire day(s)"
	$body = "$firstname,
	Your password expires in $daystoexpire day(s).

	Please press Ctrl + Alt + Del -> Change password"

	$smtpServer = "smtp.yourdomain.com"
	$smtp = new-object Net.Mail.SmtpClient($smtpServer)
	$smtp.Send($emailFrom, $emailTo, $subject, $body)

	$summarybody += "$samname `t $expires `t $daystoexpire `n"
}
}
if ($ThereAreExpiring) {
$emailFrom = "from@yourdomain.com"
$emailTo = "ITSTAFF@yourdomain.com"
$subject = "Expiring passwords"
$body = $summarybody
$smtpServer = "smtp.yourdomain.com"
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($emailFrom, $emailTo, $subject, $body)
}

Powered by WordPress. Designed by WooThemes