Archive for the ‘Windows Desktop’ Category

Enable Remote Desktop Logon

To allow automatic logon to a computer running Windows XP through Remote Desktop, follow these steps while logged on as an Administrator: 1.Click Start, click Run, type MMC, and then press ENTER.
2.Click File, and then click Add/Remove Snap-in.
3.Click Add, select Group Policy, click Add, and then click Finish.
4.Click Close, and then click OK.
5.Navigate to the following directory:
Local Computer Policy/Computer Configuration/Administrative Templates/Windows Components/Terminal Services/Encryption and Security

6.Double-click Always prompt client for password upon connection.
7.Click the Disabled box, and then click OK. You may now quit the MMC snap-in. Remote Desktop clients should now be able to connect to this Windows XP computer using the automatic logon feature of the Remote Desktop client.

No Comments

PXE deployment doesn’t find WDS server

You’ve had your WDS server working for a while now, but suddenly it appears to stop responding to PXE boot requests. There are no error messages anywhere. WTF? What likely has happened is that the WDS server is running on a server that also has DNS running on it and the WDS and DNS services have overlapped ports with DNS overriding WDS. To fix this on a 2008 R2 server do the following: Set the UdpPortPolicy value in HKLM\System\CurrentControlSet\Services\WDSServer\Parameters to 0.

No Comments

IE 9 with romaing profiles, redirected folders and Vista/7

IE 9 has a problem when running in vista or Windows 7 and using roming profiles and redirected folders (you know, the configuration the MS tells you to do if your users move around???) Anyway, this one manifests it’s self as printing from IE 9 only prints a header and footer and nothing else. the fotter refers to a path in the user’s appdata\local\temp\low folder. when you look for that folder, you find that it didn’t get created. If you create it manually, it still doesn’t work. that’s because the integrity level isn’t set by default on anything that you create yourself. there are some MS Mr. fix-it patches available under KB973479, but they only work on the user/coputer combination you are on, they do not work at the roaming profile level. currently the only way around this is to turn off IE’s protected mode. (I know it’s not the best thing to do - but until MS un-breaks this, it’s all I’ve figured out how to fix it globally. You can turn off IE protected mode via GPO Computer (not user) policy. Administrative Templates, Windows components, Internet Explorer, Internet Control Panel, security Page, Internet Zone. Enable the policy and set protected mode to disabled.

another way around this is to add the following to the user’s login script:

If not exist %localappdata%\Temp\Low (mkdir %localappdata%\Temp\Low)
ICACLS “%localappdata%\Temp\Low” /setintegritylevel (OI)(CI)low



1 Comment

MDT 2008 Lite Touch fails with wierd network errors - sometimes
You may not put two and two together but they last time you updated MDT (because MS told you you needed to… (yeah so much for trusting MS)) you actually broke it.  Now you get a Network Timeout (or a wierd access denied error) in Windows PE 2.1 when it’s trying to launch the Lite touch scripts.  Oh, and another thing about launching LiteTouch, don’t have a Windows boot CD (or any CD in the CD drive.  For some wierd reason WPEInit will see that and fail to launch the LiteTouch Script. (no I havn’t figured out why yet)

You get the following error message in MDT 2008 Lite Touch Deployment even though you have the correct nic drivers in Windows PE and the correct bootstrap.ini settings. “A connection to the deployment share \\Server\Distribution$ could not be made. The Deployment will not proceed”  upon further investigation you find out that you get an access denied error when you try to list the \\server\distribuiton$\ directory.  BUT! if you do a Net Use mapping to the folder, it works just fine!  WTF?  AND, it works on some models of computer but not on others.  More WTF?

A network initializion timeout issue in wpeinit.exe in Windows PE 2.1 causes MDT 2008 Lite Touch Deployments to fail.

Give WIndows PE 2.1 a few more seconds by editing startnet.cmd on your LiteTouch_x86.wim (or iso) to look like below.  (It’s in the windows/system32 directory) (Use Imagex /mountrw LiteTouch.wim 1 d:\image to mount the WIM) (Don’t forget to ImageX /Unmount d:\image when you’re done)


wpeutil InitializeNetwork
ping localhost or Pause (or any other command that does nothing but takes a few seconds to complete)

If you want the Deployment Workbench to include the updated startnet.cmd every time you update the Deployment Point just follow the below steps

Configure MDT to use the updated startnet.cmd

  1. Create a folder named ExtraFiles\Windows\System32 in the distribution share and copy the updated startnet.cmd to it.
  2. In the Deployment Workbench, right-click the Deployment Point and select Properties.
  3. In the Windows PE Tab, in the Extra directory to add textbox, type in D:\ExtraFiles
  4. Click OK
  5. Regenerate the WIM files and don’t forget to rebuild the Boot images in WDS otherwise your changes won’t take effect.


No Comments

The user profile service service failed to logon

This is another Vista goodie. All us anal retentive network nazi’s have the habit of cleaning up old profiles from desktop computers when we run accross them. the simplest way was to simply delete the profile folders from the Documents and Settings folder in XP or 2000. As you probably know by now, documents and settings has been replaced by the OSXesq Users folder. So you figure you can do the same thing in this folder. Well, you can, but you are stting up a potential problem in the future. It seems that the registry keeps track of all the users that have every logged on to a machine. Now if you’ve deleted the user’s profile contents by simply deleting their profile folder, then when you try to log into the machine using that profile, Vista barks at you with the titled error. You think WTF? this user can log into every other computer, and other users can log into this computer!!! The fix to this is to go into the registry and remove the references to the deleted profiles. The profile list can be found here: HKLMSoftwareMicrosoftWindows NTCurrent VersionProfileList The prevention is to log into the machine as a local adminitrator and go in to the computer’s Advanced properties and delete the profile from there. that way the folder AND the registry entries will be removed.

Just another “helpfull” feature of Vista…


No Comments

Adobe Acrobat Reader 9.0

Don’t DO it!!!! In case you haven’t figured it out yet, Adobe’s realease 9.0 of acrobat reader cause lots of problems. Known issue #1 - In Vista with IE 7 and a normal user, Reader won’t launch inline in the IE browser window - it just hangs with a blank page. The work around for this has been to turn off the browser integration so Reader launches in it’s own window.

Known Issue #2 - If you have redirected your Application Data folder to a network share, 9.0 has a hissy fit and errors out on open.

The fix to all of this??? why it’s Acrobat reader 9.1 of course! Just another example of why you should be very cautious with dot zero releases. And, cynically, another example of the rediculous buggy bloat that is all things adobe. Yes Adobe seems to be contending with the king of bloat (MS) for the crown. I think they might even get it very soon!

PS: Version 9.1 does indeed fix both of the problems.  HOWEVER, it unintentionally breaks it’s self again.  Or more correctly, it tries to use something that is broken in Vista.  so, when you install 9.1, make sure to install hot fix 228839  available here:

This fixes a problem that shows up when you are using roaming or mandatory profiles and Vista doesn’t create all of the local temp folders.  It’s especially bad if you clear the cached profiles at logout.

Gone insane yet??????

More insanity…

Ok, so the hotfix listed above does indeed fix the problem.  But ONLY for VISTA SP1 !!!  The hot fix won’t install in SP2.  Not only that, but if you do have the hotfix installed (or any other hotfix for that matter) SP2 won’t install via WSUS.  AND MS broke the Local/Low folder generation for situations of folder redirection in SP2 again.  So, basically I give up waiting for MS to fix this and keep it fixed so if you just add the following line to your logon scripts it will create the missing folder if  the logon process doesn’t.  Maybe some day MS will get their head out of their A@# and actually get this fixed (Yes this has been frustrating).

If not exist %userprofile%\appdata\locallow md %userprofile%\appdata\LocalLow



No Comments

Change those unchangable defaults

You can change the default open and save location for all of the Office 2007 programs except Publisher.  How lame is that???  Or can you?

It turns out that Publisher for some unknown reason looks at the following registry key value:  HKEY_USERS\username\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Personal to figure out where to open and save from.  So if you change this value to where you really want your default to be, thenPublisher (and any other program that looks at the same key) will magically use that as the default path.

Ah, and here is another one just like that.  MS Paint looks at: HKEY_USERS\username\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\My Pictures to figure out where it opens at.  Change that value and whala!  Default changed.  You can use either UNC or Mapped drive.

The big warning is that any other programs that use these keys will get their defaults changed as well, but then again, if you want your default changed for these programs, you probably want it changed for any others as well.  The other big warning is that these values will be ignored if you have folder redirection enabled for My documents either at the user level or via GPO.


No Comments

Spooler keeps crashing!

Ok you’ve got a cute little HP 1020/1022 laser printer and most of the time it works great BUT the @#%@$%#$ spooler sometimes crashes randomly (or not so randomly).  Here’s the deal… It’s the dreaded HP Host Print Driver!  Yep, this bad boy seems to be rearing it’s ugly head more and more these days. (Sidebar: The host print driver is a driver that does most of the PCL print processing on your CPU instead of the printer’s processor.  You see, traditionally, Laser printers have had their own processors to understand and interpret PCL and sometimes Postscript printer languages, but in order to take cost out of the printer, HP (and others) have removed the processor chips from low end printers and written drivers that (mostly) replicate the interpretation on the computer the printer is connected to.)  On to more details…  You may have dug into this deeper by now and found some consistancies in how and when the spooler crashes. 

- It’s usually when trying to print a PDF document.

- Not all PDFs cause the problem.

- It’s usually a PDF that was generated by a scanner.

- Once the spooler crashes or freezes, Word and Outlook have huge problems just opening documents.

- Sometimes you will see where ZSR.DLL was the faulting module.

These are things that do not work so don’t even bother trying them: 

- Deleting/uninstalling the printer and reinstalling it.  It may seem to work for a while but the next “special” PDF that comes along will crash it.

- Upgrading the version of Acrobat reader.  This has no effect at all.  (sidebar: removing adobe acrobat and replacing it with Foxit reader will resolve the issue however)

- Trying a different driver.  Since this is a host print printer, standard (HP 4, etc..) drivers will not work.  It must be a host print driver.

- Rebooting.  The spooler will probably crash within minutes after rebooting without even trying to print anything.  This is because the “special” PDF is still sitting in the print queue and will try to resume printing once the spooler starts.  Clearing the print queue will temporarily resolve this immediate problem.  The print Queue can be found here: c:\windows\system32\spool\printers  Just delete all the files in there and reboot.

- Updating the printer driver to the latest version.  Since this is a now obsolete printer, HP doesn’t seem to be willing to fix this problem and so the latest drivers are actually worse than older drivers.  And that leads us to how to fix the problem….

 Here is what does work:

- Clear out all remnants of all printer drivers as per MS article:  (Q324757)

- Unpack the driver from the original CD or an old driver package.  One that I know works is labeled for XP,2000 AND 98 from 2005.  Also, to check if it might be the right driver, check the contents of the unpacked dirver for the existance of zsr.dll  If it’s there, it’s the wrong one and won’t fix the problem.

- Install the printer the old fashioned way, plug it in and install the driver using add printer and selecting “have drivers”.  DO NOT run the HP install!!!!

- Go ahead and install any other (non-host print) drivers that are needed.

 That’s it.  hours and hours of head banging averted!  Now doesn’t that feel good??



Outlook Cached Mode Is Greyed Out!

Ok, so you or someone you know and love has been messing around with disabling chached mode and/or offline folder file settings.  Lots of reasons to do this, and lots of reasons to un-do this.  Doing it is pretty easy through customizations and/pr group policies.  Un-doing it is a pain.  So here’s the secret….  Ready….  You need to hack the registry!  Surprise Surprise.  Ah, but what to hack????  Simple.  Go to HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\xx.0\Outlook\OST  (where xx is your current outlook version - YES this works for lots of versions) and simply delete the NoOST value.  Restart outlook (or start it as you shouldn’t have had it started in the first place) and whala! you can not reset your happy little cached mode thingy.  For those of you that are really interested in what the values in NoOST mean….

  • 0—An offline store is set up by default and used for calendar caching. You can enable offline access and use the offline store. This is the same as the absence of the OST key and NoOST entry.
  • 1—An offline store is set up by default and used for calendar caching. You can’t enable offline access and use the offline store. The options on the Microsoft Exchange Server Properties dialog box aren’t available.
  • 2—An offline store isn’t set up by default, and you can’t enable offline access and use the offline store. The options on the Microsoft Exchange Server Properties dialog box aren’t available.
  • 3—An offline store isn’t set up by default, and you can’t enable offline access and use the offline store.

There - aren’t you glad you read on!

 I didn’t think so.



1 Comment

Vista errors 1747 and 10107

Suddenly your Vista computer decides to go on strike.  Network connections don’t work, wierd failure messages pop up, and you can’t even open up event viewer to see what the problem is!  You try to start Event logging or other services that should be started but aren’t and you get a “Error 1747: The authentication service is unknown” mesage.  You try other things and your get the fabulous “Error 10107: A system call that should never fail has failed” mesage. (go figure - Microsoft can take the time to create an error mesage the shouldn’t ever happen, but can’t take the time to actually fix the problem!)  Anyway the problem, believe it or not, is likely to be a messed up Winsock stack.  TCP/IP stack Winsock settings in Windows Vista may get corrupted, causing errors and problems with Internet connectivity. Corrupt Winsock or Windows sockets configuration can be due to a lot of reasons such as installation of a networking software, or due to virus, trojan or malware infection, or sometime even due to disinfection of spyware by security software.

When Winsock corrupts, the networking errors that you may face include unable to surf the Internet with “Page cannot be displayed” error message in Internet Explorer or AOL even though the DSL/ADSL/cable Internet connection is connected. Sometimes, Windows Firewall/Internet Connection Sharing (ICS) service is terminated as well.

To repair and reset the Windows Vista Winsock Stack:

  1. Click on Start button.
  2. Type Cmd in the Start Search text box.
  3. Press Ctrl-Shift-Enter keyboard shortcut to run Command Prompt as Administrator. Allow elevation request.
  4. Type netsh winsock reset in the Command Prompt shell, and then press the Enter key.
  5. Restart the computer.

What netsh winsock reset command does is it resets Winsock Catalog to a clean state or default configuration. It removes all Winsock LSP (Layered Service Providers) previously installed, including the potential malfunctioned LSP that causes loss of network packets transmission failure. So all previously-installed LSPs must be reinstalled. This command does not affect Winsock Name Space Provider entries.

Note: To check which LSPs installed on your Vista system, use netsh winsock show catalog command.