• Home
  • Cisco
  • Exchange
  • Linux
  • Navision
  • Network
  • Virtualization
  • Windows
  • About

    Getting the username from the HKEY_USERS values

    October 13th, 2016

    In a command prompt:
    wmic useraccount get name,sid

    Windows 2012 commands

    February 9th, 2016

    Install telnet client:
    dism /online /Enable-Feature /FeatureName:TelnetClient

    Disable firewall:
    netsh advfirewall set allprofiles state off

    Windows 2012 – Enable F8 (boot into safe mode)

    February 9th, 2016

    Boot on Windows 2012 install media
    Choose Troubleshoot and in a command prompt type:
    bcdedit /set {bootmgr} displaybootmenu Yes
    bcdedit /set {bootmgr} timeout 10
    Enables the bootmenu
    Now you can use “safe mode”.

    Remove patch in command line

    December 9th, 2015

    wusa.exe /kb:3114409 /uninstall

    Usefull powershell commands

    October 30th, 2015

    Show all locked accounts:
    Get-Eventlog -logname Security | Where EventID -EQ “4740” | Format-Table

    Active Directory operation failed on DC.dom.local. This error is not retriable. Additional information: Access is denied.

    October 8th, 2015

    When trying to set rights with the command: Add-ADPermission you get this error:
    Active Directory operation failed on DC.dom.local. This error is not retriable. Additional information: Access is denied.
    Add-ADPermission -Identity TestGroup1 -user TestUser1 -AccessRights writeproperty -Properties member

    You need to give “Full access” to the user “Exchange trusted subsystem” on the AD group opject.
    Tip: Enable “advanced features” in AD to add the security tab.

    Disable UAC on Windows 2012

    August 24th, 2015

    EnableLUA (dword) 00000000

    Outlook – Server not available and error in SSL

    August 5th, 2015

    If rpc over https is wrongly configurated, or the certificate for some reason not trusted on your local computer, you can disable the SSL check.
    Simply add this key:
    DefConnectOpts (dword) 0

    The RD Licensing grace period has expired and Licensing mode for the Remote Desktop Session Host server has not been configured – Windows 2012 RDP

    May 21st, 2015

    Remove the 120 days time bomb.
    Remove this key:
    HKLM\System\CurrentControlSet\Control\Terminal Server\RCM
    Restart server.

    If you have a license server:
    $obj = gwmi -namespace “Root/CIMV2/TerminalServices” Win32_TerminalServiceSetting

    Set lines mode, device or user:
    $obj = gwmi -namespace “Root/CIMV2/TerminalServices” Win32_TerminalServiceSetting
    Value can be 2 (per Device) or 4 (Per user)
    $obj. LicensingType

    Taskbar buttons – never combine – Windows 2012

    April 28th, 2015

    Create a regfile:

    Windows Registry Editor Version 5.00


    2: Never combine
    1: Combine when taskbar is full
    0: Always combine

    Move or copy auto-complete list from Outlook 2010

    March 3rd, 2015

    Find this file: Stream_autocomplete (on the source computer).
    In this location: C:\Users\%username%\AppData\Local\Microsoft\Outlook\RoamCache

    could have a name like this: Stream_Autocomplete_0_8D3BCAEDYTGFEB43A6DDDDDD8B2B89BF
    Close Outlook on target computer, and copy this file to same location.

    You have to rename file, so it overwrites the name from same file on target.

    Make changes to a users system registry (Regedit) – Windows 2012

    February 27th, 2015

    Log into the system as Administrator and open regedit.

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
    In this path you can see all users, and inside this you can see their profile path etc c:\users\test1
    You will also see the user SID

    This SID can be found in: HKEY_USERS

    Add RDP-Tcp connection in Windows 2012 R2

    February 26th, 2015

    If you for some reason need two RDP-Tcp connections in Windows 2008 you could easily add one in the “Remote desktop Session Host Configuration” tool.

    This tool does not exist in Windows 2012 and you have to do it with regedit.
    Make an export of this:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

    Edit this regfile and change the path
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp-3390

    This will be your new RDP-Tcp connection.
    Change “LanAdapter” to the listening netcard
    0 = all
    1= netcard1

    Change “PortNumber” to the port listening on the RDP-Tcp-3390
    In this way, the original RDP-Tcp could listening on port 3389 with netcard1 and RDP-Tcp-3390 listening on port 3390 with netcard2

    Show netcard ID:
    netsh interface ipv4 show interfaces

    Show assignments in powershell:
    gwmi Win32_TSNetworkAdapterSetting -filter “TerminalName=’RDP-Tcp'” -namespace “root/cimv2/TerminalServices” | Select NetworkAdapterLanaID,NetworkAdapterName
    gwmi Win32_TSNetworkAdapterSetting -filter “TerminalName=’RDP-Tcp-3390′” -namespace “root/cimv2/TerminalServices” | Select NetworkAdapterLanaID,NetworkAdapterName

    Set standard printer with a script

    February 13th, 2015

    RUNDLL32 PRINTUI.DLL,PrintUIEntry /y /n “RICOH 3228C”

    If you need a delay og 10 sec, add this before:
    ping -n 1 -w 10000 > nul


    In bat file:
    cscript print.vbs

    In vbs file:
    Option Explicit
    On Error Resume Next
    Dim objNetwork
    Set objNetwork = CreateObject(“WScript.Network”)

    objNetwork.SetDefaultPrinter “printer MFP(PCL) (redirected 1)”
    objNetwork.SetDefaultPrinter “printer MFP(PCL) (redirected 2)”
    objNetwork.SetDefaultPrinter “\\server\printer”


    Powershell script cannot be loaded because the execution of scripts is disabled on this system

    August 22nd, 2014

    Enable running scripts:
    set-ExecutionPolicy Unrestricted

    Map network drive in Windows server 2012

    May 8th, 2014

    From the “METRO” you can right-click “this pc” and have some options from there.

    Map Network drive is one of them.


    set chrome as default browser

    April 29th, 2014

    Use this in a script:
    C:\Progra~2\Google\Chrome\Application\chrome.exe –make-default-browser

    List of switches:

    Enable Adblock Plus – Internet explorer

    April 16th, 2014

    Download and install:

    Computer Configuration –> Administrative Template –> Windows Components –> Internet Explorer
    Automatically activate newly installed add-ons

    User Configuration –> Administrative Templates –> Windows Components –> Internet Explorer –> Toolbars
    Hide the status bar

    You might want to disable Automatic updates:
    Edit the hostfile update.adblockplus.org

    Move dhcp server setup from Windows 2003 to 2008

    March 13th, 2014

    On old DHCP Server:
    netsh dhcp server export C:\dhcp.txt all

    On new DHCP Server:
    netsh dhcp server import c:\dhcp.txt all

    If errors, remove the scope options on the new server.

    Robocopy Example

    February 19th, 2014

    ROBOCOPY \\srv1\c$\share\ \\srv2\d$\share\ /MIR /SEC /R:2 /W:5 /LOG+:C:\AdminFolder\log.txt

    MIR : mirrors files
    SEC : NTFS rights
    R:2 : Retry two times
    W:5 : wait 5 seconds

    ExtPart (DELL) – Unable to connect to c: or it does not exist

    January 22nd, 2014

    If you are running into this error, you can try to disable the services:

    File Replication Service (FRS) – Most likely only this
    Distributed File System (DFS)
    Windows Search
    Indexing Service

    Outlook 2013 starts configuration every time

    December 11th, 2013

    Just install the indexing service (role service)
    It does not have to index anything!


    Windows Search Service

    Windows 2008 – Use a NTP for time updates

    October 28th, 2013

    net stop w32time
    w32tm /config /syncfromflags:manual /manualpeerlist:”ntp.siminn.dk”
    w32tm /config /reliable:yes
    net start w32time
    w32tm /query /configuration

    Disable Intranet WUS on Client

    September 30th, 2013


    RDP print from Windows 2008 domain controler

    August 30th, 2013

    Cacls.exe PRINTERS /e /g users:C

    restart spooler

    /T Changes ACLs of specified files in
    the current directory and all subdirectories.

    /L Work on the Symbolic Link itself versus the target

    /M Changes ACLs of volumes mounted to a directory

    /S Displays the SDDL string for the DACL.

    /S:SDDL Replaces the ACLs with those specified in the SDDL string
    (not valid with /E, /G, /R, /P, or /D).

    /E Edit ACL instead of replacing it.

    /C Continue on access denied errors.

    /G user:perm Grant specified user access rights.
    Perm can be:
    R Read
    W Write
    C Change (write)
    F Full control

    /R user Revoke specified user’s access rights (only valid with /E).

    /P user:perm Replace specified user’s access rights.
    Perm can be:
    N None
    R Read
    W Write
    C Change (write)

    Scheduled defragmentation in windows 2008 and 7

    August 27th, 2013

    Create a task:
    With the drive as argument.
    -c or -d

    Backup MySQL on Windows with a script and zip it

    July 3rd, 2013

    Create a bat file:

    C:\Progra~1\MySQL\MYSQLS~1.5\bin\mysqldump.exe –opt –single-transaction –user=root –password=xxxx DB-name > backup_DB-name.sql

    set backupFilename=%DATE:~6,4%%DATE:~3,2%%DATE:~0,2%
    C:\Progra~1\7-Zip\7z a MyBackup%backupFilename%.zip *.sql

    Windows 8 – Change Product Key

    March 21st, 2013

    In the search box: Slui.exe 0x3
    In the command prompt: slmgr.vbs -ipk 00000-00000-00000-00000-00000

    Disable Anti-SPAM folder in Outlook

    March 1st, 2013


    Remove Temporary Internet Files on exit with logoff script

    February 15th, 2013

    Make a script with this content:

    Windows 2003:
    DEL C:\”Documents and Settings\%username%\Local Settings\Temporary Internet Files”\*.* /Q /F /S

    Windows 2008:
    DEL C:\”Users\%username%\AppData\Local\Microsoft\Windows\Temporary Internet Files”\*.* /Q /F /S

    Add is as an logoff script
    Great on Terminal servers.

    Where is All Users Folder in Windows 2008

    February 11th, 2013

    All users desktop
    (The Desktop folder is hidden)

    All users start menu and programs:
    C:\ProgramData\Microsoft\Windows\Start Menu
    C:\Users\All Users

    Add the Office 2010/2013 GPO’s to the Domain controler

    February 7th, 2013

    Download the ADMX/ADM files from here:
    Extract the downloaded file.

    Copy the content of the ADMX folder to this folder on the DC:

    Create the folder policydefinitions if it is missing.
    The new policies are automatically replicated to all the DC’s.
    And they are visible in GPMC

    Remember this last step.
    The old gpo’s is now missing. This is because the new “policydefinitions” folder is in control.
    You need to copy the contents of: C:\Windows\PolicyDefinitions
    from a DC to this folder – then the old polycy’s are back.
    Remember, Widows update does not update this new store’s policy’s!
    You need to do this by hand.

    Update JAVA with script

    January 16th, 2013

    taskkill /F /IM iexplorer.exe
    taskkill /F /IM iexplore.exe
    taskkill /F /IM firefox.exe
    taskkill /F /IM chrome.exe
    taskkill /F /IM javaw.exe
    taskkill /F /IM jqs.exe
    taskkill /F /IM jusched.exe
    wmic product where “name like ‘Java%%'” call uninstall /nointeractive
    msiexec.exe /i \\Fileserver\jre-7u11\jre1.7.0_11.msi /qn

    First. Kill all the processes needed to install java
    vmic search after “Java * ” in “add-remove” programs.
    If something starts with “Java”, it will be removed.
    Last. Do a silent install

    You need the two files in the folder where java is installed from:

    If you start up the java install double clicking “jre-7u11-windows-i586.exe”, they can be found in:
    What version of Java is installed and do somethig based on that:

    IF (@PRODUCTTYPE) = “Windows 7 Professional Edition”
    ? “Windows 7”
    $FileVersionWin7 = GetFileVersion(“C:\Program Files (x86)\Java\jre7\bin\java.exe”)
    IF $FileVersionWin7 >= “”
    ? “Java: ” + $FileVersionWin7 + ” No update”
    ? “Java: ” + $FileVersionWin7 + “Update”
    RUN “\\nas\Java\jre-7u15\update.cmd”
    ? “…”


    IF (@PRODUCTTYPE) = “Windows XP Professional”
    ? “Windows XP”
    $FileVersionXP = GetFileVersion(“C:\Programs\Java\jre7\bin\java.exe”)
    IF $FileVersionXP >= “”
    ? “Java: ” + $FileVersionXP + ” No update”
    ? “Java: ” + $FileVersionXP + ” Update”
    RUN “\\nas\Java\jre-7u15\update.cmd”

    Disable Java update notifications

    October 12th, 2012

    You can disable Java update notifications by editing the registration database.
    Set the values to zero.

    HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update\Policy

    System restart Adobe Reader – Terminal server

    September 17th, 2012

    The Terminal server restarted, but why?
    You see this in the log:
    The Windows Installer initiated a system restart to complete or continue the configuration of ‘Adobe Acrobat X Standard

    A “user” can initiate an update or repair of Adobe Reader. In the end of this process, the software initializes an system restart.
    This has to be disabled on an terminal server.

    Disable Reapir:
    Adobe Reader X32
    Adobe Reader x64
    Adobe Acrobat X32
    Adobe Acrobat x64

    Hide update menu:
    In this folder, but the file: HideMenu.js
    C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Javascripts

    Customization Wizard X

    More info:

    Links in Outlook – Restricted

    July 17th, 2012



    Set standard printer with a VB script

    July 12th, 2012

    dim objNetwork
    set objNetwork = createobject(“Wscript.Network”)

    WScript.Sleep 1000 * 60 * 1
    objNetwork.SetDefaultPrinter “PrinterName”

    Just make a .vbs file. You can use it in a startup script (GPO)
    The line: WScript.Sleep 1000 * 60 * 1
    makes an delay of one minute.

    Reliability monitor – Empty on Windows 2008

    June 28th, 2012

    It is nice to see the history of crashed applications in Windows 2008.
    But when you start up “reliability monitor” it is empty – why is that?
    You have tried this: http://support.microsoft.com/kb/983386 but still no lock.
    Are you running as Domain Controller on the server, it could be a right issue of the service.

    Changed the RacTask on DCs to run “AS System” instead of “Local Service”.
    Can be found in “task scheduler” –> “Microsoft” –> “Windows” –> “RAC”

    File associations GPO – Windows 2008

    May 23rd, 2012

    Computer Conf –> Preferences –> Control Panel Settings –> Folder Options –> Right click –> New –> File Type

    User Conf –> Preferences –> Control Panel Settings –> Folder Options –> Right click –> new –> Open With


    Disable Admin Tools folder – Windows 2008 Terminal server

    May 22nd, 2012

    You can remove the “Admin Tools folder” with a GPO.

    Go to:
    User Configuration\Preferences\Windows Settings\Registry

    Add a new Registry Item:
    Action: Update
    Key path: Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    Value name: StartMenuAdminTools
    Value type: REG_DWORD
    Value data: 00000000

    Add a second Registry Item:
    Action: Update
    Key path: Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    Value name: StartAdminToolsRoot
    Value type: REG_DWORD
    Value data: 00000000

    Remember to enable Loopback on the OU where the RD Host are.
    Computer Configuration\Policies\Administrative Templates\User Group Policy loopback processing mode
    Mode: Merge

    Tomcat – Configure Trusted SSL Certificate – Windows

    April 19th, 2012

    Create new keystore with a 2048 bit certificate:
    c:\PROGRA~1\AHSAYO~1\conf>c:\progra~1\ahsayo~1\java\bin\keytool -genkey -keysize
    2048 -alias tomcat -keyalg RSA -keystore keystore.2012

    Make a request:
    c:\PROGRA~1\AHSAYO~1\conf>c:\progra~1\ahsayo~1\java\bin\keytool -certreq -keyalg
    RSA -alias tomcat -file MyDom.csr -keystore keystore.2012

    Import root cert:
    c:\PROGRA~1\AHSAYO~1\conf>c:\progra~1\ahsayo~1\java\bin\keytool -import -alias r
    oot -keystore keystore.2012 -trustcacerts -file root.crt

    Import intermediate cert:
    c:\PROGRA~1\AHSAYO~1\conf>c:\progra~1\ahsayo~1\java\bin\keytool -import -alias i
    ntermed -keystore keystore.2012 -trustcacerts -file intermediate.crt

    Import the trusted SSL cert:
    c:\PROGRA~1\AHSAYO~1\conf>c:\progra~1\ahsayo~1\java\bin\keytool -import -alias t
    omcat -keystore keystore.2012 -trustcacerts -file MyDom.crt

    More info

    Error in Office: The file is corrupt and it cannot be open – security setting

    April 12th, 2012

    If you get this error trying to open a Office document: “The file is corrupt and it cannot be open” it might be a security setting.

    If the file is from the Internet / Outlook, it is blocked by default.

    You can unblock in the file properties or make a GP
    Goto: User Configuration > Administrative Templates > Windows Components > Attachment Manager Enable: Do not preserve zone information in file attachments

    Disable Outlook 2010 AntiSPAM/Junk E-mail Funktion

    December 30th, 2011

    [HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\14.0\outlook] “DisableAntiSpam”=dword:00000001

    Download regfile

    Choose Fallback Driver – Windows 2003 Terminal Server

    October 14th, 2011

    By default Windows use the driver “HP DeskJet500c” or “HP Color LaserJet 5/5M PS” if no exact driver is found.
    This can be changed in regedit on the terminal server.

    Below is “HP LaserJet 4” the default.

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd]
    “FallbackPclDriver”=”HP LaserJet 4”
    “FallbackPsDriver”=”HP Color LaserJet 5/5M PS”

    Download regfile

    Win32 error code returned by the print processor: 5. Access is denied.

    October 4th, 2011

    On a terminal server where a user is trying to print, you get whis error in the log:

    “Win32 error code returned by the print processor: 5. Access is denied”

    Give the users trying to print write access to thsi folder on the terminal server:

    Please provide a path to windows media x86

    October 4th, 2011

    You have a Windows 2008 64 bit terminal server and needs some additional printer drivers x86 and x64.
    When installing the x86 drivers this error occurs:

    “please provide a path to windows media x86”

    All you have to do is finding ntprint.inf from a 32 bit Windows 7 and give it that file and folders.
    From a Windows 7 find this folders:


    Move it to your Windows 2008 server, and point the wizard to this files.

    Turn Off Protected View in Office 2010

    August 10th, 2011


    Windows Registry Editor Version 5.00


    Group Policy:
    “Options\Security\Trust Center\Protected View”

    Reg file:

    Change client local drive in Citrix – InitialClientDrive

    June 23rd, 2011

    The local harddrive of a client can be changed in a citrix invioment.
    Create this on the server if you want it to be x:

    Type REG_SZ

    Adobe Reader X with Protected Mode disabled on Terminal server

    June 9th, 2011

    On a terminal server all users are requested to enable or disable the protected mode in the new Adobe Reader X. On some systems enabling does not work.
    You can easily disable this functionality for the user in regedit with the use of a login script running this command:

    REG ADD “HKCU\SOFTWARE\Adobe\Acrobat Reader\10.0\Privileged” /v bProtectedMode /t REG_DWORD /d 0 /f

    Update Adobe Reader XI
    HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\11.0\Privileged

    svchost.exe uses 100% CPU

    May 17th, 2011

    What is coursing the svchost.exe to use 100% CPU?
    Use this command:
    tasklist /svc /fi “imagename eq svchost.exe

    Show the dll’s:
    tasklist /m /fi “imagename eq svchost.exe

    Sysinternals Process Explorer

    Outlook blocked access to the following potentially unsafe attachments

    January 18th, 2011


    XX.X indicates your version of Outlook:
    14.0 – Microsoft Office 2010
    12.0 – Microsoft Office 2007
    11.0 – Microsoft Office 2003
    10.0 – Microsoft Office 2002
    9.0 – Microsoft Office 2000

    Add a new string value key in that location:
    Add the extensions: .lnk;.com;.exe

    Download a Reg file

    Customized office 2010 install

    December 29th, 2010

    Upgrade the admin folder in the office folder with the newest “Office Customization Tool” files.
    Start the tool:
    setup.exe /admin

    Featues –> modify user setting –> Microsoft office 2010 system –> Privacy –> Trust center
    Disable Opt-in Wizard on first run (enabled)
    Enable customer Exoerience improvement program (Disabled)
    Save the MSP file

    Setup.exe /adminfile office.MSP
    (Runs the installation)

    User –> Administrative Temp. –> Microsoft Office 2010 system –> Privacy –> Trust center
    Disable Opt-in Wizard on first run (enabled)
    Enable customer Exoerience improvement program (Disabled)

    User –> Administrative Temp, –> Microsoft Office 2007 –> tools account settings –> rss feeds
    Turn off RSS feature

    Change boot screen in windows 7 and save time

    October 29th, 2010

    Just a black screen. Saves a lot of time:
    bcdedit /set bootux disabled

    Vista boot screen
    bcdedit /set bootux basic

    More info

    Automatically assign Workstations to a new OU

    September 13th, 2010

    By defaults all new added computers are created in the default OU “Computers”. You can change the default OU.

    redircmp ou=NewComputers,DC=mydom,dc=local

    Microsoft Office Outlook kan ikke startes. Outlook-vinduet kan ikke åbnes

    August 26th, 2010

    If you get this error when trying to open Outlook:
    Microsoft Office Outlook kan ikke startes. Outlook-vinduet kan ikke åbnes (Danish).
    Microsoft Office Outlook cannot start. Outlook window cannot be opened (English)

    You can try this commands i “Run”.
    Outlook.exe /resetnavpane
    Outlook.exe /cleanprofile

    Disable Browser choice

    June 12th, 2010


    Disable Data Execution Prevention (DEP) in Windows 2003

    March 25th, 2010

    Right click on “my computer” –> properties –> “advanced” –> “startup and recovery” –> “setting” Choose “edit”

    And reboot

    There are problems with the signature – Click the signature button for details

    November 5th, 2009

    You are receiving an email with a digital signature, but it has a warning: “There are problems with the signature.  Click the signature button for details”.

    Something is probably changing the email before delivery, and now it it not valid. An antivirus and/or SPAM scanner could course this. If you are using ESVA Mail scanner this software is insetting a text in the email. This can be disabled.

    ESVA Customization

    Terminal Server – Legal Notice

    October 22nd, 2009

     Display a message at logon, before you can proceed to log on to a server.

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    “LegalNoticeCaption”=”Testing on top”
    “LegalNoticeText”=”Test Test”


    Extend the 30 days grace period – Windows Vista

    August 22nd, 2009

    You can extend the default 30 days grace period op to 120 days with this command:
    slmgr /rearm
    Then restart.

    Works in Windows 7

    MAP with username and password in a logon batch file

    May 13th, 2009

    How to map a network drive with the use of username and password.

    NET USE S: \\servername\share /USER:domainname\username password

    servername = Name of the server
    share = Name of the share
    domainname = Name of the domain where the username is defined, if local user just remove it.
    username = Username
    password = Password

    Remote control failed. Error code 5: Access is denied

    April 29th, 2009

    Only the administrators on the terminal server can “shadow” other users, but what do you do if you have a “super user” that need to remotely support the other users?

    You just have to modify the rights a little bit.
    On the terminal server open “Terminal Services Configuration” and right click on the connection.
    In “remote control” choose “use remote control with…”.
    In “permissions” add the super user and go to “advanced”. Add the “remote control” right.

    If the users affected by the new rights were logged in, remember to log them off before the changes are working.

    Outlook – auto complete missing on new computer

    April 29th, 2009

    Every time you send a new message in Outlook, and manually type in an email, this information is automatically inserted into the AutoComplete list.
    A local database file stores this information (.NK2).
    This file can be found in the user profile etc. C:\Documents and Settings\\Application Data\Microsoft\Outlook.

    If you move this file to a new computer or just a new user profile, the information is active again.

    The NK2 file can be edited with this program: http://www.nirsoft.net/utils/outlook_nk2_autocomplete.html

    MS SQL Server 2005 and Remote Access

    August 27th, 2008

    Need to access your SQL server from another computer?

    Configuration in SQL Server Management Studio
    Click “All Programs” –> Click “Microsoft SQL Server 2005” –> click “Microsoft SQL Server Management Studio”.
    Log in to SQL Server 2005 with windows authentication or sa user.
    Highlight the server and right click “Properties”.
    Highlight “Security” –> Under “Server authentication”, choose “SQL Server and Windows authentication mode”.
    Highlight “Connections” –> Under “Remote server connections”, choose “Allow remote connections to this server”.

    Configuration in SQL Server Surface Area Configuration
    Click “All Programs” –> Click “Microsoft SQL Server 2005” –> click “Configuration Tools” –> click “SQL Server 2005 Surface Area Configuration”.
    Click “Surface Area Configuration for Services and Connections” -> click “MSSQLSERVER” –> click “Database engine” –> click “Remote connections” -> Under “Local and remote connections”, choose “Using TCP/IP only” or other protocols.

    Remember the “SQL server browser” service. It it ussed when connected from the outside.

    NTLDR is missing

    August 4th, 2008

    Get a boot-disk to fix the problem on this page.
    Direct link here.

    Out of office – Internal works but not external

    August 1st, 2008

    An exchange with the default settings have this problem.

    To fix it enter the Exchange System Manager.
    “Global Settings” –> “Internet Message Formats”.
    Right click “default”. –> “Properties” –> “Advanced”.
    Check the “allow out of office responses” box.

    More than two downloads in IE7

    July 29th, 2008

    Find this path:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    Make two new DWORD values:

    Give both of them a value of ‘a’ (don’t write the  ‘ ‘ )

    IE7 – Opening multiple tabs from command line

    June 22nd, 2008

    Make a bat file with the extension .bat or .cmd
    Define the the tabs this way in the file:

    START http://www.microsoft.com/
    START http://www.hp.com/
    START http://www.ibm.com/

    Remove the Built-In Search Bar in IE 7

    June 13th, 2008

    Find this path:
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
    Add this key: NoSearchBox”=dword:00000001

    Download reg file

    Change Office 2003 user templates path through regedit

    June 6th, 2008

    Find this path in regedit:

    and the key: UserTemplates
    type: REG_EXPAND_SZ

    Just give it a value. (path to a folder)

    If you can not find the key UserTemplates, Office is using the standard path:
    C:\Documents and Settings\\Application Data\Microsoft\Templates

    If you use KIX:
    WriteValue(“HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Common\General”, “UserTemplates”, “c:\somefolder”, “REG_EXPAND_SZ”)

    Restart service in a bat job

    April 24th, 2008

    net stop “World Wide Web Publishing Service”
    net start “World Wide Web Publishing Service”

    Disable ICMP Redirect in Windows XP and 2003

    April 17th, 2008

    To disable it, find this path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
    Locate this key: EnableICMPRedirect
    change the value from 1 to 0



    Scheduled restart

    April 5th, 2008

    Run this command from a .bat file:
    shutdown.exe -r -f -t 60 -c “Windows Server 2003 will now restart in 1 minute…”

    Make a scheduled job that runs the bat file.

    Show uptime from command promt

    April 5th, 2008

    net statistics server
    (look after statics since…)

    Automatic logon in Windows 2003

    March 26th, 2008

    If you for some reason want your Windows 2003 server to automatic login a specific user when booted, it can be done with regedit.
    Find this path:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    Create/change the values of (strings):

    AutoAdminLogon (0 disable | 1 enable)

    Lost the shortcut to the Microsoft Update?

    March 7th, 2008

    Make a new icon or use it in a script

    C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\muweb.dll,LaunchMUSite

    FTP over SSL/TLS (implicit with encryption) with zFTPserver

    February 27th, 2008

    First the firewall or router needs to be configured. Remember when using an encrypted ftp all passive ports has to be redirected.

    This example are from a Cisco ASA

    access-list allow_inbound extended permit tcp any interface outside eq ftp
    access-list allow_inbound extended permit tcp any interface outside eq 2950
    access-list allow_inbound extended permit tcp any interface outside eq 2951
    access-list allow_inbound extended permit tcp any interface outside eq 2952

    static (inside,outside) tcp interface ftp ftp netmask
    static (inside,outside) tcp interface 2960 2950 netmask
    static (inside,outside) tcp interface 2961 2951 netmask
    static (inside,outside) tcp interface 2962 2952 netmask
    static (inside,outside) tcp interface 2963 2953 netmask

    Configuration on the ftp server:
    General tab:
    Specify address for passive mode: Write your public ip
    specify port range for passive mode: Write 2950 to 3000

    SSL/TLS tab:
    Create a certificate.
    Enable secure ftp through implicit ssl/tls and write using ssl/tls, only allow secure data transfers

    That’s it!

    Allow remote desktop through regedit – Do it remote

    February 24th, 2008

    You need to remote a server with remote desktop but thats not allowed, what do you do?

    It is possible to “activate” this remotely with regedit.
    find this regedit patch: HKLM\System\CurrentControlSet\Control\Terminal Server
    Set this DWORD to 0: fDenyTSConnections

    Control panel shortcuts – How to access them

    February 15th, 2008

    All the shortcuts in the control panel have an name with the .cpl extension.
    Most of them can be found here: c:\windows\system32

    I you for an example want to start the display properties just start the file: desk.cpl
    (could be done from run)

    If you want to activate through a script
    rundll32.exe shell32.dll,Control_RunDLL desk.cpl

    The shortcut MAIL can be found here:
    C:\Program Files\Common Files\System\MSMAPI\1030\MLCFG32.CPL

    More info here.

    Slipstream Microsoft Office 2003 SP3

    February 14th, 2008

    You need the Office 2003 SP3, download it here

    On your computer make 3 directories.

    Put the servicePack file in the folder TempSP3
    Extrakt the SP into Office2003 directory with this command:
    C:\TempSP3\Office2003SP3-KB923618-FullFile-DAN.exe /Q /C /T:C:\Office2003
    (depending on your chosen language, the name on the SP is different)

    Make a administrative install of office 2003 with this command:
    d:\setup.exe /a

    During the install you have to use the serial number.

    Slipstream with this commands:
    msiexec /p C:\Office2003\MAINSP3.msp /a C:\MSOffice2003\PRO11.msi SHORTFILENAMES=TRUE /qb
    msiexec /p C:\Office2003\OWC11SP3.msp /a C:\MSOffice2003\OWC11.MSI SHORTFILENAMES=TRUE /qb

    Redirect only the default printer in Terminal Services

    November 7th, 2007

    In remote desktop it is possible to only redirect the default printer on the client.
    The server need to have Windows 2003 SP2.
    The client need to have XP SP2 and remote desktop client version 6

    Nothing has to be done on the server.
    On the client in regedit find this path:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Terminal Server Client\Default\AddIns\RDPDR

    Add a DWORD value: RedirectDefaultPrinterOnly = 1
    Deactivate with 0

    The client need Remote Desktop version 6.

    More info  http://support.microsoft.com/kb/911913


    Scheduled quick erase in backup exec

    October 24th, 2007

    Make a task in windows control panel running a bat-file.

    cd C:\Program Files\Symantec\Backup Exec
    bemcmd -o111 -d”HP 1″ -e1

    first line enters the directory where “bemcmd” is localized.
    second line runs a quick erase on the device “HP 1”.

    Windows DHCP scope options

    October 20th, 2007

    Just an example of scope options on a windows 2003 active directory server with dhcp server.

    003 Router:
    006 DNS servers:
    015 DNS Domain name: dom.local
    044 WINS/NBNS Server:
    046 WINS/NBT Node Type: 0x8

    Access denied to directory – Backup Exec error

    October 17th, 2007

    If you get this error when performing an backup of exchange: “Access denied to directory .
    Access is denied to Remote Agent.  Check the login account for the specified device”, some things has to be checked.

    The user running the agent on exchange MUST be visible in Global Address List. In Active Directory user properties be sure not to have “Hide from exchange address list” checked.
    If your exchange is an standard setup and your using the administrator account in the agent, this is probably whey the error came.

    If not using the Administrator account, be sure to check that the used account is a member of Domain Admin and NOT a member of Domain Users.
    The account also need to have the exchange role “full exchange administrator”.

    This can be done in the exchange manager.
    – Open Exchange System Manager
    – Right-click on the First Organization (Exchange) root and select Delegate “EXCHANGE FULL ADMIN” to the user”.

    Spoolsv.exe and 99% CPU

    October 1st, 2007

    If the printing service (spoolsv.exe) is using 99% of the CPU, and an reboot of the whole server and or just the service does not work, what could be wrong?

    Maybe an old print-job is stuck on the computer.
    Go to: C:\WINDOWS\system32\spool\PRINTERS
    and remove all the files.

    Restart the printing service.

    Run EXE as a service

    September 27th, 2007

    What do you do if you want an *.exe to run as a service?

    You need two files from the “Windows Server 2003 Resource Kit Tools”. Instrsrv.exe and Srvany.exe.
    Run this command:

    c:\reskit\INSTSRV.EXE “Your service name” c:\reskit\SRVANY.EXE
    Now the service “Your service name” exsists on the server.

    You now need to add the actual exe to be run by the service.
    This is done in Regedit.
    Navigate to this registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\”your service name”.Add Key and name it Parameters.

    In this Add Value and type EXE information.
    Value Name: Application
    Data Type : REG_SZ

    Windows Server 2003 Resource Kit Tools

    Create Restart, shutdown and lock screen shortcut

    September 17th, 2007

    Create shortcuts with this command in it:

    Lock screen:
    rundll32.exe user32.dll,LockWorkStation

    shutdown -r -t 01

    shutdown -s -t 01

    Remove Balloon Tips

    September 7th, 2007

    Every time you print, a notification is shown above the clock.

    There are different ways to remove it.

    In Active Directory Group Policy:  “Administrative Templates” –> “Start menu and Taskbar” –> “Remove Balloon Tips on start Menu items”.

    On a standalone XP click “start” –> “run”. Type: “gpedit.msc”.

    Allow users to change time

    August 27th, 2007

    What do you do if you want an user in your organization with the ability to change the system time and not using an administrator account.
    In an Active Directory environment it can be done with a Group Policy.

    Computer Configuration –> Windows Settings –> Local Policies/User Rights Assignment –> Change System Time.

    You can specify specific users and or groups.

    Time synchronizing with a time server on the Internet

    August 2nd, 2007

    By default there are two time servers in windows XP. But it is possible to use our own prefered one. Just use this command:
    w32tm /config /syncfromflags:manual /manualpeerlist:ntp.webpartner.dk
    (ntp.webpartner.dk) is one example of an time server.

    w32tm /config /update
    Activities the changes.

    net stop w32time
    net start w32time
    w32tm /resync

    This works on Windows XP and 2003.

     more info

    Add route in Windows

    July 29th, 2007

    What do you do if you have two routers to the outside world. One to be used for Internet and one for an Intranet application?

    The first router is deleverd by your ISP and the second one is making an VPN tunnel to the Intranet server.

    Normally you would set up a routing roule on the first router, but if not possible an routing roule has to be set up on every computer who needs access to the Intranet server thug the second router.

    In this example the Intranet application is accessed on

    On all the clients this has to be typed in the command console:
    route add mask /p
    The /p makes the rule persistent (not removed after an reboot).

    Enable Remote Desktop from Regedit

    July 29th, 2007

    It is possible to activate remote desktop in regedit, you do not have to use the GUI on the computer itself.

    In regedit go to this path:

    HKLM\System\CurrentControlSet\Control\Terminal Server
    The value fDenyTSConnections must be 0 (zero) for enabling.

    The Local Security Authority is unable to obtain an RPC connection to the domain controler

    July 28th, 2007

    You are working with trust between two windows domains and gets this error.

    Are you using vmware… ? yes, keep on reading.

    This error does not occur on physical hardware but on a virtualized environment and only in vmware. The problem is the vmware driver  hgfs.sys. This driver handles the “vmware shared folders”.

    To resole this disable vmware shared folders. It can be done thug regedit. Se the image below. Just change the “start” key value to 4. The path is:

    For more information about this issue See this blog here

    More than one name on a server

    July 25th, 2007

    If you for some reason need to have more than one computer-name on a server it can not be done in the GUI. It has to be done in regedit.

    Find this location:

    Add a new key here with the name: OptionalNames with the type: REG_MULTI_SZ

    Type in the server names you want as the value. Separate more than one name with a space.

    Restart the server.

    Remove messenger

    July 24th, 2007

    Tired of messenger and do you want to remove it completely?

    It can not be found in “add/remove programs” It has to be removed with this command:
    RunDll32 advpack.dll,LaunchINFSection %windir%\\INF\\msmsgs.inf,BLC.Remove

    Open “start” –> “run” and click “OK”.

    Exit mobile version