Archive for April, 2010
How to Add and Remove a Local Account from a Group
Posted by admin in Kaseya, Scripts, Visual Basic Script (vbs) on April 27, 2010
Occasionally you may need to add a local user account to the local administrators group for a software install or temporary maintenance. The following vbs script can be used to add the local ‘user1’ account to the local ‘administrators’ group. Any user can be added to any local group, change the red to match your needs. The computer name is pulled from the workstation dynamically so this is also completely portable and can be run on any computer.
Read the rest of this entry »
Add Date and Time to any Batch File Output
This trick is useful for both troubleshooting batch file tasks and when using a batch file to create a log. For example I have a scheduled task that renames some of my backup folders at night and then moved a few files around for me. When the batch file starts I uses the below code to print the time it starts, I repeat the two lines at the end of the batch file so that I can see what time the job completed. This is useful for figuring out average time of a task so that you can schedule other things without interfering.
How to Rename a File Over a Network Through a Batch File
Sometime you need to rename a file or a folder that does not reside on your sever. For example I run a scheduled task on one sever to rename the folder on another server so that I can automatically archive backups weekly. Batch files or command line operations do not support UNC paths like \\myserver\my_share without taking some steps first.
Read the rest of this entry »
Scripted Enumeration of Accounts with Local Admin Rights
Beefing up security on networks keeps you from having issues in the long run. An hour today can save you three later. In a effort to improve network security and individual computer security I came up with this fancy little kaseya script. It enumerates the local administrators on a computer and exports them to a text file named whatever the target computer has been named. This can also be run through a batch login script. In the example below “g:” is a admin share on my local server, you can make this what ever you want or use a get file in kaseya to snatch the text file from the computer.
Removing Trend Micro Client/Server Security Silently Through Kaseya or a Login Script
As you might have noticed from my last post I have spent some time cleaning up Trend Micro issues on my networks this week. I have a few installs that are messed up and need a reinstall so I made this.
Script Description: Uninstall Trend Micro client
IF True
THEN
Set Registry Value
Parameter 1 : HKEY_LOCAL_MACHINESOFTWARETrendMicroPC-cillinNTCorpCurrentVersionMisc.Allow Uninstall
Parameter 2 : 1
Parameter 3 : REG_DWORD
OS Type : 0
Execute File
Parameter 1 : c:Program FilesTrend MicroClient Server Security Agentntrmv.exe
Parameter 2 : /silent /noreboot
Parameter 3 : 0
OS Type : 0
ELSE
Trend Micro Client/Server Agent Uninstall Without Password
I am posting this because I have had this issue a few times and it seems to be happening more and more often to me.  The idea is that when you go to unload office scan, or the trend agent it prompts you for a password, you enter it and away you go.  The issue is when you have a client computer that is not communicating with the server as it should be, it cannot authenticate the password.  Here is the fix; in the registry key below change the DWORD value to a ’1′ instead of a ’0′.  This change will allow for the uninstallation of the software without entering the password.
“Allow Uninstall”=dword:00000000
Enable and Disable UAC Via Login in Vista
In Vista UAC (User Access Control) is both anoying and can prevent you for doing some tasks remotely. For example, Installing Trend Micro Client Security Agent is not possible over VNC if UAC is enabled. UAC will cause a window to pop up asking you to confirm that the drivers that the antivirus is trying to install are legitimate. When UAC is invoked you will often lose VNC to a computer, I found that this a very common issue when installing drivers in particular. In looking for a easy way to disable UAC on a few computers while doing some maintenance I found this command line chunk.
Read the rest of this entry »
The 333 Event ID In The Application Event Log
I am writing this because I had a server doing this for a very long time before I pinned down the cause. This will include a lot of what I found on the internet and my own personal fix that worked for me.
Example Event:
Event Source: Application Popup
Event Category: None
Event ID: 333
Date: 3/23/2009
Time: 2:44:53 PM
User: N/A
Computer: SERVER1
Description:
An I/O operation initiated by the Registry failed unrecoverably. The Registry could not read in, or write out, or flush, one of the files that contain the system’s image of the Registry.Â
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 01 00 6c 00 ……l.
0008: 00 00 00 00 4d 01 00 c0 ….M..À
0010: 00 00 00 00 4d 01 00 c0 ….M..À
0018: 00 00 00 00 00 00 00 00 ……..
0020: 00 00 00 00 00 00 00 00 ……..
Symptoms: Every third of a second or so there was an event id 333 error logged in the application event log on the server. This would start after the server has been up for a few hours to days and will stop for a period after the server was rebooted. The error occurred so often I was reaching 30,000 instances of the error in 24 hours. About 36 hours after the event started occurring no one was able to login active directory, and to get the server back up it required a manual hard reboot.
Change The Default Internet Explorer Homepage
I have a chunk of registry tweaks I run on new computers, this is one of them. It changes the internet explorer homepage to www.google.com, though you can use anything you like in place of google, perhaps a intranet page?
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMain]
“Start Page”=”www.google.com“
Simple but powerful, and can be merged to the registry silently using regedit /s, or added to a list of registry hacks.
To use this with kaseya import the below script, change the red to your best practice and away you go.
Script Description: Set Default Page on Iternet Explorer. Â
IF User Is Logged In
Parameter 1 :
THEN
Set Registry Value
Parameter 1 : HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMainStart Page
Parameter 2 : http://www.google.com
Parameter 3 : REG_SZ
OS Type : 0
ELSE
Adding ‘Lock My Computer’ Shortcut to The Desktop
In a effort to increase security at one of my healthcare providers they requested a quick way their employees can lock their computers when they walk away from their computers.  I found Mklnk, it is a very tiny free utility that lets you make shortcuts from command line.  I decided to use this to accomplish this task.  I did some research and found that the following command will lock your computer.