2008

Home » Archives for 2008

Thursday, December 4, 2008

Export Exchange query-based distribution group members to a CSV file

   December 04, 2008      

This is a script I run internally to generate reports of query-based distribution group members as CSV files (viewable in Excel).

You'll need the free ADFIND tool from joeware for this script to run.
http://www.joeware.net/freetools/tools/adfind/index.htm

You'll also need to change the following line to reflect the proper LDAP base DN for your domain.
SET BASEDN="dc=domain,dc=local"

Script: Run-QBDG-Export.bat
@ECHO OFF
SETLOCAL
IF "%1" EQU "" (
ECHO.
ECHO ERROR!
ECHO Parameter required ^
ECHO.
ECHO Usage: Run-QBDG-Export.bat ^
ECHO.
GOTO :EOF
)

REM CHANGE THIS LINE TO MATCH YOUR DOMAIN
SET BASEDN="dc=domain,dc=local"
SET CMDLINE=ADFIND -b %BASEDN% -f "cn=%1*" -nodn cn
%CMDLINE% >%1-GETGROUPS.txt 2>NUL
IF EXIST %1-GETGROUPS.txt (
FIND /I "0 Objects returned" %1-GETGROUPS.txt
IF ERRORLEVEL 1 (
GOTO START_SEARCH
) ELSE (
ECHO ERROR: Could not query Active Directory for groups with %1*
GOTO END
)
) ELSE (
ECHO ERROR: Could not query Active Directory for groups with %1*
GOTO END
)

:START_SEARCH
FOR /F "usebackq tokens=1*" %%A IN (`type %1-GETGROUPS.txt ^| FIND /I ">cn:"`) DO (
SET GRP_OBJ=%%B
CALL :GET_MEMBERS %%B
)

FOR /F "tokens=1,2 delims=:" %%A in ("%TIME%") DO (
SET MYTIME=%%A:%%B
)
GOTO END

:GET_MEMBERS
SET FLT_QRY_OBJ="msExchDynamicDLFilter:"
SET FLT_DN_OBJ="msExchDynamicDLBaseDN:"

SET FLT_QRY_CMD=ADFIND -b %BASEDN% -f "cn=%GRP_OBJ%"
REM GET QUERY STRING
%FLT_QRY_CMD% > %1-ADINFO.txt 2>NUL

FOR /F "usebackq tokens=1*" %%A IN (`type %1-ADINFO.txt ^| FIND /I %FLT_QRY_OBJ%`) DO (
SET QRY_STR="%%B"
)
REM GET QUERY BASE DN
FOR /F "usebackq tokens=1*" %%A IN (`type %1-ADINFO.txt ^| FIND /I %FLT_DN_OBJ%`) DO (
SET QRY_DN="%%B"
)

ECHO Running the following query:
ECHO ------------------------------------------------
ECHO CN: %GRP_OBJ%
ECHO DN: %QRY_DN%
ECHO QS: %QRY_STR%
ECHO.
IF EXIST "%GRP_OBJ%.csv" (
DEL /Q "%GRP_OBJ%.csv"
)
ECHO Creating export file...
ADFIND -csv -b %QRY_DN% -f %QRY_STR% sn givenName mail title physicalDeliveryOfficeName employeeID -nodn >"%GRP_OBJ%.csv" 2>NUL
ECHO Done.
ECHO.
ECHO.
IF NOT EXIST "%GRP_OBJ%.csv" (
ECHO Could not create "%GRP_OBJ%.csv"
ECHO.
ECHO Press any key to continue or Ctrl-C to quit...
PAUSE >NUL 2>NUL
)
REM PAUSE
GOTO :EOF

:END
DEL /Q %1-GETGROUPS.txt >NUL 2>NUL
DEL /Q %1-BODY.TXT >NUL 2>NUL
DEL /Q %1-ADINFO.txt >NUL 2>NUL

ENDLOCAL

   / / / / /

   9 Comments

at December 04, 2008 9 comments

Tuesday, October 14, 2008

Windows Update Errors to KB Article Cross-Reference

   October 14, 2008      

This list is hardly definitive, but imagine my surprise when I discovered this cluster of sequential knowledge base articles in the Microsoft KB.  I didn't like my options for searching for them and since my colleagues witnessed a few of these error codes in the past day or so, I thought it was wise to create a quick-reference lists for myself (or anyone else who may read this). If you find one I've missed, please add a comment.

 

 

Windows Version

Error Code

KB Article

2000

XP

Server

2003

Vista

Server

2008

0x643

KB958052

0x80070420

KB958054

0x80070422

KB958043

0x80070490

KB958044

0x80070643

KB958052

0x8007064C

KB958055

0x8007066A

KB958049

0x8007F0DA

KB958050

Ø

Ø

Ø

0x8007F0F4

KB958051

Ø

Ø

0x800B0001

KB958045

0x80200010

KB958047

0x8024000B

KB958040

Ø

Ø

Ø

0x8024002D

KB958041

0x80246002

KB958056

0x80246007

KB958042

0X80248007

KB958046

0x8024D00C

KB958053

0xC80001FE

KB958048

   / / /

   No Comments

at October 14, 2008 0 comments

Wednesday, October 1, 2008

Install SteadyState and Enable Disk Protection in one shot!

   October 01, 2008      


After 12 years, Microsoft's support for Windows XP ended April 8, 2014. Since there will be no more security updates or technical support for the Windows XP operating system I have removed the transforms file link.

This article remains online for historical purposes only.


Here's the code that I used to install Windows SteadyState v2.5 and enable windows disk protection all in one shot. This took forever to figure out with myself and a colleague doing a significant amount of head scratching.

After Windows installer finishes the SteadyState install (I used a custom transform to skip the WGA validation since an unattended install would always freeze during this process), you need to run the SCTUI.EXE application located in the folder C:\Program Files\Windows SteadyState\. The catch is that if you try and run it from the same script that you ran the installer from, SCTUI will launch and immediately exit without enabling disk protection. The workaround we finally came up with was to have the installer script create a temporary user account that is a member of the local administrators group and execute SCTUI as that user. Ah, but you can't pass a password to RUNAS.EXE you say? That's where cpau from joeware comes in.

With cpau, you can specify both the user id and the password on the command line. The beauty of this is that once SCTUI has been launched you can delete the "temporary" administrator account we created earlier (the one that cpau is using to launch SCTUI) and the process will still run because of the way security contexts work in Windows (note: I have not yet tested this on Vista).

We guessed (correctly) that the SCTUI was somehow sensing that it was being launched from the same parent process as the Windows Installer instance that installed SteadyState. That's where the other benefit of cpau comes in. The process that cpau creates will be in an entire new user context and won't inherit any of the parent process' environment.

Once the installer scripts finish, the system will reboot. Once the system comes back up, you'll have to run the Windows SteadyState management tools to more fully configure Windows Disk Protection if you don't want all disk changes discarded with each boot.

Getting this all going took me 2 scripts, since I wanted to do some tidying up with the second script. Remember to watch out for line-wrap. As always, your mileage may vary, run these scripts at your own risk and always test on non-production systems and have good backups! That said, I cannot spend a significant amount of time supporting these scripts, here they are:

Script 1; GO.CMD:

@ECHO OFF
ECHO Installing SteadyState Components...
MSIEXEC /I SteadyState.msi /qb TRANSFORMS=SteadyState-attempt4.mst /log %TEMP%\SteadyState.Log

:WDP
ECHO About to enable disk protection...
ECHO.
ECHO Please close all running applications and save all settings.
ECHO When the computer reboots after this, all changes made to the
ECHO hard drive will be discarded when the computer is shutdown or
ECHO restarted.
ECHO.
ECHO THIS IS YOUR FINAL WARNING! Press CTRL-C and choose Y to cancel or
PAUSE
NET USER WDPINSTALLER WDP@ss0123 /ADD
NET LOCALGROUP ADMINISTRATORS WDPINSTALLER /ADD
@START cmd /c wdpenable.bat
Script 2; WDPEnable.BAT:

@ECHO OFF
REM Cleanup the SteadyState installer and any files that
REM contain sensitive account information (like passwords).
DEL /Q *.CMD
DEL /Q *.MSI
DEL /Q *.MST
@cpau -u WDPINSTALLER -p WDP@ss0123 -ex "C:\Program Files\Windows SteadyState\SCTUI.exe /EnableWDPAndReboot"
REM Once the process has been launched we can safely
REM delete the installer user account
@NET USER WDPINSTALLER /DEL
DEL /Q CPAU.EXE
If you want to know more about the transform file I used, send me an email message.

Update (3/18/2009):
Some people have asked me what I used to create the transform (MST) file.  The tool I used is called ORCA, which is included in the Windows SDK Components for Windows Installer Developers, part of the Microsoft® Windows® Software Development Kit. If you’re just looking for the Windows Installer tools (which includes ORCA) and not the full SDK (which can be huge), Microsoft has also released the Windows Installer 4.5 Software Development Kit which is only 7MB.
Update (2/26/2011):

Instead of using ORCA I now prefer InstEd for MSI editing and transform file creation. I have found it to be more stable and far more powerful than ORCA.

   / / / / /

   9 Comments

at October 01, 2008 9 comments

Monday, September 29, 2008

Command Line Printer Management

   September 29, 2008      

Some really cool stuff to manage printers via batch file.

How to add printers with no user interaction in Windows

Usage: rundll32 printui.dll,PrintUIEntry [options] [@commandfile]
/a[file] binary file name
/b[name] base printer name
/c[name] unc machine name if the action is on a remote machine
/dl delete local printer
/dn delete network printer connection
/dd delete printer driver
/e display printing preferences
/f[file] either inf file or output file
/ga add per machine printer connections (the connection will be propagated to the user upon logon)
/ge enum per machine printer connections
/gd delete per machine printer connections (the connection will be deleted upon user logon)
/h[arch] driver architecture one of the following, x86 | Itanium | x64
/ia install printer driver using inf file
/id install printer driver using add printer driver wizard
/if install printer using inf file
/ii install printer using add printer wizard with an inf file
/il install printer using add printer wizard
/in add network printer connection
/j[provider] print provider name
/k print test page to specified printer, cannot be combined with command when installing a printer
/l[path] printer driver source path
/m[model] printer driver model name
/n[name] printer name
/o display printer queue view
/p display printer properties
/q quiet mode, do not display error messages
/r[port] port name
/s display server properties
/Ss Store printer settings into a file
/Sr Restore printer settings from a file
Store or restore printer settings option flags that must be placed at the end of command:
2 PRINTER_INFO_2
7 PRINTER_INFO_7
c Color Profile
d PrinterData
s Security descriptor
g Global DevMode
m Minimal settings
u User DevMode
r Resolve name conflicts
f Force name
p Resolve port
i Driver name conflict
/u use the existing printer driver if it's already installed
/t[#] zero based index page to start on
/v[version] driver version one of the following, Windows 95, Windows 98, and Windows Millennium Edition | Windows NT 4.0 | Windows 2000, Windows XP and Windows Server 2003 | Windows XP and Windows Server 2003
/w prompt the user for a driver if specified driver is not found in the inf
/y set printer as the default
/Xg get printer settings
/Xs set printer settings
/z do not auto share this printer
/Y do not auto generate a printer name
/K changes the meaning of /v and /h to accept 0,2,3, respectively for Windows x64 and Windows IA64 | Windows NT x86 | Windows 4.0
/Z share this printer, can only be used with the /if option
/? help this message
@[file] command line argument file
/Mw[message] show a warning message before committing the command
/Mq[message] show a confirmation message before committing the command
/W[flags] specifies flags and switches for the wizards (for APW & APDW)
r make the wizards to be restart-able from the last page
/G[flags] specifies global flags and switches
w suppress setup driver warnings UI (super quiet mode)

Examples:
Run server properties:
rundll32 printui.dll,PrintUIEntry /s /t1 /n\machine
Run printer properties:
rundll32 printui.dll,PrintUIEntry /p /n\machineprinter
Run add printer wizard localy:
rundll32 printui.dll,PrintUIEntry /il
Run add printer wizard on \machine:
rundll32 printui.dll,PrintUIEntry /il /c\machine
Run queue view:
rundll32 printui.dll,PrintUIEntry /o /n\machineprinter
Run inf install:
rundll32 printui.dll,PrintUIEntry /if /b "Test Printer" /f %windir%infntprint.inf /r "lpt1:" /m "AGFA-AccuSet v52.3"
Run add printer wizard using inf:
rundll32 printui.dll,PrintUIEntry /ii /f %windir%infntprint.inf
Add per machine printer connection (the connection will be propagated to the user upon logon):
rundll32 printui.dll,PrintUIEntry /ga /c\machine /n\machineprinter /j"LanMan Print Services"
Delete per machine printer connection (the connection will be deleted upon user logon):
rundll32 printui.dll,PrintUIEntry /gd /c\machine /n\machineprinter
Enumerate per machine printer connections:
rundll32 printui.dll,PrintUIEntry /ge /c\machine
Add printer driver using inf:
rundll32 printui.dll,PrintUIEntry /ia /c\machine /m "AGFA-AccuSet v52.3" /h "x86" /v "Windows 2000, Windows XP and Windows Server 2003" /f %windir%infntprint.inf
Add printer driver using inf:
rundll32 printui.dll,PrintUIEntry /ia /K /c\machine /m "AGFA-AccuSet v52.3" /h "Windows NT x86" /v 3
Remove printer driver:
rundll32 printui.dll,PrintUIEntry /dd /c\machine /m "AGFA-AccuSet v52.3" /h "x86" /v "Windows 2000, Windows XP and Windows Server 2003"
Remove printer driver:
rundll32 printui.dll,PrintUIEntry /dd /K /c\machine /m "AGFA-AccuSet v52.3" /h "Windows NT x86" /v 3
Set printer as default:
rundll32 printui.dll,PrintUIEntry /y /n "printer"
Set printer comment:
rundll32 printui.dll,PrintUIEntry /Xs /n "printer" comment "My Cool Printer"
Get printer settings:
rundll32 printui.dll,PrintUIEntry /Xg /n "printer"
Get printer settings saving results in a file:
rundll32 printui.dll,PrintUIEntry /f "results.txt" /Xg /n "printer"
Set printer settings command usage:
rundll32 printui.dll,PrintUIEntry /Xs /n "printer" ?
Store all printer settings into a file:
rundll32 printui.dll,PrintUIEntry /Ss /n "printer" /a "file.dat"
Restore all printer settings from a file:
rundll32 printui.dll,PrintUIEntry /Sr /n "printer" /a "file.dat"
Store printer information on level 2 into a file :
rundll32 printui.dll,PrintUIEntry /Ss /n "printer" /a "file.dat" 2
Restore from a file printer security descriptor:
rundll32 printui.dll,PrintUIEntry /Sr /n "printer" /a "file.dat" s
Restore from a file printer global devmode and printer data:
rundll32 printui.dll,PrintUIEntry /Sr /n "printer" /a "file.dat" g d
Restore from a file minimum settings and resolve port name:
rundll32 printui.dll,PrintUIEntry /Sr /n "printer" /a "file.dat" m p

   No Comments

at September 29, 2008 0 comments

Wednesday, September 10, 2008

Yahoo Finance Widget Test

   September 10, 2008      




Yes, not exactly work, but it's my blog.

   No Comments

at September 10, 2008 0 comments

Sunday, June 8, 2008

WWDC 2008

   June 08, 2008      

Yes, I'll be there! I've already arrived in San Francisco and I'm about to go down to Moscone West for check-in at the registration kiosks.

Stay up to date with whatever I post:

Photos here:
http://flickr.com/photos/epitti

Live updates during the keynote via Twitter (as long as it doesn't crash, haha)
http://twitter.com/chakote

I'll probably post here around lunchtime each day. That'll give me some time to compose my posts. And yes, I will respect the NDA.

(2008-08-13) Edit: Yeah, that didn't work out at all. No posts since.

   /

   No Comments

at June 08, 2008 0 comments

Tuesday, May 27, 2008

Subscribe to: Posts ( Atom )