You are currently browsing the archives for the Scripting category.
24. November 2009 by Myke.
This post contains information on how to edit and modify your Windows Registry. It is always recommended that you take a backup of the Registry before editing any of the values because any improper editing can cause strange behaviour and at worst could even corrupt your operating system completely, requiring you to re-install Windows.
We encourage you to try out the registry changes, but only if you know what you are doing and if you do it with care.
After building a brand new Windows 7 ENT x64 laptop I ran into some issues. The issues started shortly after finishing some updates. Explorer.exe kept crashing every time I would right-click on an icon or try to use anything that used explorer.exe. After searching the web for hours I found nothing that actually resolved the issue. Pretty much everything out there pointed to doing a full restore or a clean installation. I also found a couple posts that said once they deleted their profile and rebuilt it, everything worked. Each of these is true but why waste the time and effort. I am not sure about you but hearing from a Microsoft employee and having them tell you to do a clean install because it is hardware related or due to 3rd party software is getting real old. Well you are in luck folks, because I have a solution that does not harm the machine and it can be done within 2 minutes.
Here is the error we were getting in our event logs;
The program Explorer.EXE version 6.1.7600.16404 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 810
Start Time: 01ca6d1f1aca747c
Termination Time: 0
Application Path: C:\Windows\Explorer.EXE
Report Id: 3fe9620d-d913-11de-8a55-00242cbe9d84
I ran every application I had that would point me in a direction of figuring out what was causing it and found nothing. I decided to go through the 34 updates I had applied the day before and found an issue finally. One of the updates was forcing the CEIP to execute. *Dear Microsoft, why place something like this in an OS when you know it causes problems?*
The cause of the Windows Explorer crash is related to the SQM Client, which is part of the Customer Experience Improvement Program (CEIP). Under the default setting, where MachineThrottling is enabled in the registry, any calls to WinSqmStartSession in ntdll.dll file will cause Explorer to crash, or Windows Installer installation to fail.
So instead of waiting for a hotfix or an update from Microsoft, just remove and delete the MachineThrottling registry entry from system registry. The MachineThrottling registry entry is located inside the following registry key: HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions
*NOTE* If you do not know what you are doing within the registry, stop and do not proceed. Ask someone for help that knows what they are doing and can recover your registry if a failure occurs.
To make it easy you can just create your own little batch file with the following command;
reg delete HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions /v MachineThrottling /f
At this point you can close the registry and right-click on your file or icon and you should be good to go.
posted by: Myke Reinhold
Posted in Scripting, Registry, Microsoft, Desktops, Laptops | No Comments »
29. March 2009 by Myke.
There is a ton of buzz all over the media world about this worm and what it will do and how to tell if you have. As complex as this worm is, it is also very simple to determine if you have it or not.
Step 1 - If you have Automatic Updates turned on, check to see if it is now turned off. These reason is that this worm actually turns off updates to protect itself.
Step 2 - Manually run Microsoft Updates. If you can run updates manually on your computer then you are okay. This worm will actually prevent you from connecting to the update sites.
Now that we know how to check for it, how do you prevent it. Very simple. Keep your computer updated and make sure your anti-virus software is running and current.
What do you do if you have this worm? You will want to contact your anti-virus software vendor and see if they can help you out. If not and they want to charge you an arm and a leg, give it a go yourself. There is a couple very easy to use and free tools you can use to remove it but it will take some patience.
Now that you have a couple of removal tools, start running them and cleaning. A great tip is to update both pieces of this software and then run them from Safe Mode with your computer not on the network/Internet.
Good luck and happy hunting, so to speak.
Posted in Networking, Internet, Registry, Scripting, Security, Technical Questions, Laptops, Desktops, Microsoft, General Hardware, Servers | No Comments »
10. March 2009 by Myke.
Request from Tech Talk reader: What is the easiest way to export all email addresses out of Active Directory?
Easy, Google the question and there you go. :-) Just kidding. Here is a very basic VBS script you can use. But first a little background…AD Users & Computers UI lets you list the mail column for each object, which displays the default SMTP email address for objects. You can export the list from ADUC as csv/txt. However, any additional email addresses in the proxyAddresses attribute are not exported.
‘==================================================================================================
‘
‘ VBScript Source File
‘
‘ NAME: LISTEMAILADDRESSES.VBS
‘ VERSION: 1.0
‘ AUTHOR: Myke Reinhold
‘ CREATE DATE : 7/18/2003
‘ LAST MODIFIED : 10/31/2005
‘==================================================================================================
‘ COMMENT:
‘
‘==================================================================================================
‘Set up constant for deleting values from multivalued attribute memberOf
Const ADS_PROPERTY_NOT_FOUND = &h8000500D
Const ADS_UF_ACCOUNTDISABLE = 2 ‘For UserAccountControl
Const strX400Search = “X400″
‘______________________________________________________
‘Set RootDSE
Set objRootDSE = GetObject(”LDAP://rootDSE”)
strDomain = objRootDSE.Get(”defaultNamingContext”)
strADPath = “LDAP://” & strDomain
‘wscript.Echo strADPath
Set objDomain = GetObject(strADPath)
‘wscript.echo “objDomain: ” & objDomain.distinguishedName
‘Setup ADODB connection
Set objConnection = CreateObject(”ADODB.Connection”)
objConnection.Open “Provider=ADsDSOObject;”
Set objCommand = CreateObject(”ADODB.Command”)
objCommand.ActiveConnection = objConnection
‘Execute search command to look for Contacts & Groups
objCommand.CommandText = _
“<” & strADPath & “>” & “;(&(|(objectClass=contact)(objectClass=group))(mail=*))” & “;distinguishedName,displayName,mail,proxyAddresses;subtree”
‘Execute search to get Recordset
Set objRecordSet = objCommand.Execute
‘Start procedure
strResult = strResult & VbCrLf & “Domain: ” & strDomain
strResult = strResult & VbCrlf & “#Total Records Found (other accounts): ” & objRecordSet.RecordCount & VbCrlf
AddressCount = 0
While Not objRecordSet.EOF ‘Iterate through the search results
strUserDN = objRecordSet.Fields(”distinguishedName”) ‘Get User’s distinguished name from Recordset into a string
set objUser= GetObject(”LDAP://”& strUserDN & “”) ‘Use string to bind to user object
strResult = strResult & VbCrlf & “cn: ” & objUser.cn
strResult = strResult & VbCrlf & “mail: ” & objUser.mail
arrProxyAddresses = objRecordSet.Fields(”proxyAddresses”)
If IsArray(objRecordSet.Fields(”proxyAddresses”)) Then
strResult = strResult & VbCrLf & “Proxy Addresses”
For Each ProxyAddress in arrProxyAddresses
‘Sub: Check X400
If InStr(ProxyAddress, strX400Search) <> 0 Then
‘Wscript.Echo “#This was an x400″
Else
strResult = strResult & VbCrlf & proxyAddress
End If ‘Ends loop for X400 address
Next
Else
strResult = strResult & VbCrlf & “#Object does not have proxy addresses”
End If
strResult = strResult & VbCrLf
objRecordSet.MoveNext
Wend
‘*************************************
‘Begin second query for users
varDisabledCounter = 0
‘Execute search command to look for user
objCommand.CommandText = _
“<” & strADPath & “>” & “;(&(objectClass=user)(mail=*))” & “;distinguishedName,displayName,mail,proxyAddresses;subtree”
‘Execute search to get Recordset
Set objRecordSet = objCommand.Execute
strResult = strResult & vbCrlf & “#Users”
strResult = strResult & VbCrlf & “#Total Records Found (users): ” & objRecordSet.RecordCount & VbCrlf
While Not objRecordSet.EOF ‘Iterate through the search results
strUserDN = objRecordSet.Fields(”distinguishedName”) ‘Get User’s distinguished name from Recordset into a string
set objUser= GetObject(”LDAP://”& strUserDN & “”) ‘Use string to bind to user object
If objUser.AccountDisabled = TRUE Then ‘If User account disabled, then skip proxy address enum
varDisabledCounter = varDisabledCounter + 1
strResult2 = strResult2 & VbCrLf & varDisabledCounter & ” ” & objUser.displayName & VbCrLf
strResult2 = strResult2 & “cn: ” & objUser.cn
strResult2 = strResult2 & VbCrlf & “mail: ” & objUser.mail
arrProxyAddresses = objRecordSet.Fields(”proxyAddresses”)
If IsArray(objRecordSet.Fields(”proxyAddresses”)) Then
strResult2 = strResult2 & VbCrLf & “Proxy Addresses”
For Each ProxyAddress in arrProxyAddresses
‘Sub: Check X400
If InStr(ProxyAddress, strX400Search) <> 0 Then
‘Wscript.Echo “#This was an x400″
Else
strResult2 = strResult2 & VbCrlf & proxyAddress
AddressCount = AddressCount + 1
End If ‘Ends loop for X400 address
Next
Else
strResult2 = strResult2 & VbCrLf & “#Object does not have proxy addresses”
End If
strResult2 = strResult2 & VbCrLf
Else
strResult = strResult & VbCrlf & “cn: ” & objUser.cn
strResult = strResult & VbCrlf & “mail: ” & objUser.mail
arrProxyAddresses = objRecordSet.Fields(”proxyAddresses”)
If IsArray(objRecordSet.Fields(”proxyAddresses”)) Then
strResult = strResult & VbCrLf & “Proxy Addresses”
For Each ProxyAddress in arrProxyAddresses
‘Sub: Check X400
If InStr(ProxyAddress, strX400Search) <> 0 Then
‘Wscript.Echo “#This was an x400″
Else
strResult = strResult & VbCrlf & proxyAddress
AddressCount = AddressCount + 1
End If ‘Ends loop for X400 address
Next
Else
strResult = strResult & VbCrLf & “#Object does not have proxy addresses”
End If
strResult = strResult & VbCrLf
End If ‘End check for disabled user
objRecordSet.MoveNext
Wend ‘End second query for users
strResult = “Users, Groups & Contacts” & VbCrLf & “————————-” & VbCrLf & strResult
strResult = strResult & VbCrLf & “Disabled Users” & VbCrLf & “————————-” & VbCrLf & strResult2
WScript.Echo strResult
‘Output to a text file
Set objFileSystem = CreateObject(”Scripting.FileSystemObject”)
Set objOutputFile = objFileSystem.CreateTextFile(”C:\proxyaddresses.txt”)
objOutputFile.Write strResult
This script basically does the following:
Possible script error - Error list.vbs: (54, 13) (null): 0×80005000
When you look at line 54 it reads:
strUserDN = objRecordSet.Fields(”distinguishedName”)
You have to enter your “distinguishedName” for the script to work. How how to get it? It’s fairly simple, Let’s assume your domain is called “example.local”, and the container with employees is called “Employees”. The distinguishedName in this case wil be “OU=Employees,DC=EXAMPLE,DC=LOCAL”. If you want to get the name for a subfolder “Employees->Accounting” your name would change to “OU=Accounting,OU=Employees,DC=EXAMPLE,DC=LOCAL”. Moreover, you can uncomment the following lines (by removing ‘) wscript.Echo strADPath wscript.echo “objDomain: ” & objDomain.distinguishedName to display variables you’re looking for.
Posted in Scripting, Active Directory, Microsoft | No Comments »