Sunday, April 26, 2009

Terminal Server / Citrix Printing Errors

Terminal Servers and Citrix can be very picky when it comes to printers. BSOD, print spooler crash, auto-created printers fail, etc. The list of side effects of a bad print driver can be overwhelming.

Something that should be noted right away. These issues are not necessarily due to bad programing from Citrix or TS. These problems are the direct result of sloppy drivers written by the manufacturers (HP, Sharp, etc). To fully fix the issue the printer manufacturers need to step up and write true multisession drivers. That said...

The normal issue that is experienced with Citrix/Terminal Services and print drivers is that a driver is not true multisession aware or an application it calls upon isn't multisession aware. This can cause a number of issues the most common I’ve seen to be that the print spooler stops responding and crashes. Simply restarting the print spooler and citrix print management service fixes this until the next error. The errors can start by users logging in, printing, etc.

How to fix….
create a batch file to automatically restart the services for you when it crashes
This will give you some breathing room to actually work on the issue rather than just putting out fires.

net stop "Citrix Print Manager Service"
net stop "Print Spooler"
net start "Print Spooler"
net start "Citrix Print Manager Service"
SET logfile=C:\AdminTools\SpoolerCrashLogs.log
ECHO Print spooler crashed on %date% at %time% on %computername% >> %Logfile%

This will stop each service and then restart in the correct order. It then looks for the logfile and will log that it did this. This gives you a visual representation so that they can actually see how bad the problem is (longer the file, worse the problem).
Go into Services and set the print spooler service Recovery tab so that first, second, subsequent failures to run a program. Set the path of the program to run to the location of the batch file created.
To test you can open the task manager and end task on the spoolsv.exe then check the logfile. It should have logged it if it’s working and the print spooler and citrix print manager service should have restarted.

Next we need to find the drivers that are causing the problem.
If it produces a failure then you have your bad driver. Certain errors can be ignored (see bottom of above link page for details on running and errors).

Run it for each driver with different criteria (ie test it creating 1 printer, then 5, then 10) I tested up to 40 printer creation. If it could pass that then it’s good. Note this tool can also be used to find which types of drivers perform best (PCL5 vs PCL6 vs PS). Also test multiple drivers simultaneously (HP 4050 and 4350 at same time).
Make list of all drivers that don’t pass.

Create new list of printers and map to only drivers that passed the test (for instance if a 4100 series driver passed but a 4200 series didn’t then map the 4200 printer to the 4100 driver).
  • Use the MS spooler cleaner utility (ensure all users are logged off the Citrix server). http://www.microsoft.com/downloads/details.aspx?familyid=9d467a69-57ff-4ae7-96ee-b18c4790cffd&displaylang=en (it’s the cleanspl.exe tool).
  • If using a network print server… you have to start there which likely isn’t a small job. In my environment I rebuilt printing from the ground up. (long term has saved me countless hours though). NOTE if you run this tool you can’t undo! Make sure you are ready to rebuild the servers print drivers/printers list including all ports, etc. Make very sure you have a list of all printer share names and driver mappings etc.
  • When you run it, it asks you if you want to remove some things that are actually delivered (and installed by default) with Windows. In most cases, you should answer No to the corresponding prompts (you don't want to remove the Standard TCP/IP Port or the BJ Language Monitor). http://members.shaw.ca/bsanders/CleanPrinterDrivers.htm
  • After cleaning print server and Citrix servers spoolers reinstall only the good drivers and map printers to correct drivers.
  • Test all drivers prior to installing / purchasing new printers. Make a list of good drivers and only allow them, make no exceptions.
  • Don’t trust manufacturer’s “supported” lists. I know for a fact that the HP list and Sharp list both contain drivers that they state they “tested” and support in Citrix and I have verified that they cause various issues in Citrix from spooler crash to high RAM usage or CPU usage.
  • Use as few drivers as possible.
  • Use only Windows Native drivers if possible. (drivers from the windows installation disk)
  • Ensure that all print processors are “winprint”. Disabling Advanced properties also helps with speed.
  • Absolute must!!! Create policy in Citrix and AD Group Policy
    Citrix Printing – Drivers – Native printer driver auto-install
    i. Enabled
    ii. Do not automatically install drivers
    Citrix Printing – Drivers – Universal driver
    i. Enabled
    ii. Use universal driver only if requsted driver is unavailable
    Active Directory Group Policy create template
    i. Create and attach custom adm to group policy and enable it. This prevents mapping of print drivers though RDP sessions (ie Administrator logons to Citrix/TS servers via RDP). Enable it with Loopback policy so that it only applys to your Terminal Servers (or other servers if wanted as well).
CLASS MACHINE
CATEGORY "Custom RDP Printer Redirection"
POLICY "RDP Printer Redirection"
EXPLAIN "When enabled this policy stops mapping of printers from client workstation through RDP sessions - This does not effect ICA connections - The Default GP rule effects both ICA and RDP - Purpose is to prevent Admin RDP sessions from installing drivers. Set to Enabled to Disable Mapping"
KEYNAME "System\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp"
VALUENAME "fDisableCpm"
VALUEON NUMERIC 1
VALUEOFF NUMERIC 0
END
POLICY
END CATEGORY

Some other good reading… http://forums.citrix.com/thread.jspa?forumID=86&threadID=67060&messageID=581242

The absolute best solution though… Throw away all printers.



Note: see my post HP Print Monitor Errors / RAM and CPU Utilization regarding how to "fix" some HP drivers so that they work in TS / Citrix environments with less problems.

Thursday, April 23, 2009

HP Print Monitor Errors / RAM CPU Utilization

HP print drivers sometimes contain worthless "monitors" which are installed by default (and can't be opted out of). Following are directions on what some of these monitors are and how to manually remove them prior to installation.

These monitors can cause RAM and CPU usage issues. hpbpro.exe, hpboid.exe are the main problematic executables that are executed with each print job / user logon.

Clean spooler using cleanspl.exe from MS
Download latest driver. I tried this on the 4x50 and 4100 drivers
Extract the driver to a temp directory
Edit the .inf file and remove all references to the exe’s, msi’s, and dll’s in question (most have at least 2 references to the file)
4x50 I removed hpzdbi.dll, hpzDBI32.msi, hpcdmc32.dll
4100 I removed hpboid.exe, hpbpro.exe, hpbmini.dll, hpcdmc.dll

Install using the edited .inf file. This prevents the bad files from being copied into the spooler directory or even being placed in the registry from installation.

http://forums11.itrc.hp.com/service/forums/questionanswer.do?admit=109447626+1236378342862+28353475&threadId=370850.

Here’s another method that I have not tested due to my success of just removing the file references from the inf.

http://vittoriop77.blogspot.com/2007/10/hpboidexe-remove-it-permanently_22.html
I found 2 DCOM component with the same name of the services HP Port Resolver HP Status Server From the properties of both component, I modified Launch Permission and Configuration Permission removing all accounts (MMC will crash because you will not have permissions). You must then disable both Windows Services and restart server.

Monday, April 20, 2009

Group Policy Folder Redirection

Group Policy has folder redirection built into it, but imo it's not sufficient for all the redirect needs that can be found in a Terminal Server environment. To compensate I wrote my own template with folder redirection.

In this template I included some folders that shouldn't be redirected (Local Settings). I did this because in some environments I had found that the settings for these locations had already been redirected, usually by a login script.

Obviously the pathing needs changed to reflect the environment. Other settings such as My Documents, etc which are provided by MS should be used as they have additional functionality such as copying from the current location on redirection.

Don't forget to use this with Loopback Policy so that it only applys to your Terminal Servers. Otherwise you will have a mess with your laptops / desktops.
CLASS USER

CATEGORY "Custom Folder Redirection"
KEYNAME
"Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders"

POLICY "Application Data"
EXPLAIN "When enabled this policy
redirects the 'Application Data' folder to the path specified. You can use
either a UNC or drive path."
PART "Path to where you want the Application
Data Folder redirected." EDITTEXT EXPANDABLETEXT REQUIRED
DEFAULT
"U:\TSProfile\Application Data"
VALUENAME "AppData"
END PART
END
POLICY

POLICY "Cache"
EXPLAIN "When enabled this policy redirects
the 'Temporary Internet Files' folder to the path specified. You can use either
a UNC or drive path."
PART "Path to where you want the Temp Int Files Folder
redirected." EDITTEXT EXPANDABLETEXT REQUIRED
DEFAULT "%Userprofile%\Local
Settings\Temporary Internet Files"
VALUENAME "Cache"
END PART
END
POLICY

POLICY "Favorites"
EXPLAIN "When enabled this policy
redirects the 'Favorites' folder to the path specified. You can use either a UNC
or drive path."
PART "Path to where you want the Favorites Folder
redirected." EDITTEXT EXPANDABLETEXT REQUIRED
DEFAULT
"U:\TSProfile\Favorites"
VALUENAME "Favorites"
END PART
END POLICY

POLICY "History"
EXPLAIN "When enabled this policy redirects the
'History' folder to the path specified. You can use either a UNC or drive path."
PART "Path to where you want the History Folder redirected." EDITTEXT
EXPANDABLETEXT REQUIRED
DEFAULT "%Userprofile%\History"
VALUENAME
"History"
END PART
END POLICY

POLICY "Local AppData"
EXPLAIN
"When enabled this policy redirects the 'Local AppData' folder to the path
specified. You can use either a UNC or drive path."
PART "Path to where you
want the Local AppData Folder redirected." EDITTEXT EXPANDABLETEXT REQUIRED
DEFAULT "%Userprofile%\Local Settings\Application Data"
VALUENAME "Local
AppData"
END PART
END POLICY

POLICY "Local Settings"
EXPLAIN
"When enabled this policy redirects the 'Local Settings' folder to the path
specified. You can use either a UNC or drive path."
PART "Path to where you
want the Local Settings Folder redirected." EDITTEXT EXPANDABLETEXT REQUIRED
DEFAULT "%Userprofile%\Local Settings"
VALUENAME "Local Settings"
END PART
END POLICY

POLICY "NetHood"
EXPLAIN "When enabled
this policy redirects the 'NetHood' folder to the path specified. You can use
either a UNC or drive path."
PART "Path to where you want the NetHood Folder
redirected." EDITTEXT EXPANDABLETEXT REQUIRED
DEFAULT "U:\TSProfile\NetHood"
VALUENAME "NetHood"
END PART
END POLICY

POLICY "PrintHood"
EXPLAIN "When enabled this policy redirects the 'PrintHood' folder to the
path specified. You can use either a UNC or drive path."
PART "Path to where
you want the PrintHood Folder redirected." EDITTEXT EXPANDABLETEXT REQUIRED
DEFAULT "U:\TSProfile\PrintHood"
VALUENAME "PrintHood"
END PART
END POLICY

POLICY "Programs"
EXPLAIN "When enabled this policy
redirects the 'Start Menu Programs' folder to the path specified. You can use
either a UNC or drive path."
PART "Path to where you want the Start Menu
Programs Folder redirected." EDITTEXT EXPANDABLETEXT REQUIRED
DEFAULT
"U:\TSProfile\Start Menu\Programs"
VALUENAME "Programs"
END PART
END
POLICY

POLICY "Recent"
EXPLAIN "When enabled this policy redirects
the 'Recent' folder to the path specified. You can use either a UNC or drive
path."
PART "Path to where you want the Recent Folder redirected." EDITTEXT
EXPANDABLETEXT REQUIRED
DEFAULT "U:\TSProfile\Recent"
VALUENAME "Recent"
END PART
END POLICY

POLICY "SendTo"
EXPLAIN "When enabled
this policy redirects the 'SendTo' folder to the path specified. You can use
either a UNC or drive path."
PART "Path to where you want the SendTo Folder
redirected." EDITTEXT EXPANDABLETEXT REQUIRED
DEFAULT "U:\TSProfile\SendTo"
VALUENAME "SendTo"
END PART
END POLICY

POLICY "Startup"
EXPLAIN "When enabled this policy redirects the 'Startup' folder to the path
specified. You can use either a UNC or drive path."
PART "Path to where you
want the Startup Folder redirected." EDITTEXT EXPANDABLETEXT REQUIRED
DEFAULT "U:\TSProfile\Start Menu\Programs\Startup"
VALUENAME "Startup"
END PART
END POLICY

POLICY "Templates"
EXPLAIN "When enabled
this policy redirects the 'Templates' folder to the path specified. You can use
either a UNC or drive path."
PART "Path to where you want the Templates
Folder redirected." EDITTEXT EXPANDABLETEXT REQUIRED
DEFAULT
"U:\TSProfile\Templates"
VALUENAME "Templates"
END PART
END POLICY

END CATEGORY

Friday, April 17, 2009

Group Policy Issues

Recently I started experiencing GP issues on select machines, usually new ones. We where seeing the norm errors with GP problems:

Event Source: Userenv
ID: 1053
Description:Windows cannot determine the user or computer name. (The RPC server is unavailable. ). Group Policy processing aborted.

Source: Userenv
Event Source: AutoEnrollment
ID: 15
Description:Automatic certificate enrollment for local system failed to contact the active directory (0x8007003a). The specified server cannot perform the requested operation. Enrollment will not be performed.

ID: 1054
Description:Windows cannot obtain the domain controller name for your computer network. (A socket operation was attempted to an unreachable host. ). Group Policy processing aborted.

Okay, login, gpudate /force all good, DNS resolves, Network connected, GP IS applied.

Event Source: NETLOGON
ID: 5719
Description:No Domain Controller is available for domain ***** due to the following: The RPC server is unavailable. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

Strange, I can ping the computer immediately after bootup, in fact before the user can even login. So of course I update the computer NIC driver (HP dc5800) with the latest and greatest after finding several posts regarding Intel and Broadcom NIC's. Problem solved right.

Next day, same issue. (note, user doesn't actually see ANY issues, I just see it in the event log and it bugs the hell out of me and it's on multiple computers all with Intel / Broadcom newer NIC's). Sure I found all the posts stating that you can update the driver (which I did) set the link speed to 100 (but I installed gigabit switches so we could use gigabit not fast ethernet), check w32Time (which was correct), network issues (which I didn't "think" I had), DNS issues, check firewall, rejoin the domain, etc

So I happen across this handy MS article. http://support.microsoft.com/kb/840669
Sounds just like it. Gigabit network, Gigabit NIC, still get net shares, etc.

This problem is more likely to occur on fast networks that use 1-gigabit network
adaptors or in teaming environments where the network takes several additional
cycles to negotiate link speed
No good, applied the setting and same errors. Grrrr.

So next day I check some of it's settings, here's how I have now resolved this error on multiple machines by:
1. Turn off Hibernation
2. Check NIC Power Settings and remove anything mentioning reduce power, standby, hibernation, etc.

No more errors =)

Tuesday, April 14, 2009

Prompt for Remote File Copy

Recently we needed to push some files to over 80 remote laptops. Being that they where laptops of course not all of them are on the network at one time (strange...). That being a file with the list of laptops wasn't really an option since the users would be brining in their laptops at unknown times. Being slightly lazy I didn't feel like manually copy the folders each time and came up with this script to help simplify the process so that with just a couple of keystrokes per laptop the files would be copied.

Note: depending on the folder size being copied it may take some time for the Copy Completed box to popup and will appear to be doing nothing while copying.

Dim FSO
Dim fREM, fLOC, cREM

Set FSO =
Wscript.CreateObject("Scripting.FileSystemObject")

cREM = InputBox("Enter the machine name", "Remote Name", "Laptop")

If cREM = False Then
msgbox "You pressed cancel"
Else
fLOC = "C:\Folder\Location"
fREM = "\\" & cREM & "\C$\Location"
msgbox "Copying to " & fREM
FSO.CopyFolder fLOC , fREM, True
msgbox "Copy completed"
End If




This can then be done without any user prompting to call a .bat file (or any other executable type file)

Dim FSO
Dim fREM, fLOC, cREM

Set FSO = Wscript.CreateObject("Scripting.FileSystemObject")
Set oShell = CreateObject("WScript.Shell")
comp=oShell.ExpandEnvironmentStrings("%ComputerName%")

fLOC = "C:\Folder\Location"
fREM = "\\" & comp & "\C$\Location"
msgbox "Copying to " & comp
FSO.CopyFolder fLOC , fREM, True

oShell.Run ("C:\LocationofBatchFile.bat")

Sunday, April 12, 2009

SQL 2005 Install Error with DotNet 3.5 SP1

During an upgrade for a compliance application from SQL2000 to SQL2005 I encountered the following error on the Upgrade Logon Information (Windows Authentication Mode):

UpgradeAdvisor returned -1 .
Error Message:

That's nice, lovely error message, helps a lot.

Luckily I stumbled on this: http://www.eggheadcafe.com/conversation.aspx?messageid=33379238&threadid=33379217

DotNet 3.5 SP1 installed, yep.
Create the folder BPAClient under C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\BPA and copied the dll BPAClient.dll from the bin folder and click next...
Bingo

Friday, April 10, 2009

Check Windows Activation

Sometimes I've found it useful to check windows activation, especially after deploying machines from a sysprep image.

Open run and type:

%SYSTEMROOT%\system32\oobe\msoobe.exe /A

This will inform you of the activation status of the system.

Thursday, April 9, 2009

Remote Services / Permissions (SC and Subinacl)

So with our new solution for pushing updates to a new software package I discovered that I needed to disable, stop, and change permissions on remote computers (and local for devices in my office).

Here's a handy tool that I've used for viewing remote processes:
sc [machine name] query [service name]

To stop the remote service:
sc [machine name] stop [service name] (use start to "start")

To change service to manual startup:
sc [machine name] config [service name] start= demand (for disabled replace with "disabled")

Of course ommiting the [machine name] makes the command apply to the local machine

Then comes the fact that I needed to change permissions so that the users could start / stop the service as needed without making them administrators. For this I used a tool called Subinacl which can be downloaded from MS. First off note that you do have to move this to the machine in question. This actually took me longer to realize than changing the permissions since by default I install the Admin tools on my machine when built. Having not realized that the tool comes with this installation and not by default (duh) I puttered with why the command wasn't working on the remote machine for a good 30 minutes. So, make sure you pull the tool to the remote machine if it doesn't already have it.

Change permissions:
SUBINACL /SERVICE file://machinename/ServiceName /GRANT=[DomainName\]UserName[=Access]
for local station with local account (or group)
SUBINACL /SERVICE ServiceName /GRANT=users=TO

T = Start Service
O = Stop Service
R = Generic Read (may be needed depending on situation)

Note: you can also do it through Group Policy and Security Templates. I recommend checking those methods as well to see what will work best for your scenario.

Wednesday, April 8, 2009

Tasklist / Kill Remote Process (tasklist / taskkill)

You can use Tasklist to find tasks on remote computers:
/s system Specifies the remote system to connect to.
/fi filter Displays a set of tasks that match a given criteria specified by the filter.
example: tasklist /s compname

You can then use taskkill to kill processes:
/s = remote system
/f = force kill
/im = process
example: taskkill /s compname /f /im spoolsv.exe

Tuesday, April 7, 2009

Remotely Enable Remote Desktop

As long as remote registry is on Remote Desktop can be enabled remotely. (There are other ways that are less direct)

HKEY_LOCAL_Machine_\SYSTEM\CurrentControlSet\Control\Terminal Server]
"fDenyTSConnections"="0"

Change the data from 1 (Remote Desktop Disabled) to 0 (Remote Desktop Enabled)

Restart required.

Monday, April 6, 2009

Disable Windows Tour

I've always disliked getting the Windows Tour popup on new logins. No more, simply add the following to disable it for all users on the machine.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\Tour]
REG_DWORD
RunCount
0 = disabled

Can also easily be blasted out with Group Policy (also works using the user class, for some reason I prefer the machine level)

CLASS MACHINE
CATEGORY Custom
POLICY "Disable Windows Tour"
EXPLAIN "Disables the Windows Tour for all users"
KEYNAME "Software\Microsoft\Windows\CurrentVersion\Applets \Tour"
VALUENAME "RunCount"
VALUEON NUMERIC 1
VALUEOFF NUMERIC 0
END POLICY
END CATEGORY

Sunday, April 5, 2009

Disk Volume Extend (DiskPart)

useful for extending volumes

Diskpart
list volume
select volume vol# (from list)
Extend size=n noerr (where n = the space in MB to extend)

Saturday, April 4, 2009

Internet Explorer Favorites - Menu Order

It's always iritated me when I went to a new workstation and copied my favorites over that the order wasn't saved, even more it iritated me that IE doesn't have some way of saving this for us.

So... Save your favorites including the order that they appear in Internet Explorer (v7) with ease.

Create a new .vbs file and place the following in it.


'Set Favorites Backup Folder
strFolder = "C:\FavoritesBackup"
set
objFSO = createobject("Scripting.FileSystemObject")
if
objFSO.FolderExists(strFolder) = False then
objFSO.CreateFolder strFolder
wscript.echo "Folder Created"
end if

'Set Userprofile location
Set oShell = CreateObject("Wscript.Shell")
strUserProfile = oShell.ExpandEnvironmentStrings("%USERPROFILE%")

'Copy favorites from profile
Const OverWriteFiles = True
Set objFSO = CreateObject("Scripting.FileSystemObject")
objFSO.CopyFolder strUserProfile & "\Favorites" ,
"C:\favoritesbackup\Favorites" , OverWriteFiles

'Export Registry Key
strCommand = "regedit /e c:\favoritesbackup\FavoritesMenuOrder.reg
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites"
set objWshShell = WScript.CreateObject("WScript.Shell")
intRC = objWshShell.Run(strCommand, 0, TRUE)
if intRC <> 0 then
WScript.Echo "Error returned from exporting
registry: " & intRC
else
WScript.Echo "No errors returned from exporting
the registry file"
end if


Save and double click the vbscript you just created.

The registry key can also be obtained for non-logged in users by connecting to the users hive and exporting the key, just remember that it will export with the connection name so that will have to be updated for import.

Import reg key on the new computer after copying favorites icons to the new computer profile.

Friday, April 3, 2009

Disk Is Write Protected

Plugged in my USB device to copy some drivers to a new computer, dropped in the files and "The Disk is Write Protected. Remove the write protection". Hmm, quick google seach and see lots of posts stating that the write protect on the USB slide over, just slide it back and tape it.
Okay
Pull out USB, no write protect tab on this thing. Try a different card, same error. wth. Eject and stick in a different PC. Works, okay, what's going on.

So I did a little research. From what I can tell their are several ways to apply write protect.
1. IF your card has the switch you can just flip the switch, but not all cards have the switch
2. Windows has a settings to write protect Mass Storage Devices

HKEY_LOCAL_MACHINE\SYSTEM\CurrrentControlSet\Control\StroageDevicePolicies
REG_DWORD WriteProtect
0 = Write Protect Off
1 = Write Protect On

Tested both USB cards and no more write protection. One of my configuration software platforms that was setup to lockdown Mass Storage Devices automatically for all workstations except administrators had snagged my desktop during it's setup just a few days earlier and set the key to 1.

New Profile Icons - Active Setup

Removing the contents of these keys removes the named icon when new user profiles are created on the machine in question: (delete the contents of the stubpath key)

HKLM/Software/Microsoft/active setup/installed components

"%ActiveSetup%\{5945c046-1e7d-11d1-bc44-00c04fd912be}","Stubpath" ;Windows Messenger

"%ActiveSetup%\{89820200-ECBD-11cf-8B85-00AA005B4383}","Stubpath" ;Internet Explorer 6

"%ActiveSetup%\{6BF52A52-394A-11d3-B153-00C04F79FAA6}","Stubpath" ;Windows Media Player

"%ActiveSetup%\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}","Stubpath" ;Outlook Express

"%ActiveSetup%\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}","Stubpath" ;Outlook Express

"%ActiveSetup%\>{26923b43-4d38-484f-9b9e-de460746276c}","Stubpath" ;Internet Explorer

"%ActiveSetup%\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}","Stubpath" ;Windows Media Player

Thursday, April 2, 2009

Default Profile Setup

How to set the default profile the way YOU want it.

Setup the profile exactly the way you want it. Check Power Settings, Quick Launch Bar, Desktopo Icons, etc. I've always done this with a local computer account that has administrator rights (so that you can change power settings etc). Once finished you can remove the admin rights.

Once it's setup the way you want it logoff and back on using a different admin account. Open folder options and on the View tab select to show Hidden files and folders.

Open System properties, Advanced Tab, user profiles Settings button. Select the account you setup and click Copy To. Browse to the default user folder (C:\Documents and Settings\Default User), click Change in the permissions area, change the location to local computer name if needed. Type everyone and check name. Hit okay. In Permitted to Use it should show as "\Everyone". Click okay and then Yes when prompted (backing up the default folder prior to is advised jik).

Turn back off the show hidden files option if wanted.

All new profiles on this machine will now get the settings from the account you copied into the default profile.

Wednesday, April 1, 2009

Power Settings

Power Settings can be found and changed in the registry. These settings are on a per user basis so each user has to be changed or the default can be changed prior to any profile creations.

The key is: [HKEY_USERS\.DEFAULT\Control Panel\PowerCfg]
"CurrentPowerPolicy"="3"

Set the key value to the desired profile (profiles are listed in the same registry directory)

0 - Home/Office desktop
1 - Portable/Laptop computer
2 - Monitor on for presentations
3 - Network computer (no Wake-on-LAN)
4 - Optimized for high performance
5 - Optimized for power saving

Custom settings can be created and imported as well.