Category Archives: Guide

Guide to…. quick info that you could use for emailing to people!

Host vs Lmhost

Hosts File
The host file is located in the %SystemRoot%\System32\Drivers\Etc directory as Hosts with no file extension on both Windows NT and Windows 2000 machines. The Hosts file is primarily used to resolve host names (Computer
Names) to an IP address.

LmHosts File
The LmHosts file is located in the %SystemRoot%\System32\Drivers\Etc directory as LmHost.Sam on both Windows NT and Windows 2000 machines as well. The LmHosts files are primarily used to resolve NetBios names to IP
addresses.

Windows | % System path variables %

%AppData%

Contains the full path to the Application Data folder of the logged-in user. Does not work on Windows NT 4.0 SP6 UK.

%ComSpec%

This variable contains the full path to the command processor; on Windows NT based operating systems this is cmd.exe, while on Windows 9x and ME it is the DOS command processor, COMMAND.COM.

%Localappdata%

This variable is the temporary files of Applications. Its uses include storing of Desktop Themes, Windows Error Reporting, Caching and profiles of web browsers.

%Path%

This variable contains a semicolon-delimited (do not put spaces in between) list of directories in which the command interpreter will search for an executable file that matches the given command. Equivalent to the Unix $PATH variable.

%ProgramFiles%

This variable points to Program Files directory, which stores all the installed program of Windows and others. The default on English-language systems is C:\Program Files. In 64-bit editions of Windows (XP, 2003, Vista), there are also %ProgramFiles(x86)% which defaults to C:\Program Files (x86) and %ProgramW6432% which defaults to C:\Program Files.

The %ProgramFiles% itself depends on whether the process requesting the environment variable is itself 32-bit or 64-bit (this is caused by Windows-on-Windows 64-bitredirection).

%CommonProgramFiles%

This variable points to Common Files directory. The default is C:\Program Files\Common Files.

%SystemDrive%

The %SystemDrive% variable is a special system-wide environment variable found on Microsoft Windows NT and its derivatives. Its value is the drive upon which the system folder was placed. Also see next item.

The value of %SystemDrive% is in most cases C:.

%SystemRoot%

The %SystemRoot% variable is a special system-wide environment variable found on Microsoft Windows NT and its derivatives. Its value is the location of the system folder, including the drive and path.

The drive is the same as %SystemDrive% and the default path on a clean installation depends upon the version of the operating system. By default, on a clean installation:

Windows NT 5.1 (Windows XP) and newer versions use \WINDOWS

Windows NT 5.0 (Windows 2000), Windows NT 4.0 and Windows NT 3.1 use \WINNT

Windows NT 3.5x uses \WINNT35

%WinDir%

This variable points to the Windows directory (on Windows NT-based operating systems it is identical to the %SystemRoot% variable, above). If the System is on drive C: then the default values are:

C:\WINDOWS on Windows 95, Windows 98, Windows Me, Windows XP, Windows Server 2003, Windows Vista,Windows Server 2008 and Windows 7

C:\WINNT for Windows NT 4, and Windows 2000

Note that Windows NT 4 Terminal Server Edition by default installs to C:\WTSRV.

%Logonserver%

Awesome little short-cut. Allows us to get to the DC which was used for login. Very handy if trying to change passwords are you can update the DC so there is no waiting for replications.

Arcserve Copy Job

Ensure the following settings are used, this will make sure that the folders being copied are added into the directory selected.

  • \\ServerName\C$\Department-Folder\
  • \\NewServerName\C$\New-Department-Folder\

Ensure the following setting is ticked:

  • Create the entire path from the Root.

Add RDP/TS users for remote Access Local Security Permissions (Non Domain Controller)

Make sure that the Remote Desktop Users group has sufficient permissions to log on through Terminal Services.

  1. Click Start, click Run, type secpol.msc, and then click OK.
  2. Expand Local Policies, and then click User Rights Assignment.
  3. In the right pane, double-click Allow logon through Terminal Services. Make sure that the Remote Desktop Users group is listed.
  4. Click OK.
  5. In the right pane, double-click Deny logon through Terminal Services. Make sure that the Remote Desktop Users group is not listed, and then click OK.
  6. Close the Local Security Settings snap-in.

Make sure the user is added to the Remote Desktop Users group:

  1. Open Computer Management.
  2. In the console tree, click the Local Users and Groups node.
  3. In the details pane, double-click the Groups folder.
  4. Double-click Remote Desktop Users, and then click Add….
  5. On the Select Users dialog box, click Locations… to specify the search location.
  6. Click Object Types… to specify the types of objects you want to search for.
  7. Type the name you want to add in the Enter the object names to select (examples): box.
  8. Click Check Names.
  9. When the name is located, click OK.

Check the users or groups to Terminal Services RDP permissions:

  1. Open Terminal Services Configuration.
  2. In the Connections folder, right-click RDP-TCP.
  3. Click Properties.
  4. On the Permissions tab, click Add, and then add the desired users and =
    groups.

Task Scheduler Disk Defragmenter

  1. Open Control Panel
  2. Double-click Scheduled Tasks
  3. Double-click Add Scheduled Task
  4. On the Scheduled Task Wizard dialog, click Next
  5. Click Browse
  6. In the Select Program to Schedule dialog, navigate to the windows\system32 folder
  7. Select defrag.exe
  8. Click Open
  9. In the Scheduled Task Wizard dialog, type a name for the scheduled task (Disk Defragmenter, for instance)
  10. Under Perform this task, select how often you wish Disk Defragmenter to run
  11. Click Next
  12. Set the time at which you wish the Disk Defragmenter scheduled task
    to run. This should be a time when your computer is on, but not in
    heavy use.
  13. Select the frequency at which you want the Disk Defragmenter
    scheduled task to run (Every Day, Weekdays, or Every days, where
    is the number of days between scheduled runs)
  14. Click Next
  15. Enter a user name under which the Disk Defragmenter scheduled task
    will run. Note: This user must be an administrator on the local
    machine.
  16. Enter the password for the user you entered in the previous step
  17. Confirm the password for the user
  18. Click Next
  19. Check Open advanced properties for this task when I click Finish
  20. Click Finish
  21. In the Run text box, you should see the full path and command for
    defrag.exe. By default, this path is C:\WINDOWS\SYSTEM32\defrag.exe
  22. Append the drive letter for the drive you wish to defragment to the
    command in the Run text box. In a default installation, your Run
    command will look like this:
    C:\WINDOWS\SYSTEM32\defrag.exe C:
  23. Click OK
  24. In the Set Account Information dialog, enter and confirm the
    password for the user listed in Run as
  25. Click OK

Source: http://support.microsoft.com/kb/555098

NTFS Advanced Permissions Guide

Traverse Folder/Execute File

  • Traverse Folder: Allows or denies moving through a restricted folder to reach files and folders beneath the restricted folder in the folder hierarchy. Traverse folder takes effect only when the group or user=
    is not granted the “Bypass traverse checking user” right in the Group Policy snap-in. This permission does not automatically allow running program files.
  • Execute File: Allows or denies running program (executable) files.

List Folder/Read Data

  • List Folder: Allows or denies viewing file names and subfolder names within the folder. List Folder only affects the contents of that folder and does not affect whether the folder you are setting the permission on will be listed.
  • Read Data: Allows or denies viewing data in files.

Read Attributes

  • Allows or denies viewing the attributes of a file or folder, for example, “read-only” and “hidden”.

Read Extended Attributes

  • Allows or denies viewing the extended attributes of a file or folder. Extended attributes are defined by programs and may vary by program.

Create Files/Write Data

  • Create Files: Allows or denies creating files within the folder.
  • Write Data: Allows or denies making changes to a file and overwriting existing content.

Create Folders/Append Data

  • Create Folders: Allows or denies creating subfolders within the folder.
  • Append Data: Allows or denies making changes to the end of the file but not changing, deleting, or overwriting existing data.

Write Attributes

  • Allows or denies changing the attributes of a file or folder, for example, “read-only” or “hidden”.
  • The Write Attributes permission does not imply creating or deleting files or folders, it only includes the permission to make changes to the attributes of an existing file or folder.

Write Extended Attributes

  • Allows or denies changing the extended attributes of a file or folder. Extended attributes are defined by programs and may vary by program.
  • The Write Extended Attributes permission does not imply creating or deleting files or folders, it only includes the permission to make changes to the extended attributes of an existing file or folder.

Delete Subfolders and Files

  • Allows or denies deleting subfolders and files, even if the Delete permission has not been granted on the subfolder or file.

Delete

  • Allows or denies deleting the file or folder. If you don’t have Delete permission on a file or folder, you can still delete it if you have been granted Delete Subfolders and Files on the parent folder.

Read Permissions

  • Allows or denies reading permissions of a file or folder.

Change Permissions

  • Allows or denies changing permissions of the file or folder.

Take Ownership

  • Allows or denies taking ownership of the file or folder. The owner of a file or folder can always change permissions on it, regardless of any existing permissions that protect the file or folder.

Synchronize

  • Allows or denies different threads to wait on the handle for the file or folder and synchronize with another thread that may signal it. This permission applies only to multithreaded, multiprocessing programs.

Source: http://www.ntfs.com/ntfs-permissions-file-advanced.htm

Static Routes (Add/Delete)

To add a static IP route:

  • Start -> Run -> “CMD”:
  • route add 192.168.xxx.xxx MASK 255.255.255.0  192.168.xxx.xxx /p

To remove a static IP route:

  • Start -> Run -> “CMD”:
  • route delete destination (ie: route delete 192.168.xxx.xxx)

where: destination specifies either an IP address or network name for the remote TCP/IP host computer or network.
For example, to delete a static route to the 10.0.0.0 network, you type the following at a command prompt:
route delete 10.0.0.0

To print static routes:

  • Start -> Run -> “CMD”:
  • route print

Windows Vista Icon path

  • Windows Vista has some better more fancy default icons
  • These are not shown as the default ones when “changing folder icons”
  • Change the “look for icons in this file” path to:
  • %SystemRoot%\System32\imageres.dll

“Netlogon” Folder Structure

Not really a Fix, just to maintain my consistancy when setting up servers “Netlogon” dir.

Netlogon

Logon_Software
* ip.bat
* bginfo.exe

Logon_Scripts_*LOCATION*
* Location*_Logon_Script_*DEPT1*.bat
* Location*_Logon_Script_*DEPT2*.bat
* Location*_Logon_Script_*DEPT3*.bat

Logon_Scripts_*LOCATION2*

Logon_Scripts_GLOBAL
* Global_Logon_Script.bat
* Global_Logon_Script.vbs
* Global_Power_Saving_Profile.bat

Logon_Desktop_Backgrounds
* admin_background.vbs
* admin_background.bgi
* staff_background.vbs
* staff_background.bgi

IP Display in Command Prompt (*.BAT)

For users that cant find the IP!! Add this bat file to the system32 folder, this allows users to simple run the file by “start -> run -> ip”

“ip.bat”
@echo off
:: Quick IP – Simply displays local IP address using “run -> ip”
:: Date: Sep 2010
:: Author: de
:: ===========//=============
ipconfig
pause

To automatically add the above file to the system32 during startup create another *.bat file and use this code. Remember for Windows7 they will need admin privileges to access the system32 folder.

“Loginscript.bat”
XCOPY **ServerDomain***NETLOGONLogon_Softwareip.bat %systemroot%system32 /y /i