The registry key for a TCP IP printer port looks like this :
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Monitors\Standard TCP/IP Port\Ports]
"StatusUpdateInterval"=dword:0000000a
"StatusUpdateEnabled"=dword:00000001
;all defaults : RAW, port 9100
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Monitors\Standard TCP/IP Port\Ports\IP_1.92.1.2]
"Protocol"=dword:00000001
"Version"=dword:00000001
"HostName"=""
"IPAddress"="1.92.1.2"
"HWAddress"=""
"PortNumber"=dword:0000238c
"SNMP Community"="public"
"SNMP Enabled"=dword:00000000
"SNMP Index"=dword:00000001
;customized: LPR, LPR Queue Name, port 515
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Monitors\Standard TCP/IP Port\Ports\IP_192.168.1.123]
"Protocol"=dword:00000002
"Version"=dword:00000001
"HostName"=""
"IPAddress"="192.168.1.123"
"HWAddress"=""
"PortNumber"=dword:00000203
"SNMP Community"="public"
"SNMP Enabled"=dword:00000000
"SNMP Index"=dword:00000001
"Queue"="this_is_a_user_defined_lpr_ue"
"Double Spool"=dword:00000000
Wednesday, January 28, 2009
Tuesday, January 27, 2009
Symptoms:
Users who would like to prevent worms which execute without any user interaction using an “AutoRun.inf” file, can disable the Windows AutoRun feature completely with the help of the Windows group policy editor (Gpedit.msc). This would be helpful to stop USB virus spreading.
If you want to disable using GPO for all clients under Active Directory, follow instruction to access that http://iwan-it-admin-tips.blogspot.com/2009/01/domain-group-policies-edit.html
Solution:
Group Policy
>Local Computer Policy
>>Computer Configuration
>>>Administrative Templates
>>>>System
>>>>>Turn off Autoplay - Enabled
Do the same for User Configuration
For AD:
Group Policy Object Editor
>Default Domain Controllers Policy [sever name] Policy
>>Computer Configuration
>>>Administrative Templates
>>>>System
>>>>>Turn off Autoplay - Enabled
Do the same for User Configuration
Users who would like to prevent worms which execute without any user interaction using an “AutoRun.inf” file, can disable the Windows AutoRun feature completely with the help of the Windows group policy editor (Gpedit.msc). This would be helpful to stop USB virus spreading.
If you want to disable using GPO for all clients under Active Directory, follow instruction to access that http://iwan-it-admin-tips.blogspot.com/2009/01/domain-group-policies-edit.html
Solution:
Group Policy
>Local Computer Policy
>>Computer Configuration
>>>Administrative Templates
>>>>System
>>>>>Turn off Autoplay - Enabled
Do the same for User Configuration
For AD:
Group Policy Object Editor
>Default Domain Controllers Policy [sever name] Policy
>>Computer Configuration
>>>Administrative Templates
>>>>System
>>>>>Turn off Autoplay - Enabled
Do the same for User Configuration
How to access Domain Group Policies
Symptoms:
Need to Apply Domain Group Policies for AD Windows server 2003 R2 sp2 ?
Solution:
1. Administrative Tools > Active Directory Users and Computers.
2. In the left console tree, right-click the name of the domain to which the policy is applied, and then click Properties.
3. From Group Policy Tabs, Choose Default Domain Policy continue by click Edit Button
Beside this, you can upgrade to Group Policy Management Console (GPMC) to improve.
Need to Apply Domain Group Policies for AD Windows server 2003 R2 sp2 ?
Solution:
1. Administrative Tools > Active Directory Users and Computers.
2. In the left console tree, right-click the name of the domain to which the policy is applied, and then click Properties.
3. From Group Policy Tabs, Choose Default Domain Policy continue by click Edit Button
Beside this, you can upgrade to Group Policy Management Console (GPMC) to improve.
Friday, January 23, 2009
Remotely Adding Firewall Exception List
Purposes:
You want to add Firewall Exception List under Client PC remotely
Solution:
1. Make sure you can remote registry Client PC
2. Open regedit.exe
3. File > Connect Remote Registry...
4. Browse your Client PC Name
5. Add this entry: (in this sample I add Radmin access)
[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"4899:TCP"="4899:TCP:LocalSubNet:Enabled:Radmin"
6. To Enable Open File and Sharing Access
[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
7. To Enable Disable Firewall, using this Key
[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=dword:00000001
"DisableNotifications"=dword:00000000
"DoNotAllowExceptions"=dword:00000000
You want to add Firewall Exception List under Client PC remotely
Solution:
1. Make sure you can remote registry Client PC
2. Open regedit.exe
3. File > Connect Remote Registry...
4. Browse your Client PC Name
5. Add this entry: (in this sample I add Radmin access)
[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"4899:TCP"="4899:TCP:LocalSubNet:Enabled:Radmin"
6. To Enable Open File and Sharing Access
[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
7. To Enable Disable Firewall, using this Key
[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=dword:00000001
"DisableNotifications"=dword:00000000
"DoNotAllowExceptions"=dword:00000000
Thursday, January 22, 2009
Eseutil Error -528
Problem:
While try to recover priv1.edb and pub1.edb
c:\\Program Files\Exchsrvr\MDBDATA>"c:\\Program Files\Exchsrvr\bin\Eseutil" /r e00
Initiating RECOVERY mode...
Logfile base name: e00
Log files:
System files:
Performing soft recovery...
Operation terminated with error -528 <JET_errMissingLogFile, Current log file missing>after xxx seconds
Cause:
Missing valid Exx.log files
Solution:
1. Look folder c:\\Program Files\Exchsrvr\MDBDATA
2. Copy last E000xxx.log, E00.log and E00.chk to other place
3. Delete E00.log
4. Rename last E000xxx.log to E00.log
5. Execute
c:\\Program Files\Exchsrvr\MDBDATA>"c:\\Program Files\Exchsrvr\bin\Eseutil" /r e00
5. You may need this procedures with following order:
c:\\Program Files\Exchsrvr\MDBDATA>"c:\\Program Files\Exchsrvr\bin\Eseutil" /g
While try to recover priv1.edb and pub1.edb
c:\\Program Files\Exchsrvr\MDBDATA>"c:\\Program Files\Exchsrvr\bin\Eseutil" /r e00
Initiating RECOVERY mode...
Logfile base name: e00
Log files:
System files:
Performing soft recovery...
Operation terminated with error -528 <JET_errMissingLogFile, Current log file missing>
Cause:
Missing valid Exx.log files
Solution:
1. Look folder c:\\Program Files\Exchsrvr\MDBDATA
2. Copy last E000xxx.log, E00.log and E00.chk to other place
3. Delete E00.log
4. Rename last E000xxx.log to E00.log
5. Execute
c:\\Program Files\Exchsrvr\MDBDATA>"c:\\Program Files\Exchsrvr\bin\Eseutil" /r e00
5. You may need this procedures with following order:
c:\\Program Files\Exchsrvr\MDBDATA>"c:\\Program Files\Exchsrvr\bin\Eseutil" /g
c:\\Program Files\Exchsrvr\MDBDATA>"c:\\Program Files\Exchsrvr\bin\Eseutil" /p
c:\\Program Files\Exchsrvr\MDBDATA>"c:\\Program Files\Exchsrvr\bin\Eseutil" /d
Friday, January 16, 2009
Failure to Terminal Services ISA Server
Symptoms:
mstsc.exe (Terminal Services) failure to access ISA Server after some windows updates
mstsc.exe (Terminal Services) failure to access ISA Server after some windows updates
Cause:
ISA server not allowing Remote Access from outside network
Solution:
1. From Administrative Tools > Terminal Services Configurator
2. Choose Connection
3. On Right Side, Right Click on RCP-Tcp then choose properties
4. Under Network Adapter Tab, make sure only your Internal Network is selected inside Network Adapter dropdown
1. From Administrative Tools > Terminal Services Configurator
2. Choose Connection
3. On Right Side, Right Click on RCP-Tcp then choose properties
4. Under Network Adapter Tab, make sure only your Internal Network is selected inside Network Adapter dropdown
Subscribe to:
Posts (Atom)