Modify the highlighted sections with the appropriate changes.
Note that you can use environment variables to ensure that it will work on all systems. eg. If you use %SystemRoot% it will work whether windows is installed in C:\WINNT or D:\Windows.
' This script can be used to edit entries in ini files
'
' Written by Sean Bradley
' Version 1.0
' Last modified 11/09/09
'
Const ForReading = 1
Const ForWriting = 2
Set oShell = CreateObject( "WScript.Shell" )
'Set the target file and backup directory.
'Note that I've used an environment variable here to ensure it works on all systems.
'
targfile=oShell.ExpandEnvironmentStrings("%SystemRoot%") + "\editthisfile.ini"
backdir=oShell.ExpandEnvironmentStrings("%TEMP%") + "\"
Set objFSO = CreateObject("Scripting.FileSystemObject")
'Make sure the file exists to prevent errors.
'
if objFSO.FileExists(targfile) then
'Copy it to the backup directory then open the file.
objFSO.CopyFile targfile, backdir, true
Set objTextFile = objFSO.OpenTextFile(targfile, ForReading)
'Read through each line of the file for the entry you want to set
'
Do Until objTextFile.AtEndOfStream
strNextLine = objTextFile.Readline
intLineFinder = InStr(strNextLine, "IniFileEntrytoEdit")
If intLineFinder <> 0 Then
'Set your new entry here.
'
strNextLine = "IniFileEntrytoEdit=My Entry in the File"
End If
strNewFile = strNewFile & strNextLine & vbCrLf
Loop
objTextFile.Close
'Write the file with the new entry
'
Set objTextFile = objFSO.OpenTextFile(targfile, ForWriting)
objTextFile.WriteLine strNewFile
objTextFile.Close
End If
Thursday, September 10, 2009
Monday, August 17, 2009
Log File Cleanup
I needed a tool to clean up log files that exceed a certain age and I remembered a simple executable that I used to have called deleteifolderthan.exe that did just what was required, but when I went looking for it, I couldn't locate it anywhere.
Giving up on that, I decided to write my own script. I needed something that would delete log files over a month old in subdirectories of a parent directory. This is what I came up with:
Const ParentFolder = "E:\Logs"
Const MaxDays = 31
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFolder = objFSO.GetFolder(ParentFolder)
Set colSubFolders = objFolder.SubFolders
For Each objDir in colSubFolders
Set colFiles = objDir.Files
For Each objFile in colFiles
If DateDiff("d",objFile.DateCreated,now) >= MaxDays Then
objFSO.DeleteFile(objFile.Path)
End If
Next
Next
If you wanted to delete old logs in a single folder, you could simplify this to:
Const WatchFolder = "E:\Logs"
Const MaxDays = 31
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objDir = objFSO.GetFolder(WatchFolder)
Set colFiles = objDir.Files
For Each objFile in colFiles
If DateDiff("d",objFile.DateCreated,now) >= MaxDays Then
objFSO.DeleteFile(objFile.Path)
End If
Next
Cheers,
Sean
Giving up on that, I decided to write my own script. I needed something that would delete log files over a month old in subdirectories of a parent directory. This is what I came up with:
Const ParentFolder = "E:\Logs"
Const MaxDays = 31
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFolder = objFSO.GetFolder(ParentFolder)
Set colSubFolders = objFolder.SubFolders
For Each objDir in colSubFolders
Set colFiles = objDir.Files
For Each objFile in colFiles
If DateDiff("d",objFile.DateCreated,now) >= MaxDays Then
objFSO.DeleteFile(objFile.Path)
End If
Next
Next
If you wanted to delete old logs in a single folder, you could simplify this to:
Const WatchFolder = "E:\Logs"
Const MaxDays = 31
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objDir = objFSO.GetFolder(WatchFolder)
Set colFiles = objDir.Files
For Each objFile in colFiles
If DateDiff("d",objFile.DateCreated,now) >= MaxDays Then
objFSO.DeleteFile(objFile.Path)
End If
Next
Cheers,
Sean
Tuesday, August 11, 2009
JDE IE Recommended Settings
I just got back from the snow! Had an awesome time snowboarding in Thredbo.
I thought I'd quickly post this Group Policy ADM Template that I developed to configure Internet Explorer with some settings recommended by Oracle and JDE for running their OneWorld Web Client.
; This policy template has been written to optimise the IE web client
; with Internet Explorer due to a limitation in this browser and the
; number of connections to the web server as per recommendations from
; Oracle for IE to interact with JDE
;
; The IE changes are used to change the number of connections to the
; server which can help to improve the performance of the web client
; and rendering of the menus.
;
; The CSV MIME Type is used to fix an issue when opening CSV files in
; the web client (please see Oracle documentation for further details).
;
; This is a System Policy template and does not use the preferred
; Group Policy method
;
; Refer to Microsoft TechNet article Q323639 for further information.
; Therefore these registry settings are permanent.
;
; When viewed via a Group Policy Object Editor, you must enable the view for system
; policies, which will appear as red icons as oppose to the standard blue ones.
;
; Windows 2000 Active Directory Group Policies:
; Click on Administrative Templates
; Righ click
; View >
; Select Show Policies Only so that it removes the tick.
;
; Windows 2003 Active Directory Group Policies:
; Click on Administrative Templates
; Righ click
; View >
; Select Filtering...
; Deselect Only show policy settings that can be fully managed
; so that it removes the tick.
; Select OK
;
;
;Developed by: Sean Bradley
;Contact info: Contact via http://draxonic.blogspot.com/
;Date last modified: 07/07/2009
;version: 1.0
;This file is provided AS IS for informational purposes to help assist other
;administrators in maintaining a high degree of client manageability.
;Be sure to fully test this in a lab environment PRIOR to implementation.
;The author makes no guarantee or warranty. IE: Use at your own risk.
CLASS MACHINE
CATEGORY "JDE Web Client Policies"
POLICY "CSV MIME Type"
KEYNAME "Software\Classes\MIME\Database\Content Type\application/csv"
EXPLAIN "Setting this policy fixes an issue when opening CSV files in the JDE web client."
PART "Set CSV MIME Type" CHECKBOX DEFCHECKED
VALUENAME "Extension"
VALUEON ".csv"
VALUEOFF ""
END PART
END POLICY
END CATEGORY
CLASS USER
CATEGORY "JDE Web Client Policies"
POLICY "Increase Max Connections per Server"
KEYNAME "Software\Microsoft\Windows\CurrentVersion\Internet Settings"
EXPLAIN "Setting this policy changes the number of connections to the server which can help to improve the performance of the web client and rendering of the menus in the JDE Web Client. Note that existing Internet Explorer Maintenance Policy Objects can be used to permit HTTP 1.1 over proxy conenctions."
PART "Increase Max Connections values" CHECKBOX DEFCHECKED
VALUENAME "MaxConnectionsPerServer"
VALUEON NUMERIC 10
VALUEOFF NUMERIC 3
ACTIONLISTON
KEYNAME "Software\Microsoft\Windows\CurrentVersion\Internet Settings"
VALUENAME "MaxConnectionsPer1_0Server" VALUE NUMERIC 10
END ACTIONLISTON
ACTIONLISTOFF
KEYNAME "Software\Microsoft\Windows\CurrentVersion\Internet Settings"
VALUENAME "MaxConnectionsPer1_0Server" VALUE NUMERIC 3
END ACTIONLISTOFF
END PART
END POLICY
END CATEGORY
I thought I'd quickly post this Group Policy ADM Template that I developed to configure Internet Explorer with some settings recommended by Oracle and JDE for running their OneWorld Web Client.
; This policy template has been written to optimise the IE web client
; with Internet Explorer due to a limitation in this browser and the
; number of connections to the web server as per recommendations from
; Oracle for IE to interact with JDE
;
; The IE changes are used to change the number of connections to the
; server which can help to improve the performance of the web client
; and rendering of the menus.
;
; The CSV MIME Type is used to fix an issue when opening CSV files in
; the web client (please see Oracle documentation for further details).
;
; This is a System Policy template and does not use the preferred
; Group Policy method
;
; Refer to Microsoft TechNet article Q323639 for further information.
; Therefore these registry settings are permanent.
;
; When viewed via a Group Policy Object Editor, you must enable the view for system
; policies, which will appear as red icons as oppose to the standard blue ones.
;
; Windows 2000 Active Directory Group Policies:
; Click on Administrative Templates
; Righ click
; View >
; Select Show Policies Only so that it removes the tick.
;
; Windows 2003 Active Directory Group Policies:
; Click on Administrative Templates
; Righ click
; View >
; Select Filtering...
; Deselect Only show policy settings that can be fully managed
; so that it removes the tick.
; Select OK
;
;
;Developed by: Sean Bradley
;Contact info: Contact via http://draxonic.blogspot.com/
;Date last modified: 07/07/2009
;version: 1.0
;This file is provided AS IS for informational purposes to help assist other
;administrators in maintaining a high degree of client manageability.
;Be sure to fully test this in a lab environment PRIOR to implementation.
;The author makes no guarantee or warranty. IE: Use at your own risk.
CLASS MACHINE
CATEGORY "JDE Web Client Policies"
POLICY "CSV MIME Type"
KEYNAME "Software\Classes\MIME\Database\Content Type\application/csv"
EXPLAIN "Setting this policy fixes an issue when opening CSV files in the JDE web client."
PART "Set CSV MIME Type" CHECKBOX DEFCHECKED
VALUENAME "Extension"
VALUEON ".csv"
VALUEOFF ""
END PART
END POLICY
END CATEGORY
CLASS USER
CATEGORY "JDE Web Client Policies"
POLICY "Increase Max Connections per Server"
KEYNAME "Software\Microsoft\Windows\CurrentVersion\Internet Settings"
EXPLAIN "Setting this policy changes the number of connections to the server which can help to improve the performance of the web client and rendering of the menus in the JDE Web Client. Note that existing Internet Explorer Maintenance Policy Objects can be used to permit HTTP 1.1 over proxy conenctions."
PART "Increase Max Connections values" CHECKBOX DEFCHECKED
VALUENAME "MaxConnectionsPerServer"
VALUEON NUMERIC 10
VALUEOFF NUMERIC 3
ACTIONLISTON
KEYNAME "Software\Microsoft\Windows\CurrentVersion\Internet Settings"
VALUENAME "MaxConnectionsPer1_0Server" VALUE NUMERIC 10
END ACTIONLISTON
ACTIONLISTOFF
KEYNAME "Software\Microsoft\Windows\CurrentVersion\Internet Settings"
VALUENAME "MaxConnectionsPer1_0Server" VALUE NUMERIC 3
END ACTIONLISTOFF
END PART
END POLICY
END CATEGORY
Monday, July 27, 2009
RSA Server IP Address Change
A gotcha discovered while changing the IP address of an RSA Authentication server.
To change the address of the server, you need to use the rsautil command from the command line:
rsautil update-instance-node --old-host Current_IP_Address --new-host New_IP_Address --instance primary
where:
• Current_IP_Address is the current IP address of the instance, for example,192.168.1.1.
• New_IP_Address is the new IP address of the instance, for example,192.168.200.245.
That's all well and good and is in the administrative guide. Of course, you'll need to reconfigure any devices that are pointing to the IP address of the server as well, such as an authentication agent on your Aventail or ASA.
However, you may see failed authentications and start noticing this in your logs:
Node secret mismatch. Cleared on agent but not on server.
In order to fix this, you'll have to get CLI access to your Aventail or ASA and delete the node secret files from the device. On an Aventail, these will be ststatus.12, securid ( delete them from /var/ace then restart the policy server using /etc/init.d/policyserver restart ). On the ASA it will be 192-168-111-123.sdi. Then connect to your RSA Security Console and manage the existing Authentication agents. You should then be able to select "Manage Node Secret" from the drop-down menu and clear the node secret. The secret will then be renegotiated on first use.
Cheers,
Sean
To change the address of the server, you need to use the rsautil command from the command line:
rsautil update-instance-node --old-host Current_IP_Address --new-host New_IP_Address --instance primary
where:
• Current_IP_Address is the current IP address of the instance, for example,192.168.1.1.
• New_IP_Address is the new IP address of the instance, for example,192.168.200.245.
That's all well and good and is in the administrative guide. Of course, you'll need to reconfigure any devices that are pointing to the IP address of the server as well, such as an authentication agent on your Aventail or ASA.
However, you may see failed authentications and start noticing this in your logs:
Node secret mismatch. Cleared on agent but not on server.
In order to fix this, you'll have to get CLI access to your Aventail or ASA and delete the node secret files from the device. On an Aventail, these will be ststatus.12, securid ( delete them from /var/ace then restart the policy server using /etc/init.d/policyserver restart ). On the ASA it will be 192-168-111-123.sdi. Then connect to your RSA Security Console and manage the existing Authentication agents. You should then be able to select "Manage Node Secret" from the drop-down menu and clear the node secret. The secret will then be renegotiated on first use.
Cheers,
Sean
Tuesday, July 7, 2009
VMWare View Client Silent Installation
I've been having some trouble figuring out how to prevent VMWare View Client from rebooting a machine upon completion of a silent installation. The standard /norestart switch that you normally pass to msiexec simply results in an error.
In the end, I found two answers. One answer was to perform an administrative installation of the product. Then, you are able to call an installation using the msi file directly and use the normal msiexec command line parameters.
msiexec /qn /norestart /i "VMware View Client.msi" ADDLOCAL=Core DESKTOP_SHORTCUT=0 QUICKLAUNCH_SHORTCUT=0
The second, simpler answer was to pass the property REBOOT=ReallySuppress:
VMware-viewclient.exe /s /v"/qn DESKTOP_SHORTCUT=0 QUICKLAUNCH_SHORTCUT=0 REBOOT=ReallySuppress"
Cheers,
Sean
In the end, I found two answers. One answer was to perform an administrative installation of the product. Then, you are able to call an installation using the msi file directly and use the normal msiexec command line parameters.
msiexec /qn /norestart /i "VMware View Client.msi" ADDLOCAL=Core DESKTOP_SHORTCUT=0 QUICKLAUNCH_SHORTCUT=0
The second, simpler answer was to pass the property REBOOT=ReallySuppress:
VMware-viewclient.exe /s /v"/qn DESKTOP_SHORTCUT=0 QUICKLAUNCH_SHORTCUT=0 REBOOT=ReallySuppress"
Cheers,
Sean
Wednesday, July 1, 2009
Sophos Anti-virus
I just cannot recommend Sophos Anti-virus as a corporate grade protection system. The product just has too many design flaws and bugs.
I also find their support method of providing support only over email vaguely disturbing. Sure, you can call them and try to get your assigned support person onthe phone to discuss the case, but they will never call you and will only send you emails. Most of the time I prefer to talk to somebody in a support situation and use email for the transfer of raw data. Maybe that's just me though.
When getting their overpriced professional services out for a "Health Check" and general fixing session, the guy broke as much as he fixed and weeks later I'm still trying to fix issues that have been plagueing us for months. The results of the "Health Check" were very meager and mostly consisted of data recorded or exported from the system that I could have obtained myself.
Their AD synchronisation will not clean up computers removed from AD and their client/server system cannot handle this because thousands of message files build up and fill the hard disk!
The inability to assign a policy to a machine that registers as "Unassigned" just makes me shake my head in awe and mutter "What were they thinking?"
Some of their error message make no sense! What the heck does "Requested value '.' doesn't exist" mean? The current directory doesn't exist?
The reporting is almost non-existant**, providing reports only on alerts. No reports on versions, last contact or anything really useful. Let's face it, if the machine has reported an alert, you know it's working. It's the machines not reporting in that I would worry about. I had to write my own SQL code to get useful information straight from the database.
Even their competitor removal tool is flawed, forcing me to script around its failings. That should've been my first warning. (I'm picturing the robot from 'Lost in Space' shouting 'Warning Will Robinson!")
Their remote installer relies on scheduled tasks, which would be cool if that didn't have bugs of it's own that can prevent it from functioning correctly.
Almost worst of all is their flawed distribution system, which has no method to allow a mobile machine to detect its closest distribution point. If I take my notebook from Sydney to Brisbane, do you think it will update from Brisbane? Nope, it'll update over the WAN from Sydney. Their solution to this is to suggest we use DFS, which is a valid solution, but doesn't make me think their product is robust when their competitors offer inbuilt solutions to this issue.
"Warning Will Robinson!"
/RANT
** Edit: Sophos now have a new updating system that uses "Fixed Versions" representing the previous three monthly releases for each operating system that are updated with new threat detection data, and have new labels that incorporate "Recommended", "Previous" and "Oldest" versions of the software. They also have more reports available in version 4.0 of their Enterprise Console.
Sean
I also find their support method of providing support only over email vaguely disturbing. Sure, you can call them and try to get your assigned support person onthe phone to discuss the case, but they will never call you and will only send you emails. Most of the time I prefer to talk to somebody in a support situation and use email for the transfer of raw data. Maybe that's just me though.
When getting their overpriced professional services out for a "Health Check" and general fixing session, the guy broke as much as he fixed and weeks later I'm still trying to fix issues that have been plagueing us for months. The results of the "Health Check" were very meager and mostly consisted of data recorded or exported from the system that I could have obtained myself.
Their AD synchronisation will not clean up computers removed from AD and their client/server system cannot handle this because thousands of message files build up and fill the hard disk!
The inability to assign a policy to a machine that registers as "Unassigned" just makes me shake my head in awe and mutter "What were they thinking?"
Some of their error message make no sense! What the heck does "Requested value '.' doesn't exist" mean? The current directory doesn't exist?
The reporting is almost non-existant**, providing reports only on alerts. No reports on versions, last contact or anything really useful. Let's face it, if the machine has reported an alert, you know it's working. It's the machines not reporting in that I would worry about. I had to write my own SQL code to get useful information straight from the database.
Even their competitor removal tool is flawed, forcing me to script around its failings. That should've been my first warning. (I'm picturing the robot from 'Lost in Space' shouting 'Warning Will Robinson!")
Their remote installer relies on scheduled tasks, which would be cool if that didn't have bugs of it's own that can prevent it from functioning correctly.
Almost worst of all is their flawed distribution system, which has no method to allow a mobile machine to detect its closest distribution point. If I take my notebook from Sydney to Brisbane, do you think it will update from Brisbane? Nope, it'll update over the WAN from Sydney. Their solution to this is to suggest we use DFS, which is a valid solution, but doesn't make me think their product is robust when their competitors offer inbuilt solutions to this issue.
"Warning Will Robinson!"
/RANT
** Edit: Sophos now have a new updating system that uses "Fixed Versions" representing the previous three monthly releases for each operating system that are updated with new threat detection data, and have new labels that incorporate "Recommended", "Previous" and "Oldest" versions of the software. They also have more reports available in version 4.0 of their Enterprise Console.
Sean
Tuesday, June 16, 2009
Windows Installer: Logging
These handy reg files for increasing the logging level of Windows Installer came in useful today:
LoggingOn.reg
Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer]
"Logging"="voicewarmupx"
"Debug"=dword:00000007[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Trace]
"Flags"=dword:00000016
"Level"=dword:00000004
LoggingOff.reg
Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer]
"Logging"=-
"Debug"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Trace]
In most cases, the Windows Installer log starts with msi, ends with a .log extension, and
includes a group of characters. For example, the Windows Installer log will have a file name that resembles the following:
msib3a6g.log
You should be able to find it in the %temp% path.
The letters in the value field can be in any order. Each letter turns on a different logging mode. Each letter's actual function is as follows for MSI version 1.1:
v - Verbose output
o - Out-of-disk-space messages
i - Status messages
c - Initial UI parameters
e - All error messages
w - Non-fatal warnings
a - Start up of actions
r - Action-specific records
m - Out-of-memory or fatal exit information
u - User requests
p - Terminal properties
+ - Append to existing file
! - Flush each line to the log
x - Extra debugging information. The "x" flag is available only on Windows Server 2003 and later operating systems, and on the MSI redistributable version 3.0, and on later versions of the MSI redistributable.
"*" - Wildcard, log all information except for the v and the x option. To include the v and the x option, specify "/l*vx".
Sean
LoggingOn.reg
Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer]
"Logging"="voicewarmupx"
"Debug"=dword:00000007[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Trace]
"Flags"=dword:00000016
"Level"=dword:00000004
LoggingOff.reg
Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer]
"Logging"=-
"Debug"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Trace]
In most cases, the Windows Installer log starts with msi, ends with a .log extension, and
includes a group of characters. For example, the Windows Installer log will have a file name that resembles the following:
msib3a6g.log
You should be able to find it in the %temp% path.
The letters in the value field can be in any order. Each letter turns on a different logging mode. Each letter's actual function is as follows for MSI version 1.1:
v - Verbose output
o - Out-of-disk-space messages
i - Status messages
c - Initial UI parameters
e - All error messages
w - Non-fatal warnings
a - Start up of actions
r - Action-specific records
m - Out-of-memory or fatal exit information
u - User requests
p - Terminal properties
+ - Append to existing file
! - Flush each line to the log
x - Extra debugging information. The "x" flag is available only on Windows Server 2003 and later operating systems, and on the MSI redistributable version 3.0, and on later versions of the MSI redistributable.
"*" - Wildcard, log all information except for the v and the x option. To include the v and the x option, specify "/l*vx".
Sean
Subscribe to:
Posts (Atom)
Posts
