As I work for a large company with 700+ workstations we strive to minimize the need for PC support whenever we can, one of the problems is when users use different browsers or install strange add-ins, one of the more annoying IE additions is the Google Toolbar.  Now I am sure the toolbar offers some great options to some users, however in our corporate structure we like that all browsers function the same as this minimize the development time for our intranet and other internal solutions.

Informing the users that corporate policy does not allow for installation of Google toolbar (and others) does not help that much, it is almost impossible to avoid installing Google Toolbar today, it comes with numerous applications (even with Java as I recall) and if you just miss one checkbox then it is installed (reminds me about the terrible Real player from years back).  One good thing about the Toolbar is however that it is easy to get rid of, it uninstalls without too much hassle.

Anyway I got my heart set on disabeling the Google Toolbar from installing, but how?

Well I found this interesting article on Google Groups;

---[FROM GOOGLE GROUPS]---------------------------------------
Hi Alan,
You actually have a couple options to prevent the Toolbar from being
installed on your school's network:
1. You can block the Toolbar through the IE policy, or blacklist
everything and selectively whitelist specific add-ons. The relevant
path to the add-on management policy is:
Console Root/(Local or Global) Policy/(Computer or User Configuration)/
Administrative Templates/Windows Components/Internet Explorer/Security
Features/Add-on Management
>From there, you should be able to block each add-on through its GUID.
The Toolbar's GUID is {2318C2B1-4965-11d4-9B18-009027A5CD4F}.
2. You mentioned not wanting students to install the Toobar because it
shrinks the usable area of the screen. More than preventing the
installation of just the Toolbar, you may want to prevent the
installation of all IE BHO's in general. These can be disabled through
group policy in the admin console. There's an IE key that disables
BHO's at:
Console Root/(Local or Global) Policy/(Computer or User Configuration)/
Administrative Templates/Windows Components/Internet Explorer/Internet
Control Panel/Advanced Page/Allow third-party browser extensions
Setting that to "Disabled" will prevent all BHO's from launching.
And for any network admins out there concerned with privacy but who
still want to enable the Toolbar, you should be able to disable
features like PageRank or AutoLink through the group policy file
(that's the .ADM file that's included with the Toolbar for
---[FROM GOOGLE GROUPS]---------------------------------------

Option 1 actually sound quite good, Option 2 will likely disable way too much – some things actually need to install browser additions (certificates for public signature, banking add-ins, PDF readers/printers and many other)..

When I have the time I will take a further look at it.

I was just brushing up on USMT (User state migration toolkit), and it would appear that a new cool version has been released, in conjunction with MDT 2010  (Microsoft Deployment Toolkit) it offers USMT using hardlinks.

The point is that data does not need to be backed up to an external USB disk or network drive, it will be stored in a protected area of the harddisk during installation and then afterwards just linked via hardlinks..  This speed’s things up tremendously (normally a USMT could take from 30 min – 1 hour, but here we are talking minutes)..

In this example it was an XP migration to Windows 7, I may also need XP -> XP migration so it will be interesting to see if this is also possible..

See more here;

I just stumbled across this interesting article “Using Group Policy Preferences to control multiple BGinfo scripts” during a search, this may indeed be worth a closer look.

I keep forgetting how to enable Group Policy Loopback processing, this is useful if you have an advanced structure/advanced needs within your OU’s in AD.

The recipe is simple;

To set user configuration per computer, follow these steps:

  1. In the Group Policy Microsoft Management Console (MMC), click Computer Configuration.
  2. Locate Administrative Templates, click System, click Group Policy, and then enable the Loopback Policy option.

This will allow for Usersettings to be propagated even if they are only in the Computer OU.

More here;

If you use HP servers you hopefully also use or have configured the iLO connection, the iLO port will allow you to connect to the console screen of the server even if Windows is not booted, this allows for installing a server or configuring bios settings etc remotely.

However, yesterday when I tried to connect to one of our servers via iLO (you do this via Internet Explorer)  i got this message;

<?xml version="1.0" ?> - <RIMP>
-<MP>   <ST>5</ST>   <INFORM>The iLO firmware is in a network flash recovery state.</INFORM>
<REFERENCE>Refer to the iLO network flash recovery under the trouble shooting 
section in the iLO users guide.</REFERENCE>   </MP>   </RIMP>
Well that was not what I expected, anyhow the solution is fairly simple, you just need to download the iLO firmware and flash the iLO management processor, this can easily be achieved via FTP.
  • Download the iLO firmware from and drivers, search for iLO firmware), note there is difference between iLO/iLO2/iLO3 so check your server specs for which FW to get.
  • Unpack firmware (by far the easiest way is to use www.rarlabs.comWinRar, just rightclick and extract from the .exe you downloaded before)
  • Find the iloXXX.bin and copy it to C:\  (or use your own location if you prefer, just remember to change it in the commands below also).
  • Start a command prompt (cmd.exe)
  • Issue these  commands;

    FTP x.x.x.x  (replace x.x.x.x with the correct IP)
    User: flash
    Password: recovery
    type binary
    put c:\iloXXX.bin   (replace XXX with the version number of the image file)

    and then wait while it flashes the ROM you will see a progress indicator.

After this iLO should be back up working 🙂  easy as pie..

For those of you that have ever tried finding anything on HP’s homepage you know that it can be virtually impossible 🙁 thus I am often struggling to find the download link for “HP ProLiant Support Pack for Microsoft Windows Server 2003”, well no more my friends 🙂 here is the link to use 🙂

And as a bonuslink, here is how to install it on a “Server Core” (the one without the Win GUI)..

(Screenshot is from an older version than the current 4.9)

Yet another free partitioning CD (why in the world pay for Partition Magic), this CD will let you boot from it and resize your partitions and much more (free).

super_orca_screenshot_2If you have ever worked with .MSI files you must have touched Microsoft’s utility ORCA.  Well it proves there is an alternative to this with a few extra features Super ORCA, so if you ever mess with .MSI files you may want to give Super ORCA a spin at

So I had to brush a bit up on my Softgrid knowledge for a package build and I came across a few things I’d like to share;

  1. A super guide to Softgrid building by one of the Guru’s on the field (Chris Lord).
  2. A neat util to explore Softgrid packages without installing the sequencer. SFT Explorer.

As of right now I haven’t really gotten my package to work, I have to include an old version of Java with a link to a web-site.  But even if I set the registry to override it still fail to launch the old java, if no java is on the machine in advance it works like a dream..  We are currently using the old 4.2 sequencer so I might try the 4.5 version to see if any improvements has been made.

So you would like to extract some files from an Install Shield (IS) installer package you have, you may as I just need a few driver files from a package.

Well first you try the extract command from Windows (as some of the Install Shield files come as .cab files) however you quickly discover that the files are not compatible with the Windows .cab files.  WinRar is often good at extracting all sorts of files, but not the IS files. You can forget all about -e or -x for extract that does not work either.

But there is a way, you need an utility called “ISCabVu.exe”, sadly this utility is not just lying around on the net, so you need to do a bit of fiddling around to get hold of it.. 

1. Download an evaluation copy of Install Shield (any never version will likely do, do go for the latest).
2. Install it (if you don’t want to pollute your system use SandboxIE (requires 32bit os)).
3. Copy the files under “Program Files\InstallShield\2010\System” to a different location.
4. Now just run the “ISCabVu.exe” file.
5. You may be able to thin out this directory (150mb) but this may take some time and may not be worth your time.

Now the extract part is easy, see image below;