Need to repartition your harddisk? Don’t want to pay hundreds of dollars for Partition Magic?
Well you may be in luck by visiting;
http://gparted.sourceforge.net/
Here you will find a linux iso of a utility called Gparted, maybe its worth a look before you order Partition Magic 🙂
You may be using Robocopy when copying files, Robocopy is an older Microsoft command line utility (even though a GUI has later been created) that can copy files in a particular robust way (Robocopy actually stands for Robust copy), the trick is that you can specify a lot of parameters eg. copy NTFS rights, mirror a directory structure and much much more.
However I just stumbled over an interesting freeware utility, this utility seem to offer many of the same options plus a bunch of new once..
Among the the interesting plus features is one I have often sighed “move one at the time”, say you need to move a LARGE directory structure on a server to a new location on the same drive and as a twist you need to inharit NEW ntfs rights (the ntfs rights from the top folder in the new structure) – you could not just use the build in drag and drop move in windows as you would also move the NTFS rights (as its the same drive) (yes of cause you could afterwards change the NTFS rights but that takes a lot of time)… but now you can set Fastcopy to just move one file at the time. Sure there were other other ways of doing this, but this however is quite neat..
Other interesting features is speed limiting, less intensive processor usage, verify, filtering and many many more.
If you liked Robocopy and Terracopy you will likely also like Fastcopy.
http://www.ipmsg.org/tools/fastcopy.html.en
Do your PC’s or network contain important confidential data, and are you afraid of data theft by employees?
In that case take a look at this article, it describes how to disable USB mass storage devices (USB pens, disks) on machines complete with GPO/ADM templates and all.
http://diaryproducts.net/about/operating_systems/windows/disable_usb_sticks
Based in part on this article (German);
http://www.gruppenrichtlinien.de/index.html?/HowTo/usb_sticks_deaktivieren.htm
If you are a sysadmin you have likely experienced that some odd user keep getting his/her Windows Domain Account locked out, there can be numerous reasons for this but while debugging the exact reason the user keep getting locked out and keep calling you every hour or so to be unlocked.
Well I came up with a workaround, you download a simple freeware utility called unlock.exe, and then schedule a batch job to run every 15-30 min that simply unlocks the account. Now this is not the solution, as you really need to find the cause, but as debugging things like these can take some time and perhaps you have other pressing matters as well – then this is a fair workaround.
The batch file would look something like this;
unlock.exe . username
The unlock command also allow for listing locked accounts, and now I am thinking, maybe I could even set up some surveillance with this, creating a list of locked accounts every morning… but that’s another story 🙂
Got a Netbook? WinXP seem to slow? Well maybe Moblin could be the answer, Moblin is a small (fast) linux distribution for atom based netbooks.. It looks interesting, maybe I’ll see if it can be fooled into installing on my old IBM X31 (Centrino not Atom).. I never really tried any of these linux distributions, maybe this would be more than enough for browsing the net (which is mainly what I do on my IBM X31)..
Update; I tried installing on my IBM X31 but sadly the chipset was not supported 😐 bummer..
If you are debugging why a particular user always is being locked out with his/her domain account, then you may want to give this tool a spin. It’s a freebie from Microsoft called “Account Lockout Status“, and what it will do is to let you see some useful info on the users bad password count etc. on all Domain Controllers in the domain. Useful stuff even if it’s a golden oldie by now 🙂
JSI also has a few lines about it
You can also get a ‘package deal’ called “Account Lockout and Management Tools” from Microsoft that includes some additional utilities, among others an advanced Eventlog filter (can gather from several servers and filter in different ways) and can also be tweaked to display some additional info from AD on each userobject.
There is a good Technet article on it here;
http://technet.microsoft.com/en-us/library/cc738772(WS.10).aspx
This includes how to install and uninstall the debugging DLL’s.
I looked for this for ages, but at some point I got my google search right and this is what it turned out;
http://www.winhelponline.com/blog/configure-services-mmc-to-open-in-standard-view-by-default/
Credits to Ramesh Srinivasan for writing this short guide;
The Services MMC Snap-In has two views namely Standard and Extended. The Extended view provides information about the selected service in the left side of the details pane. Also, it includes links for starting, stopping, or pausing the selected service. If you have a small monitor and need more screen real estate, you can configure the Services MMC to open in Standard view by default.
You can use MMC in author mode to create new consoles or modify existing consoles. Follow these steps to set Services MMC start in Standard View by default.
1. Click Start, Run and type %windir%\system32
2. Backup the file Services.msc and store in a safe location
3. Right-click the file Services.msc, and choose Author
The Services MMC Snap-In opens in Author mode, in which you can customize the window size, pane width, view mode (Standard or Extended) etc.
4. Customize the Snap-In accordingly.
5. From the File menu, click Save to save your settings.
6. Exit the Services MMC, which is currently in Author mode.
Now open Services MMC (services.msc) normally and see if the settings are applied.
Want to seriously harden your Windows installation? You may find some inspiration here; http://nvd.nist.gov/fdcc/index.cfm this is an ongoing IT hardening project driven by the US NIST with help from the NSA and USAF among others.
Maybe not that useful to the regular user, but might be inspirational to corporate users.
You maybe aware of utilities like ERD (from Microsoft former Winternals, sadly only available to certain Microsoft License holders) that will allow you to change the password for a Windows account, thus effectivelyallowing you access to the data on the pc/server?
There can be legitimate reasons for this (forgotten passwords etc), but some users may have a more sinister motive… to gain unauthorized access.. for the latter group utilities like ERO has a drawback, it leave traces behind, when the original user try to logon he can’t as you changed the password.. Now there are ways around this, some other utilities allow you to dump the password database before you change it, then afterwards (once you scored all the data) you can reinject the original password and only a close examination would reveal your traces.
But now there is a new player on the marked, Kon-Boot,this small boot cd will do something very clever indeed, it will allow you to boot into Windows as normally via a CD – and then once asked for the password you can just enter anything – Kon-Boot will simply bypass the password check.. Clever indeed.
A few problems/concerns though;
I will have to experiment a bit with this in the near future, it sounds disturbing.
Update; I just tested this on a VM, and it works just as advertised on an XP installation, interesting indeed…
Update 2; I checked this on a domain account, if the user has his profile/password cached (have been logged on previously) you CAN logon locally and access the users data – BUT ofcause no access to network ressources and you will see a warning that your credentials has expired (or something to that effect). I also tried a locked/disabled account, and here I was unable to logon.
Read this excellent post by Claus Valca on Kon-Boot
And see the YouTube demo on how it works;
I just stumbled across a blog post from Claus Valca refering to VistaPE, as I could judge this is more or less a replacement for BartPE which has been dead in the water since 2006.
VistaPE should allow you to create a bootable CD/DVD with the Vista kernal (much as BartPE did with the XP kernal), this is useful as a recovery tool/image tool/repair tool/virus cleanup tool etc. I have previously created antivirus cleanup cd’s using BartPE, but maybe VistaPE could offer better compatibility with the later hardware models.
I will add this to my “I have to look into this list” (which sadly has become quite long)..