one thing we noticed in our install of microsoft office 2007 on our terminal servers was initially the user names and company name were not set correctly.

this didn’t seem like that big of a deal to me at first, but then i saw the value of this user name. if multiple users have access to the same shared folder and two people are trying to access the same file, the second user trying to modify the file with be told that they can only have read-only access because its being used by “user name”. so, in our case, initially everyone’s user name was set to our administrators name.

obviously the user can call us and ask “who is editing the file?” and we can find out, but fixing this keeps us from getting one more call and easier on the user, so i wrote a script that would set it at login.

' office_2007_set_username.vbs
'
' This script sets the username and company name correctly for Office products.
' Written because all users using Terminal Services version of office were showing
' the same user name, which made it hard to track down locks on files.
'

Option Explicit 

Dim objShell, objNetwork
Dim strUserName, strCompanyName
Dim strNameRegKey, strCompanyRegKey

Set objShell = CreateObject( "WScript.Shell" )
Set objNetwork = CreateObject("Wscript.Network")

' Set your user string and company name
strUserName = objNetwork.UserName
strCompanyName = "Your Company Name"

' Registry key locations for user name and company name
strNameRegKey = "HKCUSoftwareMicrosoftOfficeCommonUserInfoUserName"
strCompanyRegKey = "HKCUSoftwareMicrosoftOfficeCommonUserInfoCompanyName"

On Error Resume Next

' If company name doesn't match the strCompanyName, change it
If objShell.RegRead(strCompanyRegKey) <> strCompanyName Then
	objShell.RegWrite strCompanyRegKey, strCompanyName, "REG_SZ"
End If

' If the user's name in office doesn't match their AD user name, change it
If objShell.RegRead(strNameRegKey) <> strUserName Then
	objShell.RegWrite strNameRegKey, strUserName, "REG_SZ"
End If

read more

after a lot of looking and quite a bit of testing and customization, i think i have finally found a replacement for adobe acrobat reader.

why replace acrobat reader? off the top of my head:

  1. security issues. everywhere. frequently.
  2. and hence because of the security issues, you have to patch often. very often. which requires time, testing, and a fair amount of good luck to not break *anything*.
  3. and lastly, i was interested in replacing adobe because of its tendency to crash, specifically in our AD environment (see this post for more details). its not often, but often enough that i get some calls

so here is what i did. i searched. a bunch. i of course found foxit, and i tested foxit pretty heavily. i like foxit, and it was very close to what i was looking for, but then i ran across tracker software’s pdf xchange viewer. not only was it small and fast like foxit, i could mod the heck out of it to get it to look the way i wanted, and it could modify pdf’s, all for free.

heres how i turned this:

into this:


read more

i have been working on a vbscript that adds a folder into outlook 2007, which on its face doesn’t seem that hard to do.

my co-worker knocked out a script that adds the folder, but i was looking for something that also had some logic to first see if the user had a email enabled account in AD, then, if they did have a mail enabled account, to only run the script once.

what i came up with was a modified script based mostly on http://www.codeproject.com/KB/vbscript/ExchangeMailBox.aspx?msg=946994 that first checked if a user was mail enabled, then i added some logic to look at a reg key that i created to create the outlook folder and registry key, or if the key already exists, to exit the script

heres the code:

' outlook_add_folder_v1.vbs
'
' Check if user has Exchange Account by Peter  Verijke - (c) 2003 Computech
' http://www.codeproject.com/KB/vbscript/ExchangeMailBox.aspx?msg=946994
'
' This script checks if a user has an email  account, then checks a registry key to see if a Outlook folder has
' already been created. If it has already been  created, the script exits, otherwise the folder is created and
' the needed registry key is created as well.
'
' Logic in a nutshell:
' Does user have an Exchange account?
'      Yes
'           Does the registry key exist?
'                Yes
'                     Exit
'                No
'                     Create  folder in Outlook
'                     Create  registry key
'                     Exit
'      No
'           Exit

Const HKEY_CLASSES_ROOT = &H80000000
Const HKEY_CURRENT_USER = &H80000001
Const HKEY_LOCAL_MACHINE = &H80000002
Const HKEY_USERS = &H80000003
Const HKEY_CURRENT_CONFIG = &H80000005

Dim strKeyPath
Dim strValueName
Dim strValue
Dim strValueCurrent
Dim arrValues
Dim intValue
Dim ArgObj
Dim WshShell ' as object
Dim objEnv ' as collection
Dim objUser 'As IADsUser
Dim objMailbox 'As CDOEXM.IMailboxStore
Dim sUserLDAPName 'As String
Dim DCServer 'As String
Dim olkApp
Dim olkSession
Dim olkParentFolder
Dim olkNewFolder
Dim strComputer
Dim objRegistry

On Error Resume Next

strComputer = "."
Set objRegistry = GetObject("winmgmts:\" & strComputer & "rootdefault:StdRegProv")

' Get the Arguments object
Set ArgObj = WScript.Arguments

If ArgObj.Count < 1 Then
     Set WshShell = WScript.CreateObject("WScript.Shell")
     Set objEnv = WshShell.Environment("PROCESS")
     sUserName = objEnv("USERNAME")
Else
     sUserName = UCase(ArgObj(0))
End If

' Define your AD Domain Controller
DCServer = "dc01.domain.local"

sUserLDAPName = QueryActiveDirectory(sUserName)
Set objUser = GetObject("LDAP://" & DCServer + "/" & sUserLDAPName)
Set objMailbox = objUser

'check if user is mailbox enabled
If objMailbox.HomeMDB = "" Then
     'This user does not have a Exchange mailbox
     WScript.Quit 1
Else
     'This user does have an Exchange mailbox
     ' Define your registry keys and values
     strKeyPath = "settingssoftwareoutlook"
     strValueName = "mail_archive_folder_created"
     strValue = "1"

     ' Get the current value of the key if it exists and put it into  strValueCurrent
     objRegistry.GetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,strValueCurrent

     ' Check if the value of the key is null, and if it is create the folder  in Outlook and also create the new
     ' registry key to prevent it from being recreated over and over again.
     If (IsNull(strValueCurrent) = True) Then
          Set olkApp = CreateObject("Outlook.Application")
          Set olkSession = olkApp.GetNamespace("MAPI")
          olkSession.Logon "Outlook"
          'Change the parent folder name and path on the following line
          Set olkParentFolder = olkSession.GetDefaultFolder(6).Parent
          'Change the new folder's name on the following line
          Set olkNewFolder = olkParentFolder.Folders.Add("Mail Archive")
          'Change the URL on the following line
          olkNewFolder.WebViewURL = "http://server.domain.local/archive.php"
          olkNewFolder.WebViewOn = True
          olkSession.Logoff

          'Create your registry key
          objRegistry.CreateKey HKEY_CURRENT_USER,strKeyPath
          'Set your registry value
          objRegistry.SetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,strValue
     End If
     WScript.Quit 0
End If

Public Function QueryActiveDirectory(sUserName)
'Function:      QueryActiveDirectory
'Purpose:       Search the Active Directory's Global Catalog for users
'Parameters:    UserName - user to search for
'Return:        The user's distinguished name

Dim oAD 'As IADs
Dim oGlobalCatalog 'As IADs
Dim oRecordSet 'As Recordset
Dim oConnection 'As New Connection
Dim strADsPath 'As String
Dim strQuery 'As String
Dim strUPN 'As String

set oRecordSet = CreateObject("ADODB.Recordset")
set oConnection = CreateObject("ADODB.Connection")

'Determine the global catalog path
Set oAD = GetObject("GC:")
For Each oGlobalCatalog In oAD
strADsPath = oGlobalCatalog.AdsPath
Next

'Initialize the ADO object
oConnection.Provider = "ADsDSOObject"

'The ADSI OLE-DB provider
oConnection.Open "ADs Provider"

'Create the search string
strQuery = "<" & strADsPath & _
">;(&(objectClass=user)(objectCategory=person)(samaccountName=" &  _
sUserName & "));userPrincipalName,cn,distinguishedName;subtree"

'Execute the query
Set oRecordSet = oConnection.Execute(strQuery)
If oRecordSet.EOF And oRecordSet.BOF Then
     'An empty recordset was returned
     QueryActiveDirectory = "Not Found"
Else    'Records were found; loop through them
     While Not oRecordSet.EOF
     QueryActiveDirectory = oRecordSet.Fields("distinguishedName")
     oRecordSet.MoveNext
     Wend
End If

End Function

read more

this morning on the way to work, i heard larry (from pauldotcom.com) talking about a script he used to pull the logs from a lot of machines. he mentioned a few things that he didn’t like about the script, and i actually had run into in a similar situation (and had similar dislikes). heres the details (and the solution):

for patching purposes and just good windows hygiene, i wanted to reboot all my workstations nightly.

i googled a bit, and found several ways to do this, but none that did it the way i pictured it.

the most frequent suggestion was to put a list of all the computers you wanted to be rebooted into a text file, then run a script against those computers using a wmi script or psshutdown. in my environment, i quickly found two problems with this:

  1. it was slow. because computers would sometimes be shutdown and the timeout was so long for powered down machines, rebooting hundreds of computers could take a long, long time if enough were shutdown
  2. laziness/forgetfulness. what are the chances of me and everyone i work with remembering to put new machines into the text file to be rebooted? maybe everyone else is better at this than we are, but i knew this had no shot of actually being kept current in our environment

so i set out to find a script that would reboot all computers in an AD OU, bypassing unavailable machines quickly, and not requiring any changes to the script if new machines were added or machines were removed.

here is what i came up with, see comments in the code for an explanation:

Dim strFilter, strAttrs, strScope, strDNSSuffix, strBase
Dim objConn, objRS, objShell,objExec,objFSO,objFile, fileName

Set objShell = CreateObject("Wscript.Shell")

' List out the OU's you want computers in to be rebooted. Remember, if you add an OU,
' increment the strRoot(x) in *both* places.
Dim strRoot(1)
strRoot(0) = "OU=warehouse,DC=domain,DC=local"
strRoot(1) = "OU=terminal_servers,OU=servers,DC=domain,DC=local"

' Set the filter for computers only
strFilter = "(objectclass=computer);"
strAttrs  = "name;"
strScope  = "subtree"

' Your domain name
strDNSSuffix = ".domain.local"

'This is your main loop, each time a different OU.
For i = 0 To UBound(strRoot)
     strBase   =  "<LDAP://" & strRoot(i) & ">;"
     Set objConn = CreateObject("ADODB.Connection")
     objConn.Provider = "ADsDSOObject"
     objConn.Open "Active Directory Provider"
     Set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)
     objRS.MoveFirst

     'This is your inner loop, each time an individual PC found in the search of the base.
     While Not objRS.EOF
          If objRS.Bookmark Mod 1 = 0 Then
               ' Pause for two seconds (ran into issues if this moved too quick)
               WScript.Sleep 2000
          End If
          ' Call your shutdown computer sub to reboot the individual computers
          ShutDownComputer(objRS.Fields("name").Value & strDNSSuffix)
     Wend

     Set objConn = Nothing
     Set objRS = Nothing

Next

Sub ShutDownComputer(byval strComputer)
     Dim strShutDown,objShell

     ' Your psshutdown command with the following options: -r for reboot, -f for force, -c allow the user to cancel the shutdown, -t 300 to give the user
     ' 300 seconds (5 minutes) to close out of applications and save, -e for the error code (planned), and -m for the message the user will see
     strShutDown = "C:somepathpsshutdown.exe -r -f -c -t 300 -e p:0:0 -m " & chr(34) & "Nightly restart of computer" & chr(34) & " \" & strComputer
     Set objShell = CreateObject("WScript.Shell")
     objShell.Run strShutdown, 0, False

     Set objShell = Nothing
End Sub

psshutdown – http://technet.microsoft.com/en-us/sysinternals/bb897541.aspx
pauldotcom episode 187 notes – http://pauldotcom.com/wiki/index.php/Episode187


read more

i initially was just going to post a fix i had found (via google) to resolve a rediculous problem that adobe acrobat reader 9.x has in it. after reviewing my fix and seeing how ugly the code/logic was, i ended up rewriting the script.

so there are two lessons in this post
1.    adobe will never get their act together (at least with acrobat reader 9)

2.    the fear of peer code review is good, and it forced me to reevaluate some sloppy scripts that “just work”, but do it in a half-baked manor
so here we go, adobe acrobat reader 9.x and its issues with redirected application data on a server 2008 terminal server
so the real problem here is not that adobe writes crappy code. the real problem is that adobe wrote some crappy code and has not fixed it.

here is the problem: if you are running redirected folders in an AD environment and you redirect your application data folder, adobe acrobat reader 9 will give you a c++ runtime error if you are not an administrator. i have seen several people come up with fixes, one works for some, but not for others, so ymmv.

the three fixes i have seen have been:
1.    give list folder / read data permissions on the root level (applied to this folder only) of your users or homes share
2.    create the local low folder
3.    lastly, and the one that i use with a vbscript, is do delete a particular registry key
here was my original code:

Option Explicit

Dim objShell
Set objShell = WScript.CreateObject(“WScript.Shell”)

On Error Resume Next

objShell.RegDelete “HKCUSoftwareMicrosoftActive SetupInstalled Components{89820200-ECBD-11cf-8B85-00AA005B4340}Version”

so, no error checking, and technically speaking it worked, but its ugly. i went back and fixed this to do some logic to see if the key existed before it tried to delete it, and came up with the following:

On Error Resume Next

Const HKEY_CURRENT_USER = &H80000001
strComputer = “.”

Set objRegistry = GetObject(“winmgmts:\” & strComputer & “rootdefault:StdRegProv”)
strKeyPath = “SoftwareMicrosoftActive SetupInstalled Components{89820200-ECBD-11cf-8B85-00AA005B4340}”
strValueName = “Version”
objRegistry.GetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,strValue

If (IsNull(strValue) = False) Then
     objRegistry.DeleteValue HKEY_CURRENT_USER, strKeyPath, strValueName
End If

for us, running server 2008 terminal servers, this fixed the problem. users are now successfully running the latest version of adobe acrobat reader 9 with no errors.

if you want to see details of the problem, or look at some of the other solutions (the root share permissions fix or the local low fix), you can look at some of the following threads/links. they go into a lot more detail and explain what is happening and what to try to fix it

http://support.microsoft.com/kb/955555/en-us
http://forums.adobe.com/thread/391738?tstart=0
http://forums.adobe.com/thread/303079


read more