Wednesday, January 22, 2014

Fixing Issue Where Users Unable to Set Default Printer

A KB to fix the issue whereby end users are unable to set their default printer and furthermore there is currently no default printer set.
This occurs when the end user loses access to a particular key in the Windows Registry.
1.

Open Regedit as an admin user

a) Click the round Start buttuon
b) Type Regedit into the Search box and open it when it appears
2.

Connect to the remote computer

a) Click File > Connect Network Registry
b) Enter the computer name and click OK
3.

Navigate to the correct Registry key

Expand the remote computer's Registry at the following node:
HKU > {User's SID} > Software > Microsoft > Windows NT > Current Version > Windows
Note: You can determine the correct SID using PsGetSid from Sysinternals.
4.

Reset the permissions on the Windows key

a) Right-click on the Windows key
b) Click Permissions
c) Click Advanced
d) Tick Include inheritable permissions from this object's parent
e) Press OK

How to backup/restore IIS7 configuration

No matter whether your configuration file gets corrupted, you make changes you decide to roll-back, you accidentally foo-bar your .config file or some act of terror occurs, some day you'll want to go back to a prior configuration file.  Thankfully, IIS7 makes this super easy.

Backup/Restore via the command line
Backing up IIS7 configuration is as simple as copying the \windows\system32\inetsrv\config directory (and subdirectories) into a backup directory, so you don't need anything special to do it.  Just include this directory in whatever your OS/content back-up plan is, or write a custom script to do it. 

To help make managing backups easy, we've added a simple cmd-line option to AppCmd.exe that makes management of backup/restore sets easy.  For example, to backup configuration, run the follow command:
> %windir%\system32\inetsrv\appcmd.exe add backup "My Backup Name"
to restore that backup, run this command:
> %windir%\system32\inetsrv\appcmd.exe restore backup "My Backup Name"
to delete a backup, run this command:
> %windir%\system32\inetsrv\appcmd.exe delete backup "My Backup Name"

Pretty easy, eh?  Except for the dirty little secret everyone knows...remembering to do a backup!  Thankfully, IIS7 comes to the rescue here.  Thanks to a feature called IIS7 configuration history, IIS will automatically make history snapshots of ApplicationHost.config each time a change is detected, enabling you to easily restore to a prior version.  By default, IIS checks for a new version every 2 mins, and will keep 10 prior versions of the file.  IIS7 stores these snapshots in the %systemdrive%\inetpub\history folder by default.  You can change any of these settings by editing the section in ApplicationHost.config.  This article explains the feature in great detail.

IMPORTANT NOTE:  This feature only appears in Windows Server 2008 and Vista SP1.  It is not in original release version of Vista , as it was not yet finished when Vista first shipped.  This is one of the thousands of changes that was made to IIS7 after Vista RTM, and is one of many reasons you should install SP1 as soon as possible!

How do you restore a prior snapshot?  Well, you could just go to the \inetpub\history\cfgHistory_NNNNNNNNNN directory and copy the applicationHost.config file into it's proper place: \windows\sytem32\inetsrv\config.  Or you can use the same command as above for restoring a backup to restore a configuration history file. 

To enumerate a list of backups and configuration history files, use the following command:
> %windir%\system32\inetsrv\appcmd.exe list backup

See how the config history files show up just like backups?  Use WinDiff or some other tool to figure out which configuration history you want to restore, then use AppCmd.exe restore backup command to restore it!

Using Configuration History with IIS 7 and IIS 8

Introduction

In IIS 6.0, administrators had a safety net that allowed them to easily ascertain what changed in the IIS configuration. It was implemented as a history file that could be restored easily, and served as a usable history of events that happened to the configuration. In case anything went wrong during application installs, upgrades, or individual changes to the metabase, the user could restore to a working state.
With IIS 7.0 and above, the IIS team wanted the same "safety net," yet we could not use the IIS 6.0 history feature because of changes in the configuration architecture. In IIS 7.0 and above, we resolved this problem by creating a service that monitors for changes to the master configuration file, ApplicationHost.config, and periodically creates snapshots to later retrieve if necessary.
This feature is called IIS Configuration History. This walkthrough illustrates how this feature works.

Tasks in This Walkthrough


Task 1: Reviewing configHistory Default Configuration Settings

In this task, you review the configuration options available after a default IIS installation. In later tasks, you later modify some of these settings to show the flexibility of the feature to fit the environment.

Step 1: Open applicationHost.config

  1. Click Start, click Run, and in the Open: dialog box, type notepad and Click OK.

    Figure 1: Opening Configuration with Notepad
  2. Click File, then Open, and in the File name: dialog box, type %windir%\system32\inetsrv\config\applicationHost.config. Click Open.

    Figure 2: ApplicationHost.config Path
  3. To locate configHistory section, click CTRL-F and enter configHistory and Click Find Next.
After opening the master file, you see an entry like the following for configHistory:
 name"system.applicationHost>
    
name="applictionPools" allowDefinition="AppHostOnly" overrideMode="Deny" />
name="configHistory" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
name="customMetadata" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
name="listenerAdapters" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
name="log" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
name="sites" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
name="webLimits" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
Notice that there are no further settings for this feature in applicationHost.config. This is expected behavior because by default, IIS uses the values stored in the IIS schema. To see the default settings, open the IIS schema file (IIS_schema.xml.)

Step 2: Locate configHistory Defaults in IIS Schema

  1. Click Start, click Run, and in the Open: dialog box, type notepad and Click OK.
  2. Click File, then Open, and in the File name: dialog box, type %windir%\system32\inetsrv\config\schema\iis_schema.xml.

    Figure 3: IIS Schema
  3. To locate configHistory section, click CTRL-F and enter configHistory.
  4. On Windows Server® 2008, you see the following:

    Figure 4: configHistory Schema Definition
    There are four configurable settings (attributes) for the configHistory section:
    Attribute Default Setting Definition
    enabled True This value indicates whether configuration history is enabled or disabled
    path %systemdrive%\inetpub\history The path where history directories are created and stored
    maxHistories 10 The maximum number of directories retained
    period 00:02:00 The time between each check made for changes



Summary

Despite its relative simplicity, do not overlook this task. It offers direct insight into configuration attributes available for the configHistory section. You later modify these settings as a demonstration of the features flexibility based on the environment.

Task 2: Validating configHistory Functionality is Working Properly

The goal of this task is to see configHistory in action. Furthermore, for experienced administrators who understand the IIS 6.0 metabase history, this task aids in learning the differences between the two features.
Metabase history was a file-based, rather than directory-based, like the IIS 7.0 and above configuration history. For example, all backups in IIS 6.0 were stored in the same location that was not customizable. In IIS 7.0 and above, each unique copy is stored in its own directory at creation time. In this task, you make some changes to the IIS configuration file using IIS Manager and review the results of these changes.

Step 1: Create a Website

  1. Click Start, Run, and type Inetmgr and Click OK.

    Figure 5: Opening IIS Manager
  2. Double-click your server name, for example IIs7Server, to expand the navigation tree.
  3. Right-click the server, and choose Add Web Site.

    Figure 6: Add Web Site
  4. In the Add Web Site wizard, enter information to create a new Website. For example:

    Figure 7: Add Web Site Wizard
  5. Click OK.
  6. You now see the new Website created in your IIS Manager, as in the following:

    Figure 8: IIS Manager Homepage
  7. Now, we validate that a successful backup of the configuration changes has been captured by the Application Host Helper Service.

Step 2: Locate History Files for applicationHost.config

Note: It is likely that your copy will not show immediately after following these steps. This is based on the default value of two minutes. If you find that no copy is created, check to make sure that you have waited two minutes.
  1. Click Start, Run, and open %systemdrive%\inetpub\history.
    Figure 9: Configuration History Default Path
  2. Double-click the history folder and locate the most recent change.

    Figure 10: History File of ApplicationHost.config Note: If you fail to locate your copy in the history folder, verify that the Application Host Helper Service is running. Check your Event Viewer for any potential errors thrown by IIS-AppHstSvc.

Figure 11: Application Host Helper Service

Summary

In this task, we took a few steps toward understanding how the IIS configuration history feature works. First, we made changes to ApplicationHost.config, triggering the Application Host Helper Service to create a copy at the next scheduled period. Further, we located the copy and validated that we successfully created the copy in %systemdrive%\inetpub\history.

Task 3: Modifying the Number of Directories (maxHistories) Retained and the Period Attributes

The goal of this task is to successfully modify the number of history files retained by IIS 7.0 and above. Because the defaults are stored in the schema, we must create the configHistory section in applicationHost.config and add the appropriate attributes and values for the maxHistories and period attributes.
In this task, use Notepad to modify this attribute to show the flexibility and simplicity of editing ApplicationHost.config.

Step 1: Open applicationHost.config

  1. Click Start, click Run, and in the Open: dialog box, type notepad and Click OK.
  2. Click File, then Open, and in the File name: dialog box, type %windir%\system32\inetsrv\config\applicationHost.config and Click Open.
The next step is to add the configuration section, and then add the attribute with value.

Step 2: Add configHistory Section and Add maxHistory

  1. To locate configHistory section, click CTRL-F and enter
    Figure 12: Locating system.applicationHost Section Group
  2. Now that you are in the right section, add the correct attribute and value for maxHistory. Type the following text into your system.applicationHost section group:
     maxHistories="15" />
Note: To save time in your next step, leave notepad open after completing this task.
Last, validate that the change has taken place. We know that by default that we should only see 10 directories at a time as defined by the IIS schema.
After we increase the maximum values kept by IIS, we need an easy method to trigger many directories to be created. To simulate this, we lower the default value for the period attribute to its default minimum of 10 seconds. This increases the interval for checking for changes and hence potentially creates more copies of the files in a dynamic environment.

Step 3: Set Period Attribute for configHistory

  1. Using the previous session, add the period attribute by adding the period="00:00:10".
  2. Click File, Save to commit changes.
After completing, the configHistory section looks like the following:
 maxHistories="15" period="00:00:10" />

Step 4: Execute Script to Cause History Creation

  1. Open Notepad. Copy and paste the following:
    Option Explicit 
    
    ' Global objects, variables
    Dim objShell, argObj, oExec
    Dim strDirectory, strFile, strCmd, strFullCmd, stdIn, i
    
    set objShell = CreateObject("Wscript.Shell")
    strDirectory = "%windir%\system32\inetsrv\" 
    strFile = "AppCmd.exe"
    
    set ArgObj = Wscript.Arguments
    
    ' No args (default case), hard-code StdIn
    If ArgObj.Count = 0 Then 
    stdIn = 17
    
    i = 0 'initilize i
    
    For i = 0 to stdIn 
    ' Call Select Case to change Statement 
    strCmd = getStrCmd(i)
    strFullCmd = strDirectory & strFile & " " & strCmd
    
    Set oExec = objShell.Exec(strFullCmd) 
    
    Do While oExec.Status = 0
    WScript.Sleep 100
    Loop 
    
    If oExec.ExitCode <> 0 Then 
    ' Something wrong with the IIS Installation
    
    ' Is AppCmd installed on the machine? \inetsrv directory?
    msgBox "Executing AppCmd Command Failed. Please Try Again!"
    
    wscript.Quit
    End if 
    
    WScript.Sleep(2 * 1000)
    
    Next 
    
    ' Handle the case where we passed arguments to
    ' the script
    
    Else 
    stdIn = ArgObj(0)
    
    ' Same code as above but handle arguments being passed.
    
    i = 0 ' initialize i
    
    For i = 0 to stdIn 
    ' Call Select Case to change Statement
    strCmd = getStrCmd(i)
    strFullCmd = strDirectory & strFile & " " & strCmd
    
    Set oExec = objShell.Exec(strFullCmd)
    
    Do While oExec.Status = 0
    WScript.Sleep 100
    Loop 
    
    ' Validate that AppCmd calls succeeded by checking Error code
    If oExec.ExitCode <> 0 Then 
    ' Something wrong with the IIS Installation
    ' Is AppCmd installed on the machine? \inetsrv directory?
    msgBox "Executing AppCmd Command Failed. Please Try Again!"
    wscript.Quit
    End if 
    
    ' Go to sleep for x period (default: 20)
    WScript.Sleep(20 * 1000)
    
    Next 
    
    ' End the StdIn Input Tree
    
    End if 
    
    ' AppCMD Command Function 
    Function getStrCmd(MyIndex)
    Select Case (MyIndex)
    Case 0 ' set Server Runtime
    getStrCmd = "set config /section:serverRuntime /enabled:false"
    Case 1 ' set Default Document
    getStrCmd = "set config /section:defaultDocument /enabled:true"
    Case 2 'set httpRedirect
    getStrCmd = "set config /section:httpRedirect /enabled:true"
    Case 3 ' set Client Certificate Mapping Auth
    getStrCmd = "set config /section:security/authentication/clientCertificateMappingAuthentication /enabled:true"
    Case 4 ' set Directory Browse
    getStrCmd = "set config /section:directoryBrowse /enabled:true"
    Case 5 ' set httpRedirect
    getStrCmd = "set config /section:httpRedirect /enabled:false" 
    Case 6 ' set anonymousAuth
    getStrCmd = "set config /section:security/authentication/anonymousAuthentication /enabled:false"
    Case 7 ' set basicAuth
    getStrCmd = "set config /section:security/authentication/basicAuthentication /enabled:true"
    Case 8 ' set digestAuth
    getStrCmd = "set config /section:security/authentication/digestAuthentication /enabled:true"
    Case 9 ' set client cert mapping auth
    getStrCmd = "set config /section:security/authentication/clientCertificateMappingAuthentication /enabled:false"
    Case 10 ' set windows auth
    getStrCmd = "set config /section:security/authentication/windowsAuthentication /enabled:true"
    Case 11 ' server runtime
    getStrCmd = "set config /section:serverRuntime /enabled:true"
    Case 12 ' set Server Runtime
    getStrCmd = "set config /section:serverRuntime /enabled:false"
    Case 13 ' set Server Runtime
    getStrCmd = "set config /section:serverRuntime /enabled:true"
    Case 14 ' set Server Runtime
    getStrCmd = "set config /section:serverRuntime /enabled:true"
    Case 15 ' set Server Runtime
    getStrCmd = "set config /section:serverRuntime /enabled:true"
    Case 16 ' set Server Runtime
    getStrCmd = "set config /section:serverRuntime /enabled:true"
    Case 17 ' set Server Runtime
    getStrCmd = "set config /section:serverRuntime /enabled:true"
    
    End select 
    End Function
  2. Save this as ConfigHst.vbs (ensure that you choose All Files to avoid saving as a text file).

    Figure 13: Saving VBS Script
  3. Run this VBS file by opening a command prompt, locating the file location where saved, and type the following:
    cscript //nologo configHst.vbs
    This script makes calls to modify the configuration of IIS every 15 seconds. This is enough time for the configuration history to check for changes and create a backup. After completing this, we see a multitude of configuration backups in our backup directory.
  4. Next, open the default path for the configHistory by clicking Start, then Run, and typing %systemdrive%\inetpub\history
  5. You see a backup folder such as CFGHISTORY_0000001, CFGHISTORY_0000002, and so on.
After running this script, notice how this feature pushes the oldest out when hitting the maximum (i.e. maxHistories.) In our case, after reaching CFGHISTORY_0000000015, the oldest item was deleted before creating the sixteenth directory.

Figure 14: History Directory with maxistories value of 15

Summary

In this task, we successfully modified the number of backups stored by IIS. The default setting of 10 is sufficient for many; yet, for dynamic environments such as shared hosting servers where customers are signing up for sites randomly and often, it is good practice to have a more thorough history.
In this task, we modified the maxHistories and period attributes for configHistory section and then produced multiple changes that would show that we stored more than 10 (the default) copies.

Task 4: Changing the Default Path for Saving configHistory Backups

The number of history directories and associated files stored by IIS is configurable to be flexible depending on the environment. For many cases, storing the history files on the system path (i.e. %systemdrive%inetpub\history) is not desirable. Unlike history in IIS 6.0, which had no configurable mechanism for configuration history, the IIS 7.0 and above configuration history now offers the ability to change where IIS stores the history directories and files.
We use in this task a method to modify the configuration--in this case, the IIS command-line interface. The goal of this task is not only to learn about changing the path for configuration history directories, but also to become familiar with AppCmd.exe, the IIS command-line interface to configuration and runtime data.

Step 1: Create Directory for History

  1. Click Start, select Run, and then type CMD and Click OK.
  2. At the command prompt, create your directory by typing the following: md MyWebHistory
This step is required because no directory is automatically created if it does not exist. If you fail to do this step, you see the following:

Figure 15: Event Message if Permissions Inadequate to History Path

Step 2: Locate AppCmd.exe

  1. Click Start, select Run, and then type CMD and Click OK.
  2. At the command prompt, change directories by typing the following:
    Cd %windir%\system32\inetsrv 
  3. To familiarize yourself with AppCmd's syntax, type the following:
    Appcmd /?  
At this point, change the value for the path attribute to a value that is more appropriate in your environment. In this case, change it to a custom directory on the system partition – the %systemdrive%\MyWebHistory directory.
Note: Often you must move this data to a separate partition, or better, to a drive on a different controller, such as D:\, etc. Change the path value using AppCmd: -

Step 3: Change Path Value for configHistory

  1. To familiarize yourself further with AppCmd.exe, open a command prompt and type the following:
    Appcmd set config section:? 
    This command helps you learn how to review the currently available sections allowed for editing.
    Appcmd list config section:configHistory config:* 
    This command help you understand what the currently set attributes and values are on our system.
  2. Now issue the following command to change the path attribute from the default of %systemdrive%inetpub\history to %systemdrive%MyWebHistory –
    Appcmd set config -section:configHistory path:"%systemdrive%MyWebHistory"
  3. To validate the change, type the following and verify that maxHistories and period are set appropriately.
 maxHistories="15" period="00:00:10" path="%systemdrive%\MyWebHistory" />

You see the following:

Figure 16: Using AppCmd to list Configuration
Last, we will produce changes to the configuration causing a backup to be triggered -- notice the new location for the directories and files.

Step 4: Re-run the Earlier Script

  • Execute ConfigHst.vbs by typing the following:
cscript //nologo configHst.vbs
If you check %systemdrive%\MyWebHistory, you see several directories with folder names similar to CFGHISTORY_0000001, 2, and so on.

Summary

It is standard practice to move important, volatile data off the server system partition (%systemdrive% by default) to other partitions or drives. In this task, you successfully changed the target location for the IIS configuration history directories.

Task 5: Restoring Configuration from a Backup File

It is not useful to have a history feature without offering a method for restoring a previously working configuration. The purpose of this task is to walk you through a manual process for restoring from a copy of your configuration created earlier.

Step 1: List the available backups

  1. Click Start, Run, and type CMD and Click OK.
  2. Change to the inetsrv directory using the following command: cd %windir%\system32\inetsrv.
  3. To get the currently configured path for the configHistory section, type the following:
appcmd list backups
This command will list the available backups, including manual backups made with the appcmd add backup command, as well as backups made by the configuration history service. You can use the appcmd restore backup command to restore any one of these, as shown in the next step

Step 2: Restore the backup

Having followed the instructions in the step above to list the backups, select the backup you'd like to restore and restore it by typing the following:

appcmd restore backup BACKUPNAME
Where BACKUPNAME is one of the backups listed in step 1, for example, CFGHISTORY_0000000016.
You can also manually search the configuration files in the backup folder to determine which backup you'd like to restore:
Click Start, Run, and type CMD and Click OK.
  1. Change to the history directory using information in Step 1, above.
  2. Use Windows findstr command to locate the change you are looking for. In this case, locate the configuration with directoryBrowse set to false.
Findstr /S /I /C:"directoryBrowse enabled=\"false\"" *.config
This searches the current directory and all sub-directories for the string directoryBrowse is equal to false. This returns only one item, for example CFGHISTORY_0000000016, that indicates what we will restore.

Summary

In this task, we located a history copy and restored it. This task is the most important illustration of the configuration history feature, as it offers the ability to roll-back to a previously working configuration with ease.



Tuesday, January 7, 2014

Fixing Issue Where Users Unable to Set Default Printer

A KB to fix the issue whereby end users are unable to set their default printer and furthermore there is currently no default printer set.
This occurs when the end user loses access to a particular key in the Windows Registry.

1.

Open Regedit as an admin user

a) Click the round Start buttuon
b) Type Regedit into the Search box and open it when it appears

2.

Connect to the remote computer

a) Click File > Connect Network Registry
b) Enter the computer name and click OK

3.

Navigate to the correct Registry key

Expand the remote computer's Registry at the following node:
HKU > {User's SID} > Software > Microsoft > Windows NT > Current Version > Windows
Note: You can determine the correct SID using PsGetSid from Sysinternals.

4.

Reset the permissions on the Windows key

a) Right-click on the Windows key
b) Click Permissions
c) Click Advanced
d) Tick Include inheritable permissions from this object's parent
e) Press OK

Thursday, January 2, 2014

Enable RDP through PSexec

Quick and simple way to enable Remote Desktop (RDP) via psexec

1.

Install PSEXEC

PSEXEC is a standalone executable file that allows you to run commands on remote machines.
You can download the tool from here:
http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
2.


Run psexec

You can add the location of psexec to your %PATH% variable or simple copy the "psexec" to "C:\WINDOWS\System32\" folder.
After that simply open a command line and type "psexec /?" to test its functioning accordingly

3.

Enable RDP

Open a command line and type the follwoing:
psexec \\machinename reg add "hklm\system\currentcontrolset\control\terminal server" /f /v fDenyTSConnections /t REG_DWORD /d 0
This adds a registry entry enabling RDP connections.

4.

Configure Machine Firewall to allow RDP

Open a command line and type the following
psexec \\remotecomputername netsh firewall set service remoteadmin enable
psexec \\remotecomputername netsh firewall set service remotedesktop enable

AD Unlock User Account

Listing 1: Unlock.vbs

Const EVENT_SUCCESS = 0

'This code checks to see whether a user is selected and prevents use of this script without the 
snap-in.
If WScript.Arguments.Count = 0 Then
     WScript.Echo "No User Selected"
     WScript.Quit
End If

'This code converts the username to an LDAP string and sets the LockoutTime to 0.
For Each User In WScript.Arguments
objFirstPart = "LDAP://cn="

'Edit the next line to match your OU and domain structure.
objLastPart = ",ou=Users,OU=Sales,dc=Domain,dc=Com"
objLDAPNAME = objFirstPart & User & ObjLastPart
set objUser = GetObject (ObjLDAPNAME)
objUser.LockoutTime = 0
objUser.SetInfo

'This code reports that the user account has been unlocked.
wscript.echo User & " has been unlocked"

next

'This code is optional and records who used this program and when.
Set objDomain = getObject("LDAP://rootDse")
objDC = objDomain.Get("dnsHostName")
Set objSysInfo = CreateObject("ADSystemInfo")
Set objShell = Wscript.CreateObject("Wscript.Shell")
objShell.LogEvent EVENT_SUCCESS, _
    objSysInfo.Username & " used Unlock.vbs to unlock " & objLDAPNAME , objDC