Thursday, July 12, 2007

Feedburner integrated with feeds

Feedburner now offers feeds integration for blogs. Gone are the days when one had to fiddle with the blogger template to replace blogger's default feed source with feedburner's feed link! Just go to the template page now and enter you feedburner feed source. Mind you, this configuration will not replace your default blooger feed source; it'll only redirect that link to feedburner's feed link. Also note that, apparently this configuration redirects only Atom feeds, and not RSS feeds.

This is just the begining of the services users will start to get with feedburner's acquisition by Google. Like, few days ago, feedburner announced two of its previously PRO (paid) services as freely available now - FeedBurner Stats PRO & MyBrand.

Active Directory Explorer v1.0 by Sysinternals

Sysinternals released a new tool for Active Diretory administrators called Active Directory Explorer v1.0

Active Directory Explorer (AD Explorer) is an advanced Active Directory (AD) viewer and editor. You can use AD Explorer to easily navigate an AD database, define favorite locations, view object properties and attributes without having to open dialog boxes, edit permissions, view an object's schema, and execute sophisticated searches that you can save and re-execute.

AD Explorer also includes the ability to save snapshots of an AD database for off-line viewing and comparisons. When you load a saved snapshot, you can navigate and explorer it as you would a live database. If you have two snapshots of an AD database you can use AD Explorer's comparison functionality to see what objects, attributes and security permissions changed between them.

Download page:

Wednesday, April 25, 2007

VBScript: Function Code to Convert Bytes to KB/MB/GB/TB

When querying for disk space sizes using WMI, it returns the numbers in bytes. These large numbers in bytes do not make much sense until they are converted into Kilobytes (KB), Megabyte (MB), Gigabyte (GB), or Terabyte (TB) and so on. Quite frequently I need to convert these sizes in bytes to KB/MB/GB/TB for better interpretation. I therefore created a quick VBScript function which I call inside VBScript code whenever I need to convert numbers in bytes to KB/MB/GB/TB.

Function ConvertSize(Size)
Do While InStr(Size,",") 'Remove commas from size
    CommaLocate = InStr(Size,",")
    Size = Mid(Size,1,CommaLocate - 1) & _
        Mid(Size,CommaLocate + 1,Len
(Size) - CommaLocate)

Suffix = " Bytes"
If Size >= 1024 Then suffix = " KB"
If Size >= 1048576 Then suffix = " MB"
If Size >= 1073741824 Then suffix = " GB"
If Size >= 1099511627776 Then suffix = " TB"

Select Case Suffix
    Case " KB" Size = Round(Size / 1024, 1)
    Case " MB" Size = Round(Size / 1048576, 1)
    Case " GB" Size = Round(Size / 1073741824, 1)
    Case " TB" Size = Round(Size / 1099511627776, 1)
End Select

ConvertSize = Size & Suffix
End Function

Saturday, April 14, 2007

How To Uninstall RDP 6.0

I have been seeing couple of queries in few tech forums for uninstalling Remote Desktop Connection (RDP) 6.0, or how to revert to original version of XP SP2 RDP client (mstsc.exe version 5.1.2600.2180).

RDP 6.0 was released as a patch (KB925876), therefore, by default it doesn't appears as a seperate entry in Add/Remove list. To uninstall it, you'll have to click on the check box of "Show updates" in Add/Remove window, select "Update for Windows XP (KB925876)", and remove it.

Alternatively, you can also browse to the folder C:\WINDOWS\$NtUninstallKB925876$\spuninst\ and run spuninst.exe from there, which will uninstall RDP 6.0 client and revert to the older version.

Friday, April 13, 2007

IE Search Shortcuts

TweakUI has a nice handy feature of creating Internet Explorer search shortcuts. So, instead of opening first and then typing the search string, TweakUI lets you assign a search prefix (e.g. “g”) to Google’s search URL. You can then type “g searchstring” directly in IE’s address bar to search for “searchstring” using Google search. For example, Google’s search URL for the search string “ipod” is To create a shortcut for this search URL, copy-paste it in TweakUI window and replace the search string “ipod” with “%s” (

You can create search shortcuts not only for Search engines, but for any site which offers search functionality by observing their search URLs in the address bar. Below are some of the search shortcuts that I use for some common sites.

Shortcut Search URL What for?
c Citrix Support Articles
d WHOIS lookup on
e Lookup info on Windows Event IDs
f Lookup details of any file extension
g Google search
kb;en-us;%s Microsoft KB support articles
p Lookup executable/DLLs details
r Word meaning references
w Wikipedia search

After you have created these shortcuts, you can export the relevant registry key as a backup or to import that to any other computer. These shortcuts are located at HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL. Export this key into a .REG file and import it on any other computer. These shortcuts work with IE7 as well.

Here is the .REG file with above shortcuts. If you are geeky enough, you can add/modify entries in your registry even without TweakUI!

Thursday, April 12, 2007

A Quick Workaround for error "Failed to Launch. The Server returned CharlotteAppHostUnreachable"

Sometimes Citrix application when launched via Program Neighborhood Agaent (PNAgent) shows the error message - Failed to Launch. The Server returned CharlotteAppHostUnreachable. The issue apparently is related to Zone Data Collector (ZDC), though I haven’t been able to find the reason accurately.

Usually server restart resolves the issue. If not, then to avoid downtime for the application, a quick workaround is to create an .ICA file for the application and provide that to users. Directly accessing the remote application via .ICA file would work even if the application shows that error message when launched via PNAgent. This way you can continue to troubleshoot the issue without impacting application users!


Monday, April 09, 2007

How To Disable Credentials Prompt of RDP 6.0

Remote Desktop Connection client 6.0 introduces new authentication features to improve security for Windows Vista and Windows Longhorn Server, which makes it mandatory for the user to enter logon credentials before RDP client can establish connection to the remote server (" Enter your credentials for <server>. These credentials will be used when you connect to the remote computer" ). But if the remote machine is configured to show logon warning message or if the remote system happens to be Windows 2000 or XP, you’ll need to enter the credentials again at remote machine’s logon screen.

There is however a workaround to skip the credentials screen that RDP 6.0 client shows by choosing “Do not attempt authentication” under Authentication options on the Advanced tab, but this option is not set permanently. To permanently skip the additional credential screen of RDP 6.0 client, edit the Default.RDP file in notepad to include enablecredsspsupport:i:0 . The Default.RDP is located in each user’s My Documents folder. Including enablecredsspsupport:i:0 disables the Credentials Security Service Provider for the connection. If you use separate .RDP files for different server, modify each of those .RDP files. Below is the content section of the default.rdp file with enablecredsspsupport:i:0 option included.

authentication level:i:0

prompt for credentials:i:0
negotiate security layer:i:1

Note that this workaround is suggested only if you connect Windows 2000/2003/XP systems because according to Terminal Services Team blog post“This option does disable the new credential prompting behavior, but it also disables support for Network Level Authentication for Vista (and Longhorn Server) RDP connections; Network Level Authentication requires credentials to be provided by the client before a session is created on the server side.” So if you do connect to Vista/Longhorn over RDP, you’ll not be able to use this option.


Friday, April 06, 2007

How To Disable Outlook Security Warning - "A program is trying to access e-mail addresses..."

When any software tries to access Outlook Address Book programmatically by using Outlook libraries, the system shows the security warning message –

A program is trying to access e-mail addresses you have stored in Outlook. Do you want to allow this?
If this is unexpected, it may be virus and you should choose “No”.

According to KB329765“This behavior occurs because there is no running session of Outlook to determine the correct security profile to load. Therefore, the default security profile is used, causing the security prompt. When you programmatically access an item in the Address Book, a session must be running to determine the correct security profile to load. When Microsoft Outlook is not running, the security dialog prompts the user because the default security profile is used.”

Although offered as a security feature, this prompt can be very annoying if the application frequently needs to access the address book or to send mails.

The workaround is to disable this security prompt by setting/creating a REG_DWORD registry entry CheckAdminSettings = 1 located at HKEY_CURRENT_USER\Software\Policies\Microsoft\Security

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Security] "CheckAdminSettings"=dword:00000001

The table below shows other applicable values for CheckAdminSettings.

Value What Oulook Does
Key not present Uses its default settings
0 Uses its default settings
1 Looks for settings in the Outlook Security Settings folder, applying them according to the defaults and specific users you've specified.
2 For Outlook 2002 and Outlook 2003 only: Looks for settings in the Oulook 10 Security Settings folder, ignoring any settings in the Outlook Security Settings folder. Use this value when you want Outlook 2002/2003 to use different settings
Anything else Uses its default settings

This setting applies in current user hive only. Therefore, to apply it by default to all users, make the same entry in Default User hive (HKEY_USERS\.DEFAULT). This NTUSER.DAT file can then be copied to other systems as well where the Outlook security warning needs to be disabled. Of course, it goes without saying that this setting can also be exploited by viruses. Also note that CheckAdminSettings registry change works only with Exchange Server.


Thanks to my manager for sharing this info!

Friday, March 30, 2007

VBScript: Execute process remotely with WMI

For our terminal/citrix servers we have to regularly run delprof command for deleting inactive user profiles to minimize disk space consumption. The annoying part is to login into each of the servers just to run this command. Even though delprof supports deleting profiles on remote servers with the switch /C:\\<computername>, but that runs terribly slow over WAN links.

A workaround is to remotely execute delprof (or for that matter any other command) on the remote server by using tools like PsExec which installs a temporary service on the remote machine to be able to execute process remotely, and unintalls the same service after the process finishes. Because of its dependency on installing a service, PsExec might not always be a viable option in production environment. So, what's an alternative now?

Enter WMI.

It offers the capability to execute process remotely with the limitation of not allowing any user interaction - the process will run in the background without showing any interface on user's session, which is a perfect feature for running silent installs or non-interactive processes, for example, delprof /q/i

Below is the code snippet which does the job.

Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2:Win32_Process")
intReturn = objWMIService.Create(
"delprof /q/i", Null, Null, intProcessID)

This script also uses Popup function of WScript.Shell instance to display message box which disappears after specified seconds - great for showing quick status messages without waiting for any user interaction.

Here is the complete script which executes delprof command on the target server and shows before and after free space information at the end, on the client side.


  • Delprof executable should already be installed on the target server.
  • Because the script also checks before and after free space on C: drive, it assumes that \Documents and Settings folder is located on server's C: drive.


NOTE: For some weird reason, delprof command is case sensitive. Therefore, DELPROF /q/i does not recognize the "quiet" and "ignore" switches and still prompts: Delete inactive profiles on \\SERVERNAME? (Yes/No)

Wednesday, March 21, 2007

VBScript: Unload Non-Active User Hives From Registry

In Windows 2000 Terminal Server/Citrix environments, it often happens that after users have logged off, their user registry hive doesn't unload automatically from HKEY_USERS\, which in turn keeps consuming registry space and causes it to go out of sufficient free space. The workaround is to launch REGEDT32.EXE (on W2K) or REGEDIT (on W2K3) and manually unload user hives from HKU, but again you'll need to manually figure out who all are active users and exclude those from unloading. This manual process requires converting each of the logged-in user IDs into their respective SIDs and searching them in HKU to exclude.

This script addresses these issues and automates the process of unloading only non-active user hives from HKEY_USERS. This script first converts each of the loaded user SIDs into user names, then attempts to unload all but the active ones by matching those user names with the output from 'query user' command. Below are more details:

Expected Input: Target computer name. By default it’ll show local computer name where it is executed from, which can be changed to any target system. This script can be run from the local desktop session, no need to login into remote system.

Definite Output: The output file will open automatically in notepad after script execution, and will be stored in C:\TEMP\UnloadHive-SERVERNAME.log on the system where it is run. The output file shows a quick summary of how many hives unloaded successfully and registry space gained. This script also keeps updating a single log file (CSV) with summary result of each execution - in case any data analysis or trend analysis is required to do in future.

Dependency: Requires psgetsid.exe to be present in the same directory where script is. It is recommended to copy psgetsid.exe in the executable path on the local machine (e.g., C:\Windows\).

Download the script here.