BiggAndyy

C:\IPCONFIG

WHOA!!!!!!!

That’s a LOT of devices… not just the 5 or 6 usually listed… I had HUNDREDS.  What’s going on?  I don’t want them there, even if they are important!

Turns out they aren’t really that important, especially if you are one of the millions of users still using IPv4 (xxx.xxx.xxx.xxx) IP address configuration.  Windows 7 ships with both IPv4 and IPv6 already enabled.  All those tunneling adapters are translators from IPv6 to IPv4.  But since we aren’t using IPv6, let’s get rid of them.  They slow down the machine when there are hundreds, and if you want any USEFUL information from IPCONFIG the getting rid of is easy.

First, uncheck the IPv6 option in your Adapter Settings dialog box and click OK.

If it were THAT easy this post would not be necessary.  It isn’t that easy.  When you retype IPCONFIG at a CMD window the tunnel adapters are still listed.  Don’t bother disabling and re-enabling the network cards or starting and stopping the wireless service or even rebooting.  They won’t work.

Second, you probably (99% sure) will need a program from MS called DEVCON.EXE.  This is the key to the rest of the process.  If you are running Windows 7 64 bit (and many of us are) you can get it at this >>link<<.

Put the program somewhere you can access it easily from a CMD window (such as %HOMEPATH%).
Open a CMD window to that directory and type this:

DEVCON REMOVE *6TO4MP

After you hit ENTER, depending on how many of those things have built up over the months, it can take a minute or two.  Eventually the program will give you the all clear and when you type IPCONFIG again, *POOF* they are all gone.

So, no more swirling down the digital doo-doo drain!  You’ve just fixed it on your own.  Good luck.

Move over VNC.  RDP?  Thing of the past.  Go to my PC?  Not anymore.  Join Me is a great web application for sharing or controlling a user computer, displaying a powerpoint presentation, even from Android or iPhone!

No subscriptions unless you want all the bells and whistles, but the free version is enough for most small to mid-range tech shops to support users across the hall or across the ocean.

Don’t take my word for it, visit http://join.me and have a friend or customer go there as well.  No logins, no passwords, no foolin’!  The customer only needs to click on the “share” button and the website will ask permission to run a small program, tell your user it’s ok and have them read you the number that appears.

You type in that number and click join and you are connected to their desktop.  You can see it, watch it, even take control of it (with the user’s permission).  The EASIEST way to remote to a customer’s machine, period.

My Windows file server doesn’t act up that much so it is easy to put checking the event logs on the back burner.  So far back that when something does go wrong it takes a catastrophic failure and a few calls from the Dean’s Office to get it taken care of.

Nuts to that!  Windows 2008 server comes with elaborate web based monitoring configurations that allow the savvy admin to check all sorts of bells and whistles.   Dell also has OpenManage software that works (with varying degrees of success) and adds some more glitz and glamor.

But this server is a plain old workhorse that doesn’t need glamor and bells.  I just want to have the server give me a notice when an error pops up in the event log for either System, Application, or Security.  Why not use EVENTTRIGGERS?

That’s what I said!  So I started using them.  They are quite simple and combined with bmail the server can email me my alerts with a minimum of overhead and space taken up.

An EVENTTRIGGERS is invoked in a DOS shell and monitors the log you want to monitor for the conditions you want to keep track of, and executes a command when that condition is met.

@eventtriggers /create /tr SYSTEMERROR /l System /t Error
/tk c:\windows\system\events\systemerrors.bat

The above command tells EVENTTRIGGERS to create a new trigger called SYSTEMERROR, to monitor the system log for the type ERROR and to execute the command when an ERROR is found.

SYSTEMERRORS.BAT

@ECHO OFF
@echo Here are the last 4 error entries from SYSTEM log >systemerrors.msg
@eventquery /l system /r 4 /fi "Type eq Error" /v >>systemerrors.msg
@BMAIL.exe -s {smtpserver} -t {destination email address} -f [who it's from] -h
-a "System Event Log Error Detected" -m systemerrors.msg -c >NUL

Uses the EVENTQUERY.VBS file to get the last 4 errors from the event log and adds them to a .MSG file and emails that file using the BMAIL.EXE program (available on the web).

A trigger for each event log is made and a separate batch file as well.

Now, when something goes BUMP in the night on the server it can drop me a note to alert me.

Sounds easy, find a file on your hard drive to be used in your BATCH script.  Usually you don’t need to.  Microsoft keeps fairly well the directory structure from one version to the next.  Usually.  What about files like PRNPORT.VBS and all those files in printer administration?

In Windows XP they can be buried down 4 levels, but maybe only two.  In VIST/7 maybe just 2, and in other versions if you have to deal with them, who knows if they are even there.  Let’s face it, not every IT enabled business has up to date standards, machines, and uniform OS’s throughout.

Sometimes you have to write an awful lot of code to do a simple thing, like when a network printer changes it’s IP address, the printers are not on a print server, and all the mappings on the local machines are pointing to the IP address.  Simple thing to write a script to change the IP address.

Not so much.  Remember, I don’t have access to the AD tree, even though I am an administrator.  Since I am considered an outside “contractor” by the powers that be (even though I am paid from the same pool as the general IT staff), I have much less access.  So let’s try some guerrilla administration and solve this problem, writing a script that doesn’t care where PRNPORT.VBS lives, it will find it and use it.

Here is the code I cobbled together and I think it warrants passing along:

@echo off
@CLS
::
:: Initializing variables used
::
SETLOCAL ENABLEDELAYEDEXPANSION
SETLOCAL ENABLEEXTENSIONS
SET curdr=
SET myvar=
SET targetfile=
SET diritup=
::
:: Ask for file to find.
::
SET /P targetfile=”File to look for: ”
::
:: Initialize the target file,
:: the @ is important to keep the display uncluttered
::
@SET diritup=”dir /s /B %targetfile% 2>NUL”
::
:: Find the target file
:: It can take a while on a hard drive with a lot
:: of data.  If you have a way to search faster
:: let me know.
ECHO Finding %targetfile% (This may take a few moments)…
ECHO Note this will return only the LAST file found if there
ECHO are multiple copies of the file.
set curdr=%cd%
cd\
for /f “tokens=*” %%a in (
‘%diritup%’
) do (
set myvar=%%a
)
cd\
cd %curdr%
IF “%MyVar%”==”" GOTO :FILENOTFOUND
ECHO.
ECHO Found the file found at
ECHO %myvar%
ECHO.
ENDLOCAL
Exit /b 0
:FILENOTFOUND
ECHO File Not Here.
ENDLOCAL
Exit /b 0

Wow.  That’s a lot of typing to just do this: CSCRIPT PRNPORT.VBS -T -R %OLDPORT% -H %NEWIP%

Yeah, that’s what happens when you can’t depend on where PRNPORT.VBS lives.  The script does a couple of things, first it remembers where you started the script, goes to the root of the drive, executes a DIR /B to return the file with it’s path (IMPORTANT) and finally switches back to the original directory to do whatever you want the rest of the code to do.

One trick built in, if there are multiple copies (say you type *.JPG) for the search term (this is a generic portion of the script I wrote), the only file displayed will be the last one found.  To see all of the files insert ECHO %%a in the FOR loop just after SET MYVAR=%%a

You are asking, is this really necessary?  Yeah, in order to pass a directory result to a variable WITHOUT using a temporary file, this is one way.  You could also pipe a FINDSTR on the DIR command but I have found a FOR loop to be a bit faster and a smaller hit on the performance of the machine.

Copy it and give it a try.

Are you administrator for a few OUs in an organization but don’t have AD Forest or Tree privileges?

Maybe you have AD privileges but only need to lock down one or two trouble machines in high traffic areas during the weekends.

My problem was this; there is a Windows box that is being accessed on the weekends and the department chairman wants to have locked down.  Ok, easy.  In Windows 98 I remember there being nice grids available to select when a machine can be accessed and when it is unavailable.

Oops, wait, too bad, 2XV7 (2000-XP-Vista-7) doesn’t do that.  But rather than go through all the profiles and Event Viewer Security logs of a high traffic public box I decided it was easier to go the route of “Voo Doo” System Administration  and just make it work (or in this case, NOT work).’

So, how do you restrict users from logging in on weekends without setting up BIOS passwords that EVERYONE needs to memorize or petitioning the bureaucracy to get an AD change made for one or two machines?

Answer: Google didn’t have it, at least not easily.  And forget asking the propeller-head tech forums!  I spent two days justifying my request by answering all manner of needless questions like “isn’t that the job of the sysadmin?”  And after navigating their gauntlet of the absurd the self dubbed “guardians of the guts” proclaimed my request beneath their lofty intellect to even address.

The desired result: No Weekend Access.

The solution: have Windows check the day and if it is a Saturday or Sunday, disallow user logins.

The how to do it: Time to break out the BATCH!  It is actually quite a simple implementation.  A small BATCH script is run at the USER login.  If the login is on a weekend day logout the user immediately.

The code to do it:

@ECHO OFF
CLS
IF “%username%”==”<username>” GOTO :BYPASS
SET DAY=%date:~0,3%
IF /I [%DAY%] == [Sat] GOTO :LOGOFF
IF /I [%DAY%] == [Sun] GOTO :LOGOFF
:END
ECHO NOT Logging off.
EXIT /b
:LOGOFF
ECHO Logons are not permitted on the weekends for this terminal.  Shutting down the system.
SHUTDOWN -s -f -t 00 -c “Weekend access attempted”
EXIT /b
:BYPASS
ECHO Resuming Logon
EXIT /b

The script is very straightforward.  The day is extracted from the DATE command and if Saturday or Sunday a shutdown command is executed and a comment made in the Security Log.  One important addition, the BYPASS.  Make sure there is a user granted an exception to this rule, otherwise if the box needs to be accessed it is easier to be able to login with your account than go through the backdoor with a SAFE MODE login to disable the script.

After you make the script (I called it WEEKEND.BAT and saved it here: C:\WINDOWS\System32\GroupPolicy\User\Scripts\Logon\weekend.bat)) then use GPEDIT.MSC and add it to the USER LOGON script.

There you have it, some Guerrilla AND Voo Doo administration all in one!  Good luck.