remove leading zero

Function RLZ(str)    Set re = CreateObject("VBScript.RegExp")    re.pattern = "^0+" RLZ = re.Replace(str, "")    Set re = Nothing End Function

Vbscript Read text file for different categories of text

Const ForReading = 1 Set objFSO = CreateObject("Scripting.FileSystemObject") Set objFile = objFSO.OpenTextFile("messages.csv", ForReading) Select Case Weekday(date,0) Case 1 dayofweek = "Sunday" Case 2 dayofweek = "Monday" Case 3 dayofweek = "Tuesday" Case 4 dayofweek = "Wednesday" Case 5 dayofweek = "Thursday" Case 6 dayofweek = "Friday" Case 7 dayofweek = "Saturday" End Select todaymessag="" weekdaymessge="" allothermessage="" Do Until objFile.AtEndOfStream

   strLine = objFile.ReadLine If NOT(left(strLine,1) = "#") then arrFields = Split(strLine, vbTab) If InStr(arrFields(0), date) then todaymessag=arrFields(1) ElseIf InStr(arrFields(0), dayofweek) then weekdaymessge=arrFields(1) ElseIf InStr(arrFields(0), "CTOD") then allothermessage = allothermessage & arrFields(1) & vbtab End If End If

Loop objFile.Close If Len(todaymessag) <> 0 then messages  = todaymessag ElseIF Len(weekdaymessge) <> 0 then messages = weekdaymessge Else messages = allothermessage End If WScript.Echo "Today's Message: " & messages

One Liner Get IP Address from Clipboard and Resolve to Host Name

For Window 10:

Get-Clipboard | ForEach-Object {[System.Net.DNS]::GetHostByAddress($_).HostName}

For Windows 7:

([System.Windows.Forms.Clipboard]::GetText()).split("`n`r")| Where-Object{$_} | ForEach-Object{[System.Net.DNS]::GetHostByAddress($_).HostName}

New changes to work with PowerShell lower version:

Function Get-LocalUsers {    $users=Invoke-Command  {net user} | select -skip 4      $users = ($users | select -First ($users.Count-2))-split '\s+' | Where-Object {$_}    $localUsers=@()    Foreach ($user in $users) {        $userdetails=  Invoke-Command  {net user $user} | select -SkipLast 2        $localuser =[ordered]@{"User name" = ($userdetails -cmatch "User name") -split "User name\s+"| Where-Object {$_};                "Full name" = ($userdetails -cmatch "Full name") -split "Full name\s+"| ? {$_} ;                "Comment" = ($userdetails -cmatch "Comment") -split "Comment\s+"| Where-Object {$_};                "User's comment" = ($userdetails -cmatch "User's comment") -split "User's comment\s+"| Where-Object {$_};                "Country code" = ($userdetails -cmatch "Country code") -split "Country code\s+"| Where-Object {$_};                "Account active" = ($userdetails -cmatch "Account active") -split "Account active\s+"| Where-Object {$_};                "Account expires" = ($userdetails -cmatch "Account expires") -split "Account expires\s+"| Where-Object {$_};                "Password last set" = ($userdetails -cmatch "Password last set") -split "Password last set\s+"| Where-Object {$_};                "Password expires" = ($userdetails -cmatch "Password expires") -split "Password expires\s+"| Where-Object {$_};                "Password changeable" = ($userdetails -cmatch "Password changeable") -split "Password changeable\s+"| Where-Object {$_};                "Password required" = ($userdetails -cmatch "Password required") -split "Password required\s+"| Where-Object {$_};                "User may change password" = ($userdetails -cmatch "User may change password") -split "User may change password\s+"| Where-Object {$_};                "Workstations allowed" = ($userdetails -cmatch "Workstations allowed") -split "Workstations allowed\s+"| Where-Object {$_};                "Logon script" = ($userdetails -cmatch "Logon script") -split "Logon script\s+"| Where-Object {$_};                "User profile" = ($userdetails -cmatch "User profile") -split "User profile\s+"| Where-Object {$_};                "Home directory" = ($userdetails -cmatch "Home directory") -split "Home directory\s+"| Where-Object {$_};                "Last logon" = ($userdetails -cmatch "Last logon") -split "Last logon\s+"| Where-Object {$_};                "Logon hours allowed" = ($userdetails -cmatch "Logon hours allowed") -split "Logon hours allowed\s+"| Where-Object {$_};                "Local Group Memberships" = ((($userdetails -cmatch "Local Group Memberships") -split "Local Group Memberships\s+") -replace "\*", "") -split "\s+"| Where-Object {$_} ;                "Global Group memberships" = ((($userdetails -cmatch "Global Group memberships") -split "Global Group memberships\s+")-replace "\*", "") -split "\s+"| Where-Object {$_} ;                }        $localUsers += New-Object -TypeName psobject -Property $localuser        }     $localusers }

Get-LocalUsers PowerShell cmdlet draft

Since PowerShell 5.1 already has Get-LocalUser cmdlet, so just name it Get-LocalUsers. It used net user command and parsed to powershell objects:

Function Get-LocalUsers {    $users=(Invoke-Command  {net user} | select -skip 4 |select -SkipLast 2) -split ’\s+’ | ? {$_}      $localUsers=@()    Foreach ($user in $users) {        $userdetails=  Invoke-Command  {net user $user} | select -SkipLast 2        $localuser =[ordered]@{“User name” = ($userdetails -cmatch “User name”) -split “User name\s+”| ? {$_};                "Full name" = ($userdetails -cmatch “Full name”) -split “Full name\s+”| ? {$_} ;                "Comment" = ($userdetails -cmatch “Comment”) -split “Comment\s+”| ? {$_};                "User’s comment" = ($userdetails -cmatch “User’s comment”) -split “User’s comment\s+”| ? {$_};                "Country code" = ($userdetails -cmatch “Country code”) -split “Country code\s+”| ? {$_};                "Account active" = ($userdetails -cmatch “Account active”) -split “Account active\s+”| ? {$_};                "Account expires" = ($userdetails -cmatch “Account expires”) -split “Account expires\s+”| ? {$_};                "Password last set" = ($userdetails -cmatch “Password last set”) -split “Password last set\s+”| ? {$_};                "Password expires" = ($userdetails -cmatch “Password expires”) -split “Password expires\s+”| ? {$_};                "Password changeable" = ($userdetails -cmatch “Password changeable”) -split “Password changeable\s+”| ? {$_};                "Password required" = ($userdetails -cmatch “Password required”) -split “Password required\s+”| ? {$_};                "User may change password" = ($userdetails -cmatch “User may change password”) -split “User may change password\s+”| ? {$_};                "Workstations allowed" = ($userdetails -cmatch “Workstations allowed”) -split “Workstations allowed\s+”| ? {$_};                "Logon script" = ($userdetails -cmatch “Logon script”) -split “Logon script\s+”| ? {$_};                "User profile" = ($userdetails -cmatch “User profile”) -split “User profile\s+”| ? {$_};                "Home directory" = ($userdetails -cmatch “Home directory”) -split “Home directory\s+”| ? {$_};                "Last logon" = ($userdetails -cmatch “Last logon”) -split “Last logon\s+”| ? {$_};                "Logon hours allowed" = ($userdetails -cmatch “Logon hours allowed”) -split “Logon hours allowed\s+”| ? {$_};                "Local Group Memberships" = ((($userdetails -cmatch “Local Group Memberships”) -split “Local Group Memberships\s+”) -replace “\*”, “”) -split “\s+”| ? {$_} ;                "Global Group memberships" = ((($userdetails -cmatch “Global Group memberships”) -split “Global Group memberships\s+”)-replace “\*”, “”) -split “\s+”| ? {$_} ;                }        $localUsers += New-Object -TypeName psobject -Property $localuser        }     $localusers }

Get-LocalUsers PowerShell cmdlet draft

Since PowerShell 5.1 already has Get-LocalUser cmdlet, so just name it Get-LocalUsers. It used net user command and parsed to powershell objects:

Function Get-LocalUsers {    $users=(Invoke-Command  {net user} | select -skip 4 |select -SkipLast 2) -split '\s+' | ? {$_}      $localUsers=@()    Foreach ($user in $users) {        $userdetails=  Invoke-Command  {net user $user} | select -SkipLast 2        $localuser =[ordered]@{"User name" = ($userdetails -cmatch "User name") -split "User name\s+"| ? {$_};                "Full name" = ($userdetails -cmatch "Full name") -split "Full name\s+"| ? {$_} ;                "Comment" = ($userdetails -cmatch "Comment") -split "Comment\s+"| ? {$_};                "User's comment" = ($userdetails -cmatch "User's comment") -split "User's comment\s+"| ? {$_};                "Country code" = ($userdetails -cmatch "Country code") -split "Country code\s+"| ? {$_};                "Account active" = ($userdetails -cmatch "Account active") -split "Account active\s+"| ? {$_};                "Account expires" = ($userdetails -cmatch "Account expires") -split "Account expires\s+"| ? {$_};                "Password last set" = ($userdetails -cmatch "Password last set") -split "Password last set\s+"| ? {$_};                "Password expires" = ($userdetails -cmatch "Password expires") -split "Password expires\s+"| ? {$_};                "Password changeable" = ($userdetails -cmatch "Password changeable") -split "Password changeable\s+"| ? {$_};                "Password required" = ($userdetails -cmatch "Password required") -split "Password required\s+"| ? {$_};                "User may change password" = ($userdetails -cmatch "User may change password") -split "User may change password\s+"| ? {$_};                "Workstations allowed" = ($userdetails -cmatch "Workstations allowed") -split "Workstations allowed\s+"| ? {$_};                "Logon script" = ($userdetails -cmatch "Logon script") -split "Logon script\s+"| ? {$_};                "User profile" = ($userdetails -cmatch "User profile") -split "User profile\s+"| ? {$_};                "Home directory" = ($userdetails -cmatch "Home directory") -split "Home directory\s+"| ? {$_};                "Last logon" = ($userdetails -cmatch "Last logon") -split "Last logon\s+"| ? {$_};                "Logon hours allowed" = ($userdetails -cmatch "Logon hours allowed") -split "Logon hours allowed\s+"| ? {$_};                "Local Group Memberships" = ((($userdetails -cmatch "Local Group Memberships") -split "Local Group Memberships\s+") -replace "\*", "") -split "\s+"| ? {$_} ;                "Global Group memberships" = ((($userdetails -cmatch "Global Group memberships") -split "Global Group memberships\s+")-replace "\*", "") -split "\s+"| ? {$_} ;                }        $localUsers += New-Object -TypeName psobject -Property $localuser        }     $localusers }

Domain Admin Account on Windows 2008 R2 member server Error: “You may not have the appropriate permissions to access the item”

So on my newly created domain with 2008 R2 domain level, I joined domain on an application server, try to lanuch anything admin related item(like computer management) got this error message:

 ”Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.”

I used domain admin, enterprise admin account, and made sure it is in the local admin group of the member server. UAC turned off, and all policies seemed in place, but still nothing runs under domain admin account.

So why, after a lot of test found the solution: looks like when create domain admin account it doesn’t inherit permissions from the root folders in AD Users and Computers, Solution is easy:

Enabled Advanced Features in Active Directory Users and Computers

On your domain admin account click on Security tab on Portieres

Then click on Advance button, check the box next to “Include Inheritable Permissions”. 

Apply changes, and reboot your member server.

Windows 7 Admin Share Issues

Ah, this is easy right? Admin share is there just use it!

Not really when you really involved a Windows 2003 server(are you kidding that you still use that! Ah I have to keep it for a while.:-)), When you try to access Windows 7 Admin share from Windows 2003 server you got  “not accessible” error, while you can ping it normal. This is caused by the new features since Windows Vista, called Remote UAC, UAC remote restrictions can be disabled by setting the registry value LocalAccountTokenFilterPolicy to 1:Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value: LocalAccountTokenFilterPolicy Data: 1 (to disable, 0 enables filtering) Type: REG_DWORD (32-bit)

You can restart server service or restart machine to make it works.

details for above issue there are two MS 

http://support.microsoft.com/kb/942817

http://support.microsoft.com/kb/951016

While when I try to put a lot of data there(500GB) I got I/O errors from client, and there are a lot of 2107 errors on the Windows 7 machine.

Event Id 2017 The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

Set the following registry key from '0' to ‘1′:HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\LargeSystemCache and set the following registry key form '1' to ‘3′: HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\Size

and restart Windows 7 machine should resolved this issue.

Permanent WMI Event Subscription Runs Powershell Script

This is a long over due project, basically I have a mail server which IMAP service will trigger Dr. Waston and stop working, I had a temporary WMI Event Subscription which works fine when you run it every time server reboots. So here is the whole script part which used CommandLineEventConsumer to lauch a powershell script, for some reason ActiveScriptEventConsumer will only works with vbscript, and surely you can create multiple consumer bind with one filter, like you can use NTEventLogEventConsumer to write to Windows event log or SMTPEventConsumer to send you an email.

#Creating a new event filter $instanceFilter = ([wmiclass]"\\.\root\subscription:__EventFilter").CreateInstance() $instanceFilter.QueryLanguage = "WQL" $instanceFilter.Query = "select * from __InstanceCreationEvent within 5 where targetInstance isa 'win32_Process' AND targetInstance.Name = 'drwtsn32.exe'" $instanceFilter.Name = "DrwtsFilter" $instanceFilter.EventNamespace = 'root\cimv2' $result = $instanceFilter.Put() $DrwtsFilter = $result.Path

#Creating a new event consumer $instanceConsumer = ([wmiclass]"\\.\root\subscription:CommandLineEventConsumer").CreateInstance() $instanceConsumer.Name = 'DrwtsConsumer' $instanceConsumer.CommandLineTemplate="powershell -noexit -file d:\tech\scripts\drwtsnevent.ps1" $result = $instanceConsumer.Put() $DrwtsConsumer = $result.Path

#Bind filter and consumer $instanceBinding = ([wmiclass]"\\.\root\subscription:__FilterToConsumerBinding").CreateInstance() $instanceBinding.Filter = $DrwtsFilter $instanceBinding.Consumer = $DrwtsConsumer $result = $instanceBinding.Put() $DrwtsBinding = $result.Path

#Removing WMI Subscriptions using [wmi] and Delete() Method ([wmi]$DrwtsFilter).Delete() ([wmi]$DrwtsConsumer).Delete() ([wmi]$DrwtsBinding).Delete()

Here is the script:

Stop-Process -Processname drwtsn32 -Force write-eventlog -logname Application -source DrWaston -eventID 3001 -entrytype Error -message "Stop Dr Watson" -category 1 -rawdata 10,20 Stop-Service -displayname "IMail IMAP4 Server" write-eventlog -logname Application -source DrWaston -eventID 3002 -entrytype Error -message "Stop IMAP4" -category 1 -rawdata 10,20 Start-Service -displayname "IMail IMAP4 Server" write-eventlog -logname Application -source DrWaston -eventID 3003 -entrytype Information -message "Start IMAP4" -category 1 -rawdata 10,20 Restart-Service -displayname "IMail IMAP4 Server" write-eventlog -logname Application -source DrWaston -eventID 3004 -entrytype Warning -message "Restart IMAP4" -category 1 -rawdata 10,20

Don't forgot to register Event Source

New-EventLog -Source DrWaston -LogName Application

Short cut for corecct side way display

Chrome PDF Viewer PDF Form Error

Got user call for a web page with PDF forms, when user access the page there is a error displayed that instruct user to update Acrobat Reader, but Acrobat Reader is up to date and the same page works fine for Internet Explorer, it calls Acrobat Reader and displays PDF form correctly, It turns out that built in PDF Viewer within Chrome can not display complex forms, you need to disable it: type about:plugins disable Chrome PDF Viewer. After that the same PDF form displays well in Acrobat

Chrome Install/Update failes unless uninstall it first

I have around 100 machines needs to update Chrome and most machinese are made form one image which build a couple of years ago. Recently we are decided to using Patch Manager to update it. But install MSI/EXE file download from Google and it failed all the time from Windows Event log it has this:

Windows Update Agent Event Error 20 Installation Failure: Windows failed to install the following update with error 0x80070643: Google Chrome 31.0.1650.57 Business Enterprise MSI.

MsiInstaller event Error 11722

Product: Google Chrome -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action DoInstall, location: C:\Windows\Installer\MSI8D5E.tmp, command: /silent /install "appguid={8A69D345-D564-463c-AFF1-A69D9E530F96}&appname=Google Chrome&needsAdmin=True&brand=GGRV" /installsource enterprisemsi /appargs "appguid={8A69D345-D564-463c-AFF1-A69D9E530F96}&installerdata=B%22distribution%22%3A%7B%22msi%22%3Atrue%2C%22system_level%22%3Atrue%2C%22verbose_logging%22%3Atrue%7D%7D"

From Registry there is another Hint This is registry Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}] "InstallerResultUIString"="Google Chrome or Google Chrome Frame cannot be updated due to inconsistent Google Update Group Policy settings. Use the Group Policy Editor to set the update policy override for the Google Chrome Binaries application and try again; see http://goo.gl/uJ9gV for details."

further reseaching found the followng post

https://support.google.com/chrome/a/answer/1385049

and did exported the worng key and made the following key file

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Update] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Update] "Update{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}"=dword:00000002

Pushed to a couple of test machines, works, And finally pushed to all machines and update works fine.

Vcenter Converter v4 failed Windows 2000 server convert at 97% with $Reconfig$ error

Tried a couple of times to convert a Windows 2000 server to vmware ESX4i, and it failed at 97% with the following error:

pplication popup: Windows - Delayed Write Failed : Windows was unable to save all the data for the file \Device\vstor2-mntapi10-32FC66BA006415000500000006000000\$Mft. The data has been lost. This error may be caused by a failure of your computer hardware or network connection. Please try to save this file elsewhere.  

When you try to start the virtual machine it will BSD, looks around found this similar solution: http://virtualcitizen.org/2011/01/07/vcenter-converter-task-failed-reconfig/ but the problem is when use the same vcenter converter v4 installed on the Windows 2000 server it hung the server.

So I used another vcenter converter v5 on a more powerful machine did the "Configure Machine" task, it took a long time than the estimated time. Finally the converted virtual machine boot.

Windows 2003 iSCSI Initiator

1. It is not support Dynamic disk although you can make iSCSI target as dynamic disk but upon reboot you got Event ID 2 from LDM(Logical Disk Manager), you can certainly use a script to re-active the volume and put it into startup to make it work, but the problem is when you have shares on those drives and backups for those shares you got yourslef into more troubles.

Microsoft document has idicate the same thing: http://support.microsoft.com/kb/870964

2. Shares on iSCSI:

You need to put lanwansever depands on MSiSCSI and also bind all iSCSI drives, please pay attension to bind because it is bind to disk volume not mappped dirve! You will get Event ID 103 soure MSiSCSI if you changed volume, you need to clear bind and rebind it again.

Install SEP 11.05 on Vista Failed with "SetInstallStateFailed.1CBEC0D3_E547_4E51_828B_44B9C47C0EA5"

Try to install SEP11(Symantec Endpoint Protection Version 11.05) on a Windows Vista Ultimate Machine, it failed, check on the %Temp%\SEP_INST.log search "fail" found the following line:

MSI (s) (B4:18) [12:21:27:958]: Doing action: SetInstallStateFailed.1CBEC0D3_E547_4E51_828B_44B9C47C0EA5

Action ended 12:21:27: LocateSourceDir.1CBEC0D3_E547_4E51_828B_44B9C47C0EA5. Return value 1.

Googled "SetInstallStateFailed.1CBEC0D3_E547_4E51_828B_44B9C47C0EA5" found the following URL:

http://www.symantec.com/connect/forums/error-when-installing-symantec-endpoint-protection

it is a long post and the working part is this:

Find

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData value=%APPDATA%

and change it to

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData value=%USERPROFILE%\AppData\Roaming

Reboot

Install SEP client again

Uninstall Java via command line

It is well documented as following example:

Example for version 1.5.1_02

msiexec.exe /qn /x {3248F0A8-6813-11D6-A77B-00B0D0151020}

But the details is missing: the last set of number contains the version of uninstallation so if you want to uninstall version 6 update 31 the last set of number should be 

00B0D0163100

Looks like Java SE 1.6 changed method above one only works version before 1.6

Windows Vista domain user log on and being log off immediately

The user has a profile redirection from domain to a local profile by hacking registry entry like Windows XP, it works without UAC enabled, but when UAC enabled user who has profile redirect to the other one is being log off immediately without any trace in event log. The correct way to do that is to use MoveUser script.

PowerShell Script Keeps the Newest SEP 11 Virus Definition Folder

SEP 11(Symantec Endpoint Protection) not allow you define how many virus definitions folder you want to keep and by default it keeps most recent 3 and it may cause disk issues for some old set up machines which low on C driver, here is the script to keep what ever you want: 

# Keeps latest virus definition folder for Symantec Endpoint Protection # Declaration of variables # Path of the virus definitions  # Windows 2003 and lowers C:\Program Files\Common Files\Symantec Shared\VirusDefs # Windows 2008 and likes C:\ProgramData\Symantec\Definitions\VirusDefs $path = "C:\ProgramData\Symantec\Definitions\VirusDefs"    $numbertokeep = 1 # Numbers of virus definition folders to keep # Here counts total numbers of virus definition folders minus the numbers you want to keep # Symantec virus defination folder named after date and number of sub versions like 20111207.036 # You need use array to count it right $numbertodelete = @(Get-ChildItem $path -Recurse| Where-Object { $_.PSIsContainer}|Where-Object{ $_.Name -match "^([0-9]*|\d*\.\d{1}?\d*)$"}).count-$numbertokeep # Let's do it Get-ChildItem $path -Recurse| Where-Object { $_.PSIsContainer} | Where-Object{ $_.Name -match "^([0-9]*|\d*\.\d{1}?\d*)$"} | Sort-Object {$_.CreationTime} | Select-Object -first $numbertodelete | Remove-Item -recurse -force