Tuesday, December 21, 2010

TOOLS: Use PowerShell NetPoint cmdlets to Ease Network Management

Q: Hey, Scripting Guy! What can you tell me about how to automate network management while using Windows PowerShell?

A: Link

Thursday, December 16, 2010

FIX: Altiris Deployment Solution 6.9 SP3 is unable to import jobs that were exported from versions prior to 6.9


When attempting to import a job that was exported from a version of Deployment Server prior to 6.9, the import will appear to complete successfully, but nothing will be imported.


Deployment Server 6.9 SP3


The compression mechanism used for job bin files changed between version 6.8 and 6.9. Deployment Server 6.9, 6.9 SP1, and 6.9 SP2 support both the new and legacy compression mechanisms. Starting in 6.9 SP3, support of the legacy compression mechanism is removed.


Attached to this article is a utility named axBinFix.exe. This utility can be used to update an exported Deployment Server Job .bin file to 6.9 SP3 compatibility.

The syntax to use the utility is: axBinFix.exe source destination.

If the destination file already exists, it will be overwritten. The destination file name may be the same as the source, in this case an in-place conversion will be performed.

For example, "axBinFix.exe samples.bin samples.bin" will update the samples.bin file, replacing the old one. "axBinFix.exe samples.bin samples2.bin" will leave the old file and create a new one named samples2.bin that is 6.9 SP3 compatible.
/apps/media/inquira/resources /resources


axBinFix.exe (256 kBytes)

Article URL http://www.symantec.com/docs/TECH43843

Thursday, December 9, 2010

FIX: PPTP VPN access via Telstra NextG

Source: http://automatica.com.au/blog/2010/05/fix-for-pptp-vpn-access-via-telstra-next-g3g-wireless-internet/

Overview: Corporate IP address range (eg. 10.x.x.x/24) and NextG (eg. 10.x.x.x/8) are the same. The issue arises when the PPP connection adds a default route of to PC forcing all traffic including corporate-network intended traffic through NextG route.

Resolution: Use split tunneling and have specific routes configured on VPN concentrator for all corporate subnets.


Remove the route from the routing table and reinstate after connection is dropped using scripts.

Wednesday, October 13, 2010

VBScript to remotely report on a current user's IE Security settings

I had a request come up today to report back on whether or not a trusted site had been successfully added to user's IE security settings.

The trusted site was applied using Group Policy (under user configuration, windows settings). The following Microsoft article describes how these settings are stored in the windows registry: http://support.microsoft.com/kb/182569

Below is the script used to look for a trusted site and report back to a text file. You will need to provide a list of computers that the script will read from:

On Error Resume Next

Const ForReading = 1
Const ForWriting = 2
Const HKEY_CURRENT_USER = &H80000001
Const HKEY_USERS = &H80000003

Dim objFSO, sZoneMap, strComputerName, objStatus, objPing, MyArray
Dim logonname, User, Users, strUsr, strDomain, objWMIService

Dim colAccounts, objAccount, strSID, objPCList, objZoneMap, objPingFailList, oReg
Dim strKeyPath, strValueName

If LCase(Right(wscript.FullName,11)) = "wscript.exe" Then
Set oShell=CreateObject("WScript.Shell")
oShell.Run "cscript.exe /nologo """ & wscript.ScriptFullName & """", 1, False
End If

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objPCList = objFSO.OpenTextFile(objFSO.GetParentFolderName(WScript.ScriptFullName) & "\Computers.txt", ForReading)
Set objZoneMap = objFSO.CreateTextFile(objFSO.GetParentFolderName(WScript.ScriptFullName) & "\ZoneMap.txt", ForWriting)
Set objPingFailList = objFSO.CreateTextFile(objFSO.GetParentFolderName(WScript.ScriptFullName) & "\Ping_Failed.txt", ForWriting)

Do Until objPCList.AtEndOfStream
strComputerName = Trim(objPCList.Readline)
On Error Resume Next
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputerName & "\root\cimv2")
Set Users = objWMIService.InstancesOf ("Win32_ComputerSystem")

For Each User in Users
logonname = User.UserName
'WScript.Echo logonname
MyArray = Split(logonname,"\",-1,1)
strDomain = MyArray(0)
strUsr = MyArray(1)
Exit For

Set colAccounts = objWMIService.ExecQuery ("select * From Win32_UserAccount where " & "name = '" & strUsr & "' AND domain = '" & strDomain & "'")
For Each objAccount In colAccounts
strSID = objAccount.SID
Exit For

Set objPing = objWMIService.ExecQuery("select * from Win32_PingStatus where address = '" & strComputerName & "'")
For Each objStatus in objPing
If IsNull(objStatus.StatusCode) or objStatus.StatusCode<>0 Then
WScript.Echo strComputerName & " is not reachable"
objPingFailList.WriteLine strComputerName
Set sZoneMap = Nothing
On Error Resume Next
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!//" & strComputerName & "/root/default:StdRegProv")
strKeyPath = strSID & "\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\yourdomain\subdomain"
strValueName = "http"
oReg.GetDWORDValue HKEY_USERS,strKeyPath,strValueName,sZoneMap
Wscript.Echo strSID & vbTab & strComputerName & vbTab & sZoneMap
objZoneMap.WriteLine strComputerName & vbTab & "has version " & sZoneMap
End If


Thanks to JJ for large portions of this code!


Thursday, September 23, 2010

ERROR: Continuous authentication prompt when accessing intranet site from Windows 7

When accessing a Tomcat website configured to use NTLM authentication from Windows Vista / 7, a user is prompted continually for authentication. Accessing this site would previously work seamlessly under Windows XP.


Page not displayed after entering correct network credentials.


Tomcat doesn't support (and won't support) NTLM 2.0 used in Windows Vista / 7. By default, Windows Vista and 7 use NTLM 2.0.

Set a lower NTLM Compatibilty level

Under HKLM\SYSTEM\CurrentControlSet\Control\Lsa

Create DWORD entry
LmCompatibilityLevel and set to 2

This alters the security level of the computer. Make sure you are aware of the impact of this change before making it.

Further Reference:

Monday, August 9, 2010

Lock screen using Group Policy without setting a screen saver

Recently I needed to configure Group Policy to lock user's screens after 30 minutes of inactivity, however it had to be done without invoking the screen saver. The article below provides instructions on how to do so by setting the screen saver executable name to:

rundll32 user32.dll,LockWorkStation

How to lock computers when idle by using GPO


Tuesday, August 3, 2010

Wednesday, July 21, 2010

Windows 7: Offer Remote Assistance

In Windows 7 create a shortcut to:

%windir%\system32\msra.exe /offerra


Thanks KZ for finding this

ManageSoft Distribution Error "Unavailable"

After distributing a new package to a distribution server and you check to confirm it was successfully, you find the package sitting in the "Unavailable" column with the message "Access Denied".
To resolve, this RDP to the distribution server, Logon, and open "Services" applet, now Stop & Start the "ManageSoft Connection Agent".

Tuesday, July 6, 2010

How to deploy Windows 7 Taskbar Pinned Icons by Group Policy

Windows 7 Taskbar pinned icons are stored in the following locations:

File System:
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\User Pinned\Taskband


To deploy it, you can perform the following steps:

1. Configure Pinned items on a Windows 7 system as a reference computer.

2. Export Registry Key to pinned.reg file:


And copy items in the "%APPDATA%\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" to a shared folder.

3. Create a logon script to deploy the registry keys and copy the corresponding files.

Please note that the “%APPDATA%\Microsoft\Internet Explorer\Quick Launch\User Pinned” folder is only created after a user has pinned an icon to the taskbar. In the logon script, you will need to create the “%APPDATA%\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar” folder if it does not exist.

More Information:

If you want to pin items to the Start Menu, you may refer to the following script:

Pin Items to the Start Menu or Windows 7 Taskbar via Script




Tuesday, June 29, 2010

Hummingbird DM Extensions 5.1.x client deployment

Head over to http://www.AppDeploy.com for my recent post on automating the install/uninstall for Hummingbird DM Extentions 5.1.x and 5.2.x

Package KB: Hummingbird DM Extensions

The cleanest method to both install and uninstall DM Extensions 5.1.x is to use the Deployment Package Wizard. With this tool you can create a silent unattended install which can be run from a network share.

The format of the install string is \\servername\sharename\setup.exe dp="\\servername\sharename\deployment\packagename\packagename.ini"

One thing to add to the packagename.ini is SkipFinishDlg=Y under the [Hummingbird] section. This will suppress the Finished dialog from appearing.

To uninstall DM Extensions 5.1.x use the same Deployment Package Wizard, however click the 'Clear All' button in the wizard to deselect all components. The resulting ini file will then remove all DM Extensions features from the client pc. The same SkipFinishDlg=Y ini option should be added to this packagename.ini file too.

The Deployment Package Wizard should be run from your DM server: Start > Programs > Hummingbird > DM Extensions Server Setup.


Sunday, May 16, 2010


Below error is received in BlackBerry Manager console when trying to deploy applications to handheld device.

GetHHCodePackages reported: HHCM_DEVICE_NOT_SUPPORTED Upgrade your copy of device.xml

BlackBerry Enterprise Server does not recognise the handset version.

Update Device.xml and Vendor.xml on all BES instances.

Complete the following steps:
  1. Download the updated device.xml and vendor.xml files from the following web sites:

  2. Copy these files to the following folder: C:\Program Files\Common Files\Research In Motion\AppLoader.
Note: There is no need to restart any services.


Friday, May 14, 2010

Enumerate the Windows Uninstall key

Recently I created an application install script where I needed to scan for the existence of another MSI based install and remove it (if found) before installing a newer version. This script uses the StdRegProv object to create an array of subkeys in SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall.

Option Explicit

Const blnDebug = False
Const HKEY_LOCAL_MACHINE = &H80000002

Dim sSystemFolder, sUserProfile, sQuickLaunch, sComputer, oReg
Dim strKeyPath, subkey, arrSubKeys
Dim oWSH : Set oWSH = CreateObject("WScript.Shell")
Dim oFSO : Set oFSO = CreateObject("Scripting.FileSystemObject")
Dim oNET : Set oNET = CreateObject("WScript.Network")
sUserProfile = oWSH.ExpandEnvironmentStrings("%USERPROFILE%")
sQuickLaunch = sUserProfile & "\Application Data\Microsoft\Internet Explorer\Quick Launch"
sSystemFolder = oFSO.GetSpecialFolder(1)
sComputer = oNET.ComputerName

Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & sComputer & "\root\default:StdRegProv")

strKeyPath = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall"
oReg.EnumKey HKEY_LOCAL_MACHINE, strKeyPath, arrSubKeys

For Each subkey In arrSubKeys
If subkey = "{ProductGUID#1}" Or subkey = "{ProductGUID#2}" Then
'WScript.Echo subkey & " Application found, removing it now..."
oWSH.Run "MSIEXEC.EXE /X" & subkey & " /qn", 1, False
End If

InstallMSIMST "\\servername\Packages\appname\appversion", "Setup.msi", "\\servername\Packages\appname\appversion", "Setup.mst", " /qn /norestart"

Function InstallMSIMST(szMSIPath, szMSIFile, szMSTPath, szMSTFile, szParams)
oWSH.Run (sSystemFolder & "\msiexec.exe /i " & Chr(34) & szMSIPath & "\" & szMSIFile & Chr(34) & " TRANSFORMS=" & Chr(34) & szMSTPath & "\" & szMSTFile & Chr(34) & szParams), 0, True
End Function



Sunday, May 9, 2010

ERROR: STOP 0x7B Error Message on Windows XP Sysprep Images

When you start Windows XP Setup after you copy an image to a new target computer, you may receive the following error message:

STOP 0x0000007B

To preinstall a mass-storage device

  1. In the \$OEM$ subfolder of the configuration set, create the \Textmode subfolder.
  2. Copy the files from the disks supplied by the device vendor to the \Textmode subfolder. These files normally include:
    • Driver.sys
    • Driver.dll
    • Driver.inf
    • Driver.cat
    • Txtsetup.oem

    where Driver is the driver name.


    • You must also copy the driver files to the location you specified in the OemPnPDriversPath entry in the answer file(s). For example:
      OemPnPDriversPath = drivers\storage 
    • Some drivers, such as SCSI miniport drivers, may not include a .dll file.
    • A catalog file (Driver.cat) must be included with mass-storage device drivers if it is listed in Txtsetup.oem.

      For more information about catalog files, see Using Signed Drivers. Also see the Microsoft Windows Driver Development Kit (DDK), which you can read in the MSDN Library (http://msdn.microsoft.com/library/): Select Windows Development, and then select Driver Development Kit.

  3. In the Unattend.txt file, create a [MassStorageDrivers] section, and then type any driver entries in that section. For example, a possible entry in the [MassStorageDrivers] section is:
    "Adaptec 2940..." = "OEM"

    Obtain the information for this section from the [SCSI] section of the Txtsetup.oem file provided by the hardware manufacturer.


    • You must use signed drivers. Unsigned drivers are not installed during an unattended installation.
  4. In the Unattend.txt file, create an [OEMBootFiles] section, and in it type a list of the files in the \$OEM$\Textmode folder. For example:

    where Driver is the driver name.


    • Add driver entries only to the [MassStorageDrivers] and [OEMBootFiles] sections for bootable mass-storage devices. Do not include secondary mass-storage devices. Instead, add the drivers for secondary mass-storage devices to the folder specified by the OemPnPDriversPath entry in your unattended Setup answer file. Including drivers for non-bootable mass-storage devices in the [MassStorageDrivers] or [OEMBootFiles] sections causes an error during Setup.
  5. If your mass-storage device is a Plug and Play device, verify that a Hardware Identification section and the name of the catalog file for the driver (Driver.cat) exist in the Txtsetup.oem file. For more information, see the Microsoft Windows Driver Development Kit in the MSDN Library (http://msdn.microsoft.com/library/): Select Windows Development, and then select Driver Development Kit.

If the Hardware Identification section does not exist, you must add [HardwareIds.scsi.yyyyy] to the Txtsetup.oem file and verify that the following information is included:

id = "xxxxx" , "yyyyy"

where xxxxx represents the device ID, and yyyyy represents the service associated with the device.

For example, to preinstall the Symc810 driver, which has a device ID of PCI\VEN_1000&DEV_0001, verify that your Txtsetup.oem file contains the following additional section:

id = "PCI\VEN_1000&DEV_0001","symc810"

You must remove drive and path references from Txtsetup.oem. For example, instead of this text, use the NTFS or FAT32 examples that follow:

d1 = "Windows XP Driver Set v1.00", \w2kdsk1, \win2000\smy810\

For NTFS installations, use this text:

d1 = "Windows XP Driver Set v1.00", \w2kdsk1, \

Note the trailing slash at the end of the line.

For FAT32 installations, use this text:

d1 = "Windows XP Driver Set v1.00", w2kdsk1, .

Note the lack of a backslash; also note the trailing period at the end of the line.

Selecting and Loading the Correct Mass-Storage Driver

If you are including new or updated drivers for mass-storage devices, you must add the new driver to both of these folders:

  • \$OEM$\Textmode
  • The location specified in the OemPnPDriversPath entry in the Unattend.txt file.

    For example: \$OEM$\$1\Pnpdrvrs\storage

Loading Mass-Storage Drivers During Text-mode Setup

If the driver for the mass-storage device is included with Windows XP, the Windows XP driver is chosen before any drivers in \$OEM$\Textmode.

However, the driver you place in \$OEM$\Textmode is the first driver chosen during text-mode Setup only if:

  • The driver that ships with Windows XP does not boot.
  • The driver does not ship with Windows XP.

Other Material:
Seach for "Txtsetup.oem" in Microsoft Windows Corporate Deployment Tools User's Guide. deploy.chm from the Windows XP Deployment Tools

Friday, May 7, 2010

Howto: Add a local account to a local group using WMI

I had to write this script to add an account generated by Sophos AV to the local Users group in order for it to download software updates from the AV server post build.

Option Explicit

Dim oNET : Set oNET = CreateObject("WScript.Network")
Dim sComputer, objWMIService, colItems, objItem, objLocalUser, objUserGroup
sComputer = oNET.ComputerName

Set objWMIService = GetObject("winmgmts:\\" & sComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_Account Where LocalAccount = True AND Name like '%partialusername%'",,48)
For Each objItem in colItems
Set objLocalUser = GetObject("WinNT://" & objItem.Name)
Set objUserGroup = GetObject("WinNT://" & sComputer & "/Users,group")



Thursday, April 15, 2010

HOWTO: Remove the Stored User Names and Password

To remove the Stored User Names and Passwords from Windows XP, try this:

  • Click Start, Run and type Control keymgr.dll
  • Remove the entries from the list.

Thursday, April 8, 2010

HOWTO: VMware View - Unassign user from a persistent desktop

1. Log onto View Manager Server
2. From a Command Prompt > C:\Program Files\VMware\VMware View\Server\bin>vdmadmin -L -d POOLNAME -m Virtual Machine Name -r

eg. vdmadmin -L -d SOEPool -m SOE1 -r

3. You should then see "Sucessfully removed owner from specified machine." If you don't check the syntax

Sunday, March 14, 2010

HOWTO: Create two software configurations for different versions of an application


  • BlackBerry® Enterprise Server for IBM® Lotus® Domino®
  • BlackBerry® Enterprise Server for Microsoft® Exchange


  • BlackBerry® Enterprise Server version 4.1 SP6 for Microsoft® Exchange
  • BlackBerry® Enterprise Server version 4.1 SP6 for IBM® Lotus® Domino®


When creating a software configuration on the BlackBerry Enterprise Server you receive the following error:

Multiple instances of the following applications were found. Please remove all but the desired version to enable the applications for configuration.


The issue occurs when trying to create a software configuration for an application that has multiple versions created for different BlackBerry smartphones. For example, the BlackBerry® Client for use with Microsoft® Office Communications Server 2007 v2.2 is designed for the BlackBerry® Storm™ Series only. The BlackBerry Client for use with Microsoft Office Communications Server 2007 v2.1 is designed for BlackBerry smartphones that do not use the SurePress™ touch screen.


Use the following process to create a second shared folder within C:\Program Files\Common Files:

  1. Open My Computer and select the drive that hosts the BlackBerry Enterprise Server (C:\ by default).
  2. Double-click on Program Files, then Common Files.

    Note: A folder must be created that uses the same folder structure as the Research In Motion folder.

  3. Create a folder called RIM in the Common Files folder, then copy the AppLoader folder from the Research In Motion folder to the RIM folder.
  4. To share the RIM folder, complete the following steps:
    1. Right-click on the RIM folder, then select Sharing and Security.
    2. Select Share this folder.
    3. Click Apply.
    4. Click OK.
  5. Create a folder within the RIM folder called Shared, then create a folder called Applications within the Shared folder.
  6. Copy the .cod and .alx files for the second application to the new Applications folder
  7. Open a command prompt by clicking Start >Run, type cmd, then click OK.
  8. Go to the directory within the RIM folder (for example: cd C:\Program Files\Common Files\Rim\AppLoader).
  9. Run the command loader.exe/index.
  10. In BlackBerry Manager, click the Software Configurations tab.
  11. In the Common Tasks menu, select Add New Configuration. In the Configuration Name field, type a name for the configuration.
  12. Click Change to input the Universal Naming Convention (UNC) path to the shared folder.
  13. Type \\\.
  14. Application Software should appear in the window, expand the window to see the new software configuration.

Thursday, March 4, 2010

HOWTO: View Composer - How to Delete Orphaned Protected Entities in vCenter

View Composer enables the use of linked clones with View Manager in order to reduce the amount of storage needed per VM. It does this by coping the parent VM + snapshot into a protected VM or entity. This VM is protected so it can’t be deleted in vCenter to ensure an admin doesn’t accidentally delete the VM which users may be referencing.

The correct way to manage these protected VM’s isn’t within vCenter, it’s in View Manager. When a linked clone enabled pool is created, recomposed, or deleted this updates the protected entity accordingly. In some cases it may be necessary to manually unprotect and remove the protected entity in vCenter. SVICONFIG.EXE is included with View Composer to assist with this. Located under “C:\Program Files\VMware\VMware View Composer\SviConfig.exe” this command will unprotect any View Composer related protected entity.

Here is how to unprotect the host folder and any entities it may contain:

1. On the vCenter/View Composer server launch Start –> Run –> CMD
2. Browse to “C:\Program Files\VMware\VMware View Composer”
3. Type the command below replacing the default information with specific information for your environment.
SviConfig -operation=UnprotectEntity -VcUrl=https://my.vc/sdk -Username=User1 -Password=123 -InventoryPath="/My Datacenter/vm/MyReplicaFolder" -Recursive=True


"SviConfig -operation=UnprotectEntity -VcUrl=https://vcenter/sdk -Username=domain\username -Password=password -InventoryPath="/DataCenterName/vm" -Recursive=True"

The second will unprotect all VMs in the specified data center.

If this is successful it will return a confirmation of any entities unprotected. Now it will be possible to use vCenter to delete the newly unprotected entity.

Source: http://blogs.vmware.com/view/2009/01/view-composer-how-to-delete-orphaned-replicasource-entries-in-vcenter.html

Tuesday, March 2, 2010

HOWTO: Removing a standard (replica) connection server from a cluster of connection servers

To remove a replica:
  1. Uninstall the connection server and ADAM instance from the server that you want to remove from the cluster.
    1. Click Control Panel > Add or Remove Programs.
    2. Remove VMware View Connection Server and Adam Instance VMwareVDMDS.

  2. Refer to Remove View Manager Entry in the Command Line Tool for View Manager document for full details on how to use the vdmadmin.exe tool to remove the reference to the now redundant replica in the ADAM database.

    Here is an example of the command:

    "C:\Program Files\VMware\VMware View\Server\bin\vdmadmin.exe -S -r -s "

    Note: This step is not mandatory, but it clears the removed Connection Server from the Admin UI.

Tuesday, February 23, 2010

ERROR: MDT 2010 - Deployment Summary shows errors connecting to network resource

Issue: Deploying Windows 7 unattended install using MDT 2010 upon completion Deployment Summary shows errors:

"The specified network resource or device is no longer available"


"ERROR - Unable to map to a network drive to \\SERVER\MDTLOGSDYNAMIC\MININT-XXXXX

Upon further investigation, the BDD.log on the local machine (not the copy in the above location

Validating connection to \\SERVER\MDTLOGSDYNAMIC\MININT-XXXXXX1 Wizard 23/02/2010 11:52:42 AM 0 (0x0000)
The specified network resource or device is no longer available.
Wizard 23/02/2010 11:52:42 AM 0 (0x0000)
Unable to connect to \\SERVER\MDTLOGSDYNAMIC\MININT-XXXXXX1. Sleeping for 5 seconds. Wizard 23/02/2010 11:52:42 AM 0 (0x0000)
The specified network resource or device is no longer available.
Wizard 23/02/2010 11:52:42 AM 0 (0x0000)
Unable to connect to \\SERVER\MDTLOGSDYNAMIC\MININT-XXXXXX1. Sleeping for 10 seconds. Wizard 23/02/2010 11:52:42 AM 0 (0x0000)
The specified network resource or device is no longer available.
Wizard 23/02/2010 11:52:42 AM 0 (0x0000)
Unable to connect to \\SERVER\MDTLOGSDYNAMIC\MININT-XXXXXX1. Sleeping for 15 seconds. Wizard 23/02/2010 11:52:42 AM 0 (0x0000)
The specified network resource or device is no longer available.
Wizard 23/02/2010 11:52:42 AM 0 (0x0000)
Unable to connect to \\SERVER\MDTLOGSDYNAMIC\MININT-XXXXXX1. Sleeping for 20 seconds. Wizard 23/02/2010 11:52:42 AM 0 (0x0000)
The specified network resource or device is no longer available.
Wizard 23/02/2010 11:52:42 AM 0 (0x0000)
Unable to connect to \\SERVER\MDTLOGSDYNAMIC\MININT-XXXXXX1. Sleeping for 25 seconds. Wizard 23/02/2010 11:52:42 AM 0 (0x0000)
The specified network resource or device is no longer available.
Wizard 23/02/2010 11:52:42 AM 0 (0x0000)
ERROR - Unable to map a network drive to \\SERVER\MDTLOGSDYNAMIC\MININT-XXXXXX1. Wizard 23/02/2010 11:52:42 AM 0 (0x0000)

This is a known issue with MDT 2010 RTM. Update MapNetworkDriveEX function within Scripts\ZTIUtility.vbs Deployment Server as shown in link below


Monday, February 8, 2010

ERROR: Wfcrun32 Error Failed to set Event Logging and Open or Save .ica file prompts

Wfcrun32 Error Failed to set Event Logging

This error occurs after updating versions of the Citrix software. To fix this error delete the appsrv.ini file located under the user's profile. On XP the location is:
C:\Documents and Settings\%username%\Application Data\ICAClient
The file will be recreated automatically on the next connection. This should clear up that error message.
Here is a script you can run on a XP machine that will automatically remove the file from each profile. Extract the file and run it on each machine you want cleaned. Appsrv_Cleaner

Open or Save .ica file prompts

Also with Citrix, if when clicking web links that are supposed to initiate a citrix connection you get prompted to open or save the .ica file there are two things you can try. One, with the user logged on run this command from the directory where wfica32.exee is installed wfica32 /setup or from a command prompt run:
"C:\program files\Citrix\ICA Client\wfica32" /setup If that doesn't work, try uninstalling citrix and installing the latest software.

Source: http://tobias-tobin.blogspot.com/2008/08/citrix-wfcrun32-error-failed-to-set.html

Monday, February 1, 2010

ERROR: The kerberos subsystem encountered a PAC verification failure.

You cannot log on or you experience a long delay on a domain controller or on a member computer that is running Windows 2000, Windows XP, or Windows Server 2003


Includes Group policy not applying.


The following error message is logged in the system event log:

Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 7
User: N/A
Description: The Kerberos subsystem encountered a PAC verification failure. This indicates that the PAC from the client in realm had a PAC which failed to verify or was modified. Contact your system administrator.
Data: 0000: c0000192

Resolution: See link below

Vendor link: http://support.microsoft.com/kb/883268

Thursday, January 14, 2010

FIX: Pools or virtual machines remain listed in VirtualCenter after being deleted in View Manager


  • A pool is deleted from disk in View Manager from View Administrator > Desktops and Pools
  • Some virtual machines from the deleted pool remain in VirtualCenter
  • In View Administrator > Desktop Sources, the virtual machine show a status of Deleting, however the objects never get deleted


The virtual machine may not be deleted when View Manager is unable to process the shut down command.
To workaround the issue:
  1. Manually shutdown the virtual machine and wait a few minutes. VirtualCenter automatically continues with the cleanup process and deletes the virtual machine.
  2. If the virtual machine is deleted from VirtualCenter or you have manually deleted the virtual machine but it still appears up in Desktop Sources, the virtual machine entry must be removed from ADAM.

    Warning: Editing or deleting items within ADAM may destroy existing pools in View Manager. Backup the configuration data before making any changes. For backup instructions, see http://www.vmware.com/pdf/vdm_config_data_export_import.pdf.

    1. Open the ADAM editor, click Start > Programs > ADAM > ADAM ADSI Edit.
    2. Right-click ADAM ADSI Edit and select Connect to.
    3. Choose Distinguished name (DN) or naming context and type:


    4. Under OU=Servers, double-click each entry and search in Attribute > pae-DisplayName for the corresponding virtual machine name.
    5. Delete the appropriate entry that contains the virtual machine name.
    6. Refresh the Desktop Sources view. The virtual machine is no longer listed.

Monday, January 4, 2010

The Home Folder may be mapping incorrectly when logging on to a Windows XP-based computer

When you log on to a user account on a Windows XP- based computer with drives that are mapped to a Home Folder on a network, the Home Folder may be mapped to the base share instead of the complete path.

Example scenario:

  • The Home Holder is set to: \\fileServer\share\UserName

  • The actual mapping that the user receives is \\fileServer\share
Note: Manually mapping the path completes successfully and all files are accessible, but the scenario may repeat when the user logs in again.


This issue may occur if due to one of the following reasons:

  • Under Group Policy, in User Configuration -> Administrative Templates -> System -> User Profiles -> Connect home directory to root of the share is set to Enabled.

  • Network delays cause the workstation to try to map to the home folder before it completes initializing the network connection during logon.

To resolve this issue, do the following:
  • Make sure you do not have the policy configured in User Configuration -> Administrative Templates -> System -> User Profiles -> Connect home directory to root of the share
  • Set the Group Policy setting under Computer Configuration -> Administrative Templates -> System -> Logon -> Always wait for the network at computer startup and logon to Enabled.