Simple Hand book for WMI Troubleshooting.
Here is a quick troubleshooting guide or tips, whatever you call it, on WMI issues. Thanks to Kings for putting all the relevant details together as a single document. These are the errors you get in Desktop Central due to the WMI issues. This may mostly occur when you do,
- On-demand Agent installation
- On-demand Patch Scan and
- On-demand Inventory scan etc.,
This document can be of handy assistance to do the troubleshooting on your own, when you get such errors in Desktop Central. Also, we are open for improvement, when you find any additional issues related to WMI, feel free to report so that the scenario can be captured and updated in this document.
Download your copy : Handbook for WMI issues in Desktop Central
Cheers
Romanus
Help others find this article:
| 
| 
| 
MS Investigation on Vulnerability in MS word which could allow Remote Code Execution.
Here is a security advisory on MS word. Microsoft says it is still investigating the issue. Please check the alert and report in case you feel you have been attacked.
Microsoft is investigating new public reports of a possible vulnerability in Microsoft Office Word 2002 Service Pack 3. Our initial investigation indicates that customers who use all other supported versions of Microsoft Office Word, Microsoft Office Word Viewer, Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, and Microsoft Office for Mac are not affected.
At this time, Microsoft is aware of limited, targeted attacks that attempt to use this vulnerability. While Microsoft Office Word 2000 does not appear vulnerable to this issue, Word 2000 may unexpectedly exit when opening a specially crafted .doc file that the attacker is using in an attempt to exploit the vulnerability.
Purpose of Advisory : To provide customers with initial notification of the publicly disclosed vulnerability. For more information see the “Workarounds” and “Suggested Actions” sections of the security advisory.
Advisory Status : The issue is currently under investigation.
Recommendation : Do not open or save Microsoft Office files that you receive from untrusted sources or that are received unexpectedly from trusted sources.
Affected Software : Microsoft Office Word 2002 Service Pack 3.
Customers who believe that they have been attacked can obtain security support at http://www.microsoft.com/protect/support/default.mspx and should contact the national law enforcement agency in their country. Customers in the United States can contact Customer Service and Support at no charge using the PC Safety hotline at 1-866-PCSAFETY. Additionally, customers in the United States should contact their local FBI office or report their situation at www.ic3.gov.
http://www.microsoft.com/technet/security/advisory/953635.mspx
Cheers
Romanus
Help others find this article:
| | |
End of sale for Windows XP has been announced.
Found this interesting letter from Bill Veghte, Senior Vice President,Microsoft Corporation, regarding the ‘End of Sale’ of Windows XP.
Today, more than 1 billion personal computers around the world run Windows. Over the years, Windows has been the catalyst for innovations that have transformed the way people communicate, access information, create and share content, and much more, at work and at home. Windows is the platform that most people use to get the greatest value and benefit from their personal computers. Windows is also the platform that brings together the broadest array of choices across PCs, devices and applications.
To all of our Windows customers, thank you!
To the hundreds of thousands of partners that develop millions of solutions for Windows, thank you.
It also deals about the VISTA and windows 7 views.
For more details on support life cycle
http://support.microsoft.com/lifecycle/?LN=en-gb&x=16&y=12&C2=1173
http://www.microsoft.com/windows/products/windowsxp/future.mspx
Cheers
Romanus
Help others find this article:
| | |
Here is another XP SP3 vulnerability alert. I just read the information from Donna’s Security Flash.
———————————————————————————————–
Microsoft’s Windows XP Service Pack 3 (SP3) ships with an out-of-date version of Adobe’s Flash Player that’s vulnerable to recently-spotted attacks, according to Microsoft’s support documentation.
Windows XP SP3 includes Flash Player 9.0.115.0, a version released by Adobe Systems> in December 2007. That version of Flash Player, however, was superseded by version 9.0.124.0 on April 8, nearly two weeks before Microsoft decided SP3 was done by giving it a Release To Manufacturing (RTM) label and sending it out for distribution.
The older version that shipped with XP SP3, however, harbors a bug that hackers have been exploiting since last week; that’s when security researchers, including those at Symantec, reported what they at first thought was a zero-day vulnerability in the most current edition of Flash, 9.0.124.0. A few days later, however, Symantec retracted that claim, and said that only the older 9.0.115.0 was at risk.
Adobe has confirmed that version 9.0.115.0, included with XP SP3, is vulnerable to the ongoing attacks, which have originated from Chinese servers. Users have been attacked after visiting legitimate Web sites that had been hacked using now-common SQL-injection attacks.
http://www.computerworld.com.au/index.php/id;1307917085;fp;4;fpid;16
———————————————————————————————–
cheers
romanus
Help others find this article:
| | |
Hi Folks
In continuation to our scriptomaniac series, here is a script which is used for making the agent to report to the new DC server. Again, widely used by evaluator/customers.
The user would be testing Desktop Central with minimum number of computers. When he decides to roll out to the entire production network after evaluation, the usual practice is to install the server in a better hardware configuration for scalability purpose. We have Migration Process for Desktop Central documented for this purpose.
However, in most of the cases, administrators will completely miss the Migration process and change the DC server to the new hardware.
So, this script provides a solution for that. The script given here will do a part of migration meaning, make the agents to report to the new/correct DC server in production. Please note that this script will not help you to maintain any server data. It will change the server name and IP address at the agent registry so that it starts reporting to your new DC server.
Download the Desktop Central Agent reporting script.
You can use this with PSEXEC tool which we discussed earlier can be used to along with this script to do a bulk agent migration to the new DC server installation.
Note : You need to download and rename the extension as .VBS
cheers
romanus
Help others find this article:
| | |
Hi Folks
Please find the latest hotfix available for Desktop Central 6.
Desktop Central Hotfix build : 60118
After the upgrade, you should see the server build number as 60118, and the agent version as 6.1.13. (so, wait for the agents to get upgraded automatically)
The instructions to install the hotfix is available in the forum announcement.
Desktop Central users are advised to install this hotfix which has the fix for CPU and Memory shoot-up in Inventory module.
cheers
Romanus
Help others find this article:
| | |
Interacting with customers, witnessing their petty practical needs and addressing them with simple scripts is a routine in any Technical Support guys day to day life. The scripts may sometime fall out of the scope of your support, however you still need to do this for the sake of customers and personal rapport. Here i’m going to start sharing few of such scripts which i believe could be useful to any administrator.
Now the Scenario
When you have bulk number of machines to be used for a network wide operations, it is always better to check the reachability/availability of the machine before trying the actual operation. Lets take an example of trying PSEXEC solution for the SoM (Scope of Management) agent install failed machines as described in my previous blog. You can get the agent failed computer list exported as a csv file from Desktop Central and use as described in the blog. However, imagine a case you have lot of computers which are down (Not alive on the network) in that list, so naturally the install process using the psexec tool is going to take more time. Instead if you can check the currently available computers in the network by doing a ping and then using it with psexec process will yield very good results in a better clocking.
The Actual Script
Here is the script which can ping the given list of computers and segregate the reachable and unreachable computers in separate files. In our sample scenario you can use the Reachable computers list along with the PSEXEC agent install process. Similarly in the case of patch and inventory scan you can go through the ping failed (unreachable computer list) and avoid scanning them. Copy and past the contents and save the file as .vbs script.
Download the Desktop Central GetReachablecomputer Script
Note : You need to download and rename the extension as .VBS
Try the script and let me know your experience and any further improvisation you may need. Also please feel free to modify or edit or add additional functionalities in the script and add it here for others to benefit.
Cheers
Romanus
Help others find this article:
| | |
Hi Folks
Now you can install the Microsoft Windows XP Service Pack 3 installation through Desktop Central. DC has started supporting the XP SP3 through the patch management module.
Immediately after the availability of XP SP3 Network Installation download, the testing team has done some internal testing and made it available for end users. For few of our customers who wants to deploy it immediately after SP3 release, were given a workaround with software installation module. They did the SP3 silent install as software installation with /quiet switch. Now, its time for them to go with patch management module of DC for the remaining computer.
cheers
Romanus
Help others find this article:
| | |
One more interesting read on Microsoft XP SP3 installation by Mark Dormer, MVP.
Windows XP SP3 breaks Windows Update
If you install XP SP3 on a clean SP2 box Windows Update will no longer work. Unless you have the newer Windows Update Agent 3.0 your stuck in a hole. There is no way to get it via AU or WU or MU only a manual installation can resolve the issue
1. Download the new Agent (but do not Run it yet) to your Desktop (so you can find it below) :
X86 Version Download.
2. Start, Run, CMD
In the black box:
net stop wuauserv
“%userprofile%\Desktop\WindowsUpdateAgent30-x86.exe” /wuforce (don’t forget the quotation marks)
net start wuauserv exit
The original post.
cheers
Romanus
Help others find this article:
| | |
Hi Folks
Here is the News (..actually a year old 
) for the admins who don’t want the Service Packs to be rolled out to their network without their permission (especially SP3 for XP) . Since most of us are concerned about the XP SP3 roll out, this may be of interest of many to ensure that SP3 doesn’t get through their network without their knowledge. Microsoft has this tool (SPBlockerTools.EXE) in site for more than a year as i mentioned, which can block Service Pack installation which happens through Windows Updates. This tool can be used to block (temporarily) the installation of SP updates. It can block
- Windows Server 2003 Service Pack 2 (valid through March, 2008 - time elapsed)
- Windows XP Service Pack 3 (valid for 12 months following general availability)
- Windows Vista Service Pack 1 (valid for 12 months following general availability)
Here is the extract which talks about ‘How it works?‘
This toolkit contains three components. All of them function primarily to set or clear a specific registry key that is used to detect and block download of Service Packs from Windows Update. You only need to use the component which best serves your organization’s computer management infrastructure.
- A Microsoft-signed executable
- A script
- An ADM template
- The executable creates a registry key on the computer on which it is run that blocks or unblocks (depending on the command-line option used) the delivery of a Service Pack to that computer through Windows Update. The key used is HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate.
- When the ‘/B’ command line option is used, the key value name ‘DoNotAllowSP’ is created and its value set to 1. This value blocks delivery of a Service Pack to the computer through Automatic Update or Windows Update.
- When the ‘/U’ command line option is used, the previously created registry value that temporarily blocked the delivery of a Service Pack to the computer through Automatic Update or Windows Update is removed. If the value does not exist on the computer on which it is run, no action is taken.
- The script does the same thing as the executable, but allows you to specify the remote machine name on which to block or unblock delivery of Service Packs. Note that the executable and script have been tested only as a command-line tool and not in conjunction with other systems management tools or remote execution mechanisms.
- The ADM template allows administrators to import group policy settings to block or unblock delivery of Service Packs into their Group Policy environment. Administrators can then use Group Policy to centrally execute the action across systems in their environment.
The SPBlockerToolKit can be downloaded from Microsoft.
Folks, importantly you’ll have to keep in mind that it will not prevent SP installs from DC/DVD, or from stand-alone downloads. It can only block SP installs through Windows Updates.
Cheers
Romanus
Desktop Central Technical Support Team
Help others find this article:
| | |
