How To Redirect Application Calls in Windows

Windows Admins can redirect application calls by users where, for example, if a user launches Application A, Debugger B launches instead. This can be useful if for example a developer would like to debug the startup of an application that is launched by another process. This can be done as below (here I'm redirecting notepad.exe to calc.exe):

1. Open Regedit and go to: "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options"
2. Create a key with the name of the executable you want to redirect. ex: notepad.exe
3. Create a String value in the newly created key with any name and the value specifying the pathname of the executable (debugger) you want to launch instead. ex: String name: Calc String value: C:\Windows\System32\calc.exe

Now launch notepad :)

How to launch an App-V Application without using the shortcut

Users can launch App-V applications without using the shortcut in cases such as the user mistakenly deleted the shortcut and needs immediate access to the application without refreshing the server connection.

Prerequisite:

• User should already be added to ACL of the application on the management server
• App-V client should be running on the desktop

From a command prompt or Start > Run, type:
sfttray.exe /launch "APPNAME APPVER"

where APPNAME and APPVER correspond to the application name and application version from the application OSD file as below:
sfttray /launch "Google Chrome 13.0"

How to block users from accessing certain websites

Following is one of many ways to block users from accessing certain websites.

Background: When a user tries to launch a open a website from the browser, Windows by default tries to resolve the website name to its IP address from the local DNS cache first. If this fails, it will query the hosts file and if no entry for the website is there, it will finally contact the DNS server for name resolution. Provided that the user does not have the website IP address cached, the hosts file can be used to do the block. Incase the user does have the website IP address cached, a simple restart to the DNS service will clear the cache.

Solution: Open the file "C:\Windows\System32\drivers\etc\hosts" and add an entry as below:

127.0.0.1 domainname.com

(domainname.com being the website you want to block. Save the hosts file outside the etc folder and then move it there, replacing the older version, as Windows won't let you save the file there directly. Also make sure there's no extension like .txt at the end of the file name)

This way whenever a user tries to go to anything.domainname.com, their browser redirects them to 127.0.0.1 which is the local host. Or maybe you can redirect them to an HTML page stating the reason why that page is blocked from within your organization.

XenCenter error "Unable to mount the directory specified in device configuration request"

Problem: When trying to create a new storage repository in XenCenter, after putting the name and share name of the storage location, without checking "use different user name", the below prompt would sometimes appear (this was for v5.6.1, but the issue is probably in other versions too):

Fix: Even though the account XenCenter was launched from has access to that location, you still have to check "use different user name" and put the same account credentials!

How to run a script in WinPE before MDT HTA Wizard screen pops up

Recently I've been having issues reimaging machines with a Lite Touch Image (built using MDT2010), where when I plug in the media in the machine and reboot in Winpe, instead of getting the HTA Wizard screen, I get an error that task sequence crashed (before it even started!)

A little basic background on some MDT behavior first in light of the explanation; When an LTI MDT image is applied to a machine successfully AND the machine is rebooted (ex: hit the finish button on the summary page, set the rule FinishAction=REBOOT in customsettings.ini, etc..), MDT scripts are supposed to do a cleanup of whatever task sequences, logs files, etc.. that were moved to the machine during deployment. These files are located under:

1. C:\_SMSTaskSequence 
2. C:\MININT 

MDT2010 does a good job cleaning most of the times (except for keeping some DLLs under C:\MININT which are totally harmless), but sometimes that's not the case. An example could be that:

1. The task sequence crashed somewhere in the middle
2. The deployment guy never hit the Finish button on the Final Summary page when deployment ended. 

And so, when trying to reapply the image and the machine is booted into WinPE, it picks up whatever task sequence found under C:\_SMSTaskSequence or C:\Minint.

After hours of research trying to figure out a way to clean those folders, I came across this simple solution:

1. Mount WinPE image file from E:\content\boot\LiteTouchPE_x86.wim (where E is the media drive letter)
2. Create a batch script to delete the folders (ex: RMDIR /S /Q C:\_SMSTaskSequence) and place it under %MOUNTDIR%\Windows\system32\ 
3. Open %MOUNTDIR%\Windows\System32\winpeshl.ini and add the command to launch the custom script before bddrun.exe. An example of the ini contents are as below:

4. Unmount the wim

That's all!  

Note that everytime you regenerate the media the wim file will be replaced with the default one from MDT and the above steps will have to be redone.

Teched 2011 Videos

For those who missed attending Teched Atlanta 2011, breakout session videos can be found on msdn channel 9. My recommendations are:

• Absolute Offline Servicing Windows OS (Nystrom Level 3) by Johan Arwidmark,Mikael Nystrom
• Troubleshooting Windows 7 Deployments: In Depth (Level 4) - Keith Garner, Michael Niehaus
• Microsoft System Center Configuration Manager 2012: Application Management Overview (Level 3) - by Wally Mead
• Inside Panther: Troubleshooting the Windows Setup Engine (Level 4) by Johan Arwidmark
• Microsoft diagnostics and Recovery Toolset (DaRT) (Level 3) By Paul MacKnight
• Case of the Unexplained 2011: Windows Troubleshooting with Mark Russinovich (Level 4) by Mark Russinovich
• Deployment Internals: Mastering Windows Deployment Services (Level 3) By Johan Arwidmark

Things that I want to see:

• Planning and Deploying Microsoft Forefront Endpoint Protection 2010 with Microsoft System Center Configuration Manager ( Level 3)
• We Don't Need No Stinkin' GUI: Command-Line Capture Techniques (Remote Options)
• Microsoft System Center Orchestrator 2012 Overview 
• Microsoft System Center Virtual Machine Manager 2012: What’s in It,and How It Enables the Building of Private Clouds and Federation to the Public Cloud
• The Enhanced Mitigation Experience Toolkit (Level 3)
• Failover Clustering and Hyper-V: Multi-Site Disaster Recovery (Level 3)
• The Ultimate Guide to Wireless Network Security ( Level 3)
• Windows Powershell Remoting, Definitely not just for Servers (Level 3) by Don Jones
• Mysteries of Memory Management Revealed,with Mark Russinovich (Part 1 of 2) ( Level 4) by Mark Russinovich
• Maximizing Windows 7 Performance: Troubleshooting Tips
• Optimizing Group Policy in Virtual Desktop (VDI) Environments (Level 3) by Darren Mar-Elia
• Inside the LAB: Building Your Own Private Cloud Infrastructure (Level 3) by Michael Nystrom
• Failover Clustering and Hyper-V: Multi-Site Disaster Recovery (Level 3) by Jeffery Hughs, Henry Aloisius
• Hey,You! Get Off My Network! (Level 4) by Erdal Ozkaya
• DirectAccess Implementation and Integration Deep Dive (Level 4) by Rand Morimoto
• Windows Server 2008 R2: Tips for Automating the Breadth of Your IT Environment ( Level 3) by Dan Harman, Mir Rosenberg
• Advanced Automation Using Windows PowerShell 2.0 ( Level 4) by Dan Harman,Jeffrey Snover
• The Ultimate Guide to Wireless Network Security (Level 3) by Hasain Alshakarti
• Migrating to IPv6 with Windows Server 2008 R2 and Windows 7 (Level 4) by Martijn Bellaard

A new blog is born!

Welcome to my new blog. I will be using this space to share news/information/tips&tricks for IT Pros. Stay tuned!