This article first appeared at the now-closed Win32Scripting site. Since I find it useful, and my bookmark no longer works, I have been unable to reach its author, Jeff Trumbull, so I hope he doesn't mind that I've archived it.

Author: Jeff Trumbull

Description:
Backup files that make a Microsoft virtual server with only about 1 minute of down time. Suspends the virtual server, takes a shadow copy , starts the virtual server then copies virtual server files. This could be used to copy any open files. Requires vshadow.exe from vss sdk.

Script:

A client came to us with an interesting problem -- his laptop was removed from his company's domain and his documents were no longer available to him. He could see the mapped drive, and the folders and files, but when he tried to launch any of the files, he got an "Access Denied" error.

So, offline files had his documents stored locally, but his lack of network credentials was keeping us from them.

While massively inconvenient, this is how it should be. No credentials, no files. Downside, of course, was I couldn't get the documents copied to the local drive.

Windows 2003 Resource Kit to the rescue!

There's a utility, csccmd.exe which, as the name imples, allows you to work with the "client side cache" (the pre-release name for Offline Files). The most recent version of the csccmd.exe has an option to EXTRACT files from the client side cache and put them on the local drive somewhere.

So, I grabbed the Windows 2003 Resource Kit, downloaded it, installed it,and ran csccmd.exe and it didn't work.

Wha?

Seems there is a NEWER version of csccmd.exe that is only available (officially) from MS Product Support Services (PSS). (Unofficially, use bing to google csccmd.exe 1.1) which does the job. I downloaded it and copied it into c:\windows (just to avoid path issues).

(I assume it's only available from PSS because it totally bypasses the security issue.)

So, logged in as an administrator, I created a temporary folderand opened a command prompt (do I show my age by insisting on calling it a DOS window?) and typed:

csccmd.exe /extract:\\server\share /target:c:\temp\user /recurse

Ta-da!

The files copied, rights of the folder they were copied into prevails (which is to say that the ACL information was not extracted as well) and he's happy because he has his documents back.

Talking about SMTP Connectors in an earlier post got me to thinking of another way we use the SMTP Connectors in Exchange.

A client has a (horribly behaved) legacy piece of software that, when faced with a customer with no email address on file, sends an email to an address it makes up in a legitimate domain. So, for a long time, they were bombarding this innocent third party domain with mail that was destined to go nowhere.

This was eating bandwidth, processing cycles and the like, so we tried to put an end to it by appealing to the developers. They were not interested in fixing the old program, it would continue to spit out its bogus mail.

We created an SMTP Connector in Exchange to handle delivery to the legitimate domain. (It should be noted that the domain probably wasn't legit when the program was written, but with the .com explosion, it became legit. It's also not a domain anyone would be sending mail to in the normal course of business... it's not like this is for AOL.COM or anything...)

We set the connector so in the "address space" we listed our desired domain. We checked off "Forward all mail thru this connector to the following smart hosts"

... and this is where we get tricky ...

... we put a non-routable IP address in the smart host field. (And remember to enclose the IP address in brackets - i.e., [10.99.99.88] )

On the Delivery Options tab, when it asks when it should deliver, we tell it to "Never Run"

And that does the trick. We no longer pester the legit domain, we don't eat any bandwidth, everyone's happy.

A client is constantly getting hit with email attacks, and one such attack flooded the Exchange box with a couple hundred bogus NDRs which were trying to be delivered.

Removing these queues by hand is a royal pain, so I recalled a simple little kludge that would get all the bad mail into one queue so it could be deleted in one fell swoop instead of having to right click on every queue and choose "Delete all messages (No NDR)"

The steps are laid out pretty explicitly in a KB article from Microsoft, so I won't go into great detail here. I'll just give you the overview.

All of the following steps are done using the Exchange System Manager. I did this using Exchange 2000, it should work for Exchange 2003. I haven't played with 2007 at all -- three servers?!? -- so I have no clue if this is still how it works.

First, you need to make sure all your good mail is out of the queue, so I tend to do this at 3 AM when I know that it's been a few hours since anyone has tried to send any out-of-office mail and anything I'm going to find in the queue is crap. YMMV.

Next, stop the SMTP Virtual Server for the site.

Create a new SMTP Connector which is going to take all of the junk mail. Make sure the "Address Space" properties are set that SMTP is accepting for * (all domains) at a cost of 1.

Restart the SMTP Virtual Server.

All of the mail should now go into this new queue you created. Right click the queue, choose "Delete all messages (No NDR)"

Refresh the queue list a few times to make sure all messages are gone.

Stop the SMTP Virtual Server.

Delete the SMTP Connector you just made.

Restart the SMTP Virtual Server.

Mail should start flowing as usual.

(That's a wordy title, isn't it?)

Had an issue with a client who needed to drop a shortcut to a Remote Desktop connection on certain desktops based upon their membership in a group.

A little vbscripting, and we got it done. It's pretty simple. (You can cut and paste the script below. Change the variables to suit your environment. Word wrapping on the screen shouldn't carry over to your editing tool of choice -- mine is TextPad.)

Easy peasy.

So then, I add the script to a domain level Group Policy object I have called, logically enough, "Login Scripts" and it runs on each login, making sure our little icon is where it belongs.