(That's a wordy title, isn't it?)

Had an issue with a client who needed to drop a shortcut to a Remote Desktop connection on certain desktops based upon their membership in a group.

A little vbscripting, and we got it done. It's pretty simple. (You can cut and paste the script below. Change the variables to suit your environment. Word wrapping on the screen shouldn't carry over to your editing tool of choice -- mine is TextPad.)

Easy peasy.

So then, I add the script to a domain level Group Policy object I have called, logically enough, "Login Scripts" and it runs on each login, making sure our little icon is where it belongs.

A client running XP Home today had an issue with a machine running slowly, and in the (ab)normal course of troubleshooting, we came across some errors in the event viewer that caused us to reset the security descriptors back to their defaults... and in doing so, we broke his printer sharing. (Oops!)

For those of you at home, we reset the security back to baseline via the secedit utility -- something we carry with us on our USB keys since it doesn't ship with XP Home:

secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose

So, since it's XP Home, we didn't have a lot of tools available to us, so we replied upon the Win2k3 Resource Kit tools to help us reset the Guest account, so it had access to the local printer:

The remote user was getting the message "Logon failure: the user has not been granted the requested logon type at this computer"

So we confirmed the guest account was turned on via:

net user guest /active:yes

And then we allowed it to logon from the network. (Case sensitivity rules in effect):

ntrights +r SeNetworkLogonRight -u Guest

And we had to remove the DENY right, since it takes precedence in all transactions:

ntrights -r SeDenyNetworkLogonRight -u Guest

Once we did that, the other computer was able to print again.

I've been a big fan of VirtualAppliances' virtual machines for awhile now and have used its LAMP appliance for a variety of low-power applications, but I've wondered why it doesn't ship with mod_rewrite enabled, and why there's always a step missing from turning it on.

First up, we need to symbolically link the module from /etc/apache2/mods-available to /etc/apache2/mods-enabled:

sudo ln -s /etc/apache2/mods-available/rewrite.load /etc/apache2/mods-enabled

That's usually what all the online guides mention, but there's still one more step -- one I always forget... we need to edit the default site to allow .htaccess to control the mod_rewrite rules...

So, go into /etc/apache2/sites-available

Edit the default site definition, and make sure you change the AllowOverride to ALL in the /var/www/html section:
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>

... and now your WordPress permanent links will work.

We love Terminal Server. We think its a pretty great solution for small businesses; put a little more money into a server and you can keep your older hardware around.

In setting up our terminal server environments, we like putting shortcuts to various shares on the desktop. However, the server always wants to convert them from \\server\data to their local equivalent, d:\data.

But a quick registry entry will eliminate that.

Create a new DWORD value of "LinkResolveIgnoreLinkInfo" in this key:

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

... and set it to a data value of "1"

Reboot and that'll do it.

(You can also put this in the CURRENT_USER key, but I'm not sure why you'd want to.)

I had to find the MAC address of a remote machine on my network this morning. Happily, WindowsXP (and above) make this easy.

They include a tool called getmac which does just that -- it gets the MAC address of any machine on the local network.

(This utility first made its appearance, it seems, as part of the Windows 2000 Resource Kit, and is available as a download from Microsoft.)

The tool couldn't be simpler to use, just open a command prompt and type:

getmac /s <computername>

It then spits back:

Physical Address Transport Name
=================== =========================================================
00-00-00-XX-XX-XX \Device\Tcpip_{0AB4C22A-1EEE-AAAA-XXXX-0X0X0X0X0X0X},
 \Device\NwlnkIpx

There are additional switches you can use to format the output or run the command under different credentials (from the TechNet article):

/u Domain \ User : Runs the command with the account permissions of the user specified by User or Domain\User. The default is the permissions of the current logged on user on the computer issuing the command.

/p Password : Specifies the password of the user account that is specified in the /u parameter.

/fo { TABLE | LIST | CSV } : Specifies the format to use for the query output. Valid values are TABLE, LIST, and CSV. The default format for output is TABLE.

/nh : Suppresses column header in output. Valid when the /fo parameter is set to TABLE or CSV.

/v : Specifies that the output display verbose information.

/? : Displays help at the command prompt.