Tag Archives: windows

Error 0x80005000 using LDAP in VBScript

Logon Error

While rolling out a new logon script, I started getting reports of an error message like this one showing up. Error 0x80005000 with a source of (null) isn’t particularly helpful.  The particular section of code referenced in the error dealt with pulling a user’s group membership from LDAP, and mapping drives accordingly.

After stepping through the script, I found that it was bombing out on a group with a forward slash (/) in the name.  The / was throwing off the LDAP query, since it is a reserved separator character.  There are 2 fixes for this.  You can either do a substring replace, and replace ‘/’ with ‘\\/’ (yes – double backslash slash), or you can do what I did and just rename the group in ActiveDirectory to not contain a /.

Aliasing a Windows File Server

You’ve consolidated 2 servers down to 1 after hours. Great. Then you recreate all the file shares on the new server, and test mapping them using the new name. They work great.

Then in a sudden flash of brilliance, you update DNS and WINS to point the old server name at the new server, so that any scripts that still reference the old name won’t break. And that’s when you start getting this error on your clients:

System error 52 has occurred.
A duplicate name exists on the network.

Duplicate name? On the clients? Whats going on? You might check the server, and be surprised to not see any ‘Duplicate name exists’ errors anywhere. The error actually makes some sense when you think about it:

Client sends SMB request to OldServer > OldServer is an alias for NewServer > NewServer sends reply to request > Client receives reply from NewServer and not OldServer, and assumes that a 2nd machine is responding to the request, and throws the duplicate name error.

To fix this, Microsoft KB281308 tells us to add a new registry key on the server side,  HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters, called DisableStrictNameChecking.  Set it to be DWORD:1, then restart the server.

Manage a Child Domain as Enterprise Admin

Say your AD root is ‘smashcorp.local’, and you have a child domains of ‘flowerco.smashcorp.local’ and ‘oilchange.smashcorp.local’  The oilchange domain was migrated into your AD directly from NT4, while the flowerco domain was already AD, so a new DC was created for it and it was kind of ‘copied’ into the smashcorp forest.

If you are a member of the Enterprise Admins group of smashcorp, you might notice that while you can manage oilchange just fine, flowerco throws some strange permissions errors (like being able to delete but not create GPOs) and is always nagging you for a password for operations. Running a dcdiag from a smashcorp DC gives you “failed test NetLogons” errors, and access denied errors on Services, frssysvol, frsevent, kccevent, and Systemlog.

After scratching my head over this for a couple of days, and getting tired of RDPing into flowerco, I finally found where Enterprise Admins was missing from flowerco. In AD Sites & Services, go into the Builtin folder and add Enterprise Admins to the Administrators group. Apparently this didn’t happen with the way flowerco was brought into the forest initially.

Change File Associations via Command Line

You can change file type associations in Windows from the command line with 2 simple commands: assoc and ftype. Use assoc to associate a file extension with a file type or check the existing association. File types are defined arbitrarily, you can make up your own if you wish:

C:\>assoc .pdf
.pdf=AcroExch.Document
C:\>assoc .pdf=SomeOther.PDFViewer

Then use ftype to check or set a command line to open those file types with:

C:\>ftype AcroExch.Document
AcroExch.Document="C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AcroRd32.exe" "%1"
C:\>ftype SomeOther.PDFViewer=C:\Program Files\My PDF Viewer\pdfview.exe %1

These commands will edit the system-wide file associations (stored in HKLM). User-set preferences (stored in HKCU) will take precedence over this. These commands also require local admin rights, or need to be run in an elevated context (such as System during a login script, or a RunAs command).

Audit Windows Print Logs with Perl

I’ve had this script floating around for a while. It can take a CSV export of your event log from a Windows machine, and give you a per-user breakdown of print jobs and pages printed, by date.

Continue reading

Using PrintUI.dll to Redirect a Printer

You can use PrintUI.dll from a command line to manage and change printer settings. The most common place I use it is in a scheduled task to redirect print jobs. 

rundll32 printui.dll,PrintUIEntry /Xs /n “Name” PortName “IP_192.168.3.1”

The /Xs tells it to set printer options, /n “Name” specifies the name of the printer as it appears in Windows, and PortName “IP_192.168.3.1” is specifiying the new port for the printer to use.  Setting the printer back to normal is as easy as changing the PortName to the original port.  You can put these commands in a batch file and set it as a scheduled task to redirect a primary printer when some other application will have dedicated access to it.

There are many more options and settings you can adjust with PrintUI, and you can get all the documentation on it from Microsoft.

Fix for Windows Update Error 0xC800021F

If you are getting error 0xC800021F on the Windows Update site on your Windows 2000 system, open a command line and run the following commands: 

regsvr32 msxml32.dll /s
net stop wuauserv
cd /d %windir%\SoftwareDistribution
rd /s /q DataStore
net start wuauserv

This will register the MSXML DLL file correctly, then stops the Automatic Updates service (so that no temp files are locked), deletes the cache for Windows Update, and finally restarts the Updates service.  After you have done this, you should be able to run the Windows Update website normally.