The Mole #24: Technical Answers from Inside Microsoft - Selective SMS, Windows 98 Clock, WINS, Backtalk
December 20, 1999
Editors Note The questions and answers below are from the Inside Microsoft column that appears regularly on the TechNet Web site at the following location: https://www.microsoft.com/technet/community/columns/insider/default.mspx. To find out how to submit questions of your own, see the end of this article or go to https://www.microsoft.com/technet/community/columns/insider/default.mspx.
The TechNet Mole provides expert answers from deep within Microsoft to questions from IT professionals. This installment focuses on these issues:
Selectively Running Systems Management Server on Particular Systems
Clocks Not Playing Well with Others
WINS Not Communicating through a Firewall
Backtalk
Corrupt Pagefiles
Disabling Administrative (or Hidden) Share
Yeah, But Who Says?
Those pesky encrypted passwords
On This Page
Selectively Running Systems Management Server on Particular Systems Clocks Not Playing Well with Others WINS Not Communicating through a Firewall BACKTALK Credits
Selectively Running Systems Management Server on Particular Systems
Mole,
I have a user that logs into our NT domain with two machines. One is a desktop running NT 4.0 workstation and the other is a notebook that is running Windows 98. I would like to make it so that only his NT machine is a client to SMS and the Notebook is not. How can I do this? I tried to take the smsls.bat out of his profile in NT so it will not run when he logs in, but SMS just puts it back in.
We have Windows Networking client installation method enabled in the SMS server and it is set up to modify the login script of all users. I cannot figure how to set this up for only certain users, and not all of them. How do I remove SMS client off of a computer?
Tom Kane, Lantronix
Dear Tom,
The best way to address this problem is not to remove the client from a particular computer, but to create a customized logon script for a particular user. You do this using a nifty scripting utility called KiXtart, developed by Ruud van Velsen of Microsoft Benelux. KiXtart lets you conditionally display information, set environment variables, start programs, connect to network drives, read or edit the registry, and/or change the current drive and directory using a free format 'script language'. All that, and it's available for download at https://kixtart.to/, right now, absolutely free. (Picture Mole using this little interlude to pop the top off a can of Mountain Dew and answer an email or two.)
Got it? Okay. Now use your cool new tool to create a default logon script for your user. Let's call it DEFAULT.BAT. Within DEFAULT.BAT, you call a KiXtart script that will determine the version and OS the user is currently on and execute the proper commands, as shown in the sample script below:
IF @INWIN = 1 SHELL "C:\WINNT\SYSTEM32\CMD /E:1024 /C " + @LDRIVE + "\SMSLS.BAT" Else Exit Endif
What this says is—If the OS = Windows NT then Run the smsls.bat from the netlogon directory. If it equals anything else, you're outa there.
And so's your Mole. Not without kind regards.
Clocks Not Playing Well with Others
Mole,
I have three workstations running the first edition of Windows 98 and the internal clock does not sync properly with the Real Time Clock ("RTC") on the motherboard. The workstations lose time at different intervals. One may lose 5 minutes one day and 4 hours the next. If I reboot the computers, the windows clock will resync with the RTC and then it starts losing time again. Any ideas?
Marshall Brinson
Hey Marshall,
Cool problem, man. Mole suspects a conflict between the operating system, third party applications and the Advanced Power Management feature of some computer's BIOS. Finding the real culprit requires using a rather rigorous (did Mole say tedious?) process of elimination.
Here's how Mole would proceed.
Disable Advanced Power Management in your computer's BIOS. For this step, refer to your original hardware vendor's printed or online documentation. Your goal is to allow Windows 98 to handle the functions of Advanced Power Management, thereby resolving the conflict. If this doesn't help, proceed toU
Let the computer run in Safe Mode overnight. When starting in Safe Mode, only the mouse, keyboard, and standard VGA device drivers are loaded. Since Safe Mode bypasses startup files, including the Registry, CONFIG.SYS, AUTOEXEC.BAT, and the [BOOT] and [386Enh] sections of SYSTEM.INI, it's a great way to eliminate variables. With real-mode and Windows drivers out of the picture, you can tell if your System Clock is running right. If it is, you can reasonably suspect your problem is application-specific. To enable your computer to restart in Safe Mode (always a neat trick to have in your troubleshooting kit), perform the following:
a. Go to Start > Run > and type in "msconfig", without the quotes, and click OK
b. In the System Configuration Editor window that loads, click the 'Advanced' button towards the bottom right.
c. In the 'Advanced Troubleshooting Settings' window, place a check next to "Enable Startup Menu"
d. Click OK, then OK again. Click Yes as prompted to save changes.
e. Restart your computer normally. When Windows 98 begins to restart, you will see a text-based menu appear. Select the option labeled "Safe Mode" and press Enter.Note: After troubleshooting the time loss problem you will want to remove this menu. To do so, repeat steps a - d above and De-Select the "Enable Startup Menu" option.
Questions are good troubleshooting tools, too. Here are some Mole would ask in your position. If the answer to a question is "Yes", disable that application/function (one at a time, please) and let the machine run for a while to see if the change affects the time-loss problem.
What, if any, Anti-Virus software is being used (such as Norton Anti-Virus, McAfee's, etc.)?
What system utilities run when Windows starts (such as CyberMedia's First Aid, Norton Utilities, etc.)?
Is there a screen saver running on the computer? If so, is it a Windows screen saver, or one from a third party?
If you've gotten this far and still haven't solved the problem, there's one more thing to consider. Mole hesitates to be Ageist here, but are the problem computers—ahem—getting on in years?
Most CMOS batteries last for five to ten years. If your machines are approaching this age, check it out.
Stay warm. Stay dry.
WINS Not Communicating through a Firewall
Dear Mole,
I have WINS running on two servers that communicate over 10/100 3Com Super Stack II 3300 switches. I am getting error 4202, and used TechNet to find an answer. The answer that was given was that WINS doesn't communicate over a router or firewall. What can I do to fix this error?
Paul Czerniak, IT Administrator
Hi Paul,
Retracing your footsteps, Mole arrives at Knowledge Base article **174395:**Event ID 4202 Attempting WINS Replication across Router that not only describes your situation, but offers a solution:
"Contact your router or firewall vendor for information on how to enable forwarding of TCP port 42."
And here's a bit more useful information. In **179442:**How to Configure a Firewall for Windows NT and Trusts, it says:
Name resolution that requires DNS and WINS to replicate requires the following ports to be open:
PORT 53 (TCP and UDP) for DNS
PORT 42 (TCP and UDP) for WINS Replication
These things considered, you should be able to make those servers talk.
BACKTALK
Corrupt Pagefiles
Mole,
In reply to your response to Markus Steele's question on corrupt pagefiles, one possibility that you have failed to mention/ask about was whether the NT 'system' account had the correct permissions to access the pagefile. If not, then after the server is re-booted, it would display a corrupt pagefile error when logging in.
Jim Coote
Jim, Good catch!
If what Jim describes is the situation that you find yourself in, then to resolve the issue, grant Full Control permission to the System account for the physical directory in which pagefile.sys resides. Grant the permission thusly:
In Windows NT Explorer, right-click the physical directory where pagefile.sys resides.
Click Properties.
On the Security tab, click Permissions.
In the Directory Permissions dialog box, click Add.
In the Names list, click System.
In the Type Of Access box, click Full Control.
Click Add, and then click OK until you return to the desktop.
Disabling Administrative (or Hidden) Shares
Mole,
Usually your answers are right on, but your answer for the following question posted in the column titled, The Mole #16: Technical Answers from Inside Microsoft - Securing Groups, NT Upgrade, Internet Cache, 40 or 128-Bit, is wrong:
Is there a way to have Windows NT 4.0 Workstation/Server start without the C:drive default sharing? Otherwise is there a registry setting to change the default from C:\ Shared to C:\ Not Shared?
Mole responded with
Nope. No way. Never happen.
Default administrative shares are created for the Windows NT root directory where the system files are kept, and for the root of each hard drive partition.
Actually, you can disable the creation of the hidden drive shares.
For NT Servers or Workstations: In System Policy Editor, drill down Computer \ Windows NT Network \ Sharing and disable the applicable checkbox—'Create hidden drive shares (workstation)' or 'Create hidden drive shares (server)'.
To do this via the Registry, run REGEDT32, drill down the following path:
HKEY_LOCAL_MACHINE \System \CurrentControlSet \Services \LanmanServer \Parameters
The registry entry (for a NT Server machine) is 'AutoShareServer'. Change the Data value to 0 (zero).
To disable the creation of hidden drive shares on a workstation, again in REGEDT32,
Go down the registry path to: HKEY_LOCAL_MACHINE \System \CurrentControlSet \Services \LanmanServer \Parameters
The registry entry for workstation is 'AutoShareWks'. Change the Data value to 0 (zero).
Larry Passo, Principal Systems Engineer, QuickStart Technologies
Dear Larry,
Thanks for correcting Mole's short sightedness. It's an occupational hazard for those live below ground. In the interests of your system's integrity and Mole's job security, he hastens to remind you that the usual strong cautions about messing about with the registry should be heeded. To wit:
Warning: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.
For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD).
Yeah, But Who Says?
Hi Mole,
Re: your reference of the quote "God is in the details" in the Mole Column titled, The Mole #11: Technical Answers from Inside Microsoft - Windows 98, OLE, Web Pages, Boot Disk, KB Search, HCL, Memory Bleed.
It was spoken by (Ludwig) Mies van der Rohe, modern movement architect, sometime in the 1940's I think. He was the architect of the Seagram Building, New York and the Illinois Institute of Technology campus amongst other things.
Regards, Marc
Marc,
Thanks for that information. The latest edition of Bartlett's Familiar Quotations does recognize "God is in the details" as a favorite aphorism of Mies van der Rohe and the art historian Aby Warburg, though neither was the author. Some attribute it to French novelist Gustave Flaubert—Le bon Dieu est dans le detail—but it's quite possible the thought originated long before the 19th century.
Anybody else?
Those pesky encrypted passwords
Mole,
I was unable to use your solution on your column, The Mole #17: Technical Answers from Inside Microsoft - Upgrading IE, Passwords, DHCP, NT Domains, WINS, NT Configuration, regarding how to get connectivity to other OS's via a local network from Win98. I had entered the Registry key that you have listed there, in the location that you had said (HKEY_LOCAL_MACHINE SOFTWARE\ MicrosoftWindows\ CurrentVersion\ Policies\ Network \DisablePwdCaching = 1) and it still came up with the same response: "The password is incorrect. Try again."
Well, fortunately, a buddy of mine had already agonized through this problem and found another solution... Put the necessary key (D_WORD:EnablePlainTextPasswords = 1) with the host information of the machine. Where it needs to be is:
\HKEY_LOCAL_MACHINE \System \CurrentControlSet \Services \VxD \VNETSUP
This worked for a Win98 terminal on our network, which is predominantly a Linux network, but we have stations running SunOS, IBM AIX, SCO, NT 4.0, Win95 & Win98 on it, as well.
Brad Kaatz, Technical Manager, ParaSoft Corporation
Brad,
Once again dramatically illustrating that two heads are worth, well, two heads. Thanks for the alternative solution!
Credits
Mr. Jamie "KiXtart" Spake. Mr. Lon Collins.
We at Microsoft Corporation hope that the information in this work is valuable to you. Your use of the information contained in this work, however, is at your sole risk. All information in this work is provided "as -is", without any warranty, whether express or implied, of its accuracy, completeness, fitness for a particular purpose, title or non-infringement, and none of the third-party products or information mentioned in the work are authored, recommended, supported or guaranteed by Microsoft Corporation. Microsoft Corporation shall not be liable for any damages you may sustain by using this information, whether direct, indirect, special, incidental or consequential, even if it has been advised of the possibility of such damages. All prices for products mentioned in this document are subject to change without notice.