Duplicate computer name prevents Active Directory domain logon

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

I came across an interesting problem a few nights back… I locked myself out of a Windows XP computer. Here’s how it happened, along with how I got back in.

First, I built a new Windows Server and inadvertently used the same name as an existing Windows XP computer. Then I joined the server to an Active Directory domain (from this point on, the machine that was originally using the computer name is unable to authenticate with the domain as its password will have been overwritten when the duplicate machine joined the domain).

I then turned on the Windows XP computer. Because this machine is a notebook PC and wasn’t connected to the network at the time, I logged in using cached credentials; however after installing a wireless network card and restarting the computer, I was presented with a message that indicated I could not log on to the domain. Unfortunately I didn’t make a note of the exact message at the time, but looking back, I can see the NetLogon event 3210 in the system event log, the description for which which tells me exactly the problem:

This computer could not authenticate with \\domaincontroller.domainname.tld, a Windows domain controller for domain domainname, and therefore this computer might deny logon requests. This inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. If this message appears again, contact your system administrator.

Realising my mistake, I logged on using a local account and tried to rejoin the domain. Except that I couldn’t, because, as per Microsoft’s advice, I had disabled the local administrator account when I joined the domain and all I had available to me were standard user accounts.

Luckily Daniel Petri has published an article with a workaround for when a Windows computer cannot log on to a Windows Server 2003 domain due to errors connecting to the domain. By removing the network cable and restarting, I could log on as a domain administrator using cached credentials. Then, I enabled the local administrator account and changed the computer name before moving the computer out of the domain and into a workgroup. I then rebooted (with the network cable connected), logged in using the re-enabled administrator account and rejoined the domain (with the new computer name), before disabling the administrator account again.

Phew!

This is how easy it is to fall into the malware trap

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Last year, I wrote about the perils of being an IT professional – namely being expected to fix family and friends’ PCs for free… well, for the last 24 hours, I’ve been removing malware from what was possibly the worst-infected PC I’ve ever seen!

Some time ago, I gave an old laptop to my Mum and her partner as they wanted to learn to use e-mail and the Internet. I set them up with Windows XP, Firefox and Thunderbird (on reflection I should have used Outlook Express – it may be a poor e-mail client but it’s what all the text books for Windows XP will assume) and they have become quite attached to it.

At first they had a dial-up connection but they recently upgraded to high-speed ADSL (as did my in-laws… how come all the silver surfers in my family have a faster Internet connection than I do?) and that’s where the trouble started.

First of all “a friend” installed some software for them. Nothing unusual, just stuff to clog up a system that was never going to be very fast (an aging Compaq Evo N410c with a 1GHz Pentium 3 Mobile processor and 256MB RAM) – free stuff like Google Pack and AVG Anti-Virus software. I got a call to say the PC was taking an age to start up and when I investigated, I found that AVG was performing a full scan on startup (which was probably causing conflicts with the copy of Symantec AntiVirus that I had already installed). I removed the offending software and startup times returned to normal.

Then, today, I was told that the PC was reporting that it had a “Trojan” installed and it kept on opening adult websites. “Oh dear”, I thought… “bring it over and I’ll take a look”, I said.

First, I disconnected all of my other computers from the network! Next, I removed all the unnecessary software. Then, I connected to the Internet and ran the Windows Live OneCare Safety Scanner… except that after 6 minutes it was only 6% complete, so I left it for a couple of hours, ignoring the pop-ups which kept appearing (in spite of Internet Exploder Explorer 7’s pop-up blocker).

When I came back, there were 50 instances of Internet Explorer (IE) running – or more accurately 50 instances of IE that were hogging resources and had hung…

Time for plan B. Open Firefox and run Trend Micro HouseCall – using a non-Microsoft browser would mean no ActiveX and therefore I could safely crash IE if necessary without losing the results of the scan (HouseCall can use Java with browsers without ActiveX support). This time I stayed with the PC and was amazed at the popups that appeared – some of them could easily fool a novice user into thinking that they were real:

Fake security warning
Fake security warning
Fake security warning
Fake security warning

Fake security applications such as Live Safety Center, WinAntiVirusPro 2006 and DriveCleaner sound quite authentic really, as do notifications claiming to have detected fake malware such as Trojan-Spy.Win32@mx and NetWorm-i.Virus@fp, inviting the user to click and install “official security software”. Similarly, for many users, an ActiveX warning which reads This website wants to install the following add-on: ‘WinAntiSpyware2007FreeInstall.cab’ from ‘WinSoftware Corporation, Inc.’. If you trust the website and the add-on and want to install it, click here. would be pretty convincing.

Eventually, I realised that if I closed IE, leaving HouseCall running within Firefox, the popups stopped (although the fake notifications continued). Unfortunately, HouseCall failed at the cleaning stage, so time for plan C.

Plan C was to download, install and run AdAware SE Personal Edition. Normally this would have been the first tool I used but I figured that the malware on this system would detect something as well known as AdAware and prevent it from installing. Not so – after a few minutes it had identified 67 critical objects (including two Trojans with with TAC ratings of 10) and cleaned them from the computer. Then, just to be sure, I restarted the system and ran AdAware again (just two critical objects this time). Then, I ran the Windows Live OneCare Safety Scanner again to give a full system check.

It took a few attempts to finally remove everything (as well as manually removing a suspect registry entry from HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ and running cleanmgr to launch the Windows XP Disk Cleanup utility and delete all but the most recent system restore points) but after getting the all clear from two separate tools, I was satisfied that the PC had been disinfected.

Cleaning up this mess has taken a whole evening, a good chunk of last night, and most of today too so how can I stop this from happening again? “Don’t click on anything that you don’t expect to see” is all very well but if you’re a novice then how do you know what is expected and what isn’t?

I don’t know the answer but it’s bl**dy annoying. Needless to say I’ll be removing the existing anti-virus software from that PC and installing something a little more comprehensive. Windows Live OneCare has a 90 day free trial – maybe I’ll give that a go.

Manually removing entries from Windows’ add/remove programs list

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Earlier today, I was clearing down an old PC in preparation to donate it to a worthy cause. I remembered that installing Windows XP on it had been a long process, so I just removed the data (nothing sensitive, so no need to securely delete anything), uninstalled the applications and hacked the registry to change the registered owner/company (look for RegOwner and RegCompany string values for various products throughout the registry but the main ones I wanted to change were the RegisteredOrganization and RegisteredOwner string values in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion as these are the ones shown in the system properties – the easiest way to find them is to look up the registered to values in the system properties and search the registry for the appropriate string).

Although various installers had left behind subdirectories which needed to be removed manually, there was one application for which the uninstall failed but repeated attempts resulted in an error – leaving behind an entry in the Add or Remove Programs Control Panel applet. I needed to know how to remove this entry and found the answer in Microsoft knowledge base article 247501 – it involved more registry hacking to find the appropriate entry in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall but it did the trick.

Note to ego: I am a blogger, not a journalist

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Last week I wrote about how I was expecting to feature in a couple of upcoming articles for Computer Weekly and The Independent. In future, I should remember that what is said to a journalist is not always the message that makes it to paper and what is written is not always what is published!

My part in Rob Griffin’s how to blog your way to fame and fortune article was short and sweet, but that’s fine – Rob was a nice guy to chat to and getting so much information into 1500 words is always going to mean that there’s only room for a small soundbites from the likes of me. I’m also a techie, whereas the target audience for the article was a typical consumer who’s heard about blogging and wants to give it a go. The original idea was that I might feature in a case study, but in reality I’m a small-time blogger who can cover his hosting costs and buy the odd gadget with his advertising revenue – nowhere near the £2000 a month that the chosen case study (Craig Munro) says is possible. In fact, whilst that figure is theoretically possible, most bloggers won’t get near that sort of income because it would be a full-time task (and someone who can write that much original content could earn more in a proper full-time job).

Computer Weekly’s pretty interfaces alone do not make a business case was slightly disappointing. I was asked to rewrite two existing blog posts into about 500 words for publishing in Computer Weekly. After a few hours of unpaid editing and redrafting, I submitted a piece entitled Windows Vista is finally here… but XP’s not dead yet; however editorial considerations have meant that just over 500 words became just under 300. I’ll admit that what was published was much punchier than my original submission, but it inevitably lost some of the background information and slightly distorted the message (this is what I actually wrote). Still, at least I got a link back to this blog from a well-respected publisher (which may help to drive traffic to the site – a cursory glance over my web stats reveals no evidence of that yet though).

So what should be learnt from this? Firstly, that bloggers are not journalists (at least most of us aren’t). Blogging is a time-consuming creative process that can be fun but is unlikely to make you a fortune. Secondly, print media is a hard world that takes no prisoners. If you submit something for publishing, expect the final result to differ from your original creation.

Why Windows Vista doesn’t mean that XP is dead (yet)

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Last night, I wrote a post about how Windows Vista is finally here but that Windows XP users are long overdue a service pack. Well, having read it again in the cold light of day, I think I should add some clarification.

I’m not suggesting that organisations stick with Windows XP for an extended period (I believe that Gartner has suggested corporates wait until 2008 – although many organisations will have been looking at Vista for a while now and will be ready to upgrade before then). All I’m saying is “great, Vista is here, but we’ve been waiting for a service pack for XP for over 2 years and now you’re telling me it won’t be here until 2008”. After all, based on XP SP1 and SP2 release dates, we should have seen SP3 already and be looking at SP4 soon.

I also appreciate that even Microsoft doesn’t have infinite resources and that the Windows product group have been pretty busy with Windows Vista, Windows Server codenamed Longhorn, and keeping Windows Server 2003 SP2 on track. Maybe delaying service packs is Microsoft’s way of gently nudging us all towards Vista – after all they don’t want a repeat of the scenario where a report published in the summer of 2005 suggested that there were still more organisations using Windows 2000 than had upgraded to XP (3 and a half years after XP was generally available).

My personal view is that the majority of Windows Vista installations (at least in the first 12 months) will be from consumers and small-medium enterprises (SMEs). Many corporates will receive Vista on new hardware and downgrade to standard operating environments based on Windows XP and once these organisations do start to upgrade, I believe it will mainly be those with Windows 2000 PCs that move first. With that in mind, I figure that XP will be around for a while yet, regardless of Microsoft’s support lifecycle policy, which currently says that “Mainstream support will end two years after the next version of this product is released. Extended support will end five years after mainstream support ends”.

If Windows 2000 is anything to go by, then there will be many organisations running unsupported (or extended support) instances of Windows XP for a while yet.

Windows Vista is finally here… but Windows XP SP3 will be 4 years too late

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

They did it! Microsoft finally released Windows Vista to manufacturing today but I have to say I’m a little underwhelmed. Not with the Vista product, which on one level is a great achievement (although I’ve written before about how I’m struggling to find a compelling reason for corporate users to upgrade), but with the way that us Windows XP users have been treated in the interim period.

A few years back, in common with many IT Managers, I signed up to a Microsoft Select agreement including software assurance (SA), but we’ve had no operating system upgrades since Windows XP was launched in 2001 – 5 long years during which our agreements have long since expired (in fact, I left that particular company almost four years ago!).

Sure, we had a pretty major security overhaul in Windows XP service pack 2 (SP2), but that was over two years ago. Last year I speculated about the imminent arrival of Windows XP service pack 3 (SP3), only to be proved wrong and to learn that it was scheduled for 2007. Then, a couple of weeks back, Thomas Lee highlighted that this, long overdue, service pack is now expected in 2008.

I know that many organisations are still trying to swallow SP2 but 4 years to wait for a service pack is just too long (4 years is the expected period between major operating system releases, not a service pack – service packs should be shipped every 6-12 months and should consist of bug fixes, but not new functionality).

Windows Vista will soon be available to volume license subscribers and will soon be the standard for new PCs, but there will be many of us running Windows XP for quite some time yet. Sure, I can download a bunch of individual updates, but surely Microsoft can get a Windows client service pack out of the door sooner than 2008 (Windows Server 2003 SP2 is still scheduled for next spring).

Thanks Microsoft, for your valiant efforts to ship Windows Vista. It’s been a long time coming and I should really be pleased, especially as the media reports that future Windows releases won’t be so spread out; but now, for those of us who paid for SA that we never got the opportunity to use, how about another service pack that we don’t have to wait an age for…

Creating a customised Windows XP CD using nLite

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Last night, when I was installing Windows on my Mac, I needed a Windows XP CD with service pack 2 included (i.e. a slipstreamed service pack as Apple Boot Camp doesn’t allow the use of a non-SP2 CD). I didn’t have one – only a Windows XP (RTM) CD, an integrated SP1 CD, and an SP2 update CD – but that’s no problem, as you can create your own slipstreamed XP SP2 CD.

The official method linked above works well, but (as highlighted in the August 2006 edition of Personal Computer World magazine) there is an easier way – using the excellent (and free) nLite deployment tool for unattended Windows. After copying the contents of my original Windows XP (RTM) CD to a temporary location on my hard disk, I was able to use nLite to integrate the service pack (from my SP2 CD) and make a bootable .ISO image of the new distribution (ready for burning to CD using the software of my choice) using just a few mouse clicks. I could also have integrated drivers (e.g. the ones from the Macintosh driver CD that Boot Camp creates), included updates/patches, removed components, applied tweaks and generally customised the Windows XP installation to suit – all using one simple wizard.

Thanks to Dino Nuhagic (Nuhi) for creating nLite (and for making it free) – it really is a very useful tool.

Installing Windows on my Mac

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Tonight, I committed heresy – I installed Windows on my Mac.

Ironically (and this is where I need to eat a small amount of humble pie, having previously criticised the OS X interface – although I did also say that I don’t like the new Windows Vista Aero interface or KDE), when I bought my Intel-based Mac the intention was to run Windows but then I decided to give Mac OS X a spin and I quite like it. There is a big caveat though – most Mac users zealots will say that once you switch you’ll never want to go back and I don’t fall into that camp. I now run Windows XP SP2, Windows Server 2003 SP1, Windows Vista beta 2, Mac OS X 10.4.7 and SUSE Linux 10 on my various machines (some virtual, some physical) and each has it’s place. The fact that I can dual-boot between the two that I use for my desktop work is an added bonus.

Although Mac OS X, iLife 06, Microsoft Office 2004 for Macintosh and Microsoft Messenger for Mac provide enough features to cover at least 90% of my daily computing needs, I do still need to use Adobe Photoshop (and that’s not yet optmised for MacIntels) and Microsoft Money 2000(although I’m sure there’s something available for the Mac that I could use instead). I also have legacy (and partially complete) digital video that I edited using Windows Movie Maker 2.0 and I don’t have the time to re-edit it. For that reason, Windows will be on my Mac for a while.

I chose to use Apple Boot Camp (v1.0.2 Beta) – other methods of installing Windows XP on a MacIntel are available – and the rest of this post summarises my experiences of this (relatively straightforward) operation.

The first thing to note is that Boot Camp is currently beta software and although no indication is given of how long it will continue to work for, the licensing agreement does make it clear that use of the software is for a limited time only. It’s also unsupported.

The Boot Camp beta is provided in a disk image file called BootCamp102.dmg. This contains three files:

  • Boot Camp Beta Installation & Setup Guide.pdf
  • BootCampAssistant.pkg
  • Read Before You Install.app

The first of these files is an extremely readable, 17-page, document that describes the basic steps to install and configure Boot Camp; however there are some extra points highlighted below that might be useful.

Firstly, my brand new Mac didn’t have the latest firmware on it. Although Software Update said I was up-to-date from a software perspective, I also needed to download and install Mac mini (early 2006) Firmware Update 1.0.1. This successfully brought my firmware up from MM11.004B.B00 to MM11.0055.B03 but it’s also worth planning for less successful updates. Apple’s advice for dealing with failed firmware upgrades requires the Firmware Restoration CD v1.0. As this is supplied in an Apple disk image (.DMG) file, it’s probably worth burning a copy before attempting to upgrade the firmware on your Mac (unless you have another Mac available – .DMG files aren’t much help if you have blown up your Mac and need to download/burn a CD using another operating system).

Once all the prerequisites have been met, running the Boot Camp Assistant is straightforward enough, guiding the operator through the process of creating a Macintosh Drivers CD and creating a disk partition for Windows; however before Boot Camp would let me start the Windows XP installation it insisted on restarting the Mac (using the Power button), resulting in an unclean shutdown (which thankfully didn’t cause any major issues later).

The Windows XP installation is just like any other – although I noticed that it detected my external hard disk (I don’t remember any previous Windows installations recognising USB-attached drives but I may be wrong – I’ve done so many over the years that I probably don’t notice any more). I followed Apple’s advice and installed Windows on the third partition on my internal hard disk (C:) and formatted the disk using NTFS. One downside of the installation is that because the drivers for the Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller are not present within the Windows media, there was no network available during installation to join a domain – not a problem as I could install in workgroup mode and join the domain later.

Windows XP installation on an Intel Mac Mini

After installing the Macintosh drivers and software (with one reboot required part-way through), everything was looking good; however beware that there are three unrecognised devices shown in Device Manager:

  • USB Human Interface Device (USB\VID_05AC&PID_8240\5&12F9C752&0&2).
  • PCI Device (PCI\VEN_8086&DEV_27A3&SUBSYS_00000000&REV_03\3&B1BFB68&0&38).
  • Unknown Device (ACPI\IFX0101\1).

Apple does point out that certain devices are not supported under Windows XP and for the Mac Mini that includes the Apple Remote – I suspect that’s the USB device. At the time of writing, Craig Hart’s PCI and AGP vendors, devices and subsystems identification file doesn’t recognise the PCI device although the vendor class is Intel. The ACPI device is a mystery.

I also found that the headphone socket doesn’t mute the internal speakers when running Windows (it’s fine with Mac OS X) but I can live with that.

Having installed Windows there was some basic housekeeping to be done: join my Active Directory domain (to pick up group policy for Windows updates); install anti-virus software; label the Windows partition to give it a sensible name; and set the default operating system to be Mac OS X. Finally, I installed MacDrive v6.1.4 to allow read/write access from Windows to the external hard disk that holds my data files and is formatted as Mac OS Extended (Journalled) (I previously found the 4GB file size limit with FAT32 to be too restrictive).

So that’s it. After months of talking about it, I finally have Windows running on a Mac – albeit not the Media Center Edition, and without the use of my remote control.

(My digital) life is good.

Unable to edit group membership for a Windows XP user

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Earlier this evening, I was creating a local user on a Windows XP computer using Local Users and Groups from the Computer Management MMC snap-in (compmgmt.msc). Strangely, clicking on the Member Of tab produced the following error:

Local Users and Groups

The following error occurred while attempting to read the properties for the user accountname:

The Server service is not started.

I’ve seen this before and this time I thought I should did a little deeper. Running net start server from a command prompt returns:

The service name is invalid

I quickly found a workaround – instead of editing the user properties to make them a member of a group, edit the group properties to add the user as a member. Quite why it works this way around but not the other is a mystery to me!

Running childrens’ games using IIS on Windows XP

Posted on By Mark Wilson
This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

My son is fascinated with computers. It could be because every time he sees his Daddy I’m using one… or it could be just a sign of the times. Either way, we’re fast approaching the age when I need to set the little fella up with some IT of his own (he’s no longer interested in the old keyboard I gave him last year as he’s worked out that it doesn’t do anything on a screen).

Miffy Plays with NumbersMiffy's World of Colour and Shapes

On a recent trip to PC World, I spotted some educational games for just £4.99 each, so “Miffy Plays with Numbers” and “Miffy’s World of Colour and Shapes” joined my software collection. This weekend, I found some time to rebuild an old laptop and install the games in readiness for use (they are marked as suitable for ages 2 to 5, although I think 2 might be pushing things a little). It shouldn’t really be a case of installing (the games in question appear to be a bunch of Shockwave files which run directly from the CD) but anyone with young children will know that optical media and toddlers don’t go very well together and so I’d like to run the applications from the hard disk.

Working out which files to copy wasn’t too difficult (in any case, copying the entire CD contents would be fine), but Internet Explorer wasn’t happy with the use of active content (requiring Information Bar interaction) and I couldn’t add a local file URL to the trusted sites list.

The answer was quite simple – Windows XP includes Internet Information Services (IIS), so I set the PC up as a web server and served the content from there. After installing the necessary IIS components (just select the world wide web service and the other necessary components will be selected automatically), I copied the game files to a new folder inside wwwroot. The next step was to create a new virtual directory (e.g. miffy-numbers) on the default web site and to follow the wizard, pointing it at my local copy of the files and accepting the defaults. Finally, I allowed access to the virtual directory (properties, directory security, edit anonymous access and authentication control) using integrated Windows authentication and added index2.htm to the list of documents (properties, documents), avoiding the need to accept the license agreement every time the program is run.

Now I can run the programs from http://localhost/virtualdirectory/ (e.g. http://localhost/miffy-numbers/) and have set up a couple of shortcuts on the desktop for my small person to launch them. The only downside is the recent Microsoft update that requires a control to be clicked to be activated before it will run (that is all down to a Windows XP update to circumvent a dodgy patent ruling against Microsoft and should be possible to resolve by removing the update that relates to Microsoft knowledge base article 912945).