Remko Weijnen's Blog (Remko's Blog)

About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like

Archive for January, 2011

Determine the System Page Size

Just a quick note: if you want to determine the page size of the OS (Windows) you can use the GetSystemInfo function.


Note that MSDN recommends to use the GetNativeSystemInfo function when running in a 32 bit app on an x64 OS (and you can use the IsWow64Process function to determine that).

One example where you need to know the PageSize is when you want to create a Paging File using the NtCreatePagingFile function because this function requires that the MinimumSize and MaximumSize parameters are a multiple of the PageSize.

Some interesting links on the subject:

The case of the UPS discovery not working

I am doing a project involving a Citrix Xenapp environment running on VMWare vSphere.

The physical machines are powered by two Eaton Uninterruptable Power Supplies that both a network card.

I received some documentation that describes how to implement automatic shutdown in a VMWare vSphere environment.

This documentation describes that a vSphere Management Assistant (vMA) must be deployed in which we need to install some software from Eaton.

I followed the documentation that even described the needed iptables rules needed for their software.

In the last step a discovery is done and the UPS is supposed to be found. And you have probably guessed by now: it didn’t!

At first I figured that maybe the iptables configuration was still too tight so I stopped the iptables service but that didn’t help.


As you may know, you can enumerate processes of a specific Terminal Server or Citrix session using the NtQuerySystemInformation function.

On x86 system the code below works fine:

While this works fine on Windows XP and 2003 x86, it fails to work correctly on the x64 versions of Windows XP and 2003 (or maybe even higher).

The problem is that RetLength is always SizeOf(SYSTEM_SESSION_PROCESS_INFORMATION) and thus we are in an endless loop!


SasLibEx Screencast

I just recorded a SasLibEx Screencast, it shows some of the very powerfull features of SasLibEx.

The following features are shown:

  • Simulate Ctrl Alt Del (Secure Attention Sequence)
  • Cancel Ctrl Alt Del
  • Lock Workstation
  • Unlock Workstation (without credentials)
  • Disable Ctrl Alt Del
  • Enable Ctrl Alt Del again
  • Cancel pending UAC request
  • Is Desktop Locked
SasLibEx Feature Demo #1

Recursive Groups #2

In my previous post I explained how to get the recursive group membership with a very simple Powershell Script.

Commenter Michel thought that the script only tested one level deep but it doesn’t.

But let’s prove that!

Create 3 Global Groups in your Active Directory and name them Level1, 2 and 3:


Make Level3 a Member of Level 2 and make Level a member of Level 1 and finally add an account to the Level 3 group:





Kofax VRS Unattended Install

Recently I needed to create an Unattended Install for an application that uses a piece of software (for scanning) called Kofax VRS.

This Kofax software comes with an .msi file but there was no documentation on the install options.

In fact it didn’t seem like the Vendor anticipated on an Unatttended Install.

I browsed in the msi file using Microsoft’s Orca tool and tried some of the properties I found in the public properties table.


Recursive group Membership in Powershell

In this post I will show an easy way to get the recursive group membership for the current user.

I use this in a logon script to handle certain tasks based on group membership.

Most scripts I see for this task do a manual recursive enumeration but in a large environment this could be very slow.

A better way would be to use the tokenGroups attribute of the Active Directory user object.

The tokenGroups attribute is an array of SIDs computed by Active Directory and is used to verify user access.

We need to translate these SIDs to their sAMAccountNames to get the actual group names.

In unmanaged code this could be accomplished by calling the DsCrackNames API or the IADsNameTranslate interface.


The case of the Annotations Toolbar

I got some interesting questions from a user today regarding TIFF images on a Windows 2003 based Citrix environment.

This user has an application that works with scanned documents and for each document exists both a pdf and a tiff version in the application.

By default the TIF (and TIFF) file extensions are linked to the Windows Picture and Fax Viewer in Windows 2003.

The user told me that some time ago she had an extra toolbar where she could perform some extra operations such as making a selection on TIFF images.

At some point in time this mysterious Toolbar disappeared and she was never able to get it back. She reported this to the helpdesk and the system administrator but they were unable to resolve this.

I hadn’t hear of this toolbar before but a Google Search led me to this page which explains the toolbar in question which is called the Annotation Toolbar.


Another packaging challenge

Another post on something that happened last week, this time it’s about a Java based Application again.

This particular application wanted to download three DLL’s from the Webserver to the Java bin directory.

This presents us with several issues on a multi user server such as a Citrix of Terminal Server:

  1. The user does not have write permissions in this directory
  2. If we we give the user write permissions here what happens when the DLL’s are in use by another user?

I assumed that if I preinstalled the DLL’s the application wouldn’t try to overwrite them but that didn’t work.

Then I monitored with Process Monitor if the Application wrote some kind of check file but at first I didn’t find anything.

So I decided to use the CorrectFilePaths shim to redirect the DLL’s to the user’s homedirectory (see Using the CorrectFilePaths shim to redirect an ini file to a writable location for an explanation).


Troubleshoot CorrectFilePath shim

A few days ago I was packaging an application that was writing an INI file in the application directory.

If you have read my earlier article, Using the CorrectFilePaths shim to redirect an ini file to a writable location, then you will probably think: create a nice shim and redirect that ini file!

But this application had a few challenges, the first being that it writes %COMPUTERNAME%.INI. The application’s developer probably assumed that a user is bound to one pc and that no other user’s use that pc.

To solve it we we need to catch all possible computer names (it would be nice if the CorrectFilePaths shims was able to accept wildcards and environment variables).

But it doesn’t so it means we have to add a parameter for each possible computer name. In my case that was doable because I have only 8 Citrix servers.

So I created a Fix using the Application Compatibility Manager as described in my previous post.

However it didn’t work, so I started to trace what happens.