Remko Weijnen's Blog (Remko's Blog)

About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like

Archive for February, 2011

Windows XP introduced the ability to use Fast User Switching (FUS from here on), which is implemented using Terminal Services.

But in some cases (i.e. when FUS is not enabled, or when you connect to the console in Windows 2003 server), the Winlogon process in an RDP session needs to transfer credentials to Session 0.

Although not documented in MSDN, the process of transferring credentials is described by Keith Brown in the June 2005 issue of MSDN magazine: Customizing GINA, Part 2.

WlxQueryConsoleSwitchCredentials and WlxGetConsoleSwitchCredentials are used in the transfer with the semi-documented WLX_SAS_TYPE_AUTHENTICATED SAS code constant.

Internally, winlogon.exe uses a Named Pipe, \\.\Pipe\TerminalServer\AutoReconnect, to implement both of these functions.

The pipe format is described in this structure:

The case of the intermittent hangs

Yesterday I had some intermittent hangs on the family pc, and old Medion MD-8800 PC.

Since there was no crash and thus no crash dump, there was nothing to debug.

I suspected a hardware issue and opened the pc and I noticed that there was an enormous amount of heat.

The CPU Cooler block was very hot, so after letting it cool down for a while I took it off and the visual inspection made the problem clear:


There is a very small opening between the fan and the cooler block so it’s really a design issue but nothing the vacuum cleaner can’t fix!

On a side note: as you can see on the first picture this pc has a nice display on the front that can display time & date, current item in Media Player, e-mail notification and so on.

I reversed the software that came with the display a couple of years ago so I can put my own things on it. If you are interested in it then let me know!

  • Filed under: General
  • Windows XP Cmd Prompt Patch

    A few days ago I needed to test a few things on a Windows XP Workstation running under a regular user account.

    I wanted to verify if some files and registry keys existed but Group Policies were in place that denied me access to the command prompt and regedit.

    While this may be a good thought to secure the pc it is not very convenient if you need to verify some settings.

    For that purpose I created patched versions of the Windows Server 2003 command prompt and regedit utilities.

    They are patched to ignore the Group Policy settings and I usually place them in some share, secured by NTFS permissions.

    You can read about it in my post: Registry editing has been disabled by your administrator (not anymore!).

    However due to kernel differences you cannot use the Windows 2003 cmd.exe on Windows XP (you can do it the other way round btw). So I decided to create a patched version of the XP version as well.

    I thought it might be interesting to show you how it’s done so here we go:


  • 1 Comment
  • Filed under: Windows XP
  • The Case of the Citrix Ready Printer Driver

    I had a very interesting issue today on a new Citrix XenApp 5 farm. We went into production yesterday and we noticed a number of issues:

    • Printing in general was slow, especially when a user connects to a printer for the first time.
    • User Profiles were rapidly growing in size (from the expected 1-2 MB to over 40 MB).
    • Logons took much longer then in the testing period (and since we use a Full Screen Desktop the user doesn’t see any progress).
    • Performance monitoring showed CPU spikes in Word, Excel and IE processes.

    I took a look at the profiles first and noticed that the size growth was due to a Xerox subfolder in %APPDATA%:

    Script to install SNMP

    In my project the monitoring group required that SNMP was installed and configured on all servers.

    I wrote scripts for Windows 2003 and Windows 2008 that I deploy from my Altiris Server.

    This is the script for Windows 2003:

    Restart Altiris Client Agent Service Tool

    After a restart of the Altiris Services or the Altiris Server some machines refuse to reconnect.

    They are shown in the Computers Tree with the Inactive state icon:


    The fastest way to resolve this is to restart the “Altiris Deployment Agent” service.

    I wrote a little commandline tool to make this easy for myself, it’s called AClientFix.

    If you don’t specify any parameters it will restart the services on the local machine. If you specify a Computername as parameter it will restart the services of a remote machine (admin rights needed of course).


    AClientFix (13595 downloads )
  • Filed under: Altiris
  • Move WSUS content folder

    I needed to relocate the WSUS content folder because it was placed on the C Drive (even though there was a 2nd 150 GB Data Partition) to prevent WSUS from filling up the OS Drive.

    Unfortunately there doesn’t seem to be a GUI option to do that, all Google searches lead to a GUI option for Small Business Server.

    The WSUSUtil tool can do it however, which is located in %ProgramFiles%\Update Services\Tools by default.

    You need to create the targetfolder and then issue:

    The tool will copy, and not move, the files to the new location and update the WSUS settings.

    So don’t forget to manually delete the old folder!

    The current storage location can be found or verified in the registry. It is stored in the ContentDir value in the HKLM\SOFTWARE\Microsoft\Update Services\Server\Setup key.

    See also Verifying WSUS Server Settings (although in incorrectly states the ContentDir value as Content).

  • Filed under: General
  • For my Reboot Script I needed to get the last character of the computername and convert it to an integer.

    We can do it like this in PowerShell:

  • Filed under: PowerShell
  • Blogroll