Today I was reusing some old (pre vista) code the retrieves the Logon SID that I wrote a few years ago. The Logon SID is a special SID that identifies a logon session that has the form S-1-5-5-X-Y.

You can view your Logon SID with Process Explorer, right click a GUI process, select Properties and goto the Security Tab:

(more…)

The GetTokenInformation function can be used with the TokenLinkedToken Information Class on Windows Vista and higher to the linked (Elevated) token.

This is useful when User Account Control is enabled and you want to launch an elevated process e.g. from a service.

This example code fails however when User Account Control is disabled:

GetLastError() returns 1312 which is defined in winerror.h as ERROR_NO_SUCH_LOGON_SESSION with description “A specified logon session does not exist. It may already have been terminated.”

So you should check if User Account Control is enabled in such cases (or make this error non critical).

Snippet below can be used to programmatically determine if User Account Control is enabled:

Modern systems usually offer different SATA Operation Modes such as ATA, AHCI or IRRT.

The AHCI mode offers extra features such as hot swapping and native command queuing.

Many vendors set the SATA Operation Mode to ATA by default because it’s the most compatible mode but there are a few reasons why you might want to change it:

• AHCI has a higher performance than ATA.
• AHCI is a requirement for the TRIM command.
• AHCI is required for self encrypting hard drives

Please note that the IRRT (integrated raid) mode is supposed to support all functionality of AHCI but in my experience it doesn’t.

So the question is: how do we switch the SATA Operation Mode from ATA or IRRT to AHCI?

(more…)

If you want to check if you are running on a Server Core edition of Windows you can use the GetProductInfo API.

GetProductInfo takes 4 input parameters that can be obtained using GetVersionEx and the OSVERSIONINFOEX structure:

No we call GetProductInfo:

(more…)

I just recorded a SasLibEx Screencast, it shows some of the very powerfull features of SasLibEx.

The following features are shown:

• Simulate Ctrl Alt Del (Secure Attention Sequence)
• Cancel Ctrl Alt Del
• Lock Workstation
• Unlock Workstation (without credentials)
• Disable Ctrl Alt Del
• Enable Ctrl Alt Del again
• Cancel pending UAC request
• Is Desktop Locked

I often hear that people configure the Paging File (on Citrix or Terminal Servers) on a seperate volume but, the reasons is either performance or the chance that the Paging File might corrupt the volume.

However if at some point you would like to create a Memory Dump you must have a paging file on the boot volume.

For a Small memory dump you need at least 2MB Paging File on the Boot Volume but for a Full Memory Dump you need a Paging File that is sufficient to hold all the physical RAM plus 1 megabyte (MB).

Side Note: with the increasing ram of today’s servers, how long does it take for a full memory dump to be saved when you have lots of gigabytes?

See also: Overview of memory dump file options for Windows Vista, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows XP, and Windows 2000.

If you are implementing a Citrix, Terminal Server or even just a plain Client-Server environment you will need to create a Default User Profile at some point.

The Default User Profile can be thought of as the initial registry settings that are used when a new profile is created.

Many people think that the Default User Profile is available in regedit via HKEY_USERS\.Default but this is NOT the Default User Profile.

(more…)

Today I wanted to install the Dutch Language pack for Internet Explorer 8, the Dutch language comes as part of the Windows Internet Explorer 8 MUI Pack (in my case the version for Windows Server 2003 SP2).

If you install the MUI Pack you will always end up with all 35 (!) languages installed. This behaviour is the same as the language pack for Internet Explorer 7 that I wrote about earlier (see Modifying Microsoft Updates and/or hotfixes)

The solution is really the same as for the IE7 language pack: you modify the inf file (in my case update_srv03.inf) but if you run update.exe it will refuse to use your modified inf file:

So we need to patch update.exe to accept your modified version!

(more…)

Have you developed an application that accesses files and may stop because a file cannot be accessed but you need to?

Since Windows Vista it is possible to find out the name of the application which holds open a file.

And we have created a solution for you that doesn’t require a driver, nor does it need Administrator rights! Just plain user source code for you to use instantly.

We have developed a solution in Delphi that can show your user which application stalls your application. Look at these screenshots:

In fact, these dialogs are only for demonstration purposes. But you can get them in addition as a Delphi project!

The code itself is fairly easy to use. We have developed an extension to the official IFileIsInUse Interface from Microsoft.

All you have to do it to call this function provides by us:

The name of the app is returned by the method GetAppName. And if the other application supports IFileIsInUse (call method GetCapabilities) interface you even can close the file or switch to the window.

You’ll see how it works in the demonstration project (images above) accompanied by the function GetFileInUseInfo.

Currently, we only offer a Delphi solution. C++ may available in future or when there’s enough demand for it.

Please use the Contact Form to get more information about how to obtain the solution and conditions.