Sunday, October 12, 2008

Delete and Reset Windows Vista Folder Views or Folder Types Settings to Default Clean State

  1. Click on Start button.
  2. Type regedit in the Start Search box, and press Enter to run Registry Editor.
  3. Click Continue on User Account Control dialog prompt.
  4. In Registry Editor, navigate to the following registry branch:

    HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags

    Right click on Bags registry key in the left pane, and click Delete.

  5. Click Yes when prompt for confirmation to delete the registry key and all its subkeys.

  6. Next, navigate to the following registry key (it should be just below):

    HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU

    Right click on BagMRU registry key in the left pane, and click Delete.

  7. Click Yes when prompt for confirmation to delete the registry key and all its subkeys.

  8. Close Registry Editor.
  9. Log off and log on again or restart computer so that the registry keys can be rebuilt and recreated.
  10. After logged on, open Windows Explorer, go to Folder Options (Organize -> Folder and Search Options) View tab, and make sure the Remember each folder’s view settings is checked.
  11. To ensure that any changes to Folder settings in Explorer window, close the Explorer window after changes to save the settings. Windows Vista will only remember the state of folders of the window is closed.

Sunday, September 21, 2008

Receive Window Auto-Tuning on Vista

  • You can restrict autotuning by running “netsh interface tcp set global autotuninglevel=restricted” from the command prompt. We have found that restricted mode will often allow some of the benefits of autotuning with a number of problematic devices.
  • Lastly, if all else fails, in order to disable this feature, run "netsh interface tcp set global autotuninglevel=disabled".
  • (In order to reenable autotuning, run “netsh interface tcp set global autotuninglevel=normal”.)

Thursday, June 5, 2008

Delete an Address from the Outlook Auto-Complete List

To remove a name or email address from Outlook's auto-complete list:#
  • Create a new email message in Outlook.
  • Start typing the name or address you want to remove.
  • Use the down arrow key to highlight the desired (undesired) entry.
  • Press Del.

Wednesday, May 14, 2008

How to bind to ADAM using generic LDAP browsers

  1. Update your ADAM instance's schema and add "msDS-bindableObject" to the "auxiliaryClass" "User" object type. See "Understanding ADAM bind redirection" for more info.
  2. Create a new user (i.e. CN=Bind User,CN=Users,DC=example,DC=com") and add that user to the ADAM Administrators group (CN=Administrators,CN=Roles,DC=example,DC=com).
  3. Set a password for this user and then use this user's DN and password to bind to ADAM from any generic LDAP browser.

Monday, May 12, 2008

How to Synchronize Active Directory to ADAM

1. Create an ADAM partition using dsmgmt:

create nc dc=example,dc=com server:port

2. Click Start, point to All Programs, click ADAM, and then click ADAM Tools
Command Prompt to open a command window in the ADAM directory.

3. To extend the ADAM schema to match the default Windows Server 2003 schema objects in Active Directory, at the command prompt, type the following command on a single line, and then press ENTER:

ldifde -i -u -f MS-AdamSchemaW2K3.LDF -s server:port [-b username domain password] -j . -c "cn=Configuration,dc=X" #configurationNamingContext

4. To extend the ADAM schema to include schema objects that are required by Active Directory to ADAM Synchronizer, at the command prompt, type the following command on a single line, and then press ENTER:

ldifde -i -f MS-AdamSyncMetadata.LDF -s server:port [-b username domain password] -j . -c "cn=Configuration,dc=X" #configurationNamingContext

5. Modify the configuration file MS-AdamSyncConf.xml with the appropriate parameters:

  • Replace the value of with the name of the source Active Directory domain
  • Replace the value of with the distinguished name of the source domain,
  • Replace the value of with the name of an account in the Domain Admins group of the source domain,
  • Replace the value of with the fully qualified name of the source domain,
  • Replace the value of with the name of the partition of the target ADAM instance,
  • Replace the value of with the base distinguished name of the source domain,

Important Do not delete any unused fields from this file.

Example file:

6. Install the configuration file. At a command prompt, type the following command, and then press ENTER:
ADAMSync /install server:port MS-AdamSyncConf.xml /passPrompt

. Synchronize the data from the Active Directory forest to the ADAM configuration set. At a command prompt, type the following command, and then press ENTER:

adamsync /sync
server:port "dc=example,dc=com" /log -

Wednesday, April 16, 2008

Fix for Special Folders Reverting to Default Folder Icon in Windows Vista

My inbox has been flooded with people asking why the "pretty" icons in their user folder keep turning back into regular folder icons, and what they can do to fix it. After writing the first article about the Music folder, I decided to just put all of the information into a single article.

Using the same example as last time, the Music folder here is showing the generic folder icon instead of the slick one that it should be using.


The icons that are displayed on the folders are set through the hidden desktop.ini file inside of each folder. The problem is that a lot of applications seem to screw with this file and cause it to become corrupted or otherwise unusable. What we'll do here is just reset the offending file to the default values that I've listed here.

To open the desktop.ini file, you'll need to paste this command into the start menu search or run box, which will open the music folder's desktop.ini file.

notepad %USERPROFILE%\music\desktop.ini

If you wanted to open the desktop.ini file in the pictures folder instead, you'd substitute "pictures" for "music" in the command, like this:

notepad %USERPROFILE%\pictures\desktop.ini

You'll see a file that should look exactly like this, but probably does not.


Select the entire contents of the file and delete it, replacing the contents with the default values that I've listed below. (You only need to pick the one that matches the folder you are trying to edit)

Note that you will need to logout and back in to see the changes, or you could just restart explorer.exe if you are feeling ambitious.












Recently Changed.lnk=@shell32.dll,-32813


Sample Music.lnk=@%SystemRoot%\system32\shell32.dll,-21806


Sample Pictures.lnk=@%SystemRoot%\system32\shell32.dll,-21805

Saved Games



Shared By,-32802
Recent Pictures and,-32806


Sample Videos.lnk=@%SystemRoot%\system32\shell32.dll,-21807

Hopefully by this point your icons should be back to looking good again…



Tuesday, March 25, 2008

Configure Microsoft Active Directory for SSL Access


How to Generate a Certificate from an Internal CA

Configuring the Certificate Authority


In order to add the Certificate Service Web Enrollment component (subcomponent to CA), which we’re going to use in this article, the server needs to be running IIS, so if you haven’t already done so, install IIS before continuing with this article.

To install the CA component, do the following:

  • Click Start > Control Panel > Add or Remove Programs
  • Select Add/Remove Windows Components
  • Put a checkmark in Certificate Services

Below screen will popup as a warning, just click Yes > then Next

We now have to select what type of CA to use, choose Enterprise root CA and click Next

In the following screen we have to fill out the Common name for our CA, which in this article is

Leave the other fields untouched and click Next >

We now have the option of specifying an alternate location for the certificate database, database log, and configuration information. In this article we will use the defaults, which in most cases should be just fine.

Now click Next >

The Certificate Service component will be installed, when it’s completed, click Finish

Creating the Certificate Request

Now that we have installed the Certificate Services component, it’s time to create the Certificate Request for our Default Website. We should therefore do the following:

  • Click Start > Administrative Tools > Internet Information Services (IIS) Manager
  • Expand Websites > Right-click Default Website then select Properties
  • Now hit the Directory Security tab
  • Under Secure Communications click Server Certificate…

As we’re going to create a new certificate, leave the first option selected and click Next >

Because we’re using our own CA, select Prepare the request now, but send it later, then click Next >

Type a descriptive name for the Certificate and click Next >

We now need to enter our organization name and the organizational unit (which should be pretty self-explanatory), then click Next >

In the next screen we need to pay extra attention, as the common name reflects the external FQDN (Fully Qualified Domain Name), to spell it out, this is the address external users have to type in their browsers in order to access OWA from the Internet.

Note: As many (especially small to midsized) companies don’t publish their Exchange servers directly to the Internet, but instead runs the Exchange server on a private IP address, they let their ISP’s handle their external DNS settings. In most cases the ISP creates a so called A record named pointing to the company’s public IP address, which then forwards the appropriate port (443) to the Exchange servers internal IP address.

When your have entered a Common Name click Next >

Now it’s time to specify the Country/Region, State/Province and City/locality, this shouldn’t need any further explanation, when you have filled out each field, click Next >

In the below screen we have to enter the name of the certificate request we’re creating, the default is just fine, click Next >

In this screen we can see all the information we filled in during the previous IIS Certificate Wizard screens, if you should have made a mistake, this is your last chance to correct it. If everything looks fine click Next >

And finally we can click Finish.

Getting the Pending Request accepted by our Certificate Authority

Now that we have a pending Certificate Request, we need to have it accepted by our CA, which is done the following way:

  • On the server open Internet Explorer
  • Type http://server/certsrv

Note: In order to access the Certsvr virtual folder, you may be prompted to enter a valid username/password, if this is the case use the Administrator account. When you have been validated the Windows 2003 Server will most probably block the content of the CertSrv virtual folder, which means you wil have to add it to your trusted sites in order to continue.

Now that you’re welcomed by the Certificate Services, select Request a Certificate

Click advanced certificate request

Under Advanced Certificate Request click Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file

Now we need to insert the content of the certreq.txt file we created earlier, you can do this by clicking the Browse for a file to insert or by opening the certreq.txt file in notepad, then copy/paste the content as shown in the screen below, then click Submit >

Now select Base 64 encoded then click Download certificate

Click Save

Choose to save the certnew.cer on the C: drive > then click Save

Close the Microsoft Certificate Services IE window.

Appending the Certificate to the Default Website

Okay it’s time to append the approved Certificate to our Default Website, to accomplish this we need to do the following:

  • Click Start > Administrative Tools > Internet Information Services (IIS) Manager
  • Expand Websites > Right-click Default Website then select Properties
  • Now select the Directory Security tab
  • Under Secure Communications click Server Certificate… > then Next

Select Process the pending request and install the certificate > click Next >

Unless you have any specific requirements to what port SSL should run at, leave the default (443) untouched, then click Next >

You will now see a summary of the Certificate, again if you should have made any mistakes during the previous wizard screens, this is the final chance to correct them, otherwise just click Next >

The Certificate has now been successfully installed and you can click Finish

Enabling SSL on the Default Website

We have now appended the Certificate to our Default Website, but before the data transmitted between the clients and the server is encrypted, we need to click the Edit… button under Secure Communications.

Here we should put a checkmark in Require Secure Channel (SSL) and Require 128-bit encryption just like below:

Now click OK.

Testing our SSL enabled Default Website

Now that we have gone through all the configuration steps necessary to enable SSL on our Default Website, it’s time to test if our configuration actually works.

From the server (or a client) open Internet Explorer, then type:


You should get a screen similar to the one shown below:

This is absolutely fine, as we shouldn’t be allowed to access the Default Website (and any virtual folders below) through an unsecure connection. Instead we should make a secure connetion which is done by typing https, therefore type below URL instead:


The following box should appear:

Note: You may have noticed the yellow warning sign, this informs us The name on the security certificate is invalid or does not match the name of the site. Don’t worry there’s nothing wrong with this, the reason why it appears is because we aren’t accessing OWA through the common name, which we specified when the certificate was created. When you access OWA from an external client through, this warning will disappear.

Click Yes

You will now be prompted for a valid username/password in order to enter your mailbox, for testing purposes just use the administrator account, like shown below:

Now click OK

We should now see the Administrator mailbox.

Notice the yellow padlock in the lower right corner, a locked padlock indicates a secure connection, which means OWA now uses SSL.


FizzBuzz in different languages

Java: import java.util.TreeMap ; public class Main { public static void main (String[] args) { System. out .println( &...