Martin Zugec blog

Lnk, shortcuts - real disaster??

Maybe you noticed that one of my projects I would like to finish in summer is also offline shortcuts editor - and you probably think "why some editor when I can build shortcuts using Explorer?"...

Think twice - it's not as easy as it looks like and you will be maybe surprised how many gotchas are there.

Problem with .lnk files is that they are WYSINWYG (What You See Is NOT What You Get). Windows is sometimes too "intelligent" - and it can be very, very annoying.

My blog is primarily focused on scripting, deployment and SBC - so I expect that my audience have also some experiences with this. And most people tried to create some shortcut and copy it somewhere else (you create shortcut to some drive letter on your PC and then copy it to desktop of all users for example). Problem is that together with shortcut you provide more information that you know - you provide also last successful resolution of that shortcut and you won't see this information anywhere in properties of such shortcut.

Let me show you example. You map home drives of your users to H: drive. You want to have shortcut to H:\MyDocs on your desktop. So if you create shortcut to H:\MyDocs, then you just need to distribute it to all your workstations and its done. You open properties of this shortcut and you see that it points to H:\MyDocs, so it should work everywhere, right?

WRONG - don't forget, Windows can be sometimes unpredictable ;) If you open properties of your .lnk file, you can see that it is (still) pointing to H:\MyDocs - however .lnk file also contains information that H:\MyDocs is in fact \\Servers\Administrator$\MyDocs and it will automatically open this folder even from different PC! Quite nasty, right?

And thats not all - try to remove that drive letter and open shortcut - because it remembers that location, it will automatically map H: to \\Servers\Administrator$\MyDocs

If you will try to map something else (\\Servers\Projects) to H: drive, Windows will surprise again - not only it will map that shortcut to different drive (X:), but it will also modify your shortcut so it is automatically changed from H:\MyDocs to X:\MyDocs... Which means that if you have 50 shortcuts pointing to H: drive, 1 accidental click can corrupt that shortcut for you.

You can find many (well, not tons of, but still few of them exists) offline shortcuts editors, however most of them covers only situation I described above (and not of all them covers this). There are some bugs that are (as far as I know) not solved by any existing product - for example if you use variables to define your folders (for example %Programs% for D:\Programs), you WON'T be able to create such shortcut if variable is not defined. When you try to create it, C:\ prefix is automatically appended (so %Programs% is in fact pointing to C:\D:\Programs, which is invalid value).

Well, this was just quick overview why I want to have offline editor where all such bugs will be fixed (btw I already have first version of code and it works correctly there, so it must be something in Explorer itself)... There are tons of other bugs  - I will try to spend some time testing different results and share results with you. I am now very sorry Microsoft didn't implement something like XLNK in Windows Vista :(

When is storing configuration in Windows directory good idea?

Well, I know this is quite controversial, but in some cases (specially scripting frameworks) I think it is good idea to use Windows directory to store some settings\configuration...

 Why that? Generally you can always divide such solutions to push or pull (and mixed of course) - that means that (if we talk about servers), sometimes you push some data to server (from your workstation\laptop) and sometimes you want server to retrieve information from some central storage\share.

 Windows directory is suddenly only directory that is easily accessible both locally and remotely - from remote system you can use \\Server\Admin$ and from server itself you can simply use %WinDir% variable.

I know most people would say that you can use \\Server\C$ and %SystemDrive%, but you never know if C: drive really exists (this is happening in SBC environment when you want to have client's C: drive mapped at C letter).

So for these reasons I like to use Windows directory - and then I make symlink\junction to some other location (so for example C:\Windows\CentralStorage\MyFramework --> C:\MyFramework). That way all required files are easily accessible for scripts (both push and pull) and also for administrators or people working with such environment.

There are of course another ways how to achieve that - create new shares etc, however this method is most reliable and can be easily accessible for all scripts\tools and also for all administrators.

SystemSherlockGUI - one package that rules them all ;)

Good news everyone - I just received email from Roger (a.k.a. Kephyr) - he is author of brilliant SystemSherlock. He allowed me to include SystemSherlock in one package with my GUI - so now you can download  one package with both GUI and command line interface :)

To remind you, SystemSherlock is snapshoting utility (like Regshot), that can track changes on your filesystem or registry...

Snapshoting is sometimes (often) better than using ProcMon\RegMon\FileMon - you only see real changes, no reads etc... So I prefer snapshoting when I for example want to find where in registry are some changes hapenning.

Compared to RegShot, SystemSherlock is I think much better - you can compare unlimited dumps (not only 1st & 2nd snapshot) and I like GUI more ;)

Download and enjoy :)

P.S.: If you have any feature requests or bugs to report, feel free to contact me, I would like to keep SystemSherlock alive

Upcoming projects - please vote

Heya,

as you maybe know, this summer I would like to focus on some (of course freeware ;)) projects... So here comes list of ideas that I have and you can vote what are you most interested in:

• Hook Application - I created only POC for this, but I would definitely like to finish it (one day). HA allows you to manipulate with ANY process. You can specify rules for such processes and these rules are automatically performed - for example you can specify that you want to replace that process with another one (for example Iexplore.exe -> Opera.exe), run something before or after process, monitor some applications (so you can track how often you are running such process), lock process by password (if you dont know password, you won't be allowed to run it), specify rules what to do when one process is running multiple times (so you can change any application to single-instance) etc etc - of course with full support for plugins ;) I was using POC of HA on my laptop for few months - and I love idea of it ;) So the idea is to move HA from POC (with manual configuration etc) to normal utility (with GUI, easy configuration etc).

• Universal Elevator - you probably noticed my recent project Elevator and concept behind... And I was thinking that you can use exactly same concept not just for elevating, but also for runas. So if you would right click any executable, you would have RunAs context menu and under this menu all saved credentials. By selecting credential, executable would run under specified user account. I am still not decided about this - it can be quite dangerous, because you could run anything under different credentials without knowing password of that account.

• Offline shortcuts editor - most peple are probably not affected by this, but if you try to create shortcuts that will be deployed on other computers, you can run into explorer limitations - for example it wont allow you to create shortcut to non-existent file. There are some offline editors, however all of them share same problems - for example you cant use variable that is not defined (if you do so, C:\ prefix will be automatically added).

• AD Groups Overview with CMC support - AD Groups Overview allows you to create map of group memberships - you just specify username\groupname and (based on specified depth) overview of your memberships is automatically visualised (not only your direct group memberships) . I was thinking about adding Citrix support - you would just select some published icons and groups will be automatically detected (and members expanded etc). This way you could easily create picture of all groups that are related to some published icons.

• External drives mapper - I wrote post about mapping external drive to local folder - I love this concept, it is extremely useful specially for card readers (instead of remembering which drive letter is which card, you can create instead folders like SD, MMC etc and free you drive letters), but it is pretty time consuming to migrate your drive letters to folder structure. I was thinking about creating utility that could do that for you.

• UPDATE: I forgot one POC I never rewrote to full product - Auto Update (name will definitely change) - small utility that acts as UNIVERSAL auto updater. It will detect new releases based on time stamps (if newer version of file is uploaded, it will recognize it as new release). Current POC (only CLI part) allows you to specify applications that doesn't contain version numbers in file name (everything from SysInternals), in next release I would like to have nice GUI interface and add features to detect downloads also based on HTML tag (so everything should work)

• UPDATE: Say.exe - I forgot another one :) Few days ago I started using speech recognition in Vista - and I really, really love it :D I disabled dictation mode, so I only use it as replacement of alt+tab, clicking, starting applications etc and success rate is about 95% (which is pretty good number I think). I haven't used speech recognition for many years - I was really disappointed by numerous statements "Our product have success rate 99%", when usually such recognition applications were decreasing my productivity instead of increasing it. Not with Vista - that is probably first recognition that really works for me... I plan to write some article with videos about it... Speech recognition allows you to dictate text, command computer and also translate text to speech - and I would like to create really small command line utility where you could simply call say.exe "Script finished successfully" and that way provide some feedback from scripts\applications (instead of including hundreds of wav files or some similar approach). I would like to link that to some events - for example if I would receive new messenger message or mail, I would like it to clearly say New mail arrived or New message arrive or something like this... But first I must create say.exe :D

If you think something is missing or you would like to add anything, just comment :)

Leave comments like VOTE: ADGroupsOverview, HA (suddenly community server have some problems with embedding flash objects, so my voting is not working)

Updated Elevator 1.0.0.1

Heya,

based on feedback I made few changes to Elevator and uploaded modified version:

- Works for all extensions, not only .exe

- No need to modify anything - simply run (elevated) Install.cmd

- Should work from any location on filesystem (including Program Files)

Martin

Didnt your comment appear on blog?

Heya everyone,

Elevator is much more popular than I expected, and spam likes popular sites  ;) Also I probably found bug in Live Writer - when I publish anything, it will try to add whole post as comment.

So I had to enable moderated comments here - no worries, I am publishing all of them and I dont filter\alter anything.

I just wanted to let you know that if your comment is not posted, just hold on ;)

Changing blog name

Scripting? Sometimes...

Vista? Sometimes...

Deployment? No post for long time...

I was thinking about this for long time and I finally decided to change name of my blog - and because only thing I am sure that won't change (at least I don't expect it) for some time is my name, I am changing blog name to it ;)

Elevator - command line

If you tried elevator, you probably know that it is running thought context menu:

It is assigned only to exe files (if it is needed, I can extend it)... But sometimes you may want to change shortcut to always run specific action using elevator.

In fact it is pretty easy - just run ElevatorRunner.exe with filename and parameters and you are all set :)

First parameter is executable you want to run and then any command line arguments you want to include.

For example if you want to elevate MMC.exe, simply runs ElevatorRunner MMC.exe and thats it.

To also show example with command line parameters, this is command line I use to run Joost:
C:\Data\SkipUAC\ElevatorRunner.exe "C:\Program Files (x86)\Joost\xulrunner\tvprunner.exe" "C:\Program Files (x86)\Joost\application.ini"

In following screenshot you can see few examples:

It is also pretty easy to modify shortcuts to use Elevator:

Martin

SystemSherlock - snapshot using GUI or CMD

Recently I wrote about SystemSherlock Lite - really nice snapshoting tool that supports command line... I also posted small utility for parsing log files.

After that I started to heavily use SystemSherlock - and I must say that it is really really great utility. Problem is that usually you want to have command line AND GUI interface - and SystemSherlock is cmd only :(

So I decided to create wrapper around it - and for me combination of GUI and SystemSherlock is much better snapshoting tool than RegShot or InstallRite...

SystemSherlock GUI consists of 3 different tabs - one for creating snapshots, second for comparing snapshots and third for displaying log files in friendly structure.

Create snapshot

Below is GUI used for taking snapshots:

It allows you to create snapshot configuration, specify output file and also to include exclusion list if you want to ignore particular entries. This is configured snapshot for detecting HKCU and C:\Temp folder:

I tried to implement quite logical interface, so there are feature like auto-suggest or auto-repair of entries (for example HKLM is automatically translated HKEY_LOCAL_MACHINE)... Another feature is that entry type is automatically detected (you can see it in video - I don't select whether entry is registry or filesystem, it is automatically filled):

Update: Embedded video from Jing doesn't work :( So click on following link instead).

Once you specified what you want to monitor, just click on create button - dump is automatically created. Then do whatever you want - and just click on Create button again. One of SystemSherlock advantages is that it allows you to create as many dumps as you want - you can even compare current dump with one created months ago...

When finished, move to Compare snapshots tab.

Compare snapshots

Below is screenshot of Compare snapshots tab:

It is divided to two parts - on left you can see source dumps and on right target dumps. Source dumps are the ones that were taken first -  this is VERY important to understand that source must be always older.

System Sherlock Lite can report unexpected results if you are not aware of this behavior - if you will swap source and target (so target will be older file and source will be newer file), results will be opposite (for example if you deleted folder between snapshots, it will report that this folder was created etc.).

For this reason I implemented some logic to processing. When you select any file on left, ONLY newer files then selected are displayed on right.

Parse logs

When you compare two dumps, differences between these two entries are automatically displayed in GUI.

Current version should be already functional, but I am sure that there will be some issues - after all, this is really first version I just finished. If you encounter any problems or you have some features requests, feel free to post them in comments - if nothing, I will at least respond (but probably also implement such changes).

Advantages compared to RegShot:

• Fully supports command line - can be scripted
• Imho better GUI
• Supports multiple dumps - not only comparison of 2 snapshots (easily review historical changes)
• Exclusion list based on RegExes
• GUI for reading log files

 Download

Ignore UAC for specific programs

Is it even possible?

First of all, I really like UAC and I think it is big step forward. I got it enabled on my developer PC...

But there are few programs that I run pretty often and UAC can be quite problematic - for example Regedit or MMC. I always run at least 2 programs with highest priorities (Total Commander and CMD session), usually under different account (with higher priorities).

Problem with UAC is that there is no exclusion list... So yesterday I decided it is time to find some workaround.

Result is first version of Elevator - program that will add new Elevate me entry to context menu.

Using this you can bypass UAC without disabling it.

To show you example, MMC always require admin privileges and you must also click that you want to run that program (sorry for no video - got some problems with my web cam).

See what happens when we use Elevator.

How does it work?

Few days ago I tried to run some scheduled task that required admin privileges. After some investigation I found out that you can specify that scheduled task can run using highest privileges:

These scheduled tasks don't prompt you with UAC. First idea that came to my mind was - OK, so if scheduled task runs on demand, then it should in fact disable UAC for specific program? I tried it and it worked... So for some time I was using on demand scheduled tasks - for example instead of running MMC I run Schtasks /Run /TN "Elevated\MMC".

This was working fine - problem was that you needed to prepare your tasks. So I started to think about some general parser - something universal, easy to implement and use etc.

So I came with idea of two executables - first will prepare "configuration" (what to run etc.) and second will parse this configuration (but from scheduled task).

I tried this concept - Elevate me context menu points to ElevateRunner, ElevateRunner creates configuration in ElevateThis and then runs scheduled task called Elevator that will parse through this folder and run anything in it. Quite advantage is that neither ElevateRunner nor Elevater needs to run - they are not residents programs and they dont monitor something, so they are pretty quick and perform well (whole installation is about 36k).

Concept is definitely not the best, but it works at least for me and compared to ACT solutions it works for every program. This is definitely not solution for normal end users.

If you will decide that you give it a try, let me know if it works for you... I always love to get some feedback (maybe I will change my utilities to feedbackware ;)).

Installation

UPDATE: David Phillippo pointed out there was error during installation (hardcoded path was not only in template, but also in reg files). When I tried to fix this, I accidentaly rewrote whole installation script - so there is no need to modify now anything. Just unpack, run install and new context menu should appear. Please dont forget however that you must run Install.cmd in elevated mode!

1. Download and unpack SkipUAC.zip to any location.
2. Run Install.cmd - YOU MUST RUN IT ELEVATED! This is final step. Now you should have Elevate me in context menu for all executables and it should work fine.

Uninstallation

Uninstallation is pretty easy - simply run Uninstall.cmd script and then you can delete whole folder.

Download

Be aware that this is pre-alpha version, only proof of concept that it can be done. Because I try to share as much as possible, I will also provide you with elevator:

UPDATE: New version uploaded - it now works for all files, not only exes. If you want to specify some shortcut to always run elevated, check following blog post.

Utility to display logs from SystemSherlock Lite

As mentioned in my post about SystemSherlock Lite, I really love this tool after few days... Only problem I had is that it can take some time to realize what really happened - you need to read pretty big log files and you can spend precious time reading through temporary entries or documents and settings and miss one important entry saying that applications copied something to your System32 folder.

I was playing with Sherlock yesterday and I spent lot of time parsing through log files generated by SystemSherlock. Then I spend 20 minutes writing some automated parser and I want to share with you ;)

Usage is pretty simple - just click on Open log file, select your log file and output similar to following should appear:

I dont know what else to add - this utility is pretty simple, however can save your time ;) One more notice - log parse is able to handle also mixed logs (so if you have one log where you store different entries together with log output from SystemSherlock Lite, you can use it and it will only show entries from SystemSherlock Lite.

Any comments, requests? Feel free to post comments...

Another nasty Robocopy bug

Recently I wrote about bug I found in Robocopy - one of my favorite utilities... And today I found another one.

I am using robocopy for synchronization - which is VERY important part of our framework (if nothing is synchronized, nothing can be executed).

We use one folder for storing all log files. During migration to newer version of framework, I wanted to see only new entries for easier troubleshooting (many log files are not overwriting, but rather appending). So I renamed my Log folder to Log.Backup and tried to run synchronization... I run only backend part - that is part that is missing all checking, creation of required folders etc.

To my surprise my synchronization failed - when I renamed Log.Backup to Log again it was working.

Robocopy reported very strange error:

ERROR : Invalid Parameter #4 : "/Log+:C:\Temp\Log\Robocopy.log"

I am using same syntax for many years, so I was really surprised. I double checked robocopy version to be sure that I didnt accidentaly replaced it with some 3.11 version - nope, I was using current version.

Then I started to have that scary feeling that I know what is wrong - I tried to run it again, this time specifying folder that didnt exist - and I got same error as before.

To summarize it - if Robocopy is not able to write to file, it reports "Invalid parameter". If you specify that you want to store your settings in log file in folder that doesn`t exist - bang, "Invalid parameter".

Tested with newer and older versions of Robocopy - XP010 (Resource Kit), XP026 and XP027 (Vista).

Google maps with Wikipedia and Photos

Yesterday I wrote blog entry about Live Maps and Wikipedia... I really like mesh ups (using existing data sources), so I just wanted to check if this isnt supported also by Google Maps.

Google Maps supports Wikipedia - and result is far better then Live Maps implementation (which feels like beta).

To test it, just go to maps.google.com, search for any location.

Then click on More button (upper-right) and select Wikipedia (and definitely try also Photos).

This is really REALLY nice and I love it :)

Make snapshots of filesystem and registry using command line

Some installers can be very mysterious - this suddenly applies for MSI packages, even using full logging, it is not easy to find out which registry keys or files were modified\deleted\added. If you have application that is using some custom installer, this can be hell...

Colleague of mine came with really nice idea - what about using some tool like InstallRite or RegShot for monitoring all installations and reporting what was changed during that installation? From idea it is usually not far to implementation - you only need some tools to do it...

I used utility called System Sherlock Lite - it is very simple to use command line utility that can take snapshots from filesystem\registry and compare them. Of course it is freeware ;) It also supports exclusion list (using regexes), so you can easily configure it for your needs and ignore entries you are not interested in (usually log files or temporary folders).

 So what I did is that I created 2 different scripts - StartMonitor and StopMonitor.

StartMonitor is creating first snapshot.

StopMonitor will create second snapshot, compare it with first snapshot and store differences in installation log file. Then it will delete both snapshots.

This implementation is really easy, but is working really nice. Now I can easily monitor all installation I want automatically without any knowledge about installer being used or installation method. It allows me to easily debug anything from logon\logoff scripts to software installations...

 Martin

Live Maps with integrated Wikipedia results?

Well, almost ;)

I love Google, but I also love Live :) For me rivalry of Google vs. Live is good thing, because it moves both of them forwards...

Talking about searching web, I still prefer Google - I use Live Search sometimes, but after they removed my favorite functionality (at beginning they were loading new entries when you scrolled to bottom of page automatically, you can still see this behavior when searching for images), I was really disappointed. Live Search is also missing Groups search, which is no. 1 when trying to find answer to some technical problem.

For some searching I prefer Live - best examples are maps (with all collections, drawing, integration with Outlook etc), videos (they include live preview if you hover mouse over thumbnail) or pictures (there are many features I love when searching for pictures - for example collections, which is really handy if you need to gather some pictures etc)...

Today I found feature in Live Maps I was not aware of - Live Search is automatically indexing Wikipedia and displaying articles that contains geographical information...

It is quite easy to use it:

1.) Search for location you want to see. When it is found, click on Explore collections:

2.) From filter, select Wikipedia:

3.) Locations defined in Wikipedia are displayed on map... Hovering above number will provide detailed information about location:

New (simple) tool - SimpleScheduler

I run into simple problem - I needed some (very basic) implementation of scheduled tasks. Scheduled tasks that are built-in to windows are not my best friend - problem is that (before Windows Vista, here they are completely different beast) it was not that easy to manage (automatically) scheduled tasks.

For example if you wanted to reboot your servers by scheduled task and then enable them with another, you cannot be 100% sure that it will work. Problem is that if server is available when scheduled task should be executed, it will ignore it later on.

 For this reason I wrote really small script for myself and named it SimpleScheduler. It is using DateX, EchoX and Tee from Bill Stewart`s Shell Scripting Toolkit (which again I can only recommend).

To enable it, just create one small scheduled task (give it any name you want, mine is SimpleSchedService) and configure it to run every few minutes (depends on what you want to run through it). I wrote about this concept few times ago and I still really like it, because it allows you to make very robust and reliable scripts (even if one run fails, another will usually finish its job).

Once SimpleScheduler is running, that all you need to do on backend. All you need to do now is just create new jobs for it.

Creating new jobs is pretty easy once you get used to it. Job always consists of 2 elements:

• Job.cmd - script that will run. If you want to run anything else, to it from this script.
• <DateID>.NextRun - this file identifies when you want to run scheduled task. <DateID> is date format used by DateX (with -t switch), so for example 950688458.NextRun.

To create NextRun entries you must\should use DateX to generate ID when you want to run script. If you find this confusing, just post comment and I can add small script that will translate it automatically from you.

By default all jobs that are not scheduled to run again are automatically deleted (you can change this in SimpleScheduler.ini configuration). Every job will automatically create log file (using Tee.exe from Bill).

Main goal of this small script is to make more reliable scheduled tasks (ones that are immune to server reboot) and also to make easy scheduled tasks creation (all you need to do here is just copy folder to add new task or transfer it from one server to another).

If you find it useful, please add some comments. If you want to add\change anything, please also write comments :)