Thursday, June 11, 2009

Creating an ASR Disk in Windows XP

The boot.ini file is the file that the OS looks at to determine where the files are to boot the OS. It is in the root of the C drive.

You should make sure the VIEW is set in Folder Options to see all of the operating and system files so that you can see the boot.ini file.

Press F8 to access Advanced boot options:
  1. Safe Mode
  2. Safe Mode with Networking
  3. VGA Mode
WinXP has a tool that allows you to backup the OS to disk. This disk allows you to use this along with the Windows CD to get you back where you were before the system crashed. This doesn't back up data.
It creates an Automated System Recovery Disk. This allows you to recover from a hard disk system crash. You should create an ASR as soon as you have a system created, especially if you have a complicated configuration.


  • Create on floppy or USB external drive.

If you need to recover, insert the windows CD and the ASR recovery disk at the same time so they can talk to each other.
Enhanced by Zemanta

Resolving Printer Issues in Windows XP

Resolving Printer Issues

A MCDST needs to know how to install, manage, troubleshoot, and audit printers.

  • Printers are software that includes the drivers.
  • Print Devices are the hardware, the physical equipment.
  • Print Job is the data stream that goes through the computer to the print device.
  • Printer Driver is the actual software that allows the print device to communicate with the operating system.
  • Print Spooler is where the print job goes when it is waiting for the print device. This is the physical location where the job is held before it is printed out.
  • Print Queue is a logical list of all of the jobs that are waiting to be printed.
1.1 Installing Printers


This brings up Add a Printer Wizard.

Select the option that describes the printer you want to use:

  • Local printer attached to this computer
  • A network printer, or a printer attached to another computer

Click Next

Click Next (one more time to browse for the printers). The dialog box pops up and finds the Microsoft Windows Network, where we can browse to find the printer.

If you were to install a Local printer (the other option not highlighted, above), another box would pop up after you select that option.

  • Local printer attached to this computer

    √ Automatically detect and install my Plug and Play printer (check this if you already have the print device installed.)

    Click Next.

    Select a Printer Port.

    It defaults to a LPT1 printer port. You also have the option of printing to a COM serial port, or to a file. You could also create a new port, a local port or a TCP/IP port (a port that prints to a particular IP address over the internet).

    Click next.

    Install Printer Software. XP has a cache of printers so we can choose the printer we want. For our example, we are going to use

    AGFA-ACCuSet v52.3.

    Click Next.

    Name Your Printer. For our example, we will call it Printer1.

    Click Next.

    Printer Sharing

  • Do not share this printer
  • Share name:

    Click Next.

    Location and Comment

    • Location: (the Network Administrators can set up the location so that the users can find printers)
    • Comment:

    Print a Test Page

    Do you want to print a test page?

    • Yes (Recommended if you have the print device connected)
    • No (In this case we will choose no since we do not have our print device hooked up)
    Click Next.

    A dialog box opens up that tell you it is 'Completing the Add Printer Wizard'.

    Name: Printer1

    Share name: Printer1

    Model: AGFA-AccuSet v52.3

    Default: Yes

    Test page: No



    Click Finish. The system loads the drivers and creates Printer1.

1.2 Updating & Troubleshooting Printers

Right click the Printer/Properties and make changes you need to make.

Most print devices allow you to print a test page at the device. If you are able to print a test page from the device, then you know the print device is operational.

If you are able to print a test page from the print device, but you cannot print from the application, then you know the problem is the application.

1.3 Printer Permissions

  • Print – You can print and delete your own documents from the queue
  • Manage documents – Manage the print device itself, i.e., pause and stop the queue
  • Manage printers – Manage the software settings
Right click Printer1/click Properties/click Security (allows you to see what users and groups are allowed to use the printer). This will allow you to troubleshoot why a user might be having problems with the printer. The problem could be related to their permissions with the printer.

Group of user names:
Creator Owner
Power Users
Add Remove
Permissions for Administrators Allow Deny
Manage Printers √
Manage Documents √
Special Permissions √
Administrators have the above permissions. Everyone has the Print permissions. Power Users have the same as Manage permissions for printers.

For an example, if we 'Add' an Executives Group to the Permissions, we can click Add (above) and type in the Executives Group. However, the Executives already had permissions to print to this printer because they are a member of the Everyone Group. So, if we want only the Administrators, Power Users, and the Executives to have permissions to print to this printer, we click on the Everyone Group (above) and click Remove to remove 'Everyone' from the permissions for this printer. So now, the Administrators, Creator Owner, Executives, and the Power Users are the only ones who have any 'permissions' at all for this printer.

1.4 Redirecting Print Jobs

Suppose the user prints and job and the printer is unavailable. You might want to redirect the print job to go to another print device so that it gets printed. For this example, we will use Printer1.

Right click Printer1/click Properties/click Ports/click Add Port/click New Port/Type in the printer server name and the share name where you want to redirect the print job


Click OK.

All of the jobs will now be redirected to the new print device.

1.5 Resetting the Printer Spooler

If you are having a problem with the print spooler, it probably just needs to be reset. However, it could be that it is running out of space.

First, we need to determine where the print spooler is.

The print spooler is for all of the printers, so you need to right click in an open area in Printers and Faxes/click Print Server Properites/Advanced.

Spool folder: C:\WINNT\System32\spool\PRINTERS (this is were we can make adjustments to where the print spooler is, if needed)

Log spooler error events

Log spooler warning events

Log spooler information events

Beep on error of remote documents

Show informational notifications for local printers

Show informational notifications for network printers

To reset the print spooler, go to My Computer/right click and choose Manage/go to Services and Applications/click on Services/scroll down to Print Spooler.

Right click Print Spooler and you can Stop and Restart the Print Spooler. Most of the time resetting the print spooler will clear your problem with the print spooler.

1.6 Auditing Printers

In this example, we will refer to Printer1 as the printer name.

Right click Printer1/Properties/Security/Advanced/Auditing

We can add the users or groups that we want to audit for this printer.

If we add Executives, the dialog box will ask us what we want to audit:

Name: Executives

Apply onto: This printer and documents

Access: Successful Failed

Print √

Manage Printers √

Manage Documents

Read Permissions √

Change Permissions √

Take Ownership √

Let's pretend we want to audit the executives ability to print, so we need to check out and make sure that no one is changing our security in the manage printers permission.

Click OK.

To view the results of printer audits, click Start/Run.

Type: eventvwr.msc

Press enter.

You can also get there by going to Administrative Tools.

The event viewer has three logs by default.

  • Application
  • Security
  • System
Click on System

Click on View

Click Filter

We are going to Filter by an Event source. Select Print. Click Ok.

Now, click on Security

Click on View

Click Filter

For the Event source, select Security. For category, select Object Access because we want to know if we are having a problem accessing objects. We notice there are a lot of events that show success. Since we don't need to look at the events that are a success, we go back and click on View/Filter. Then, we uncheck Successful Audits and click OK. Afterwards, you will only see the Failure Audits.

Wednesday, June 10, 2009

Resolving File and Folder Issues in Windows XP

Resolving File and Folder Issues
Three different types of files users might utilize:

  1. Local – files stored on the local computer.
  2. Shared – files used through a network share.
  3. Offline – files stored on the user's laptop when they leave their place of business. For example, when working a home. Offline files are only available in Windows XP Professional.
Each file has a name extension. For example, document.doc, tells you this is a work document. .xls is used by Excel. These name extensions go along with applications. So, if a user is having trouble opening up a file, you might want to look at the name extension.


    Go to the Tools menu in Explorer or My Computer, then Folder Options. Look at File Types. For example, if a user is having trouble opening a Word document, go here and check the file extension for the Microsoft Word document, and make sure it is a DOC type of extension. If not, click on change, and choose the program that should be associated with the DOC type, which is WORD in this case.
    The way you would know this file extension is the problem, is that the user will probably be able to open the application, and then open the file. But, the user is unable to open the application with the file.


    Each file and folder has its own attributes. It can be HIDDEN, it can be READ only and unable to be deleted. So, this is a potential troubleshooting area.

    To demonstrate, go to MY DOCUMENTS. Pretend there is a folder with the extension .MSI. Right click on the file. Select PROPERTIES. At the bottom of the GENERAL tab, you have attributes that you can assign to this file. If you click on HIDDEN, and then APPLY, you see that the folder starts to go away. The reason it hasn't completely gone away is the screen hasn't been refreshed. Press F5 to refresh the screen, and the folder goes completely away. The user would not be able to find this file, if the FOLDER OPTIONS are set to DO NOT SHOW HIDDEN FILES AND FOLDERS. That file is now a hidden file based on its attributes.


    File compression is using software to take out the redundant elements in a file. For example, if you look at a printed page, the most redundant element is a blank space. There are also words that are redundant, such as 'the' and 'a'.

    Compression reduces performance. Files that are compressed are not used in that mode. The file has to decompress, use the file, then the file has to be recompressed, again. This takes up resources.

    Never compress the Operating System files. This could be a troubleshooting issue. If the system is not performing adequately, it could be the user has decided to compress some files, and compressed some operating system files in the process.

    Don't compress files that are just text. There is no need to. The files you need to compress are audio and picture files. But, you need to make sure the application isn't already compressing the file.

    Don't compress files that are used on a daily basis, because of the resources compression uses. Also, you cannot compress ENCRYPTED files.

    Go to a folder. Right click Properties/General tab/Advanced/Compress contents to save disk space/click OK/click OK. A dialog box pops up to ask you if you want to Apply changes to this folder only, or, to Apply changes to this folder, subfolders and files.

    It is best to compress the folder, not the individual file. If you compress the folder, the files that go into the folder are automatically compressed.

    How can you tell the folder is compressed? It looks the same as the other folders. Go to TOOLS/FOLDER OPTIONS/VIEW/Scroll down and click 'Show encrypted or compressed NTFS files in color'/ click OK. The folder shows up in BLUE. BLUE means compressed.
    Files and Folders moved within the same NTFS volume, retain the compression attribute in the new location.
    Files and Folders copied within the same NTFS volume, lose the compression attribute in the new location, and take on the parent folder compression attribute.
    Files and Folders moved or copied to a different volume, take on the compression attribute of the parent folder.
    Windows XP has a feature called compressed zipped folders. You can create these folders on a FAT, FAT32, or NTFS volume, including floppy disks. Explorer/File/New/Compressed Zipped Folder


    Encryption is very important in today's world. If you lose your laptop, and someone gets access to your hard drive, all they have to do is reinstall the operating system, and make themselves the administrator. They would have access to everything on your computer. Or, they could remove the hard drive and install it into something else to read the data.

    EFS is a service that is available in Windows XP Professional, Windows 2000 Professional, Windows 2000 Servers, Windows 2003 Servers, and Windows 2008 Servers.. EFS encrypts files and folders so that only users with the correct name and password can gain access to that information. What if you have something encrypted, and your key to it is corrupted, you need a backup. The system has a Recovery Agent that creates another key to decrypt the encryption.

    Compressed files cannot be encrypted.

    Go to your folder. Right click the folder/Properties/General tab/Advanced Attributes/Click on 'Encrypt contents to secure data'/ click OK/click OK again. The contents are encrypted. You can tell because the folder shows up in GREEN. This indicates it is encrypted.

NTFS File Permission

Enables Users to :
ReadView, Open, right-click the file, and click on Properties to view its attributes and ownership

Read and ExecuteAll tasks described above, plus, double click on the file to open the app that can be used to VIEW it

WriteAll tasks described above, plus, CHANGE the file and its attributes.

ModifyAll tasks described above, plus, DELETE the file

Full ControlAll tasks described above, plus, take OWNERSHIP and thereby give other users permission for the file

There are two different types of NTFS permissions: File permissions and folder permissions. The default permissions for users is READ AND EXECUTE.

List Folder contents

View the folder, click on the folder and VIEW the files and folders with in the folder.
ReadAll tasks described above, plus, right click the folder VIEW its permissions, attributes, and ownership

Read and ExecuteAll tasks described above, plus, double click on the folders within the folder to view their contents (traverse the folders, i.e., go to folders within folders)

WriteAll tasks described above, plus, create new files and folders within the folder, CHANGE the folders attributes

ModifyAll tasks described above, plus, DELETE the folder

Full ControlAll tasks described above, plus, take ownership of the folder and thereby give other users permissions for the folder

Most of the time, permissions are assigned to a user, based on group membership. So if a user is assigned to multiple groups and each group has different permissions, how do we determine the actual effective NTFS Permissions?
Windows XP has something called Effective Permissions, allows us to determine what the system is combining from all of the individual permissions a user has, as well as all of the groups the user is a member of.
  • Any USER will have Read & Execute, List Folder Contents, and Read Permissions. Basically, they can double click on the folder and view the folder and its permissions, nothing else
  • Executives have the MODIFY permission. They have Write permission so they can change a folder, and they have the Modify permission, so they can also delete.
Click on the ADVANCED button, and select the EFFECTIVE PERMISSIONS tab. Select USERS. We see the Effective permissions for the USERS. It breaks out all of the permissions so we can tell what permissions the USERS group has. If you select the EXECUTIVES group, you will see the EXECUTIVES group has even more permissions.

Go to MY COMPUTER/Click on MANAGE/LOCAL USERS AND GROUPS. For an example, we will look at a particular user, jbrown, double click on jbrown, click on MEMBER OF. Notice jbrown is a member of the EXECUTIVES group and the USERS group. If this user is a member of the Active Directory, and the effective permissions can be calculated, you can expect the following to happen.
Since the effective permissions for the EXECUTIVES is greater than the effective permissions for the USERS, and jbrown is a member of both of those groups, the permissions are combined.

    The true effective permissions are a combination of the NTFS permissions and the SHARED permissions.

    If the NTFS permissions are effective locally, but the resource is not effective through the network, the user cannot get to it anyway. The SHARE opens up a gateway to see resources from another computer. When you set up SHARES, you open up a big door. The network Administrator is responsible for setting up permissions.

    For Windows XP, there is SIMPLE sharing (a view setting) and there is CLASSIC sharing.
    Right click on your FOLDER/PROPERTIES/SHARING. Simple File Sharing is typically done in a home setting. Any folders the user wants to SHARE, would be put into the SHARED DOCUMENTS folder. If you try to share anything else, the system will warn you 'Are you sure you know what you are doing?' There is no security tab. You can't control the PERMISSIONS, you only have the default NTFS permissions.

    Go to TOOLS/FOLDER OPTIONS/VIEW/Uncheck USE SIMPLE FILE SHARING/CLICK OK. Now click on the FOLDER/PROPERTIES/SHARING. Now you see an entirely different dialog box. Click on SHARE THIS FOLDER. You can allocate a Share name and put in a Comment to indicate what the resource is used for. You can also indicate a User limit for the resource. For example, if the resource takes up too much of the processor or memory, we can limit the number of users who can access the resource at the same time. We can also control SHARE PERMISSIONS from here. Click on OK and you will see a hand underneath the folder, if it is shared.


    Windows Explorer/Tools/Map a Network Drive

    The System will ask you for a user name and password.

    There is also a tool called Shadow Copy. Right click the file/click Properties/click Previous version tab/. Shadow Copy is a great tool to retrieve a lost file without having to ask the Network Administrator to restore the file from a backup tape.


    TOOLS/FOLDER OPTIONS/OFFLINE FILES/ENABLE OFFLINE FILES allows the computer to take advantage of OFFLINE FILES that the administrator has cached. Unless the files are allowed to be cached, this part will not work.

    The options for OFFLINE FILES are:

  • Enable Offline Files
  • Synchronize all offline files when logging on
  • Synchronize all offline files before logging off
  • Display a reminder
  • Create an Offline Files shortcut on the desktop
  • Encrypt offline files to secure data
You can also set the amount of disk space needed for offline files.

Click ADVANCED Settings. You can:
When a network connection is lost
  • Notify me and begin working offline
  • Never allow my computer to go offline


    The first time a user tries to access a resource the computer takes a certain amount of time to bring the resource to the user. After the resource is local, it can be cached. It speeds up the access to the resource the next time.

    Resources that are on the server have to be set for caching or pinning by the Network Administrator. Click on the folder/PROPERTIES/SHARING tab/Click on the CACHING button. You can set manual or automatic caching. You have to have Administrator rights for the particular share to set caching.


    Network Administrators can use Group Policy to use Folder Redirection and redirect the My Documents, Start Menu, Desktop, and Application data of users. This protects the data. It can be stored on the server where it can be backed up.

    In addition, the desktop settings can be standardized through Folder Redirection.