Windows Explored

Everyday Windows Desktop Support, Advanced Troubleshooting & Other OS Tidbits

Archive for October, 2012

Installing Active Directory and All Those Other Little Tabs in Windows 7 (you know, the ones you used to have in Windows XP)

Posted by William Diaz on October 23, 2012


One of the articles I put together for our KB. Thought I would share since there seems to be some questions as to how to install ADUC get all the tabs back that were available in Windows XP.

Active Directory Users and Computers Setup:

  • Install the Remote Server Admin Tools by visiting Choose the package that applies to your OS bitness.
    1. Enable the RSAT features for ADUC by going to the Control Panel and select Programs > Programs and Features > Turn Windows features on or off. Alternatively, you can also click Start and start typing in Turn Windows features on or off and select the option from the menu.
    2. Scroll down to and expand Remote Server Administration Tools.
    3. Expand Role Administration Tools.
    4. Expand AD DS and AD LDS Tools.
    5. Expand AD DS Tools
    6. Check option for Active Directory Administrative Center. This will automatically check all the required options in the parent and sub tree.
    7. Click OK.
    8. You can access ADUC via several methods.
      • Start Orb > dsa.msc.
      • Open an MMC console and add the snap-in.
      • Control Panel > Administrative Tools.
      • Start > All Programs > Administrative Tools (After it has been indexed by Windows).
  • The Exchange tabs will not be included by default. To have those, install the Exchange System Management tools. See below.

Exchange System Management Setup:

  1. Go to and download the Exchange System Manager for Windows Vista.
  2. Run ESMVISTA.EXE to unpack the installer.
  3. Open CMD from an elevated command prompt
  4. Change command prompt to location of the ESMVISTA.MSI file, e.g. cd c:\users\username\desktop.
  5. Run the msi file with the /q switch to avoid message that you are not running Windows Vista, i.e. esmvista.msi /q (extension necessary because there will also be the .exe in the same path).
  6. Exchange System Manager can be found under Start > All Programs > Microsoft Exchange.

Adding the Exchange tabs for user properties:

  • You may notice that the Exchange tabs are missing from user properties in ADUC. This is because the console is running in 64 bit mode and does not plugin into the 32 bit Exchange System Manager. To overcome this:
    1. Right-click ADUC select Send To > Desktop (Create Shortcut)*.
    2. Right-click the shortcut and go to Properties.
    3. Change the target path to include -32
  • If you prefer creating an MMC with multiple snap-ins such as ADUC and ESM:
    1. Go to Start Orb > Search\Run (or Windows+R).
    2. Type mmc -32 and launch.**
    3. Go to File > Add/Remove Snap-In.
    4. Add ADUC, ESM, and whatever additional snap-ins you need.
    5. Save.

*Alternatively, you can run dsa.msc -32 from Run (Windows+R) or the Start Orb > Search/Run

**You must run the mmc with the 32 bit switch, otherwise the 32 bit Exchange System Management add-in will not be available in the list of snap-ins.

Adding the Terminal Service tab for user Properties:

  • Go to Turn Windows features on or off
  • Expand Remote Server Administration Tools > Role Administration Tools > and check Remote Desktop Services Tools.
  • This will also add the Sessions and Environment tabs.

Note, the Terminal Service tab is now known as the Remote Desktop Services Profile tab. Further, you will not see this tab if you run dsa.msc or your mmc in 32 bit mode so consider creating two shortcuts with and without the 32 bit switch.

The Missing Dial-In Tab

This tab is not available by design in ADUC via Windows 7. To workaround this, You need to connect to a Windows Server 2008 Server via RDP that has either the Terminal Services or Remote Desktop Service role installed. However, there is a simpler workaround to the missing tab.

  1. Open ADUC or dsa.msc.
  2. Go to View and check option for Advanced Features.
  3. Right-click the user account and go to the Attribute Editor tab.
  4. Locate and select the msNPAllowDialin attribute.
  5. Select edit and change the value to the desired value.

Posted in Inside Windows | Leave a Comment »

A Recent and Quick Encounter with “Ransomware”

Posted by William Diaz on October 21, 2012

While browsing the Internet last night from one of my home PCs, I was suddenly hit with the following full screen warning: “THE FBI Federal Bureau of Investigations. ATTENTION! Your PC is blocked due to at least one of the reasons specified below…”


Posted in Troubleshooting, Troubleshooting Tools | Tagged: | 1 Comment »

Odd IE Behavior Disappears After Attaching Debugger

Posted by William Diaz on October 14, 2012

While deploying Windows 7 to a couple offices a few months ago, we started to receive some complaints of IE exhibiting weird behavior. I had a chance to witness this myself. The issue usually arose when a user would open the browser to perform a search on Google, MSN, or Yahoo. For example, after initially typing into the search box of the search engine for Google, one would begin to see search hits auto-populate normally, but afterwards if you tried to access one of the browser menu options a second time, the browser would “hiccup” and none of the menu options would function. Even odder, if trying to type a search phrase in the MSN search box, the typed characters would show up in the IE address bar. Here is a video of this odd behavior:


Eventually, uninstalling IE 9 and reinstalling was enough to resolve, but I wanted to see I could isolate the issue to come particular component. To do this, I started with Dependency Walker and started IE through its debugger. Strangely enough,  the issue with the browser could not be created anytime the debugger was attached. Curious, I did some searching in the DW FAQ and found this:

My application runs better when being profiled by Dependency Walker than when I run it by itself. Why is this?

I’ve had several reports of applications that normally crash, will not crash when being profiled under Dependency Walker. Dependency Walker acts as a debugger when you are profiling your application. This in itself, makes your program run differently.

First, there is the overhead of Dependency Walker that slows the execution of your application down. If your application is crashing due to some race condition, this slow down alone might be enough to avoid the race condition. If this is the case, it is a design issue of the application and you are just getting lucky when it doesn’t crash.

Second, normally when threads block on critical sections, events, semaphores, mutexes, etc., they unblock on a first-in-first-out (FIFO) basis. This is not guaranteed by the OS, but is usually the case. When being run under a debugger, FIFO queues are sometimes randomized, so threads may block and resume in a different order than they would when not running under a debugger. This might be relieving a race condition or altering the execution enough to make things work. Again, the application is just getting lucky when it doesn’t crash.

Finally, applications running under the debugger automatically get a system debug heap. All memory functions are handled slightly different. Allocations are padded with guard bytes to check to see if you are writing outside of a region you have allocated (buffer overrun/underrun). Allocations might also be laid out differently in memory then when not under the debugger. So, if you are writing past the end of a buffer under the debugger, you might be trashing guard bytes, freed memory, or just something not very critical. However, when not running under the debugger, you might be trashing something critical (like a pointer), and your app crashes.

For the debug heap, you can turn this off in Dependency Walker and see if your application crashes when being profiled. If it does then, then you probably suffer a buffer overrun, stray/bad/freed pointer, etc. To do this, start a command prompt. Type "SET _NO_DEBUG_HEAP=1". Then start Dependency Walker from that command line. This should disable the debug heap for that instance of Dependency Walker. Note, this only works on Windows XP and beyond.

We have not encountered the issue since the pilot offices completed their deploys. Perhaps anyone of the various changes that were made to the task sequence corrected whatever was causing this.

Posted in Troubleshooting | Tagged: | Leave a Comment »