Thursday, December 17, 2009

Windows 7 and KIX scripts

Logon Kix script that has worked for years stopped working under Windows 7. It goes through the routine like it worked, but in Explorer or CMD, the drive are not there. When the script is manually ran after login, the mapped drives shows up.

Turns out to be a UAC related issue. As explained in MS KB 937624, with UAC enabled, users with administrative membership are logged in with two access tokens, restricted and administrative. When the logon script runs, it runs with the administrative token. When the desktop starts, it starts with the restricted token. Because the two events were started with different access tokens, it's like two different users logged on. They can't see each others drives.

So, the fix is to enable
"EnableLinkedConnections". In the registry, set it this way:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -
EnableLinkedConnections =(dword)1
This "links" the connections made with one access token to another.

Wednesday, July 1, 2009

Schlage LiNK remote lock Bridge

Schlage's LiNK product appears to be a great concept. However, they are not very clear about network setup. It appears that they assume you local network is wide open for outgoing traffic. Their website does not tell you which port must be opened for the LiNK Bridge to communicate with their web site.

It appears that the only port needed is Outgoing TCP/8879.

UPDATE:
Schlage's customer support just informed me that they also need TCP/8869, 8826, and 2345 opened, as well.

Friday, June 5, 2009

Giving non-Administrators permission to change Power Settings

When you have users who would like to change their power settings to control standby and such, and they are not an administrator, you need to give them certain permissions in the Registry.
  • Run Regedit.exe as an administrator
  • Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Controls Folder\PowerCfg
  • Right-click on the “GlobalPowerPolicy” key and choose “Permissions”.
  • Click on the “Advanced” button.
  • Click “Add”.
  • Type INTERACTIVE and click “Check names”, then OK.
  • Check the “Set value” and “Create Subkey” checkboxes in the “Allow” column, and click OK, then OK, then OK.
  • Do the same thing with the “PowerPolicies” key.

Monday, April 27, 2009

AT&T Smartphone Mobile Phone GPRS settings

After acquiring a couple of GSM smartphones, I discovered that there's a lot of mis-information about how to properly configure these devices for internet access. This is especially troublesome for phones that has been unlocked, and is being used on a different network.

I've compile enough information to get my unlocked "T-Mobile" HTC Dash / S620 / Excalibur to work properly on the AT&T network.

The setting are as follows:
(WM 6.1)
1. Start / Settings / Connections
2. Goto "GPRS"
3. "New..."
  • Description: AT&T GPRS
  • Connects to: "The Internet"
  • Access point: wap.cingular
  • Authentication type: "CHAP"
  • Done
That is enough to get Internet Explorer and Email to work. From my Blackjack II (SGH-I617), there also is a setting for Proxy, which didn't seem like it was necessary. However, here's the info.

1. Start / Settings / Connections
2. Goto "Proxy"
3. "New..."
  • Description: AT&T WAP
  • Connects from: "The Internet"
  • Connects to: "WAP Network"
  • Proxy: wireless.cingular.com:80
  • Type: "HTTP"
I hope this works for you.