Windows

True SSO for ShareFile Sync and Drive Mapper

Posted by daro on March 09, 2017
Citrix, ShareFile, Windows / No Comments

ShareFile-logo-1

Lets get those seamless logons one step further!

There is a very good article on how to set up Citrix ShareFile with AD FS 3.0 for Integrated Windows Authentication for WebApp by Jason Samuel. To do this you will need:

Once we have that SSO solution in place, we can easily take it one step further and apply this to ShareFile client applications as well. In this tutorial we will look into implementing Integrated Windows Authentication for ShareFile Sync and Drive Mapper.

Both applications come with Administrative templates that we can deploy via GPO. After the apps are installed, those templates can be found in:

  • Sync – ‘C:\Program Files\Citrix\ShareFile\Sync\Configuration\PolicyDefinitions’
  • Drive Mapper – ‘C:\Program Files\Citrix\ShareFile\DriveMapper\PolicyDefinitions’

Make sure to copy both .admx and .adml files or the GPO processing will fail. The number of times I’ve seen one of those files missing…

If you would like to test it locally you can copy the templates to ‘C:\Windows\PolicyDefinitions’

After templates are imported we can start modyfing settings with Group Policy Editor. Drive Mapper needs only Account setting set in format of mycompany.sharefile.com or .eu

DM GPO

While Sync needs to have Account and Authentication Type set. Account should be configured as above and Authentication Type set to ‘Windows Integrated Authenticaton’

Sync GPOPublishing GPO’s isn’t part of this article but there is plenty of information about that on the web. Once this is done and deployed your users should be able to enjoy seamless logons not only into the ShareFile web but also to the client applications.

Below you’ll find video demonstrating how this all works:

Happy SSO’ing!

Recover files hidden by Downloader.Dromedan

Posted by daro on March 11, 2016
Malware, Windows / No Comments

win7logoApart from other harmful actions Downloader.Dromedan can transfer itself to your USB storage device to aid in replication of itself when you plug it in to another device, and make it look like all the files are gone. Don’t panic! In most cases they are still there but are just hidden and you can still Recover files hidden by Downloader.Dromedan. First of all make sure that infection is gone completely from your system. There are multiple articles on the web on how to do this and this is not the topic for this one.

To recover your files open up an elevated command prompt and if your USB drive letter is F do:

prompt

prompt2

Above command will remove system, hidden, archive and read-only file attributes from all files and folders on your drive, making them accessible to you again. After this you should be able to see folder with no name on your drive with all the files. There you go. If this article helped you, you can help me as well by clicking on one of the ads on my site if you don’t have ad blocking software installed into your browser.

 

How to recreate Windows profile

Posted by daro on December 16, 2015
Windows / No Comments

win7logo

Sometimes you just have to recreate Windows profile

Lets say you have a profile called Bob and you have to refresh it. On most Windows 7/8 systems it is located in “C:\Users\Bob”

1. Rename the user’s profile folder to Bob.old In order to do this user Bob has to be logged off. Otherwise you’ll get an error stating that the files are in use.

2. Logged in as an admin, go to Control Panel, User Accounts, Manage User Accounts. Domain accounts show there after an initial login.

3. Delete the account for Bob

4. Open regedit and make sure that the user is no longer in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList. Delete it if present, even if it is followed by “.bak”.

5. Reboot machine. Login as the user. This will create a fresh spanking new profile.

6. Login as admin. Copy contents of (or the files that you really need) “C:\Users\Bob.old” to “C:\Users\Bob” replacing existing ones.

Do not copy the following files from old profile into the new profile:
Ntuser.dat
Ntuser.dat.log
Ntuser.ini

7. Let Bob log back in and praise you as company’s IT Guru!

No sound in Google Hangouts

Posted by daro on May 08, 2015
Google, Hangouts, Windows / No Comments

google-hangouts

No sound in Google Hangouts? Read below.

Certain sound drivers add enhancements to your microphone properties causing it to stop working in Google Hangouts. If you can hear others but they are unable to her you. Or if you sound quiet and muffled to your callers – this is the case.

To resolve this, all that needs to be done is to disable mic enhancements, assuming that you have configured your Hangouts to use correct input and output audio devices. So lets get on with it.

On Windows system go to Control Panel, then Sound. Click on Recording tab, highlight your microphone and click Properties, and Advanced tab. You should see something like this:

mic no sound in google hangouts

Uncheck the ‘Enable audio enhancements’ hit Apply or just OK and you should be good to go.

Send to OneNote 2010 printer missing

Posted by daro on December 02, 2014
MS Office 2010, Windows / 3 Comments

onenote_2010

Send to OneNote 2010 printer missing in Windows 7? Let’s get it back in no time!

After some extensive research on this issue – Send to OneNote 2010 printer missing on Windows 7, there is finally a solution that at least worked for me and good few other users.

All there is that needs to be done is to make sure that below windows features are enabled and then go to  Programs and Features in Control panel, or Start -> Run, type in appwiz.cpl, click OK and repair MS Office installation.

features

Reboot and the long missing option should be back

SendToOneNote

This so far has been tested on Win 7 x86 Enterprise and MS Office 2010 x86. Hope this helps. Best of luck.

Internet Explorer 9 x64 for Windows 7

Posted by daro on October 30, 2014
Internet Explorer, Windows / No Comments

browsersYes, there are times when you have to use Internet Explorer!

When you ask? To download another browser for example. Or more seriously. When a business application won’t work with any other.

When you have to install specific version of this browser like Internet Explorer 9 x64 for Windows 7 and google for it, Microsoft will kindly suggest its newest version which is IE11 and it’s not always what we are looking for. After some research there are the direct links to both versions of IE:

For x86: http://download.microsoft.com/download/C/3/B/C3BF2EF4-E764-430C-BDCE-479F2142FC81/IE9-Windows7-x86-enu.exe

For x64: http://download.microsoft.com/download/C/1/6/C167B427-722E-4665-9A40-A37BC5222B0A/IE9-Windows7-x64-enu.exe

Citrix Receiver – The profile for the user is a temporary profile

Posted by daro on August 28, 2014
Citrix, Windows / No Comments

 

citrix_logo

Citrix Receiver giving you grief? This should help.

When the below error comes up – don’t sweat. There is a quick registry fix that should do the trick and get this application installed in no time.

citrix temp profile

Even though user may not be logged in on a temporary profile, if there are .bak registry keys in ‘HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList’ citrix may throw up the “the profile for the user is a temporary profile” error while trying to install it. To solve just delete of rename subkeys that end with .bak As with all registry changes please remember to export it first so you can always go back if something goes sideways.

To find out which subkey relates to a specific profile, expand it and look for ProfileImagePath registry entry that points to the original profile folder of the user.

The remote session was disconnected because there are no Terminal Server License Servers available to provide a license

Posted by daro on June 07, 2014
Citrix, Windows / No Comments

citrix_logo

No Terminal Server License Servers available to provide a license? Not quite so

Citrix client, whether it’s Program Neighborhood or Receiver, sometimes comes up with following error:

Warning:
Registry is crucial for Windows systems, before making any changes make sure to export it first so if you mess up you can always go back.
export

There is a very easy fix for this, all you have to do is to remove or rename ‘HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing’ key.

Log off and then log back in and you are done. I presume you all know how to launch registry editor, if not let me know.

How to search large network shares

Posted by daro on June 05, 2014
Network, Windows / No Comments

network shares

Searching large network shares might be slow, but there is a better way!

I’ve recently came across interesting challenge of finding one particular document among thousands  of others spread across multiple folders. Windows search function wasn’t up to the task, could not find anything and because it was a network storage – it was painfully slow. So I remembered a command that I’ve seen on some blog that exports file names along with its path to a simple text file. There comes quick solution for how to search network shares. If your drive is mapped as S: do ‘cd S:’ and the command is:

dir /a /b /-p /o:gen /s > OutputFile.txt

So I opened up this file in a notepad, CTRL+F, entered search string and bam! There it was. Works miraculously! Sometimes simplest solutions are the best.

How to find password age in Active Directory

Posted by daro on June 03, 2014
Active Directory, Windows / 3 Comments

active-directory

Finding password age in Active Directory doesn’t have to be all that complicated

1. Net user

Open up command prompt and issue following command:

net user username /domain

Where username is an AD logon name of a user. Output of this command should look like this:

net user

Last logon entry visible in above screenshot can also be found in ADUC by navigating to user’s account and going to Attribute Editor tab as below:

last_logon

There is a controversy over which attribute should be used, whether it should be lastLogon or lastLogonTimestamp. In my case lastLogon attribute is more accurate. Another quick way to do this is to use Lockout status tool provided by Microsoft.

2. Lockout Status tool

Bear in mind that in order to use this tool on a client machine rather than a server you would have to have RSAT installed.