Tips & Tricks

14 Juli 2009

Windows Recovery Console

Pernahkan anda mengalami kejadian dimana Windows 2000 tidak dapat start dengan sempurna atau bahkan tidak dapat start sama sekali ?

Tulisan berikut akan menjelaskan Windows Recovery Console yang memang dibuat untuk mengatasi masalah seperti diatas.

Dengan Windows Recovery Console, kita dapat melakukan :

Use, copy, rename or replace operating system files and folders.
Enable or disable services or devices from starting when you next start your computer.
Repair the file system boot sector or the Master Boot Record (MBR).
Create and format partitions on drives.

Note : only an administrator can obtain access to the Windows Recovery Console so that unauthorized users cannot use any NTFS volume.

Starting the Windows Recovery Console

To start the Windows Recovery Console, use any of the following methods:

Start your computer with the Windows Setup floppy disks, or with the Windows CD-ROM. At the "Welcome to Setup" screen, press F10, or press R to repair, and then press C (Windows 2000 only) to start the Windows Recovery Console. Select the appropriate number for the Windows installation that you want to repair, and then type the administrator password. If the administrator password does not exist, just press ENTER.
Add the Windows Recovery Console to the Windows Startup folder by using Winnt32.exe with the /cmdcons switch. This procedure requires approximately 7 MB of hard disk space on your system partition to hold the Cmdcons folder and files.

NOTE: If you are using software mirroring, please see the following article in the Microsoft Knowledge Base:
229077 (http://support.microsoft.com/kb/229077/EN-US/ ) Mirroring Prevents Pre-Installing the Recovery Console
Follow the instructions in the following article in the Microsoft Knowledge Base:
222478 (http://support.microsoft.com/kb/222478/EN-US/ ) Creating a Template to Run Recovery Console Using a Remote Install Server

After you start the Windows Recovery Console, you receive the following message:

Windows NT(TM) Boot Console Command Interpreter.

WARNING:

This is a limited function command prompt intended only as a system recovery utility for advanced users. Using this utility incorrectly can cause serious system-wide problems that may require you to reinstall Windows to correct them.

Type 'exit' to leave the command prompt and reboot the system.

1: C:\WINNT

Which Windows installation would you like to logon to (enter to abort)?

After you enter the number for the appropriate Windows installation, enter the Administrator account password. Note that if you use an incorrect password three times, the Windows Recovery Console quits. Also, if the SAM database is missing or damaged, you are not able to use the Windows Recovery Console because you cannot be properly authenticated. After you enter your password and the Windows Recovery Console starts, type exit to restart your computer.

Berikut ini adalah daftar command yang diperlukan untuk recovery :

DISABLE

disable servicename

Use this command (where servicename specifies the name of the service or driver to be disabled) to disable a Windows system service or driver.

Use the listsvc command to display all eligible services or drivers to disable. The disable command prints the old start type of the service before resetting it to SERVICE_DISABLED. Because of this, you should record the old start type in case it is necessary to re-enable the service.

The start_type values that the disable command displays are: SERVICE_DISABLED
SERVICE_BOOT_START
SERVICE_SYSTEM_START
SERVICE_AUTO_START
SERVICE_DEMAND_START

ENABLE

enable servicename start_type

You can use the enable command (where servicename is the name of the service or driver to be enabled) to enable a Windows system service or driver.

Use the listsvc command to display all eligible services or drivers to enable. The enable command prints the old start type of the service before resetting it to the new value. You should note the old value, in case it is necessary to restore the start type of the service.

Valid start_type are:

SERVICE_BOOT_START
SERVICE_SYSTEM_START
SERVICE_AUTO_START
SERVICE_DEMAND_START

NOTE: If you do not specify a new start type, the enable command prints the old start type for you.

EXPAND

expand source [/F:filespec] [destination] [/y]

expand source [/F:filespec] /D

Use this command (where source specifies the name of the file to be expanded and destination specifies the directory for the new file) to expand a file.

NOTE: You may not include wildcards.
If destination is not specified, the command defaults to the current folder.

Options:

/y: Do not prompt before overwriting an existing file.
/f:filespec: If the source contains more than one file, this parameter is required to identify the specific files to be expanded. You may include wildcards.
/d: Do not expand; only display a directory of the files which are contained in the source.

The destination may be any directory within the system directories of the current Windows installation, the root of the drive, the local installation sources, or the Cmdcons folder. The destination cannot be removable media. The destination file cannot be read-only. Use the attrib command to remove the read-only attribute.

expand prompts you if the destination file already exists unless you use /y.

FIXBOOT

fixboot drive name:

Use this command (where drive name is the drive letter where the boot sector will be written) to write the new Windows boot sector code on the boot partition. This command fixes problems where the Windows boot sector is corrupted. The Emergency Repair process also fixes the boot sector. This command overrides the default of writing to the system boot partition.

FIXMBR

fixmbr device name

Use this command (where device name is an optional device name that specifies the device that needs a new MBR) to repair the master boot record (MBR) of the system partition. This command is used in scenarios where a virus has damaged the MBR and Windows cannot start.

WARNING: This command has the potential to damage your partition tables if a virus is present or a hardware problem exists. This command may lead to inaccessible partitions. Microsoft suggests running antivirus software before using this command.

The name can be obtained from the output of the map command. If this is left blank, the boot device's MBR is fixed, for example:

fixmbr \device\harddisk2

If Fixmbr detects an invalid or non-standard partition table signature, it prompts you for permission before rewriting the MBR.

LISTSVC

The listsvc command lists all available services, drivers, and their start types for the current Windows installation. This command may be useful when using the disable and enable commands.

NOTE: These are extracted from the %SystemRoot%\System32\Config\SYSTEM hive. If the SYSTEM hive become damaged or missing, unpredictable results may occur.

LOGON

logon

The logon command lists all detected installations of Windows, and then requests the local administrator password for the copy of Windows you chose to log on to. If more than three attempts to logon do not succeed, the console quits and your computer restarts.

SET

The set command allows you to display or modify four environment options.

AllowWildCards = FALSE AllowAllPaths = FALSE AllowRemovableMedia = FALSE NoCopyPrompt = FALSE

SYSTEMROOT

The systemroot command sets the current working folder to the %SystemRoot% folder of the Windows installation you are currently logged on to.

TYPE

type filename

The type command displays a text file.

Untuk lebih lengkapnya dapat anda lihat di support.microsoft.com article : 229716

13 Juli 2009

Block a Windows 2000/XP/2003 computer from surfing on the internet but still allow surfing on intranet sites

Windows 2000/XP/2003 memiliki built-in IP security (ipsec), yaitu sebuat protocol yang dibuat untuk memproteksi paket TCP/IP yang lewat pada suatu jaringan.

Dengan membuat policy yang memblokir semua IP traffic yang menggunakan HTTP dan HTTPS (TCP port 80 dan 443), maka komputer tsb tidak akan bisa melakukan browsing internet lagi.

Berikut adalah langkah konfigurasi-nya :
01. Open an MMC Window (Start > Run > MMC).
02. Add the IP Security and Policy Management Snap-In.
03. In the selection which computer this policy will manage, select the local computer, click Close then click OK.
04. Right-click IP Security Policies in the left pane of the MMC console, select Manage IP Filter Lists and Filter Actions.
05. In the Manage IP Filter Lists and Filter Actions, click Add.
06. In the IP Filter List window type a descriptive name (such HTTP) and click Add.
07. In the Welcome window click Next.
08. In the description box type a description as you want and click Next.
09. In the IP Traffic Source window leave My IP Address selected dan click Next.
10. In the IP Traffic Destination window leave Any IP Address selected and click Next.
11. In the IP Protocol Type scroll to TCP and click Next.
12. In the IP Protocol Port type 80 (for HTTP) in the To This Post box and click Next.
13. In the IP Filter List window notice how a new IP Filter has been added. Now if you want to add HTTPS (Any IP to Any IP, Protocol TCP, Destination Port 443) use the same step 5 to 12.
14. Now that you have both filter set up, click OK.

15. Back in the Manage IP Filter Lists and Filter Actions. Now we add a new filter for INTRANET web traffic, click Add.
16. Give the new filter an appropriate name (such INTRANET) and then click Add.
17. In the IP Traffic Source window leave My IP Address selected dan click Next.
18. In the IP Traffic Destination window, click the drop-down list and select the type of destination. For example :
a. if you want to allow web traffic for one specific intranet web server, select A Specific DNS Name, then in the Host Name box type the Server Name and click Next.
b. if you want to allow web traffic for an entire internal subnet such as 192.168.0.0/24, select A Specific IP Subnet, and type the Network ID and Subnet Mask for the required subnet and click Next.

19. Back in the Manage IP Filter Lists and Filter Actions, click Manage Filter Actions tab. Now we need to add a filter action that will block our designated traffic, click Add.
20. In the Welcome window click Next.
21. In the Filter Action Name type BLOCK and click Next.
22. In the Filter Action General Options click Block and click Next.

23. Back in the MMC Console, right-click IP Security Policies on Local Computer and select Create IP Security Policy.
24. In the Welcome window click Next.
25. In the IP Security Policy Name enter a descriptive name, such as "Block HTTP & HTTPS Allow INTRANET" click Next.
26. In the Request for Secure Communication window click to clear Active the Default Response Rule check-box, click Next.
27. In the completing IP Security Wizard window click Finish.

28. In the New IPSec Policy window click Add.
29. In the Welcome window click Next.
30. In the Tunnel Endpoint make sure the default setting is selected and click Next.
31. In the Network Type window select All Network Connections and click Next.
32. In the IP Filter Lists window select one of the previously configured IP Filters (such as HTTP) click Next.
33. In the Filter Action window select one of the previously configured Filter Actions (such as Block) click Next

34. Back in the New IPSec Policy window, make sure the new IP Filter is selected. Click Add to add more IP Filters and Filter Actions. In this example we add the INTRANET IP filter.
35. Configure it to use the Permit Filter Action.

36. In the MMC Console, right-click the New IPSec Policy and select Assign.

Selesai.

"Folder is not accessible. Access is denied"

Mungkin anda pernah mengalami saat membuka folder dalam Windows XP, muncul pesan error "Folder is not accessible. Access is denied".

Hal ini mungkin terjadi jika folder yang anda buka dibuat dengan File System NTFS dari CD instalasi Windows XP Professional. Hal ini disebabkan karena security ID telah berubah, meskipun telah menggunakan user name dan password yang sama.

Solusinya adalah dengan mematikan "Simple File Sharing" dan mengambil alih ownership dari folder tersebut.

1. Turn off Simple File Sharing:
a. Klik "Start" dan klik "My Computer".
b. Pada Menu, klik "Tools", klik "Folder Option", dan klik Tab "View"
c. Pada bagian "Advanced Settings", hilangkan centang pada "Use Simple File Sharing".
d. Kemudian klik OK.
2. Klik kanan folder yang akan diambil alih ownership-nya, kemudian klik "Properties".
3. Klik tab "Security". (Klik OK jika muncul pesan security)
4. Klik "Advanced" dan klik tab "Owner"
5. Dalam daftar nama, klik user name yang dipergunakan atau Administrator.
Centang "Replace owner ob subcontainers and objects"
6. Klik OK
7. Klik Yes jika muncul error message "You do not have permission..."

Reff : http://support.microsoft.com/kb/810881/