Supporting Technology

I’ve been working on getting a script together that would take all those old outdated versions of Java off of client’s machines without having to go into “Add/Remove Programs” 50 times to do it.

The reason for this, or course, is that older versions of Java contain security vulnerabilities. Some viruses can exploit that vulnerability and thus use Java as the “entry-point” to begin their malicious havoc on your PC.  See this article from the Washington Post.

After working off and on today on it, I think I have a solution. Part of the following code I found on a tech blog, so if it looks like you were the author, thanks! You can download the batch file here.

…Or here’s the code to see for yourself:
Rem to run this file and log the output use: "uninstall java.bat">>java_remove.log
Rem @echo off &
cls
Rem List all Installation subkeys from uninstall key.
echo Searching Registry for Java Installs
for /f %%I in (’reg query HKLM\SOFTWARE\microsoft\windows\currentversion\uninstall’) do echo %%I | find “{” > nul && call :All-Installations %%I
echo Search Complete..
goto :NoneFound
:All-Installations
Rem Filter out all but the Sun Installations
for /f “tokens=2*” %%T in (’reg query %1 /v Publisher 2^> nul’) do echo %%U | find “Sun” > nul && call :Sun-Installations %1
goto :EOF
:Sun-Installations
Rem Filter out all but the Sun-Java Installations. Note the tilda + n, which drops all the subkeys from the path
echo %1
for /f “tokens=2*” %%T in (’reg query %1 /v DisplayName 2^> nul’) do echo . Uninstalling - %%U: | find “Java” && call :Sun-Java-Installs %~n1
if errorlevel 1 (
echo Doing further conditional checking on variables.
for /f “tokens=2*” %%T in (’reg query %1 /v DisplayName 2^> nul’) do echo . Uninstalling - %%U: | find “J2SE” && call :Sun-Java-Installs %~n1
)
goto :EOF
:Sun-Java-Installs
Rem Run Uninstaller for the installation
MsiExec.exe /x%1 /qb /quiet /passive /promptrestart
echo . Uninstall Complete, Resuming Search..
goto :EOF
:NoneFound
Rem No Java found to remove from this system
echo No Java found or all versions already removed from this system
goto :EOF

VERY IMPORTANT
If you or your clients are running LOB apps that require legacy versions of Java, this batch file WILL remove them. It removes all versions of Java. The good news is that you can download old versions of Java here: http://java.sun.com/products/archive/. There’s about every outdated version of Java you can dream of there waiting to be downloaded.

Once you have removed all versions of Java, you now need to get the latest version on. You can get that here: http://www.java.com/en/download/manual.jsp.

I hate the auto update feature of Java, so if you want to turn that off, you can go here:

HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update\Policy

Change the EnableJavaUpdate key to 0, and that should do the trick.  Someone suggested installing with “JAVAUPDATE=0″, but in my testing that didn’t do anything.

I pushed all this out via Kaseya to my clients. Here are the Kaseya scripts I used:
Remove Java
Script Name: Remove Java
Script Description:

IF Test File
Parameter 1 : C:\ICS\Tools\remove_java.bat
Exists :
THEN
Execute Shell Command
Parameter 1 : C:\ICS\Tools\remove_java.bat>>C:\ICS\Logs\remove_java.log
Parameter 2 : 1
OS Type : 8
Write Script Log Entry
Parameter 1 : All versions of Java removed.
OS Type : 8
ELSE
Write File
Parameter 1 : C:\ICS\Tools\remove_java.bat
Parameter 2 : lpopejoy\Scripts\uninstall java.bat
OS Type : 8
Execute Shell Command
Parameter 1 : C:\ICS\Tools\remove_java.bat>>C:\ICS\Logs\remove_java.log
Parameter 2 : 1
OS Type : 8
Write Script Log Entry
Parameter 1 : All versions of Java removed.
OS Type : 8

Install New Version
Script Name: Install Java
Script Description:

IF True
THEN
Write File
Parameter 1 : C:\ICS\Tools\jre-6u7-windows-i586-p-s.exe
Parameter 2 : lpopejoy\Software\Java\jre-6u7-windows-i586-p-s.exe
OS Type : 0
Execute Shell Command
Parameter 1 : C:\ICS\Tools\jre-6u7-windows-i586-p-s.exe /s /v”/qn IEXPLORER=1 REBOOT=Suppress JAVAUPDATE=0 /L C:\ICS\Logs\JRE6_7Setup.log”
Parameter 2 : 1
OS Type : 0
Set Registry Value
Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update\Policy\EnableJavaUpdate
Parameter 2 : 0
Parameter 3 : REG_DWORD
OS Type : 0
Write Script Log Entry
Parameter 1 : Latest Version of Java installed.
OS Type : 0
ELSE
Do both together
Script Name: Remove Java & Install Latest
Script Description:

IF True
THEN
Execute Script
Parameter 1 : Remove Java (NOTE: Script reference is NOT imported. Correct manually in script editor.
Parameter 2 :
Parameter 3 : 0
OS Type : 8
Execute Script
Parameter 1 : Install Java (NOTE: Script reference is NOT imported. Correct manually in script editor.
Parameter 2 :
Parameter 3 : 0
OS Type : 8
ELSE

All the best!

Luke

Much to my surprise… One of my thoughtful clients nominated me for the OpenDNS SysAdmin award… and I won! I won the “Shoestring Budget” award specifically. Thanks Mark Sanger! You can see more about his company here: WSIC Radio Station

He’s a great guy… If you need some on-air coverage, make sure you give Walter, his sales guy a call. They will really work with you for whatever you need.

Mark, thanks again for your thoughtfulness. It’s been a pleasure working for you.

For any small business owner - as most of my clients are - do yourself a favor and go buy yourself a book. The book I’m recommending is E-Myth: Why Most Small Businesses Don’t Work and What to Do About It. You can buy it here: Amazon.com for 11 bucks!

It basically talks about how to turn your business into a system that works instead of a place that breaks as soon as you walk out the door. I’m trying to figure out how to create a system that performs in the way my clients and vendors (and wife) anticipate. I’m sick of everything revolving around me. I leave; I’m working. I get home with a ton of emails, tickets, and phone calls to return. Something is really broken, but I, though I love to fix, don’t know how to fix this one.

Anyway, enter E-myth. Nothing magic, just good, practical advice and education. It’s good reading for any small business owner.

That’s my recommendation for the day.

Now get to work!

Ok, got a call this morning from a user saying she couldn’t print. I mentally went over the obvious, and decided a service call would be in order. This user is on Windows XP. Here is what I found:

To start with when the print spooler was started either from Run -> Services.msc -> Print Spooler -> Start / Restart OR from a command prompt with “net start spooler” you would get an error message within 20 seconds or so saying:

After some troubleshooting, I saw that the error logs revealed that the error was coming from a file called ZSDIMF.DLL. I searched the computer for that file and saw that it was related to the user’s HP LaserJet 1022 (I HATE HP DRIVERS!!). See the screenshot:

So here’s the solution:
Make sure the print spooler is stopped. You can even go to the task manager and kill the process called “spoolsv.exe.”
Go here: HKLM\System\CurrentControlSet\Control\Print\Printers\Printname and find the printer with the offending driver. Right click and delete. Note that a registry backup may be a good idea if you are unsure of what you are doing.

Now you can go to to Control Panel -> Printers & Faxes and go to File -> Server Properties. Go to the drivers tab and delete the offending drivers (in my case this was HP Laserjet 1020 series drivers). Now go to the manufacturers website and download new ones and reinstall your printer.

Quick Update
I did get the error again after the first reboot. I deleted all the temp files, including the prefetch, and searched the computer for the offending file again. No file found. After another reboot, everything was fine!
That should do the trick!

Ok, I’ve been having this problem on a user’s workstation only with certain word documents located on an external web server. I couldn’t quite determine what caused some to do it and others not to… but here’s the symptoms and the resolution:

Symptoms
A user clicks on a link like this: http://www.somedomain.com/somewordfile.doc and either saves the file to a local location or IE will say “404 not found” if IE is configured to open the Office documents in the same window.

Resolution
Install Office 2003 Service Pack 3. Download here: http://www.microsoft.com/downloads/details.aspx?FamilyID=85AF7BFD-6F69-4289-8BD1-EB966BCDFB5E&displaylang=en. That fixed the problem for me!

By the way, if you are wondering how to get Office documents to open in Internet Explorer, go to My Computer, Click Tools, Folder Options, File Types tab. Go to the doc file type (or xls if that is applicable in your case). Click on the “Advanced” button. Check the box that says “Browse in same window.” That should do it!

Best wishes!

Well, after replacing a bad hard drive in a client’s server today, the server would show the array as “rebuilding” for about 60 seconds. This was an array configured as RAID 1 on a Dell Perc 3/DC raid controller.

The machine wasn’t under warranty, and I wasn’t sure what to do, other than make sure we had a good backup - because obviously we had lost the redundancy that the RAID 1 array was giving us.

I ended up meeting this guy who had worked for Adaptec and he suggested checking for a firmware upgraded for the RAID controller. I thought, “yeah great idea!” I went on Dell’s website, and check and sure enough there was a firmware upgrade. I downloaded and installed, and after a server reboot, and removing the “new” drive that the server was showing as failed, the controller started an array rebuild and all was well.

Thank the Lord for bringing people across our path at just the right time!

There seems to be an issue with XP Service Pack 3 (which was just released) with AMD Processors.

The problem is this:
After SP3 has been installed, when the computer is rebooted, it bluescreens.

The fix for the problem is this:
Choose F8 as the computer is starting up, and boot into Safe Mode. Once there, open regedit (Start->Run->regedit) and navigate to the following key:

HKLM\System\CurrentControlSet\Services\intelppm

Find the “Start” key. The value should be a 1; change it to a 4.

Close the registry editor and restart your computer. Everything should work now!

I just did my first Exchange Active Sync configuration.

Here’s the procedure:

1) Make sure you have a valid cert on your site. https://FQDN/exchange should NOT give you an cert errors. If you do insist on using a self-signed cert, it requires saving the cert to a XML file format, sticking that XML file into a CAB file, and then transferring and installing that CAB file on the mobile phone (Windows Mobile only). Use a cert from a recognized certificate authority. Here are some KB’s on it:

2) Make sure you have port 443 open on your router and directed to your Exchange FE server.

3) You will need to follow the following KB to get Exchange AS to work on Exchange server 2003 Standard and Enterprise: http://support.microsoft.com/kb/817379. Note that if you have SBS 2003, Microsoft has kindly already taken care of getting it to work. This site http://www.amset.info/exchange/mobile-85010014.asp also has some valuable content. Basically a reproduction of KB 817379, except he gives some additional steps that I used - but don’t know if I would have had to or not!

4) Finally, go to your mobile phone and setup ActiveSync to the FQDN of your Exchange server. This should be public DNS resolvable.

Finally, let me add that my synchronization of Windows Mobile was totally smooth. Getting the Treo 755 (Palm OS) to work was a bit of a challenge. However installing Exchange SP2 ultimately resolved that problem. To determine the Exchange Service pack level, go to Exchange System Manager and right click on your server. You should see the service pack level under the “General” tab of “Properties.”