By default, Windows Vista synchronizes once every 7 days with time.windows.com along with every other user out there.

Let's change this to sync every half day with several NTP servers to get a more reliable time.

First of all go to the NTP Pool Project and browse to the page of your country, I'll use the Belgium NTP Pool as an example.

Let's start with the simple change and click on your system clock and select change date and time settings...

On the tab Internet Time select Change settings... and as a server, enter the name of your country's main pool, be.pool.ntp.org for Belgium. Press Update now to test it, and finally close all windows again.

At this point you're randomly picking an NTP server in your country for your weekly update. Let's improve this a bit by adding multiple servers.

Open an administrative command prompt and enter the following command (replace the server names by the list of your country, space separated, surrounded by double quotes):

 
net time /setsntp:"0.be.pool.ntp.org 1.be.pool.ntp.org 2.be.pool.ntp.org 3.be.pool.ntp.org"
w32tm /query /peers
net stop w32time
net start w32time
w32tm /resync
w32tm /query /peers

You will have noticed there are now four NTP servers in the list.

 
C:\>w32tm /query /peers
#Peers: 4

Peer: 0.be.pool.ntp.org
State: Active
Time Remaining: 595.8760000s
Mode: 3 (Client)
Stratum: 3 (secondary reference - syncd by (S)NTP)
PeerPoll Interval: 10 (1024s)
HostPoll Interval: 10 (1024s)

Peer: 1.be.pool.ntp.org
State: Active
Time Remaining: 595.8760000s
Mode: 3 (Client)
Stratum: 2 (secondary reference - syncd by (S)NTP)
PeerPoll Interval: 10 (1024s)
HostPoll Interval: 10 (1024s)

Peer: 2.be.pool.ntp.org
State: Active
Time Remaining: 595.8760000s
Mode: 3 (Client)
Stratum: 2 (secondary reference - syncd by (S)NTP)
PeerPoll Interval: 10 (1024s)
HostPoll Interval: 10 (1024s)

Peer: 3.be.pool.ntp.org
State: Active
Time Remaining: 595.8760000s
Mode: 3 (Client)
Stratum: 2 (secondary reference - syncd by (S)NTP)
PeerPoll Interval: 10 (1024s)
HostPoll Interval: 10 (1024s)

When you run w32tm /query /configuration you will notice the SpecialPollInterval setting will list 604800, which is 7 days in seconds.

To change the interval, open up regedit, go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient and locate the SpecialPollInterval DWORD value.

Change this to Decimal 43200 (Hex 0000a8c0), which is equal to 12 hours in seconds.

Close regedit and execute the following commands:

 
net stop w32time
net start w32time
w32tm /query /configuration

This will now return a lot information, including the following lines:

 
SpecialPollInterval: 43200 (Local)
Type: NTP (Local)
NtpServer: 0.be.pool.ntp.org 1.be.pool.ntp.org 2.be.pool.ntp.org 3.be.pool.ntp.org (Local)

Congratulations, at this point you are succesfully syncing your computer every 12 hours against multiple NTP servers.

I've done this as a result of my previous IPv6 tunnel article, to make sure I'm running nearly equal with SixXS, which you can check at SixXS Time Check.

Update: Windows 7 deprecated net time /setsntp, use this instead:

 
w32tm /config /manualpeerlist:"0.be.pool.ntp.org 1.be.pool.ntp.org 2.be.pool.ntp.org 3.be.pool.ntp.org"
 

I used to have an IPv6 tunnel on my old machine, but since I moved to a new desktop I didn't get around to setting it up again. That's gonna change today.

First of all, why would you want it? Well, here's a start, as well as the fact that it's geeky and lets you learn more about IPv6.

Start by going to SixXS and sign up for an account, it took about a day for mine to get approved.

After you received your account, you can login and request a tunnel. Make sure you request a PoP close to you, and you will most likely want to request an ayiya tunnel.

While waiting for approval, we can already prepare some software parts for our tunnel.

Go to the OpenVPN Downloads Page and download the OpenVPN 2.1 RC15 installer. This is needed for the tap901 in Vista, since that one is signed.

Run the installer and deselect everything except the "TAP Virtual Ethernet Adapter". Go ahead and install it, it'll create a new network adapter, which I renamed to IPv6 for clarity.

Go into the properties of this new adapter and navigate to the IPv4 settings. Manually assign an IP address which is in the same subnet as your main network. E.g.: My main LAN hands out IPs via DHCP in the range of 192.168.123.100-200, subnet 255.255.255.0, so I assigned 192.168.123.99 to this IPv6 adapter.

Download the Aiccu console client, rename it to aiccu-console.exe and save it somewhere.

Also download the Windows 2003 Resource Kit and install it.

At this point we have to wait for our tunnel request to be approved before we can continue.

Once we received a mail, it's time to configure the aiccu client. Start by creating a file called aiccu.conf in the WINDOWS directory, containing the following:

 
username -SIXXS
password 

ipv6_interface IPv6
tunnel_id T

verbose true
daemonize true
automatic true
requiretls false

You can find your tunnel id on your SixXS Home Page.

Run the following commands as administrator to disable conflicting Vista IPv6 technologies:

 
netsh interface ipv6 6to4 set state state=disabled
netsh interface ipv6 isatap set state state=disabled
netsh interface ipv6 set teredo disable

Run the following command to speed up DNS requests, since Vista sometimes acts up when the IPv4 adapter doesn't have an IPv6 associated with it:

Cable is the name of my physical network adapter, you can copy the IPv6 listed, it doesn't really matter at this point.

 
netsh int ipv6 add address "Cable" 2002:81a8:102::

I also ran the following command to allow ICMP requests to come through over the tunnel, otherwise SixXS can not monitor it and will think it's inactive and it might get disabled.

 
netsh firewall set icmpsetting type=ALL mode=ENABLE

Run the following command to set your MTU to match the tunnel's MTU:

 
netsh int ipv6 set subinterface "IPv6" mtu=1280

At this point you can run aiccu-console.exe start as an administrator to test your tunnel.

This will provide a lot of output, and after a while you will see your network adapter listed as Identifying in Vista, after which it'll ask if this is a private or public network.

At this point you can open up a prompt and try to ping -6 ipv6.google.com to see if it all works. Normally everything should be fine.

You can now modify the aiccu.conf to state verbose false, since everything is alright now.

Now you can try surfing to Google IPv6 and [SixXS IPv6(http://www.ipv6.sixxs.net "SixXS IPv6") to check if that's working as well.

If all is fine, hit CTRL+C in the aiccu console to stop it. It's time to configure it as a service.

Navigate to the directory where you previously installed the Windows 2003 Resource Kit files and execute the following (mind the path):

 
instsrv.exe AICCU "C:\Program Files (x86)\Windows Resource Kits\Tools\srvany.exe"
sc description AICCU "Aiccu IPv6 Client"

Open up regedit, navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AICCU and create a new Key called Parameters.

Create a new String Value called Application below this key and as a value enter the full path to the aiccu console with the start command, e.g.: C:\IPv6\aiccu-console.exe start

Close regedit, go back to the prompt and type NET START AICCU and you will notice the IPv6 tunnel being set up.

Congratulations, you now got an IPv6 tunnel up and running, which automatically starts everytime you boot.

After a while you will be able to see graphs on the SixXS home page about your connection.

If you have any problems, please leave a comment and I'll see what I can do, as well as update the post to include possible additional steps.

 
Deze post is geïmporteerd van de oude blog en is nog niet geconverteerd naar de nieuwe syntax.
Long ago, I found something strange in Windows Explorer, which I wanted to retry on Vista today.

In Explorer, first create a very big directory tree, consisting out of small directory names. Now, from the bottom, rename these directories to about 100 characters.

Directory Tree

When you reached the top, try browsing the tree, after some directories it won't allow you to open the directory anymore. You can't select it, it will jump back, you can't rename that one, you can't delete the entire tree at once.

Can not delete tree

You can however to get rid of it, start renaming from the top, to all short names again, until you can delete them.

I realize this has something to do with character limits on paths, but this shouldn't be possible, should it? You can't even delete them properly. Is there a way to prevent this from happening? Or at least be able to clean it up without too much hassle?

I created a small proof of concept, using three .bat files.

  • Extract the zip and run Destroy.bat

  • It will first call Mtree.bat to make a small directory tree, where all directories are named "1".

  • Afterwards it calls calls Rtree.bat to rename the directories to a long name.


Feel free to look at the .bat files with a text editor, to check what it does.

Does anyone know why this is happening? I'd love to know the low-level logic behind this.
 
Deze post is geïmporteerd van de oude blog en is nog niet geconverteerd naar de nieuwe syntax.
A while ago I blogged about Alternate Data Streams and how they are hidden from the users.

At that time, you could presume when an ADS was present, it was something special, because not many normal files have an ADS attached to it.

But yesterday I got an interesting question about XP SP2 showing a Security Warning when you want to execute something downloaded from the internet.

We guessed Alternate Data Streams were used, so I checked this out and it turns out XP SP2 indeed adds an ADS when you download a file from the Internet.

This stream is called Zone.Identifier and contains the following information:

D:\Tmp>more < TestZip.zip:Zone.Identifier
[ZoneTransfer]
ZoneId=3


Since SP2 did this, it probably means it's a modification to Internet Explorer.

So, I got the Firefox 1.0.3 and downloaded a file with the default settings, and as I guessed, no ADS with Zone.Identifier.

(I believe Firefox doesn't have such thing as Zones, but it would be nice if Firefox added this ADS to let the new Security Warning, informing you it's a downloaded file, come up).
 
Deze post is geïmporteerd van de oude blog en is nog niet geconverteerd naar de nieuwe syntax.
Some time ago I saw something about Alternate Data Streams, but I can't find the source anymore to give credit :(


Alternate Data Streams are a "feature" of NTFS, making it possible for one file to store data in multiple streams, attached to the file.

I have made a small BlogCast about Alternate Data Streams, demonstrating them using a cmd, and a C# program.

It's 8 minutes in length, 6.2 MB in size and I also included the used source code.

This is my first attempt at a BlogCast, and in English, if you have any comment on how to improve it, please tell me :)


 
Deze post is geïmporteerd van de oude blog en is nog niet geconverteerd naar de nieuwe syntax.
Today something very weird happened and I doubt something this weird will ever happen again.

I was working on a site at school when I browsed to a file-server to check some paths, and to my surprise I could suddenly access ALL shares, not only the ones for students, but all of them...

When I tried creating files they got made under BUILTIN\Administrators! But I was logged on with my own student account. So, being nice and all, I reported it...

Then we spent almost entire afternoon trying to determine why I was suddenly an admin.

And this is when the weird stuff started to happen:
On PC1 I was an admin on the server, but when I logged in to PC2 I couldn't access it.
We tried different student accounts on PC1 but they also couldn't access the shares.
Then we removed all groups from my account except Domain Users, and I still could get in.
We cleared the profiles from PC1 and 2 and also deleted my roaming profile.
Nothing changed...

First conclusion: It's tied to username X and PC1, examine PC1 later.

Then we go to another room and try it on different computers. And there it starts all over again.
PC3: I'm an admin, PC4: I'm not.

In the end we checked all groups I belonged to, and their membership, deleted my profile, checked all NTFS permissions (which I could change as well..), and nowhere there was a trace of me or any groups I belonged to. Nothing had admin rights.

We forced replication to make sure I was group-less but it still worked!

Conclusion: User X has the rights of an Admin, but does NOT show up in any group, NTFS permissions or anything else...

Solution: We disabled the account and created a new account.. (Which means I have to recreate my entire profile again...)

Has anyone else every encountered this, and found out why this was happening?
 
Deze post is geïmporteerd van de oude blog en is nog niet geconverteerd naar de nieuwe syntax.
With my new laptop I got a screen with a 1920x1200 resolution, so I went out looking for wallpapers for the resolution, because my existing ones degraded in quality with that size.

My search led to Deaddreamer from which I have my current wallpaper as well.

But nowadays he got so many good ones, so I picked up 5 1600x1200 wallpapers. And now I want a random wallpaper each time I logon.

Having some spare time (very rare) I created something small myself, I'm sure there are tools out there to do all that.

Originally I wanted to use PHP to get a random number and set the wallpaper, and then call the php script with a bat file and set it as a scheduled task. But that kept popping up a dos prompt each time it set it, and my wallpaper disappeared after boot (some bad registry settings).

So I used KiXtart to set the wallpaper and then link it with a shortcut which would run minimized.

That worked for one paper, but when I tried the RAND function in KiXtart, it didn't go well.. But I had the php script and bat still there so I let that make a random number and then kill the KiX script with that number as argument.

Result:
Shortcut to wall.bat, which calls wall.php, which makes a random number and calls wallpaper.kix with the number, after which my wallpaper is set, and saved in registry.

I have to shortcut Run as minimized and on logon and every hour, and now I got a nice random wallpaper implementation.

Overly complicated? Maybe, If you have php installed, it's a small solution, otherwise you need a 1.3Mb dll and 24k php.exe in the same dir, which isn't really something bad.

I have zipped everything and written the steps to install it out in a Readme.txt for everyone wanting it as well. I also included the php.exe and dll.

Download it here: RandomWall.zip (706Kb).

And now I have sweeeet super-detailed wallpapers auto-changing without any special timer programs running, but just the Scheduled Tasks :)

Here are my wallpapers:


(convert them to .bmp first, not sure if it's required, but whatever, bmp is nicer, no need for desktop to go in Web mode)

 
Deze post is geïmporteerd van de oude blog en is nog niet geconverteerd naar de nieuwe syntax.
One thing I immediately do on a new pc is get it personalized. This includes changing icons and wallpapers, but also resource hacking the run box and hacking the uxtheme.dll to support custom themes.

Today I'll talk about implementing the Watercolor theme I have been using for a year now, and got a lot of mails on where and how to get it.

First you have to modify UXTheme. This used to be something "difficult" but now it's easy. Get the UXTheme Multi-Patcher and run it.

As always, and on the left side of the blog, I'm not responsible if something goes wrong, everything you do is your responsibility.

Normally, according to the page I just linked, this doesn't work on XP SP2 final, but I ran it anyway and it worked. Just make sure you wait for the Windows File Protection box to come up.

Next you get the Watercolor theme, unzip it and run WatercolorLitev211.exe, it'll install the theme and you can select it from the Desktop Configuration control panel. It packs with several colors, I either have it set to Blue or Ergonomic.

Enjoy your sweet new theme :)


A screenshot from a previous posting demonstrating the theme:

 
Deze post is geïmporteerd van de oude blog en is nog niet geconverteerd naar de nieuwe syntax.
I recently got a new laptop (Dell Inspiron 8600) and installed Windows XP Pro on it (with SP2 installed already, yes :p).

One thing I hate about this, is that it includes IIS5 and you can't install IIS6 on it (not that I know of).

Why is this bad? Because you can only have one site... Which is something I got way to much used to running Windows 2003.

Luckily enough, Davy Belmans thought the same, so he developed IIS Admin.

It's a very nice tool, very small, and sits in the tray bar, allowing you to easily add new sites, and switch between them.

Yes, switch, because even with multiple sites configured, you can only run 1 at the same time apparently.

If you run Windows XP, and you don't have a way to get multiple sites working, get this tool, otherwise, comment and tell me how ;)
 
Deze post is geïmporteerd van de oude blog en is nog niet geconverteerd naar de nieuwe syntax.
Time for a new article, but not about C# this time.

This time it's about Resource Hacking, more particular, we'll customize the Windows Run box so it will look something like this:



If you're interested, take a look at the article: Custom Run Box (Resource Hacking).
 
Deze post is geïmporteerd van de oude blog en is nog niet geconverteerd naar de nieuwe syntax.
It's time for a new article, but not about C# this time. I'll tell you how to modify Windows, we'll change the Run box and make it look like this:



First of all the disclaimer: This article is purely informational, you don't have to do anything because I tell so, everything you do is on your own risk and I am not responsible when anything goes wrong.

With that out of the way, grab the tools if you don't have them yet:


We'll begin by copying shell32.dll to a safe place.

Copy it two times, one which we'll be editing, and one which is a backup.

Open it in ResHacker and you'll see a list on the left side showing all available resources.



Now select the 'Dialog' resource, and look at 1003. You'll notice it's the Run box.



We'll start by adding a bitmap to place on our Run box. Go to 'Bitmap' and select 'Action', 'Add a new Resource'.



Here you select a bmp file and give it the name RUNGFX. You can get the bmp I used here: Runbox.bmp.



Press 'Add Resource' and now you can see it's added.



Now we'll go back to the 'Dialog' 1003, 1033 and replace the existing script with this one:

1003 DIALOGEX 0, 0, 188, 83
STYLE DS_FIXEDSYS | DS_MODALFRAME | DS_NOIDLEMSG | DS_CONTEXTHELP | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION ":: run ::"
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
FONT 8, "MS SHELL DLG"
{
CONTROL "", 12298, COMBOBOX, CBS_DROPDOWN | CBS_AUTOHSCROLL | CBS_DISABLENOSCROLL | WS_CHILD | WS_VISIBLE | WS_VSCROLL | WS_TABSTOP, 3, 53, 181, 198
CONTROL "R", 12306, BUTTON, BS_AUTOCHECKBOX | WS_CHILD | WS_VISIBLE | WS_DISABLED | WS_TABSTOP, 21, 90, 1, 1
CONTROL "Run", 1, BUTTON, BS_PUSHBUTTON | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 3, 67, 59, 14 , 0x00020000
CONTROL "Cancel", 2, BUTTON, BS_PUSHBUTTON | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 63, 67, 59, 14 , 0x00020000
CONTROL "Find", 12288, BUTTON, BS_PUSHBUTTON | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 124, 67, 59, 14 , 0x00020000
CONTROL "RUNGFX", 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_GROUP, 3, 3, 181, 48
}


To make your life easier, and to be sure you don't make a mistake due to your browser word wrapping the script, copy paste it from this text file: runscript.txt.

When you have replaced it you press 'Compile Script'.



And now you'll see the preview has changed to our new runbox!



Press CTRL+S to save the modified dll.

The last thing we need to do is to use Replacer to replace our existing shell32.dll in SYSTEM32 with our new file. You can't just copy it in there because Windows File Protection would replace it with a backup. Therefore we use Replacer, just follow the instructions Replacer shows and you'll be fine. Replacer also prompts you to make a backup, make sure you make one, you never know what can go wrong.

When the file is replaced (Replacer replaces the file itself along with the one in dllcache) you have to reboot and when everything went fine, you now have a new Run box! A really good looking one, different from everyone else.

Some notes:
If you move the controls around, make sure to not place any above or behind the bitmap, it could give problems. Also don't include a bitmap bigger then your box. Make sure you leave a bit of spaces from the edges, when you put the bitmap against the border, it won't show up.
 
Deze post is geïmporteerd van de oude blog en is nog niet geconverteerd naar de nieuwe syntax.
Today I experienced something weird.

Normally I run a lot of files just from 'Run' (Win+R), but today I did 'Run', 'notepad', and nothing happened...

This was weird.. As I could still open .txt files with Notepad.

I could not run notepad from 'Run'! I was amazed, I mean,.. what could break notepad? :)


First I checked if the file was still there (of course, how could I still view files otherwise..), and if my PATH variable still included Windows. Everything seemed ok.

But then I found it, it only seemed as I could not run notepad.

What happened was the following: There was a notepad.com file in the system32 dir all of the sudden (spyware, virus, don't know). And Windows decided to run that one instead of notepad.exe

So it seems Windows prefers .com over .exe when trying to run a file without an extension.

Why does this happen?

There's another environment variable, called PATHEXT, with the following data:

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

Now you can clearly see the order of the files. I tried the same thing with a .bat and .exe file, and changing the env var, and it worked.

I'm not sure if the .COM has to be the first in line for normal system operations?

One side-effect of this was that when I wanted to View Source of a HTML page, it would also launch the notepad.com which did nothing, and thus not showing any source! I remember a lot of people complaining about not being able to view the source of their pages, this could be what's causing it!

Hopefully I'm telling something 'new' here, that's useful ;) I never knew that order of extensions.
 
Deze post is geïmporteerd van de oude blog en is nog niet geconverteerd naar de nieuwe syntax.
Currently I'm playing around with IIS and C#, and something I discovered is the following:

First, take a look at the FrontPageWeb property available in the IIS Metabase.

This says 'Setting FrontPageWeb to true causes FrontPage Manager to create the files required for FrontPage Server Extensions. Setting FrontPageWeb to false causes these files to be deleted.'.

Everything seems alright, just like every other property I set this to true and except it to work. Like this:

[csharp]
// First we get the AD object representing our webserver
DirectoryEntry iisServerRoot = new DirectoryEntry("IIS://localhost/W3SVC");

// We create a new site on the specified siteId
DirectoryEntry deNewWwwSite = (DirectoryEntry)iisServerRoot.Invoke("Create", "IIsWebServer", 10);

// Takes care of FrontPage Manager providing files for FrontPage Extensions
deNewWwwSite.Properties["FrontPageWeb"][0] = true;

deNewWwwSite.Invoke("SetInfo");
deNewWwwSite.CommitChanges();

deNewWwwSite.Close();
deNewWwwSite.Dispose();
[/csharp]

(Most stuff left out)

Well, it didn't work. In IIS it would still say FrontPage Extensions were not present, and the directories didn't get made.

I looked everywhere to find something else involving FrontPage, without any luck.

But then I found this KB article (300543). And although it's talking about IIS 4.0, 5.0 and 5.1, it does work on IIS 6.0 as well.

So here you go, to install FrontPage Extensions you have to run:

"C:\Program Files\Common Files\Microsoft Shared\web server extensions\50\bin\owsadm.exe" -o install -p /LM/W3SVC/SITEID -u USERNAME -sp publish

And to uninstall them:
"C:\Program Files\Common Files\Microsoft Shared\web server extensions\50\bin\owsadm.exe" -o fulluninstall -p /LM/W3SVC/SITEID -u USERNAME
 
Deze post is geïmporteerd van de oude blog en is nog niet geconverteerd naar de nieuwe syntax.
Something not .NET related, regarding VB6.

Here is some strange behaviour:

Create a new .EXE project with the following References and Components:

References : Microsoft DAO 3.51 Object Library
Components : Microsoft Data Bound Grid Control 5.0 (SP3)

Add a DBGrid to your form with it's DataSource set to datQuery (Data).

Add a textbox and a button as well, and put this code in it:

[vb]
Option Explicit

Private Sub cmdExecute_Click()
Call LoadTable(txtquery.Text)
End Sub

Private Sub LoadTable(strQuery As String)
Dim Db As Database, Rs As Recordset

Set Db = DBEngine.Workspaces(0).OpenDatabase(dbPath)
Set Rs = Db.OpenRecordset(strQuery)
Rs.MoveLast
Rs.MoveFirst
Set datQuery.Recordset = Rs

Me.Caption = "Query - Colums: " & Rs.Fields.Count & " - # Records: " & Rs.RecordCount
End Sub
[/vb]

Run your code, and this is what it should look like:



Now, go to the Custom properties of the DBGrid, to the Layout tab and uncheck 'AllowSizing'.



Run your program again, and now your DBGrid will indicate there are results, but there will be no text, like this:



Why is it doing this? I really have no idea. But the best part is, when you check the AllowSizing property again, it isn't back to normal. It stays broken.

This 'bug' (don't know if it's a bug) was encountered some days ago, I reproduced it this afternoon, and now I installed VS6 SP6, but the bug remains.

If anyone wants a project which has the bug in it, I uploaded something small (30Kb) that got destroyed by this.

Anyone who has encountered this as well? And perhaps has an explanation of why it's doing this.

Update: Just when I posted this and looked at my post again, I noticed something, the second screenshot only had 2 columns, so I realized it did fetch the records, but didn't knew where to display the data. And when you right click and choose 'Clear Fields' it works again. But the AllowSizing is automatically checked on again. To add some value to this post, maybe anyone knows how to uncheck AllowSizing without the grid resetting it's own columns?