Category Archives: General

Prevent Reboots During An Unattended Installation Of Office 2010

Office 2010 is installed as part of our standard Windows 7 System Center Configuration Manager (SCCM) task sequence.  Office installed correctly all our PC models except the Dell Latitude E6320 and E6330.  These models rebooted during the Office installation, stopping the task sequence and leaving the laptop unusable.  If you have the same problem the resolution is easy.

Open your existing MSP file that controls the Office installation by running Setup.exe /Admin.

Open the “Modify Setup properties” section and add a new property.  The property name needs to be SETUP_REBOOT and the value Never.

Office 2010 MSP No Reboot

Save your changes to the MSP and Office will no longer reboot.

Microsoft Outlook: Cannot start Microsoft Outlook

Following the installation of an Outlook add-in I received the message “Cannot start Microsoft Outlook” when I attempted to open Outlook.

Outlook Error

I tried to open Outlook in Safe Mode by holding down CTRL when clicking the Outlook icon.  However, this didn’t solve the problem.  Next I opened Control Panel and received the message “Your system needs more memory or system resources”.  This didn’t make sense as I had GBs of free RAM.

In order to solve the problem, I opened registry editor and renamed

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem

to Windows Messaging Subsystem – BAK.  I was then able to open Outlook and create a new profile.

New Outlook Profile

 

 

Disable Controls In Office 2010 Using Group Policy

As part of an Office 2010 deployment I needed to remove the Recent Documents option from Word.  It’s possible to do this using the Office 2010 Group Policy settings.

Download and extract the Office 2010 Administrative Template files http://www.microsoft.com/en-us/download/details.aspx?id=18968

Download and extract the Office 2010 Help Files: Office Fluent User Interface Control Identifiers http://www.microsoft.com/en-gb/download/details.aspx?id=6627

Open the Group Policy Object you wish to use to manage Office 2010.  Expand User Configuration, Policies and right-click on Administrative Templates.  Choose Add/Remove Templates…

Select the Office 2010 adm files and click Close

Go to the location to which you extracted the Office 2010 Help Files: Office Fluent User Interface Control Identifiers.  Open the Excel spreadsheet for the appropriate application.

Search the spreadsheet for the control you wish to disable.  I wanted to remove access to Recent documents, so noted control IDs 21439 and 19950.

Expand User Configuration, Policies, Microsoft Word 2010, Disable Items in User Interface, Custom and open Disable commands

In Disable commands choose enable, click Show and enter the control IDs you wish to disable.  Separate multiple values with a comma. Click OK and close the Group Policy editor.

 

Recent document is now disabled

Windows 7 Desktop Configuration

As part of a Windows 7 deployment I’ve needed to make a few changes to the look and feel of the desktop.  Here are a few useful tips

Remove the Windows Media Player icon from taskbar

In your unattend.xml file, add Microsoft-Windows-Shell-Setup to the OOBE system pass.  There’s  a setting called ShowWindowsMediaPlayer.  Set the value of this setting to FALSE

Deploy pinned taskbar icons using Group Policy

The files are stored in %APPDATA%\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar and registry settings are stored in HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband

Configure the task bar on a Windows 7 PC

Import the registry settings from HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband into Group Policy Preferences

Copy the files from %APPDATA%\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar to a shared folder and use Group Policy Preferences to apply them to other PCs

Change the Start Menu to “Combine when taskbar is full”

Use Group Policy Preferences to apply the registry key HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\TaskbarGlomLevel  Set the value of  TaskbarGlomLevel  to 1

Remove the IE welcome message 

Change the setting in Group Policy called “Prevent performance of First Run Customize Settings” to “Go directly to home page”

Remove the Lync welcome message

Use Group Policy Preferences to set HKCU\Software\Microsoft\Communicator\FirstRunPlayed to 1

Disk Cleanup Is Missing On Windows Server 2008 R2

Windows Server 2008 R2 doesn’t include the Disk Cleanup tool by default.   Either install the Desktop Experience feature, which requires a reboot, or copy

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_6.1.7600.16385_none_c9392808773cd7da\cleanmgr.exe

to

%systemroot%\System32

and

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b9cb6194b257cc63\cleanmgr.exe.mui

to

%systemroot%\System32\en-US

To start Disk Cleanup type cleanmgr.exe at the command prompt.

Generate Code Signing Certificates Using An Enterprise Certificate Authority

If you’re creating macros in Microsoft Office, or other code that needs to be signed and trusted for internal use, you can easily create code signing certificates using an Enterprise Certificate Authority (ECA).

Log onto the ECA and open Server Manager

Expand Roles -> Active Directory Certificate Services

Navigate to the Certificate Templates section.  In the right hand pane, right click on the Code Signing certificate. choose Properties and click on the Security tab

Add the Read and Enroll permissions for the users that need to be able to generate certificates.

 

In Group Policy, add the ECA server to Trusted Sites in Internet Explorer and enable “Initialize ActiveX unsafe for scripting” for the Trusted Sites zone.  This resolve the “CA must be configured to use HTTPS authentication error.

Navigate to the ECA website address, e.g. http://%ECA_SERVER_NAME%/certsrv/

Choose Request a certificate, then choose the option for and advanced request, followed by Create and submit a request to this CA

Accept any security prompts that follow

From the certificate type drop down choose Code Signing, provide a friendly name and click Submit

Finally, click Install this certificate

The certificate is now installed and ready for use.

 

Scheduled Task To Run A Batch File

I recently ran into a problem where I’d scheduled a batch file to run on a Windows Server 2008 R2 server, task manager reported the task had run, but it hadn’t.

The batch file was in F:\Folder1\ and the scheduled task screen was as below

In order to get the batch file to run, I had to set the Program\script box to contain just the name of the script and place the folder path in the Start in (optional) box

Adobe Reader Enterprise Depolyment

The steps below are the ones I followed to distribute and configure Adobe Reader X in an enterprise environment

  • Download the latest Adobe Reader base release e.g. 10.1.0 as an msi file
  • Download the latest Adobe Reader quarterly update e.g. AdbeRdrUpd1013.msp
  • Place the Adobe Reader msi file and the msp patch file in a folder.  Create an empty file called Setup.ini in the folder containing the msi and msp.
  • Run the Adobe Customization Wizard and load the Adobe Reader msi file.  Choose your installation options, e.g. removing the EULA prompt, disabling updates etc. and save the mst into the folder holding the installation files.
  • Run the command below to silently install Adobe Reader, update it using the msp file and apply the customizations in the mst file.
  • msiexec.exe /i “\\%SERVER%\SoftwareDistribution\Packages\AdobeReader_X\AdbeRdr1010_en_US.msi” PATCH=”\\%SERVER%\SoftwareDistribution\Packages\AdobeReader_X\AdbeRdrUpd1013.msp” TRANSFORMS=”\\%SERVER%\SoftwareDistribution\Packages\AdobeReader_X\Custom_Install.mst” /qn

Hide The “Java Update Available” Popup

If you’ve had enough of the Java Update Available popup, you can remove it by setting the EnableJavaUpdate registry key to 0 and rebooting

32bit Windows

HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update\Policy

64bit Windows

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Update\Policy

 

Pending File Rename Workaround

If you need to install an update or some software, but are told you cannot because of a pending file rename, first of all reboot the PC or server.  If this fails you can force the install by renaming the “PendingFileRenameOperations” registry key at HKLM\SYSTEM\CurrentControlSet\Control\Session Manager.  Just rename the key to something like “PendingFileRenameOperationsOLD” and your update should install.