Skip to main content
 

Windows Integration Authentication Scheduled Web Page

This is a problem I have been trying to solve for some time on and off. Under Windows/IIS I need to periodically run a webpage that uses Windows Integrated Authentication. This rules out most of the VBS scripts and WGet solutions. I got it to work today using a batch file like below. Just add it as a scheduled task.

start /min "C:\Program Files\Internet Explorer\iexplore.exe" http://domain.com/webpage
PING 1.1.1.1 -n 60 -w 60000 > NUL
taskkill /F /IM iexplore.exe

The two most important parts is starting the application with the 'start' command (windows 2003 server in this case) so that the batch file will continue while the program is running. We then use a trick by pinging every second for 60 seconds (1 minutes) to wait for the webpage to finish what it's doing. Finally we kill off the original program.

 

Getting started with Powershell

PowerShell is a complete replacement for any of Microsoft's DOS or Windows command line interpreters. It is a full fledged object oriented system administration scripting language. With PowerShell knowledge you would run circles around any sysadmin that works predominantly from through the GUI, as well as be able to get Windows to do things that you just can't do through a GUI alone.

http://www.microsoft.com/technet/scriptcenter/topics/msh/cmdlets/index.mspx

 

Games for Windows Live Marketplace likely

From Eurogamer: Unangst said Microsoft would "continue to invest" in Games for Windows, which apart from giving its games an Xbox Live-style service layer with friends lists, Achievements and the like, also insists that games be easy to install, support widescreen displays and include parental controls.

It all sounds promising. The one thing I was most impressed with on Xbox 360 is the whole integration and lack of configuration for games, if they can bring that to Windows Vista then a lot of people will be very happy.

Some ideas:
You can see how they could potentially take the experience index benchmarking framework and develop that into something that can adjust games visual quality, automatic updating and applying of patching without user intervention, matchmaking and the community features could all be very useful and add value to PC gaming. Even some sort of integrated anti piracy tool developed for Microsoft that doesn't rootkit your machine which would be less painful to consumers would also be an improvement over the current situation.

 

Facts from Microsoft

Apparently they have not processed my 200+ logs I sent to them:

  • Windows Vista users generally experience 20 percent fewer application “hangs” than those running Windows XP.

Source (Microsoft)

 

AltTabFingertips

What it does
I made a small AHK script I thought you might want to use: AltTab Fingertips. Press a configurable hotkey (F10 by default), and get a menu at the mouse with all the current windows on it. You can exclude processes using the tray menu.

Many thanks to ak_ for creating "menu at cursor" idea with FileDraft, which inspired this. It's like alt-tab but quicker. A lot of code comes from my PutAside script.


Small screencast:

Changelog:
v1.3 - Recompile, shiny new icon, INI in the same folder as the script for portability!
v1.2 - startup message is now only shown once. Added "show desktop|restore programs" option to menu, (windows-d)
v1.1 - allows to exclude processes via system tray menu.

Download the latest version

Comments are welcome either here or on the related Donationcoder thread.

 

Avoid spyware by running applications with SetSAFER

Everybody who's ever tried it knows the problem. Life as a regular user on Windows is a pain: who wants to switch users just to install software, sometimes even to run it? However running software as a non-admin increases security. It's impossible for spyware to install itself into the system when it is not allowed to.

Using SetSAFER, a program created by Microsoft employee Michael Howard we can run just any applications as a regular or limited user, while still using an administrator account. After testing for side effects, which I explain below, I recommend you give this a try. I no longer have to run a realtime spyware scanner, and now just schedule routine scans.

As one of the articles Michael has written on the subject is not available anymore I'll quote the nonadmin site for an complete explanation of the program:

SetSAFER is a policy-setting tool written by Michael Howard that can force applications to always run with lower privileges. You can download it and read about it in his MSDN article "Browsing the Web and Reading E-mail Safely as an Administrator, Part 2".

For example, you could mark you favourite  browser to always run as a user, regardless of whether it starts by invoking an URL on the desktop, a link in email, a newly spawned browser and so on.

SetSAFER uses the SetSAFER.xml file to configure the applications that should be run with lower privileges. You can edit this with any text editor such as notepad to add applications and even folders. My configuration can be found below. This way I run my browsers, e-mail software and messengers without worrying about spyware:

<?xml version="1.0" encoding="UTF-8"?>
<safer>
<app comment="Internet Explorer" path="c:\program files\internet explorer" user="true" />
<app comment="Mozilla Firefox" path="c:\program files\mozilla firefox" user="true" />
<app comment="Opera 9.5 Alpha" path="c:\program files\opera 9.5 alpha\opera.exe" user="true" />
<app comment="Outlook" path="c:\program files\microsoft office\office12\outlook.exe " user="false" />
<app comment="Outlook Express" path="c:\program files\outlook express" user="true" />
<app comment="Windows Messenger" path="c:\program files\messenger" user="true" />
<app comment="Windows Live Messenger" path="c:\program files\windows live\messenger" user="true" />
</safer>

Side Effects

Some applications are not built to run in a mixed privileges environment and seem to cause issues when run like this. However, this is not SetSAFERs fault as it just uses the built-in windows policy settings!

Google Desktop and Google Toolbar for Internet Explorer monitor the browser history for pages that are visited and add them to their database. I assume this is not allowed as a regular user. Whatever the reason, it causes the browser to freeze whenever you go to a webpage. I've uninstalled Google Toolbar and Google Desktop until I have found a solution. Any help would be appreciated.

The website for Windows Update and Microsoft Update and certain Java applets will not  function if the user is not an administrator. This can be a pain if you want to manually check for updates. The solution: navigate to the installation folder for Internet Explorer (c:\program files\internet explorer ) and copy the iexplore.exe program to another location. The copy will run with full rights.

Finally, any program started from another application inherits the security settings from the parent program. This means that installations run directly from the browser will run with lower privileges. They'll let you know you do not have enough rights to install it. This is intended and exactly what we want: a secure browsing environment. However, it might prove a slight annoyance at first. Just browse to the file yourself and run it yourself.

Downloads and Resources