Skip to main content

Windows 2003 Server - Worst-Case Scenarios - Useful Tip

Do you know what a System Administrator fears the most when it comes to Windows Server 2003? The infamous Blue Screen of Death (BSoD). An appropriate name. But, there is something worse. You ask, 'what could be worse than the infamous BSoD?

A system corruption.

Yes, a system corruption is vastly worse than the BSoD - unless you've actually taken the time and effort to provide yourself with some useful disaster recovery tools in a worse-case scenario.

The worst part of a system corruption is actually when a file in the Windows System 32 folder has been destroyed.

The System32 folder is the guts of the Windows OS. Without it... well, it won't work.

Let me give you an example.

----------Start Example------------

The other day, I got this message when I had to do a cold restart on a computer:

Windows could not start becuase the following file is missing or corrupt:
[windows_root]\system32\ntoskrnl.exe.  Please reinstall a copy of the above file.

Okay, something missing? Well, that's a job for Windows Recovery Console (WRC)! Okay, just pop in your CD, press the key to boot to it... and press 'r' when prompted... okay, now what I have to do is type a specific code, to copy the file from the CD over to the System32 folder. Since the file stored on the server is in the i386 folder, it is non-executable (extension is *.ex_ - if you don't understand this, don't worry about it, it's not important). Therefore the 'copy' command is useless.

You need to use 'expand'.

expand [CD]\i386\ntoskrnl.ex_ [System]\windows\system32
In my case:
expand d:\i386\ntoskrnl.ex_ c:\windows\system32
Then press enter.
Access is Denied
WHAT? (I shouted to the heavens) That cannot be true, for I am Admin, god of the server! How is it possible? So, I pressed the 'up' arrow on the keyboard, tried to enter the command again.
Access is Denied
Then I typed 'set'. This is what I saw:
AllowWildCards = FALSE
AllowAllPaths = FALSE
AllowRemovableMedia = FALSE
NoCopyPrompt = FALSE
On different versions of Windows, this command does different things. On Windows Server 2003, it lists a bunch of settings that is created in the group policy editor in the Windows environment. What that means is that unless you have access to the system, you cannot change these settings. Which means, if you system is corrupt, as it was for me, you cannot do anything about it. As you can see, 'AllowAllPaths = FALSE'. that means that the path to Windows/System32 is not allowed, which means, even as Administrator, I cannot have access to this folder. So, I cannot fix the problem with the simple 'expand' key, which would have fixed it by the time you stopped reading this paragraph.

----------End Example------------

But noooooooooooooo. Windows wants to make it difficult.

What I had to do was restore from a backup, but if I had done proper preparations, then this would have been solved in about 2 minutes! So, to prevent you from suffering my gruesome fate, follow these easy steps.

In order to prevent this absurdity, you must set these properties to be true while your Windows 2003 is running. This setting should be ENABLED by default, not the other way around. Why would they disable such a vital and important command! It's ridiculous! I understand that it's about security, but a malicious user would need to be physically on your machine, and then there are numerous other ways to bypass a system than using the WRC! Stupid, stupid, stupid.

So, this is what you have to do.
  1. Go to: Start > Run > Type 'gpedit.msc'
  2. In the left-pane, expand 'Local Computer Policy'
    • click on the small + button to expand the menus
  3. Expand 'Computer Configuration'
  4. Expand 'Windows Settings'
  5. Expand 'Security Settings'
  6. Expand 'Local Policies'
  7. Select 'Security Options' on the left
  8. On the right, double click the entry 'Recovery Console'
  9. Select 'Allow Floppy Copy And Access To All Drives And All Folders'
  10. Click OK
If you have done this correctly, open a command line (Start > Run > Type 'cmd') and type 'set'.

You should see:
AllowWildCards = TRUE
AllowAllPaths = TRUE
AllowRemovableMedia = TRUE
NoCopyPrompt = TRUE
If you do not see this, then there is high probability you will need to restart your machine (as sometimes group policies are updated upon a restart).

Trust me. This is useful. If you're worried about someone using the recovering console to take over your system, then do yourself a favor and put the server in a vault or a secure room, because this isn't going to do anything to stop someone who knows what they're doing.


Popular posts from this blog

Wordpress Illdy Jumbotron Video Background

Having an animated background for your homepage is something that a lot of people would like to do. For Content Management Systems (CMSs) like WordPress, it gets a tad more complicated as you're working within a preset frame. Luckily, I like the idea of an animated background too. And I like to do it easily. But before you attempt this, you need to get the prerequisites set. 1) Get WordPress installed on your webhost. 2) Install the theme 'Illdy' 3) Upload your video that you'd like to play onto your YouTube channel. Once you do these things, you're ready.

Qualcomm Atheros AR9285 + Windows 10 Issue [Resolved]

So, I installed Windows 10 after reading about it and getting over the insane amount of data Windows mines from you . I figured that most companies do something like this and Microsoft just so happens to be quite candid about it -- after it was brought to light by someone on a site which shall not be named (I'm sure those of you who know can guess). Be that as it may, my Lenovo G580  stopped being able to reach the Internet and I clicked on my WiFi was grayed out and could not, would not connect to my wireless connection no matter what I did. Luckily I managed to resolve it through a workaround. So, if you're stuck then you should just follow the instructions. This should work for any WiFi connectivity issue (you just have to download the drivers that pertain to your particular WiFi hardware model. Mine just happens to be the Qualcomm Atheros AR9285 .

Installing Open Biblio on Third-Party Webserver

So, you've decided to use Open Biblio the free online library system? But, you want to attach it to a website that you're hosting outside of your building (somewhere on the Internet). Why would you want to do this? Well, I find that in-house servers can be a cumbersome thing to maintain. You have to ensure that backups are properly working and scheduled. If something happens, and your server goes down, it's your responsibility to ensure it gets up and working. It takes up space. It uses bandwidth. I could go on and on and on. So, hosting it elsewhere resolves most of these problems. The most distinct disadvantage is it's advantage; it's not in your hands. So if something happens to your external server, then you're screwed. So get a good web service. Here, I have taken the trouble in actually setting up Open Biblio on a third-party server since I already have an external webserver and don't want to clutter my personal one with this. It's not ha