Archive for August, 2010

How to manage printers – Part I

The management of printers has always required a certain burden to system administrators. But with the advent of Windows 2000 and Active Directory, printer management has become a bit more comfortable. In this first part we take care of how to assign a name to a printer and how to assign a name to the Location field.

With the term network printer, we intend any printer that meet at least one of the following two statements:

  • the printer has a network adapter and the printer is assigned an IP address (possibly static or reserved via DHCP);
  • two or more workstations can print, more or less simultaneously, on the same printer.

During this post, we will consider only network printers and workstations that belong to an Active Directory domain. The first question we consider is this: what does name to give a network printer? I believe that when you have to give a name to a network printer, you should consider the following golden rules:

  • do not use names longer than eight characters;
  • use only alphanumeric characters;
  • not enter in the printer name, parts that can change over the time, eg acronyms of office, or numbers of room;
  • match the printer name with the shared name of the printer queue.

For example, for an HP Laserjet 2100DN, a good printer name could be: HPLJ01 Where the first two letters are an acronym of the manufacturer (Hewlett-Packard) printer, the second two are a acronym of the type of printer (LaserJet) and the last two digits are a numerical sequence (01). Following this rule, the HP Color LaserJet CP1815NI, will be called: HPLJ02.

Once you have chosen the name for a printer, is a good idea to put a label on the printer where you can find the printer name and if the printer is equipped with network card, his IP address.

The second issue I want to face is: where are my printers? This is an extremely important point! To learn how to fill in the Location field you should read what is written in the Microsoft document Best Practices for Deploying Printer Location with Active Directory. A name can be entered in the Location field could be the following: Italy/ReggioEmilia/ViaBrigataReggio/HQ/FirstFloor/Room112 Where Italy is the country where the printer is located, ReggioEmilia is the name of the city (Reggio Emilia), ViaBrigataReggio is the address of headquarters, HQ is the Headquarter where the printer is located, FirstFloor indicate that the printers is in a room at the first floor,  Room112 indicate that the printer is in the room with the number 112:

Printer Name and Location

Printer Name and Location

In the second part of these post series, I will explain how to use the Location field to improve the search for the printers in Active Directory.


Connecting to SMB share with an alias name (CNAME)

In the Microsoft Knowledge Base article number 281308 of the December 4, 2008 is written:

The registry key that is mentioned in the “Resolution” section is supported in Windows
Server 2008. However, it works only for Server Message Block (SMB) version 1. It does not work for SMB version 2, also known as CIFS (Common Internet File System). By default, CIFS is the file sharing protocol that is used on Windows-based computers. Windows includes an SMB client component (Client for Microsoft Windows) and an SMB server component (File and Printer Sharing for Microsoft Windows). Windows Server 2008 and Windows Vista support the new SMB 2.0.

At first reading it appears that the suggestion proposed in the KB281308 does not apply to Windows 2008/Vista/7 … In the same KB281308, but updated to September 28, 2009, we reads rather:

The registry key that is mentioned in the “Resolution” section is applicable only to SMB 1.0. To communicate over the SMB2.0 protocol, or CIFS (Common Internet File System), you do not have to set the registry key. SMB 2.0 allows for the functionality described in this article to work by default without additional configuration. Computers that run Windows Server 2008, Windows Server 2008 R2, Windows Vista, and Windows 7 support both SMB 1.0 and SMB 2.0. Windows includes an SMB client component (Client for Microsoft Windows) and an SMB server component (File and Printer Sharing for Microsoft Windows). By default, SMB 2.0 is the file sharing protocol that is used when both client and server support it.

All other music … If you have a Windows server 2008 with hostname (NetBIOS Name) Galileo ( as FQDN) and that server have a shared resource called Saturn and instead to use the UNC path \ \Galileo\Saturn you would like to use the UNC path \ \Newton\Saturn, where Newton ( is an alias DNS (CNAME) for Galileo, then you need to follow the following recipe:

  • for clients with Windows 2008/Vista/7: creates the DNS alias (CANME) called Newton ( associated to the server Galielo (;
  • for clients with Windows 2000/2003/XP:
    • creates the DNS alias (CANME) called Newton ( associated to the server Galielo (;
    • connected to server Galileo with the credentials of a user with administrative rights on the server;
    • start Registry Editor (Regedt32.exe);
    • locate and click the following key in the registry: HKEY_LOCAL_MACHINE\System
    • on the Edit menu, click Add Value, and then add the following registry value:
      Value name: DisableStrictNameChecking
      Data type: REG_DWORD
      Radix: Decimal
      Value: 1
    • quit Registry Editor;
    • restart the server Galileo.

Once you restarted the server Galileo, execute from the Command Prompt of Galileo the following commands: setspn -a host/newton galileo and setspn -a host/ galileo Or more generally: setspn -a host/<CNAME_Server> <NetBIOS_Name_Server> and setspn -a host/<CNAME_FQDN_Server> <NetBIOS_Name_Server>

Now to access the shared resource (SMB share) Saturn you can use or the UNC path \ \Galileo\Saturn, or the UNC path \ \Newton\Saturn.

This recipe is good for Windows 2000/2003/2003R2 (Windows 2000 should have installed Service Pack 4) and Windows 2008/2008R2. Note that the command setspn.exe is not pre-installed on Windows 2003R2, but  is part of the Windows 2003 Support Tools.

How to use Symantec Endpoint Recovery Tool CdRom

In their article Anti-Stealth Fighters: RootKit Testing forDetection and Removal (VirusBulletin, April 2008), the authors Andreas Marx and Maik Morgenstern have written:

A step in the right direction could be to focus on providing
bootable rescue media, too: this might be the product
installation CD or a CD or disk that a user can create and
update himself. When the system is started from
this media, the rootkit cannot be activated on the system,
so a scanner would be able to see all fi les and registry
entries which would usually be hidden. This way, the
scanner could detect and delete all rootkit and malware
components as long as the signature database is up to date
and comprehensive.

The Symantec Endpoint Recovery Tool CdRom arises in the direction indicated by Andreas Marx and Maik Morgenstern in their article.

You can see Symantec Endpoint Recovery Tool CdRom in action in this video:

Unlike other boot cdrom for removing viruses and malware infections, Symantec Endpoint Recovery Tool CdRom give to you the chance to installs the latest virus definitions, even without an Internet connection active, making it possible to recover the definitions directly or from the hard disk of the computer infected or from an USB stick connected to the infected computer.