However what I recently found out is that many LCD and Plasma televisions do not broadcast the correct 16:9 resolution via EDID, and therefore the computer doesn’t know what resolution to display and you have a stretched image.

I have an LG DU-37LZ30 which according to its specs at least has a 1366×768 native resolution (It is a 720p/1080i set). However its EDID system broadcasts a resolution of 1024×768, resulting in the signal looking stretched. Some programs, like Boxee for example, can correct this by forcing an aspect ratio while outputting the video and the result looks fine. However in many situations this doesn’t work.

On Windows XP, this was a pain but buying a program like PowerStrip by EnTech was able to correct the problem as you can force a resolution even if it is a “non-supported” one. However on Windows 7, and with nVidia graphics cards/drivers at least, it apparently ‘enforces’ the resolution which is broadcast via the EDID. Which means you are stuck with your weird resolution.

There are some hacks for overriding EDID info, but none of them seem to work on Windows 7. For example:

Thread over at AVS Forum on overrided EDID
Modifying your VGA cable to disable EDID broadcast (this nuked my VGA cable! Do not recommend!)
Forcing 1366×768 on Windows 7 forums

None of these solutions worked for me. Windows 7 even allows you to add a “custom” resolution but it still reads from the EDID to see if it is compatible and it has rejected my attempts at this.

Although I appreciate the “ease” that reading the EDID provides for general users, I wish there was an “advanced” section so that us users can force a resolution on a monitor. Maybe this is disabled because people were breaking their monitors, but it puts others like us in a lurch.  Has anyone seen this issue and/or have a resolution? Or do I just have a great reason to get a new TV?

Tools used:

• Unetbootin
• Ubuntu 9.10 Desktop ISO
• One flash drive, 1 gig or larger
• chntpw

Accessing the Filesystem

First we use unetbootin to install Ubuntu 9.10 to a flash drive. The flash drive needs to be at least 1GB to install the image.

Select “Diskimage” and then the .iso file we downloaded of the Ubuntu 9.10 image.

Select the USB Drive and Drive Letter to install the ISO onto. Click OK:

Once the program is done, click ‘exit’ and remove the USB Drive. You now have a bootable live image of Ubuntu 9.10.

Plug the usb drive into the target system. Boot off of the drive, you may need to change the boot options in the BIOS if it is set to boot off of the hard drive. Select “Default” in the unetbootin boot menu to boot into the Ubuntu OS. It will automatically log you in.

Once booted you already have access to the Windows filesystem since the ntfs filesystem driver is included in the kernel. This is nice and wasn’t the case not too long ago.

We chose two reasons to use unetbootin and Ubuntu 9.10. The first is the ease of use of installing a bootable image. After downloading the two packages, it is trivial to load the OS onto the drive, and since it includes ntfs drivers it allows us to access the unencrypted hard drive on boot. Since it is on a USB drive, any system made since 2000 or so should be able to boot this. You don’t need to lug around a CD or even access the CD drive.

To prevent easy access to the hard drive, encryption of the hard drive partition would be necessary using Microsoft EFS or TrueCrypt hard drive encryption software. After encrypting the hard drive, any live operating system running would not be able to decrypt the hard drive easily.

Furthermore, installation of a BIOS level password would ensure that any unauthorized users would not be able to boot alternative operating systems via USB, CDROM, Floppy or other method. The only way to defeat a BIOS level password would be to reset the BIOS (requiring entrance into the hardware of the system) or using an Evil Maid style attack.

The Evil Maid attack is performed by a theoretical malicious party that has access to the target PC without alerting the legitimate user. Without knowledge of the authorized; a root kit or device would be installed (for example, on the USB connector of the keyboard) to sniff out the password as entered on bootup. After the user boots the system and finishes her work, ostensibly shutting down the system securely, at least to her knowledge, the Evil Maid would then collect the password entered into the BIOS, thereby defeating the BIOS password security measure.

Resetting the Password

We can now reset the Administrator or any other password on this system using the tool chntpw. To install this package, ensure the system has a connection to the internet (via dhcp perhaps?) and run the command:

sudo software-properties-gtk --enable-component=universe --enable-component=multiverse; sudo apt-get update; sudo apt-get install chntpw

Alternatively, you can download the executable and place it on the USB drive to give access without connecting to the internet. chntpw is the software that modifies the SAM (Security Accounts Manager) database file. Use the terminal to change directories to the password file

cd /media/path/to/disk/WINDOWS/system32/config/

Then execute the chntpw utility:

  # sudo chntpw -u username SAM SYSTEM

View the sample output:

ubuntu@ubuntu:/media/B830C9BC30C981BC/WINDOWS/system32/config$ sudo chntpw SAM SECURITY
chntpw version 0.99.5 070923 (decade), (c) Petter N Hagen
Hive <SAM> name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <lf>
Page at 0x7000 is not 'hbin', assuming file contains garbage at end
File size 262144 [40000] bytes, containing 6 pages (+ 1 headerpage)
Used for data: 255/20736 blocks/bytes, unused: 9/3648 blocks/bytes.

Hive <SECURITY> name (from header): <emRoot\System32\Config\SECURITY>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <lf>
Page at 0xe000 is not 'hbin', assuming file contains garbage at end
File size 262144 [40000] bytes, containing 13 pages (+ 1 headerpage)
Used for data: 1074/49024 blocks/bytes, unused: 9/3808 blocks/bytes.

* SAM policy limits:
Failed logins before lockout is: 0
Minimum password length        : 0
Password history count         : 0
| RID -|---------- Username ------------| Admin? |- Lock? --|
| 01f4 | Administrator                  | ADMIN  | dis/lock |
| 03ec | ASPNET                         |        | dis/lock |
| 03ed | CSC603                         | ADMIN  | dis/lock |
| 01f5 | Guest                          |        | dis/lock |
| 03e8 | HelpAssistant                  |        | dis/lock |

---------------------> SYSKEY CHECK <-----------------------
SYSTEM   SecureBoot            : -1 -> Not Set (not installed, good!)
SAM      Account\F             : 1 -> key-in-registry
SECURITY PolSecretEncryptionKey: 1 -> key-in-registry

***************** SYSKEY IS ENABLED! **************
This installation very likely has the syskey passwordhash-obfuscator installed
It's currently in mode = -1, Unknown-mode
SYSKEY is on! However, DO NOT DISABLE IT UNLESS YOU HAVE TO!
This program can change passwords even if syskey is on, however
if you have lost the key-floppy or passphrase you can turn it off,
but please read the docs first!!!

** IF YOU DON'T KNOW WHAT SYSKEY IS YOU DO NOT NEED TO SWITCH IT OFF!**
NOTE: On WINDOWS 2000 it will not be possible
to turn it on again! (and other problems may also show..)

NOTE: Disabling syskey will invalidate ALL
passwords, requiring them to be reset. You should at least reset the
administrator password using this program, then the rest ought to be
done from NT.

Do you really wish to disable SYSKEY? (y/n) [n]
RID     : 0500 [01f4]
Username: Administrator
fullname:
comment : Built-in account for administering the computer/domain
homedir : 

User is member of 1 groups:
00000220 = Administrators (which has 2 members)

Account bits: 0x0210 =
[ ] Disabled        | [ ] Homedir req.    | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account  | [ ] NMS account     |
[ ] Domain trust ac | [ ] Wks trust act.  | [ ] Srv trust act   |
[X] Pwd don't expir | [ ] Auto lockout    | [ ] (unknown 0x08)  |
[ ] (unknown 0x10)  | [ ] (unknown 0x20)  | [ ] (unknown 0x40)  | 

Failed login count: 1, while max tries is: 0
Total  login count: 1

- - - - User Edit Menu:
 1 - Clear (blank) user password
 2 - Edit (set new) user password (careful with this on XP or Vista)
 3 - Promote user (make user an administrator)
 4 - Unlock and enable user account [probably locked now]
 q - Quit editing user, back to user select
Select: [q] >

Depending on the status of the SYSKEY password security, you may only be able to blank the password and not actually change it. I recommend blanking the password and then resetting it once you log into the system.

You can also unlock a system if the user accounts have all been locked out due to too many login attempts or any other reason. Using these tools you can gain access to almost any unencrypted Windows system, from Windows NT up to Windows 7.

As a warning, If there is data on the hard drive you wish to keep, make sure to make a backup of the hard drive before performing this password as it can corrupt the Windows installation.

xx.xx.125.240 spc240.xx.xx^M$
xx.xx.125.241 spc241.xx.xx^M$

The ^M is a Windows ‘End of Line’ character.

Fortunately there is an easy way to fix these for using them in a unix based system.

Install ‘dos2unix’, and then run the file through them:

dos2unix filename

You can even run these on a bunch of files:

[root@ns1 ~]# dos2unix RDNS-*
dos2unix: converting file RDNS-xx.xx.81 to UNIX format …
dos2unix: converting file RDNS-xx.xx.82 to UNIX format …
dos2unix: converting file RDNS-xx.xx.85 to UNIX format …
dos2unix: converting file RDNS-xx.xx.95 to UNIX format …
dos2unix: converting file RDNS-xx.xx.100 to UNIX format …

‘cat -e’ will show that these files are fixed.

You can also use the program ‘recode’.

• Don’t allow connections to this computer
• Allow connections from computers running any version of Remote Desktop (less secure)
• Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)

At first blush, you would probably choose the “more secure” option. Practically, this mainly means that it only allows connections from the latest Remote Desktop software in Windows Vista. It is probably another attempt by Microsoft to force consumers and businesses into upgrading to Windows Vista. But… I digress.

When connecting with an older Terminal Services (TS) client in XP or even Vista, you will get this message:

“Remote computer requires Network Level Authentication, which your computer doesn’t support”

Not all is lost. There are two ways around this. The first and most obvious solution is to select the less secure option and disabled Network Level Authentication (NLA). If you are in an environment that does not allow this change, or there are some other circumstances where you need to keep Network Level Authentication enabled, you can get a Remote Desktop connection from Windows XP.

The first step is to download the latest Remote Desktop Client for Windows XP. As of the writing of this article, the latest version is 6.1.

For XP SP3: here

For XP SP2: here

That is not it. For XP, you need to enable CredSSP – Credential Security Service Provider.

CredSSP is a new Security Service Provider (SSP) that is available in Windows XP SP3 by using the Security Service Provider Interface (SSPI). CredSSP enables a program to use client-side SSP to delegate user credentials from the client computer to the target server.

Directions on how do do this are available at Microsoft here:

http://support.microsoft.com/kb/951608/

The quick and dirty summary:

1. Click Start, click Run, type regedit, and then press ENTER.
2. In the navigation pane, locate and then click the following registry subkey:
   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3. In the details pane, right-click Security Packages, and then click Modify.
4. In the Value data box, type tspkg. Leave any data that is specific to other SSPs, and then click OK.
5. In the navigation pane, locate and then click the following registry subkey:
   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
6. In the details pane, right-click SecurityProviders, and then click Modify.
7. In the Value data box, type credssp.dll. Leave any data that is specific to other SSPs, and then click OK.
8. Exit Registry Editor.
9. Restart the computer.

For more information on CredSSP including how to deploy this setting using Group Policy, see the CredSSP page here.

Let me know if you have any other tips or a simpler way to connect to the more secure version of Remote Desktop.

This is actually pretty easy to do, so I thought I would share so that anyone looking to do a similar thing could easily set it up.

First thing, I am assuming you have Handbrake installed and running. Also, unless you are only copying non CSS protected DVDs, you will need a program such as DVD43 or AnyDVD which automatically decrypts the DVD on the fly.

After ensuring those work (and tested by copying a DVD via the GUI interface) then we can begin to set up your PC so that Autoplay can copy the disks.

To modify the AutoPlay options, you first need to install TweakUI from Microsoft. Run it and navigate to the Autoplay options.

Click “Create” and Fill out the name and program description. Click “Change Program” and select HandBrakeCLI, which is installed into C:\Program Files\Handbrake\ by default.

If you want, you can change the icon, use the Icon from Handbrake.exe (it looks prettier!).

In the Args: field, use:

-i "%L\VIDEO_TS" -o "D:\DVD\Movie_%RANDOM%.m4v" -L -p --preset="AppleTV"

These options mean:

• -i: source
• -o: output
• -L: Select longest title
• -p: Store pixel aspect ratio in video stream
• –preset: Which preset to use (use HandBrakeCLI –preset-list  to get a valid list)

Don’t forget to check off “DVD”.

When done it should look like this:

When its done, you will get an autoplay option with the Description you set above. When clicking on it, you get your movie encoded straight up:

Thats it! When you insert a DVD, you are automatically asked if you would like to play it, or in this case, rip it. Just a small note, this is only for XP, I don’t know if it works on Vista or not. Also, the file name is static, I haven’t figured out how to get it to read the title from the disk, although I’m working on it.

For a full list of HandbrakeCLI options, see: http://trac.handbrake.fr/wiki/CLIGuide

Also, with the -L option; it selects the longest title on the disk. This works great for movies, but if you are trying to copy TV episodes or something with a bunch of smaller titles, then you would have to do it the normal way.

Please let me know if you have success with this or if you’ve improved upon it in some way!

Just a note – when installing Ubuntu, do not add a user named “administrator” as I did. This makes it impossible to join the Ubuntu workstation to the domain using the “administrator” active directory user – but you can use a different Domain Administrator username and password.

The steps to follow:

1. sudo apt-get install likewise-open
2. sudo domainjoin-cli join fdqn.yourdomainserver Administrator
3. sudo update-rc.d likewise-open defaults
4. sudo /etc/init.d/likewise-open start

As a side note – you should also consider adding the following code to make it so that users do not have to login with DOMAIN\username on the ubuntu login screen. You can do this by changing /etc/samba/lwiauthd.conf and adding this line:

winbind use default domain = yes

Also, another helpful tidbit of information is getting your Ubuntu machine to resolve netbios domain names. You can do this by adding missing entries to the following lines in /etc/nsswitch.conf:

passwd: compat winbind lwidentity
group: compat winbind lwidentity
shadow: compat winbind
hosts: files dns winbind

If you receive an “ERROR” message when you try to login to Ubuntu, it could be because the likewise-open service isn’t running. Running “update-rc.d likewise-open defaults” should start it but troubleshoot this script to make sure it is indeed running on boot.

For More Information:
Official Likewise-open page on Ubuntu

1. The Microsoft Office Startup folder or the Microsoft Excel Startup folder contains either or both of the following Adobe Acrobat PDFMaker add-in template files:
Pdfmaker.dot
Pdfmaker.xla
AND
2. Norton AntiVirus software is installed.

To fix it, delete the files from the startup Office folder. There are a few locations it might be, in my case it was in C:\Program Files\Microsoft Office\Office12\XLSTART. See this Microsoft KB Article on fixing the error.

It can be used to save a password for Outlook if your domain is not the same as your Exchange server. If you don’t set this password, then the proxy server will always ask for a password even if you check off “Save Password”.

Go to Start->Run, then type in:

control userpasswords2

This will launch the advanced user dialog. You can now access the advanced tab. Tested in XP Professional and Vista Business.

Window’s simple shutdown command works well, but has some major drawbacks. The major one is that it will only schedule a reboot up to 10 minutes into the future (600 seconds). Linux’s shutdown command makes this easy, just issue the command ’shutdown -r +60′ for example to reboot an hour in the future.

No such luck in Windows, you need to download a separate program to do this. It is a sysinternals program, you might remember sysinternals from such utilies like FileMon and ProcessMonitor.

The program we use for this is called PsTools and more specifically the file psshutdown.exe.

[Download PsTools here]

Place psshutdown.exe into a directory for future use, for this example we will use c:\tools\.

Easiest Method:

Type the following command into the command prompt:
c:\tools\psshutdown.exe -r -f -c -t 02:00 /accepteula

PSshutdown will respond with:

PsShutdown v2.52 - Shutdown, logoff and power manage local and remote systems
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - www.sysinternals.com

Local system is scheduled to reboot in 15:08:00.

If all goes will, Windows will reboot at 2:00am, or your specified time. This command will start a system service with the psstools scheduling program, PSSDNSVC.EXE.

Alternate Method:

Then open a command prompt and type the following command:

at 2:00am c:\tools\psshutdown.exe -r -f -c -t 10 /accepteula

This will result in:

Added a new job with ID = 1

You can verify this task has been added by looking at the Scheduled Tasks – the job name will be At1 if you haven’t scheduled any other tasks via the command line.

1) Open Regedit

2) Browse to HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\ VirusProtect6\CurrentVersion\Administrator Only\Security\

3) Change the value for this key from 1 to 0

useVPuninstallpassword

4) Close the registry and retry the uninstall

[From Experts Exchange]