Device Discovery & VLan Assignment

October 30, 2008

Today I needed to locate a workstation and reassign it to a different vlan. Because this location had two routers and two switches I had to do some Sherlock Homes detective work.

From router 1 “show arp | include .135” – This command allowed me to view the mac addresses of any devices that contained 135 in the IP Address.

From switch 1 “show mac-address-table | include 0000.1111.AAAA” – Allowed me to see what interface the device was connected to. In this case it ended up being interface 01

From switch 1 “show mac-address-table interface fastEthernet 0/01” – Allowed me to see what device was connected to that interface. Multiple devices where listed to that interface, meaning a switch was connected to that port and the device I am looking for is behind that switch.

From switch 2 “show mac-address-table | include 0000.1111.AAAA” – Allowed me to see what interface the device was connected to. Turns out to be interface 02

From switch 2  “show mac-address-table interface fa0/02” –Confirm that only a phone and workstation were attached to that interface.

From switch 2 “show interfaces status” Returns port, description, vlan, & interface status information.

From switch 2 “configure terminal” and assigned the VLAN information using commands

“switchport access vlan 999” to assign non-trunking devices to vlan 999

“ switchport trunk native vlan 999” to inform trunking devices to assign vlan 999 to non-trunking devices behind it.

“description computername” to leave a description on the interface

“Shut” and “No Shut” on the interface to reboot the phone and workstation.

“show running-config interface fastEthernet 0/2” to view interface configuration.

WDS NIC… Isn’t this the reason I left Ghost?

September 3, 2008

I received a new Dell Latitude E5500 laptop that was designed for Vista but preloaded with XP SP3.  The first thing I did was wipe the hard drive and then attempt to deploy our company image on it. I encountered the following error message immediately after WinPE loaded & attempted to initialize the network connection…

“WdsClient: An error occurred while starting networking: a matching network card driver was not found in this image. Please have your Administrator add the network driver for this machine to the Windows PE image on the Windows Deployment Services server.”

To resolve the issue I followed the mildly confusing instructions located at Microsoft Help and Support.

Basically you need to download the Vista drivers for your NIC card. The guide walks you through testing the drivers and uploading them to your WDS server.

If you know you have the correct drivers for your network card you can skip steps 1a through c.

I recommend copying & pasting your commands to make sure that you get them correct.

If you have the Dell E5500 with the Broadcom 57XX Gigabit Controller you can download and extract the drivers from Dell. Once you run the file cancel the installation and copy the drivers from C:\dell\drivers\R186823\WinVista to your WDS server. Modify the path in your instructions accordingly. 

Oh by the way…

August 25, 2008

To quickly enable Num Lock on at Windows Boot. Open Regedit and navigate to…

HKEY_USERS\.DEFAULT\Control Panel\Keyboard

Change the value of InitialKeyboardIndicators from 0 to 2.

Process Group Policy Remotely

August 25, 2008

I was working on a Group Policy issue and wanted to remotely force a Group Policy update and check the result without commandeering an end users workstation. To solve this I used the Sysinternals utility PsExec which Executes processes remotely. One nifty trick is that you can also execute PsExec remotely as well. To accomplish this I executed the following command…

\\\tools\psexec.exe \\computername gpupdate

To check the outcome you can execute the command…

gpresult /s computername /user username

For faster performance and better security I recommend downloading the full Sysinternals suite and executing PsExec locally.

Windows Deployment Services Phase I

July 31, 2008


We currently received 30 new Dell desktops and I wanted to begin using an automated deployment process. We are constantly repairing issues with workstations and will be rolling out at least a hundred more within the next year so this was extremely important for me to accomplish.  We have used Ghost and RIS in the past with limited success. For our organization I felt using Windows Deployment Services with PXE boot would be the most compatible and end user friendly solution. My basic goal was to deploy a Windows XP SP3 image over the network preloaded with our most common applications.

To begin the process Windows Deployment Services has been installed to a Windows 2008 server. To configure the server and workstations I followed most of the steps located at I would like to highlight a couple issues and points below.

1.    Steps 1-8. Follow them exactly and in order. For example I got disrupted, returned to the computer and typed the following command on my source machine

Diskpart {enter} Select disk 0 {enter} Clean {enter}

Oh I felt like a DumbE when I rebooted my computer.

2.    From Step 3, The most current revision is MicrosoftDeploymentToolkit 2008

3.    From Step 5, It is mentioned to “Navigate to Program Files\Windows AIK\Tools\PETools\x86\WinPE.WIM” It wasn’t quite clearly stated but to accomplish this you will need to download the Windows Vista SP1 and Windows Server 2008 AIK as an ISO, extract, and install the application to your deployment server. Then I was able to locate the WinPE.WIM file and continue.

4.    Step 6, When creating the Sysprep Master Image. DO NOT boot into Windows after you have Resealed the computer and shut it down. If you don’t follow this exactly your OS and image is toast (more on this below). Also if you try and image the workstation after you have selected Factory but before you select Reseal you will not see an option to select your C:\ to image. If you follow Step 6 correctly Windows Deployment Services will return your original workstation back to a usable state. Never perform this step on a machine that has anything important on it and has not been backed up.

This should get you in business with you initial deployment process. I am working to improve my imaging and deployment process even further and I will document my findings. I also learned some other interesting this during the process so I will be adding a section called “Oh by the way…”

Local Admin Accounts

June 4, 2008

 Category    User Profiles ; Permissions; Useful Commands


We are beginning to remove Domain Users from having Local Admin rights to their workstation. We have an application that will not launch properly without having local admin rights. To make the scenario more interesting the application spawns multiple processes so even if I use the command runas /user:domain\username “application.exe” the application fails to launch correctly.


I executed the command cacls c:\appdirectory /e /t /p users:c to give the local users group change permissions on the applications directory. Because the application spawns multiple processes located in multiple directories I had to use the Sysinternals utility Process Monitor to locate all if the directories that are accessed by the application. Tip: If you use the Filter menu it is much easier to locate the necessary information. After running the command in each directory accessed by the application everything worked fine.


Difference between Power User and Administrator?

CACLS Syntax

Process Monitor v1.33

Remember to Remember

June 4, 2008

I have started this blog for two reasons…

1. So I can “Remember to Remember” all of the random things I have learned along my way in Information Technology. I am planning to utilize this blog so I can apply past knowlegde to future solutions.

2. So others can learn as well. I firmly believe in sharing knowledge in the field on IT. Life would be much easier for us all.

Your questions and feedback are much appreciated.  Thanks for visiting