February 5th, 2010 by shiraj

Exchange 2003 with iPhone
Things to remember:
Exchange is SP2 is minimum requirement and install all latest patch is recommended.

Microsoft Exchange 2003 has Service Pack 2 Installed
I would also install .Net framework 3.5 or above as well, as we are dealing with IIS and website.

Test IIS (Internet Information Server) components for proper connectivity (check event log for OMA error)
Open your browser and type:  http://your-exchange-server-external–dns-name/oma
(Outlook Mobile Access) if you are using https then use that https instead of http.
Open your browser and type:  http://your-exchange-server-external–dns-name/exchange
(Outlook Webmail Access) if you are using https then use that https instead of http.

Configure iPhone to your Exchange Server

There only FOUR components that are typically necessary for a proper exchange – iPhone setup

1. Email Address
2. Exchange User Id
3. Exchange Password
4. Server Address (Also known as Outlook Web Address)

If you have error on OMA try the instruction below

Method 2

Important Method 2 should be used only in an environment that has no Exchange Server 2003 front-end server. The registry changes should be made only on the server on which the mailboxes are located.

Create a secondary virtual directory for Exchange that does not require SSL, and then add a registry value to point to the new virtual directory.

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:

322756  (http://support.microsoft.com/kb/322756/ ) How to back up and restore the registry in Windows
Note These steps affect both Outlook Mobile Access connections and Exchange ActiveSync connections. After you follow these steps, both Outlook Mobile Access and Exchange ActiveSync connections use the new virtual directory that you create.

Disable the forms-based authentication for the Exchange virtual directory

To create a secondary virtual directory for Exchange that is based on steps 1 through 7 of the following procedure, make sure that forms-based authentication is disabled for the Exchange virtual directory before you make the copy. Before you follow these steps, disable forms-based authentication in Exchange System Manager. Then restart Internet Information Services (IIS). To do this, follow these steps:

1. Open Exchange Manager.
2. Expand Administrative Groups, expand the first administrative group, and then expand Servers.
3. Expand the server container for the Exchange Server 2003 server that you will be configuring, expand Protocols, and then expand HTTP.
4. Under the HTTP container, right-click the Exchange Virtual Server container, and then click Properties.
5. Click the Settings tab, clear the Enable Forms Based Authentication check box, and then click OK.
6. Close Exchange Manager.
7. Click Start, click Run, type IISRESET/NOFORCE, and then press ENTER to restart Internet Information Services (IIS).

Create a secondary virtual directory for Exchange server

You must use Internet IIS Manager to create this virtual directory for Exchange ActiveSync and Outlook Mobile Access to work. If you are using Windows Server 2003, follow these steps:

1. Start Internet Information Services (IIS) Manager.
2. Locate the Exchange virtual directory. The default location is as follows:

Web Sites\Default Web Site\Exchange

1. Right-click the Exchange virtual directory, click All Tasks, and then click Save Configuration to a File.
2. In the File name box, type a name. For example, type ExchangeVDir. Click OK.
3. Right-click the root of this Web site. Typically, this is Default Web Site. Click New, and then click Virtual Directory (from file).
4. In the Import Configuration dialog box, click Browse, locate the file that you created in step 4, click Open, and then click Read File.
5. Under Select a configuration to import , click Exchange, and then click OK.

   A dialog box will appear that states that the “virtual directory already exists.”

6. Select the Create a new virtual directory option. In the Alias box, type a name for the new virtual directory that you want Exchange ActiveSync and Outlook Mobile Access to use. For example, type exchange-oma. Click OK.
7. Right-click the new virtual directory. In this example, click exchange-oma. Click Properties.

10.  Click the Directory Security tab.

11.  Under Authentication and access control, click Edit.

12.  Make sure that only the following authentication methods are enabled, and then click OK:

• Integrated Windows authentication
• Basic authentication

13.  On the Directory Security tab, under IP address and domain name restrictions, click Edit.

14.  Click the option for Denied access, click Add, click Single computer and type the IP address of the server that you are configuring, and then click OK twice.

15.  Under Secure communications, click Edit. Make sure that Require secure channel (SSL) is not enabled, and then click OK.

16.  Click OK, and then close the IIS Manager.

17.  Click Start, click Run, type regedit, and then click OK.

18.  Locate the following registry subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MasSync\Parameters

19.  Right-click Parameters, click to New, and then click String Value.

20.  Type ExchangeVDir, and then press ENTER. Right-click ExchangeVDir, and then click Modify.

NoteExchangeVDir is case-sensitive. If you do not type ExchangeVDir exactly as it appears in this article, ActiveSync does not find the key when it locates the exchange-oma folder.

21.  In the Value data box, type the name of the new virtual directory that you created in step 8. For example, type /exchange-oma. Click OK.

22.  Quit Registry Editor.

23.  Restart the IIS Admin service. To do this, follow these steps:

1. Click Start, click Run, type services.msc, and then click OK.
2. In the list of services, right-click IIS Admin service, and then click Restart.

24.  If you want to reuse Forms-based Authentication on the Exchange server, follow these steps to re-enable Forms-based Authentication on the /Exchange virtual directory in Exchange System Manager.

1. Open Exchange Manager.
   1. Expand Administrative Groups, expand the first administrative group, and then expand Servers.
   2. Expand the server container for the Exchange Server 2003 server that you will be configuring, expand Protocols, and then expand HTTP.
   3. Under the HTTP container, right-click the Exchange Virtual Server container, and then click Properties.
   4. Click the Settings tab, click to select the Enable Forms Based Authentication check box, and then click OK.
   5. Close Exchange Manager.
   6. Click Start, click Run, type IISRESET/NOFORCE, and then press ENTER to restart Internet Information Services (IIS).

Note If the server is Microsoft Windows Small Business Server 2003 (SBS), the name of the Exchange OMA virtual directory must be exchange-oma.

The integrated setup of Microsoft Windows Small Business Server 2003 creates the exchange-oma virtual directory in IIS. Additionally, it points the ExchangeVDir registry key to /exchange-oma during the initial installation. Other SBS wizards, such as the Configure E-mail and Internet Connection Wizard (CEICW) also expect the virtual directory name in IIS to be exchange-oma.

February 2nd, 2010 by shiraj

There are some nasty, nasty SNMP vulnerabilities that have recently been revealed. Many different products are affected. See the CERT Advisory Here. This inspired us to upgrade our Cisco. To upgrade the IOS on your Cisco router, you have a couple of options. You can either upgrade via TFTP, or you can use the console. We used a 1600 router, so the procedure below is quite specific. Your mileage may vary.

To use TFTP, you need to download and install TFTP. Here is one source for TFTP. This version also works fine on XP.

First of all, before you touch anything, you should list your configuration using the command:

show config

Print your config to paper, just in case. Your config should stay during the IOS upgrade, but you never know what could happen. You may want to make sure you have console access to the router, as well as the ability to connect to it via the ethernet port. You can temporarily change the address on the ethernet port if you wish by entering:

conf term

At the (config)# prompt select the interface:

int eth0

then

ip address x.x.x.x y.y.y.y

where x is the ip address and y is the subnet mask. Use the earlier show config command so you can set it back when you are done. You could also enter a secondary address instead. Whatever you like.

You can find out what the name of your current flash image is by:

show flash

The next thing you should do is copy your current image (flashimage) up to the TFTP server:

copy flash:flashimage tftp://ipaddress/flashimage

You should see an entry like this in the log of your tftp server:

Receiving 'flashimage' file from x.x.x.x in binary mode

Copy your current image twice if you wish, to different file names, just to be safe. Browse Cisco to be very sure you have the right image. If you load the wrong image of IOS, your router won’t work. Pay attention to the amount of RAM your system has, and how much the upgraded IOS needs. IOS 12.2 needs more RAM than 12.0, and Cisco isn’t lying about this. When you are happy you have the right image:

delete flashimage
copy tftp://ipaddress/flashimage flash:flashimage

You will be asked if you want to erase the current image. Say yes. When it is done loading, change your eth0 IP if needed, and remove any old boot references:

conf term
no boot system flash oldflashimagename
boot system flash flashimage
exit

Now copy your config:

copy running-config startup-config

Reload, and you are set:

reload

Now, when you reboot all should come up ok. If it doesn’t, you will have to use the console port and xmodem to load an image that does work, and this is painful. Here is how to do it.

Pretty much, you just hit ctrl-break (At least with the version of HyperTerminal we used) when the router boots to get into rommon. Minicom or other terminal programs may have different sequences. Try ctrl-c, esc, etc. After you successfully enter rommon, you just:

rommon> xmodem -cf fileimagename

then, from your terminal program, send the file using xmodem. On our 1600, we had to do this at 9600 baud. We couldn’t figure out how to change our router to transfer faster than 9600, although we did see some references to how to do it. At 9600 baud, it takes about 50 minutes to reload IOS. After you are done uploading the image, remove the old boot references and copy config to start as above. If all else fails, you could go back to the flash image that you copied via TFTP.

September 1st, 2009 by shiraj

——–
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed,
error 1355
A Good Time Server could not be located.
——–

Quick resolution worked for me changing time server:

The procedure for doing this on a PDC Emulator running Windows Server 2003 in the forest root domain is as follows. Open Registry Editor (regedit.exe) and configure the following registry entries:

HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type

This registry entry determines which peers W32Time will accept synchronization from. Change this REG_SZ value from NT5DS to NTP so the PDC Emulator synchronizes from the list of reliable time servers specified in the NtpServer registry entry described below.

HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags

This registry entry controls whether the local computer is marked as a reliable time server (which is only possible if the previous registry entry is set to NTP as described above). Change this REG_DWORD value from 10 to 5 here.

HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\NtpServer

This registry entry specifies a space-delimited list of stratum 1 time servers from which the local computer can obtain reliable time stamps. The list may consist of one or more DNS names or IP addresses (if DNS names are used then you must append ,0×1 to the end of each DNS name). For example, to synchronize the PDC Emulator in your forest root domain with tock.usno.navy.mil, an open-access SNTP time server run by the United States Naval Observatory, change the value of the NtpServer registry entry from time.windows.com,0×1 to tock.usno.navy.mil,0×1 here. Alternatively, you can specify the IP address of this time server, which is 192.5.41.209 instead.

Now stop and restart the Windows Time service using the following commands:

net stop w32time

net start w32time

August 7th, 2009 by shiraj

To completely disable IPv6 on a Windows Server 2008-based computer yourself, follow these steps:

1. Open Registry Editor.
2. Locate the following registry subkey:
   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters
3. In the details pane, click New, and then click DWORD (32-bit) Value.
4. Type DisabledComponents, and then press ENTER.
5. Double-click DisabledComponents, and then type 0xffffffff in Hexadecimal or 4294967295 in Decimal.

   Note The 0xffffffff value or the 4294967295 value disables all IPv6 components except for the IPv6 loopback interface.

July 21st, 2009 by shiraj

That nasty worm have changed userinit value in Registry…

<long post>

“
“HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon”
Value: Userinit
Data: %system32%\wsaupdater.exe
“

%system32% represents the path to the System32 folder. For example, if the path is C:\Windows\System32, then the data would be: “C:\Windows\System32\wsaupdater.exe”

Instead of “wsaupdater.exe”, the data should contain “userinit.exe,”.
Using the example above, the data would be “C:\Windows\System32\userinit.exe,”
(!Note! the comma following the file path information.)

Using the XP’s recovery console, copy userinit.exe to wsaupdater.exe to allow log on capability to be restored, and correct the registry data manually.

In the following instructions, C:\Windows\System32 shall be used as the System32 location. Change the path accordingly to accommodate for your installation directory.

Insert the Windows XP startup disk into the floppy disk drive, or insert the Windows XP CD-ROM into the CD-ROM drive, and then restart the computer.
Click to select any options that are required to start the computer from the CD-ROM drive if you are prompted to do so.

When the “Welcome to Setup” screen appears, press R to start the Recovery Console.
If you have a dual-boot or multiple-boot computer, select the installation that you want to access from the Recovery Console.
When you are prompted to do so, type the Administrator password.

If the administrator password is blank (which is likely the case if Windows XP was preinstalled by your computer manufacturer), just press ENTER.

You should now be in the Windows installation folder (“C:\Windows”).
At the Recovery Console command prompt, type the following lines, pressing ENTER after you type each line:

“
cd system32
copy userinit.exe wsaupdater.exe
exit
“

At this time, remove the startup floppy or CD-ROM from your system, and boot into Windows XP. Log on to the system using an account with administrator-level privileges, and edit the registry using this information. It is recommeded that a registry backup be created prior to continuing.

Click start, then run. Enter

regedit

and click OK. Using RegEdit, expand

HKEY_LOCAL_MACHINE
+Software
+Microsoft
+Windows NT
+CurrentVersion
+Winlogon

Locate Userinit in the value column, right-click this item, and choose modify. Replace
“wsaupdater.exe” with “userinit.exe,” (do not use quotes, and ensure the trailing comma is present as shown) and click OK.
Exit RegEdit.

Restart your computer, and log on to the system using an account with administrator-level privileges.

Go to My Computer, then to the System32 folder (usually C:, then Windows, then System32). If Explorer prompts that removing files from these areas is not recommended, click to continue. Locate and remove wsaupdater.exe, and delete this file.

</long post>

July 15th, 2009 by shiraj

How to install VNC version 3.3.7 on a remote PC

Introduction:

VNC is a free utility to remotely control another PC, see http://www.realvnc.com for details.

This article assumes that:

1. The remote PC is running Windows 2000, 2003, NT4 or XP Pro
   (XP Home does not have an IPC$ share as far as I know).
2. You have administrative rights to the remote PC.

This article also focuses on loading VNC on a remote PC as a service, not as an application.

Step 1: Install VNC locally and set the password.

Download Real VNC and install it on a local PC (for this article, version 3.3.7 was used).

During the installation process, make sure that you check both:

1. Register VNC Server as a system service
2. Start the VNC system service

Click here for a screen shot.

At the end of the installation process, you will be prompted to set a password.
The password that you set here will later be used to connect the remote PC.

If for some reason you aren’t prompted for the password, run the following from the command line:
“C:\Program Files\RealVNC\WinVNC\winvnc.exe” -defaultsettings

Also run net start from the command line and confirm VNC Server is running as a service

Step 2: Configure VNC on the remote PC using PsExec

PsExec is a freeware tool to execute processes on a remote PC and is needed for this procedure:
http://www.microsoft.com/technet/sysinternals/Utilities/PsExec.mspx

1. Login to the remote PC’s IPC$ share with an administrator account.

If you don’t include the password in plain text, you will be prompted to supply the password (which will not be displayed as plain text).

NET USE \\RemotePC\IPC$ /user:administrator password

2. Copy your local VNC files to the remote PC.

xcopy “C:\Program Files\RealVNC\*.*” “\\RemotePC\C$\Program Files\RealVNC\*.*” /r/i/c/h/k/e

3. Use Regedit to export the local VNC registry settings to the remote PC.

Note: If you prefer you can export the file locally and then copy it.

regedit /e “\\RemotePC\C$\vncdmp.txt” “HKEY_LOCAL_MACHINE\Software\ORL”

4. Use PsExec to import the above registry file on the remote PC.

psexec \\RemotePC -s -i -d %windir%\regedit /s C:\vncdmp.txt

Make sure to use the /s switch with regedit so that confirmation isn’t required on the remote PC.

You are using regedit on the remote PC to perform this command. If the path for regedit is different on the remote PC, use the exact path instead of %windir% (local, not remote environmental variable).

Example: If the local PC is running XP Pro and the remote PC is Windows 2000, use this command:
psexec \\RemotePC -s -i -d C:\Winnt\regedit /s C:\vncdmp.txt

5. Use PsExec to install the remote winvnc service.

psexec \\RemotePC -s -i -d “C:\Program Files\RealVNC\WinVNC\winvnc.exe” -install

6. Use PsExec to start the remote “VNC Server” service.

psexec \\RemotePC -s -i -d net start “VNC Server”

You should now be able to use VNC to control the remote PC.

July 10th, 2009 by shiraj

The reset command is available in the IP context of the NetShell utility. Follow these steps to use the reset command to reset TCP/IP manually:

1. To open a command prompt, click Start and then click Run. Copy and paste (or type) the following command in the Open box and then press ENTER:
   cmd
2. At the command prompt, copy and paste (or type) the following command and then press ENTER:
   netsh int ip reset c:\resetlog.txt

   Note If you do not want to specify a directory path for the log file, use the following command:

   netsh int ip reset resetlog.txt
3. Reboot the computer.

June 5th, 2009 by shiraj

Remote Desktop is a cool feature of Windows Server 2003 that lets you remotely log on to and work at a machine as if you were seated at the local console (in Windows 2000 Advanced Server, this feature was called Terminal Services in Remote Administration Mode). Remote Desktop can be a lifesaver for fixing problems on servers at remote sites, but what if you forgot to enable the feature before you shipped the server out to Kalamazoo? Enabling Remote Desktop is easy if the server is in front of you: just log on as an administrator, open System in Control Panel, select the Remote tab, and under Remote Desktop select the checkbox labeled “Allow users to connect remotely to this computer.” Unfortunately, you can’t use the System utility to enable Remote Desktop on a remote machine, though you can access some properties pages of System using Computer Management by first connecting the console to a remote computer, then right-clicking on the root node and selecting Properties. Unfortunately, as you can see in Figure 1 below, the Remote tab is not available when you access System properties this way on a remote machine (here named SRV220).

Figure 1. System properties for a remote machine does not have Remote tab.

Fortunately, there’s a workaround. Sit down at your desk and log on to your Windows XP workstation using your administrator credentials and start Registry Editor by Start –> Run –> regedit –> OK. Then select the Connect Network Registry option under the File menu (Figure 2).

Figure 2. Connecting to the Registry on a remote machine.

This opens the Select Computer search box. Either browse Active Directory to locate the remote server, or type its name in the textbox (Figure 3).

Figure 3. Connecting to the Registry on a remote server named SRV220.

Click OK and a node will be displayed in Registry Editor for the remote machine (Figure 4).

Figure 4. HKLM and HKU hives on SRV220.

Now browse HKLM on SRV to find the following Registry key (Figure 5).

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server

Figure 5. Registry key for Terminal Server on remote machine.

Under the Terminal Server key, you’ll find a REG_DWORD value named fDenyTSConnection. Double-click on that value to open the Edit DWORD Value box and change the value data from 1 (Remote Desktop disabled) to 0 (Remote Desktop enabled), as in Figure 6 below.

Figure 6. Set fDenyTSConnections to 0 to enable Remote Desktop on SRV220.

The remote machine needs to be rebooted for the change to take effect, so open a command prompt and type the following command:

shutdown -m \\srv220 -r

After the remote machine reboots, Remote Desktop should be enabled on it. To test this from your workstation, open Start –> All Programs –> Accessories –> Communications –> Remote Desktop Connection, enter the name of the remote server in the Remote Desktop Connection logon box, supply your administrator password when prompted, and you’re in.

May 28th, 2009 by shiraj

If RUNDLL32 just won’t do the job:

Sometimes we need to do just alittle more than RUNDLL32 is capable of, like installing a TCP/IP printer port.
In that case, consider buying yourself a copy of the Windows 2000 Server/Windows Server 2003 Resource Kit and use PRNADMIN.DLL and the accompanying sample scripts written in VBScript.

My own AddIPPrn.bat below uses these VBScripts to install a printer, its driver and a TCP/IP printer port on a remote computer

@ECHO OFF
:: Check Windows version
IF NOT "%OS%"=="Windows_NT" GOTO Syntax
SETLOCAL

:: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: ::
::                                                                         ::
::    Modify the following lines; no quotes for PrnShort and PortIP!       ::
::                                                                         ::
::    The values for PrnType and TargetOS can be found in the INF file     ::
::    that comes with the (extracted) printer driver.                      ::
::                                                                         ::
:: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: ::

SET PrnName="Accounting 2nd Floor"
SET PrnShort=Accounting2
SET PrnType="Kyocera Mita FS-3820N"
SET DrvPath="\\server\share\Drivers\Kyocera\FS-3820N\W2K"
SET InfPath="\\server\share\Drivers\Kyocera\FS-3820N\W2K\oemsetup.inf"
SET PortIP=112.113.114.115
SET TargetOS="Windows 2000"

:: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: ::
::                                                                         ::
::       End of adjustments                                                ::
::                                                                         ::
:: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: :: ::

:: Check command line arguments
IF "%~1"=="" GOTO Syntax
SET PC=%~1
ECHO."%PC%" | FINDSTR.EXE /R /C:"[?/]" >NUL && GOTO Syntax
PING.EXE %PC% 2>NUL | FIND.EXE  "TTL=" >NUL || (
	ECHO Computer %PC% is unavailable
	ECHO.
	GOTO Syntax
)

:: Check if the required VBScripts are available in the current directory
SET Error=0
FOR %%A IN (prncfg prnmgr drvmgr portmgr) DO IF NOT EXIST %%A.vbs SET Error=1
IF "%Error%"=="1" GOTO Syntax

:: Check if the printer was installed already
CSCRIPT.EXE //NoLogo prnmgr.vbs -l -c \\%PC% | FIND.EXE /I "%PrnShort%" >NUL && (
	ECHO A printer named %PrnShort% already exists on %PC%
	ECHO.
	GOTO Syntax
)

:: Check if the printer port was installed already
CSCRIPT.EXE //NoLogo portmgr.vbs -l -c \\%PC% | FINDSTR.EXE /E /I "IP_%PortIP%" >NUL && (
	ECHO TCP/IP printer port %PortIP% already exists on %PC%
	ECHO.
	GOTO Syntax
)

:: Prompt the user, and allow him/her to abort the installation
ECHO You are about to add a local printer %PrnShort% on computer %PC%
ECHO.
PAUSE

:: Install the driver
CSCRIPT.EXE //NoLogo drvmgr.vbs  -a -c \\%PC% -p %DrvPath% -i %InfPath% -v %TargetOS% -m %PrnType% -t Intel
:: Install the local IP print port, type raw, SNMP disabled
CSCRIPT.EXE //NoLogo portmgr.vbs -a -c \\%PC% -p IP_%PortIP% -h %PortIP% -t raw -n 9100 -md
:: Install the local printer with the driver and port we just installed
CSCRIPT.EXE //NoLogo prnmgr.vbs  -a -c \\%PC% -b %PrnName% -m %PrnType% -r IP_%PortIP%
:: Configure the local printer as not shared and not published in Active Directory
CSCRIPT.EXE //NoLogo prncfg.vbs  -s -b \\%PC%\%PrnShort% -published -shared

:: Display or log the configuration of the new printer
IF /I "%~2"=="/L" (SET Log="%PrnShort%_%PC%.log") ELSE (SET Log=CON)
(
	CSCRIPT.EXE //NoLogo drvmgr.vbs  -l -c \\%PC%
	CSCRIPT.EXE //NoLogo portmgr.vbs -l -c \\%PC%
	CSCRIPT.EXE //NoLogo prnmgr.vbs  -l -c \\%PC%
	CSCRIPT.EXE //NoLogo prncfg.vbs  -g -b \\%PC%\%PrnShort%
) > %Log% 2>&1

:: Done
GOTO End

:Syntax
ECHO.
ECHO AddIPPrn.bat,  Version 1.01 for Windows 2000 with Server Resource Kit
ECHO Install a (hard coded) local IP printer %PrnShort% on a remote computer
ECHO.
ECHO Usage:  ADDIPPRN.BAT   computername  [ /L ]
ECHO.
ECHO Where:  "computername" is the computer on which the printer should be installed
ECHO         "/L"           logs the results in {printername}_{computername}.log
ECHO                        (default is display on screen)
ECHO.
ECHO Notes:  [1] You need to modify the first couple of lines from this batch file
ECHO             to install your own printer, port and driver. You may then want
ECHO             to save the modified batch file as {printername}.bat.
ECHO         [2] This batch file requires drvmgr.vbs, portmgr.vbs, prnmgr.vbs and
ECHO             prncfg.vbs from the Windows 2000/2003 Server Resource Kit; these
ECHO             scripts must all be located in the current directory.
ECHO         [3] These VBScripts require PRNADMIN.DLL from the Resource Kit to be
ECHO             installed on the computer that runs the scripts.
ECHO.
ECHO Written by Rob van der Woude
ECHO http://www.robvanderwoude.com

:End
IF "%OS%"=="Windows_NT" ENDLOCAL

May 28th, 2009 by shiraj

Often the printer configurations of existing computers need to be cloned to other computers, or restored after reinstalling Windows.
In those cases, a backup/export and restore/import with Microsoft’s PrintMig 3.1 may be the best (and easiest) solution.
Though earlier versions of PrintMig were GUI only, version 3.1 can also be run without user interaction from the command line or in a batch file:

Microsoft (R) Windows (TM) Printer Migrator 3.1
Copyright (C) 1997-2002 Microsoft Corp. All rights reserved

usage: PRINTMIG [options] [server]
       [-?] Display this message
       [-b] Backup - followed by CAB file name
       [-r] Restore - followed by CAB file name
       [-l] Attempt to convert LPR Ports to SPM
       [-i] Suppress warning popups.  Info still written to log file.

If server is not specified then the local machine is implied.

Example command line to restore an existing config to a server:
  printmig -r d:\print\ps1.cab \\prt-srvr1

Example command line to backup a server to the specified file:
  printmig -b "\\filesrv\store\print server 2.cab" \\prt-srvr2