How to: View email Headers in Outlook 2010

Normally I hear my Users complaining about the changes in Microsoft Office, and my standard response is something along the lines of CRY MORE N00b!!!1!11!1!eleventyone! “Well it’s Microsoft, what are you gonna do?”. But today I am feeling their collective pain. See I installed the Office 2010 RTM on my personal workstation.

Is Microsoft trying to make life more difficult for SysAdmins? Specifically, why (for the love of whatever god you believe in) would they hide the button to view email headers? I need email headers. They give me information. Useful information. Like why my spam filter is marking legitimate email as spam (you know little things like that).

Just not in Outlook 2010. Or at least not where it used to be, or where you’d think it should be. See in Outlook 2003, or 2007 (and I’m pretty sure it was even this way in Outlook XP and 2000), you simply right-click the email, and select “Message Options…”, and you get to see header information. Easy, right?

Apparently there is some guy at Microsoft that thought this was too confusing (or maybe I don’t know,  too easy), and simply had to be changed in Outlook 2010. Ok, no problem, I’ll just bust out some Google Fu, and we’ll be off to the races.

10 minutes later, I find my self wanting to fly to Redmond to beat the tar out of that guy. I’ve found several forum posts, and blog entries that describe ways to do it that simply do not exist in the RTM version of Outlook 2010 (I defy you to open an email in the RTM version of Outlook 2010, and find a View tab in the ribbon). Finally I find one that works. Hopefully this saves you guys some trouble.

Method One (the long way):

  1. Open the email
  2. Click the File Tab
  3. Click the Properties button (?)

Ok, so at least now I know how to view it, but now I have to actually open the email I want the header information for, and this is just way too much work. I want this to be as easy as it was in previous versions of Outlook.

You’ll notice in this screen shot:

That I have a button for showing the “Message Options” (Header information) in the “Quick Access Toolbar” (wasn’t easy to get it there).

Method two (the easier way):

  • Click the Drop down arrow in the Quick Access Toolbar (“QAT” from here on), and select “More Commands”, as shown below.

  • Now follow along in the screen shot below: (1) select “All Commands” from this drop down, (2) find and select “Message Options…” , (3) click “Add”, Click “OK”.

  • Now you can view header information for any email without having to actually open the email, as shown below.


Things like this are why Apple products and Open Office are gaining so much ground on you. I understand updating the Office interface to the ribbon style menus (I don’t like it but I understand it). You should have done it all in 2007, or just waited until 2010 to do any of it.

Admin’s Arsenal: Launch a script with an email, from your cell phone.

“With great power comes great responsibility.” Call me a bit of a geek, but when Uncle Ben said that to Peter Parker in Spiderman (2002), it sent a chill down my spine. Not because this was the first Spiderman movie that was actually good, but because I immediately thought that there was no possible way to better sum up the best piece of advice that you can give someone who has chosen the IT profession as a career. Thank you Stan Lee.

I mention this simply because what I am about to show you can be a great tool, but can also be used for unconscionable evil. In fact, I learned how to do this from an incident at a former job where a disgruntled SysAdmin had used this technique to set up a “deadman switch” of sorts, and when he was fired, used it to totally wipe out a critical database. I was tasked with figuring out what had happened.

Now for those of you that will fall to the darkside, and decide to use this technique for nefarious purposes, listen up: you will get caught. Not only will you get caught, you will get prosecuted (as did the guy I learned this from). Also keep in mind that with the now infamous Terry Childs case being highly publicized, you will probably end up going to jail too (as you should).

This post is for the rest of you who will use this very powerful technique to make your jobs easier (and likely your personal lives less interrupted as well).

Requirements for this to work:

  1. Outlook 2003 or newer (may work in previous versions, I have not tested it).
  2. A script that does something you want to happen (test it thoroughly and make sure it does only what you intend it to do before putting it into production).

You may also be able to do this with other email clients, but at work I use Outlook so I’ve only ever tried it in Outlook.

For demonstration purposes, I used a VBScript named “testScript.vbs” (I know, original right?) which only contains one line of code:

wscript.echo “WORKING!”

I use this script frequently for testing purposes, so it is what I had on hand, and is totally safe (it’s not going to burn your network down if you accidentally fire it off while setting this up).

Once you have that script (or your own test script) in place, we can get to the actual setup.

Setting up the rule in Outlook:

  1. Launch Outlook, and go to Tools>Rules and Alerts…
  2. In the E-mail Rules tab, select the New Rule… button.
  3. In the Rules Wizard, under the Start from a blank rule heading, select Check messages when they arrive, and click the Next > button.
  4. In the Select Condition(s) screen, place a check in the following boxes: from people or distribution listwith specific words in the subjectsent only to mewith specific words in the body.
  5. In the Edit the rule description box below, set people or distribution list to the email address you will be sending the activation email from (in my case I use my work email address when sending from my BlackBerry, and my gmail address when doing this from another computer). It is possible to add more than one email address here.
  6. In the Edit the rule description box below, set specific words in the subject to something that you know you will never use as a subject line unless sending an Activation Email for this script (I use something like this: SCRIPT-scriptname).
  7. In the Edit the rule description box below, set specific words in the body to an activation code (I use something like this: 1RS114523$%%#234). This is the “password” for launching the script, so make it something that is really hard to guess, and then store it in KeePass!.
  8. Click the Next > button at the bottom of the window.
  9. In the Select action(s) box, select start application. I also check assign it to the category category box (that’s not a typo), and then assign it to the Remote Script Activation category which I created so that all Activation Email that I send are easily identified.
  10. In the Edit the rule description box below, set start application to the script you want to run. By default the Select an Application to Execute window has the Files of type box set to .exe files only, to find a script, change this to All Files (*.*) using the drop down menu.
  11. Click the Next > button at the bottom of the window.
  12. Click the Next > button at the bottom of the window again (unless you want to set any exemptions to this rule).
  13. Name your new rule, and make sure that the Turn on this rule box is checked.
  14. A summary of this rule is displayed at the bottom of the window. If this is not correct, you can click the < Back button to make any changes. If everything looks good, click the Finish Button at the bottom of the window.

NOTE: This is a client side only rule, which means that Outlook must be running for the rule to work (leave Outlook open and just lock your workstation).

WARNING: There are many tools that make it possible to send email that looks like it came from an account that is not yours. This is why it is very important to use a really strong “password” when setting things like this up. The last thing you want is for someone to figure out what you are doing and then be able to execute scripts in the context of your user account.

Testing it out:

  1. Create a new email from the email address(s) that you entered in step 5 above.
  2. Make the subject line the text that you entered in step 6 above.
  3. In the body of the email you are sending enter the text that you specified in step 7 above.
  4. Send the email.

When Outlook receives this email, the script that you specified in step 10 above will launch. Go ahead and test it out, I’ll wait…

Holy shit!!! What can I use this awesome technique for?!?!?

Well the answer to that is pretty much only limited to your imagination (and what you can do with a script or executable file). I have about 200 of these rules set up (I use different “passwords” for each of them so I keep a list of them in my BlackBerry and on my desk at home) and here are some of the things I can do with them:

  • Reboot all servers.
  • Reboot an individual server (I have a rule for each one).
  • Reboot all workstations.
  • Reboot individual workstations (there are only a couple that give me issues).
  • Lock all workstations (all are Win XP), this one was really tricky to set up but it was necessary for a particular application).
  • Clear out the print queue on our print server (all printers).
  • Clear out the print queue on our print server for an individual printer (I have individual rules for each one).
  • Send an emergency message to all users’ desktops (in case I have to reboot servers, workstations, or lock workstations to fix something critical).
  • Change user password and lock workstation, for each user on the network (individual rules for each, in case of employee termination).
  • Change the Domain Admin accounts’ passwords (in case it is compromised while I am not in the office, this is just a safety thing).
  • Send email to users letting them know I am starting scheduled maintenance.
  • Stop (and start) services, or specific groups of services (like those used by our Infernal Accounting software grrrrr).

The possibilities are really fairly limitless if you can figure out how to do what you want with a combination of scripting and automation software (like AutoIt is pretty useful for doing things that you can’t do with VBScript or batch scripts).

While it is possible to extend the usefulness of this technique to home application, it is primarily going to be of use to IT Professionals, managing large(r) networks. To take full advantage of this you’ll need to invest some time in learning to automate things with scripts.

Command Line Kung Fu: Remotely uninstall software from the command line

Until that day I am just going to have to settle for removing the game P2P downloader music “player” software you decided (all on your own like a real grown up) that you needed to install on your work computer, but that is actually adware infested spyware infested trojan infested virus ridden specifically prohibited by our company computer use policy.

Oh, you didn’t know I could do that? Yep. Here is just one way that I can wipe out your WoW client bittorrent client kazaa client pr0n dialer newly installed software using WMI.

Step 1: Cut a hole in a box Enter WMIC

  1. Fire up a command prompt as the domain administrator. From a run prompt, type: Runas /user:domainAdmin@yourDomain cmd {ENTER}
  2. Enter the password for that account when prompted.
  3. Enter WMIC by typing the following: wmic {ENTER} (you could do this directly from the run dialog, but for this example we’ll do it this way)

Step 2: Search and Destroy

  1. Use WMIC to list all installed WMI compliant software. Type: /node:COMPUTERNAME product get name,version,vendor {ENTER} (this will list installed software along with the vendor name and version).
  2. If you have special characters like “-” or “/” in the computer name you need to use ‘ characters in order to get information from that client. So if the client computer name is test-machine, you’ll need to enter it as: ‘test-machine’
  3. Call for uninstallation using WMI. If we wanted to remove Nero 7 Essentials, the command would look something like: /node:COMPUTERNAME product where name=”Nero 7 Essentials” call uninstall {ENTER}

At this point WMIC will prompt you to confirm the removal with something that will look like this: Execute (\\COMPUTERNAME\ROOT\CIMV2:Win32_Product.IdentifyingNumber=”{6CA9502E-177F-43A0-A37B-6EF47081A658}”,Name=”Nero 7 Essentials”,Version=”7.03.0279″)->Uninstall() (Y/N/?)?

If you reply “y”, WMI compliant software will run the default uninstallation procedures without the user needing to do anything (nor will they be notified).

Not all software can be removed using this method, however I find that enough can that it is a very useful trick to know.

WMIC is a very powerful tool, if you’d like to learn more about it, start here.

Kung Fu for SysAdmins: Windows 7 made easy

Back when I was in IT trade school I was taught a really valuable lesson in how to make your life a bit easier as an administrator; one of my instructors walked up to my computer, unplugged my mouse, and said “now do what you were supposed to, just without the mouse.”

At the time I was like “what a dick”, but since then, I’ve really come to appreciate the lesson he was getting at: shit happens, and sometimes it is just faster to do it without a mouse.

So I keep hearing about how people making the transition directly from Windows XP to Windows 7 are going to have trouble (granted, the issues mentioned are minor) adjusting to some of the changes Microsoft has made to where settings are located. I would argue that only people who haven’t put in the effort to learn the correct way to access these settings are going to have issues.

Let me elaborate. One of the common complaints I hear from fellow administrators about Windows 7 is that the setting to change folder options is now more difficult to find. It’s been changed from Windows Explorer>Tools>Folder Options>View Tab, to Windows Explorer>Organize>Folder and Search Options. Sure you could pop open google and find instructions in relatively little time, or you could do it the correct way from the start (which works on all versions of Windows since XP): Run>Control Folders>View Tab (in XP).

This is not the only thing that can be accessed using Windows Control Commands either. See if like me, you have been using this method since Windows 2000 (or there abouts), this was never an issue (this particular setting actually changed in Vista, but many people have opted to skip Vista and go directly to Windows 7).

Here is a list of some of the things you can access in Windows without the mouse (type these at a Run Prompt):

  • control = Opens the Control Panel Window
  • control admintools = Opens the Administrative Tools
  • control keyboard = Opens the Keyboard Properties Window
  • control color = Opens the Display Properties (at the Appearance Tab in Windows 7)
  • control folders = Opens the Folder Options Window
  • control fonts = Opens the Font Policy Management Window
  • control international (or intl.cpl) = Opens Regional and Language Options
  • control mouse (or main.cpl) Opens mouse properties
  • control userpasswords = Opens the User Accounts Editor
  • control userpasswords2 (or netplwiz) = Opens User Account Access Restrictions
  • control printers = Opens the Printers and Faxes Window
  • control desktop (Windows Vista/7 only) = Opens Control Panel>Personalization
  • appwiz.cpl = Opens the Add or Remove Programs Utility
  • optionalfeatures = opens the Add or Remove Windows Component utility
  • desk.cpl = Opens the Display Properties (Themes Tab)
  • hdwwiz.cpl = Opens the Add Hardware Wizard
  • irprops.cpl = Opens the Infrared utility (does nothing if no IR devices are installed)
  • joy.cpl = Opens  Game Controller Settings
  • mmsys.cpl = Opens the Sound and Audio device properties window (Volume Tab)
  • sysdm.cpl = Opens the System Properties window
  • telephon.cpl = Opens the Phone and Modem options window
  • timedate.cpl = Opens the Date and Time Properties window
  • wscui.cpl = Opens the Windows Security Center in XP (opens the Action Center in Windows Vista/7)
  • access.cpl = Opens the Accessibility Options Window (does not work in Windows 7)
  • wuaucpl.cpl = Opens Automatic Updates
  • powercfg.cpl = Opens the Power Options Properties window
  • ncpa.cpl = Opens the Network Connections window
  • bthprops.cpl = Opens the Bluetooth Control window (does nothing if no bluetooth devices are installed)
  • certmgr.msc = Opens the Certificate Management MMC
  • compmgmt.msc = Opens the Computer Management
  • comexp.msc (or dcomcnfg) = Opens the Computer Services MMC
  • devmgmt.msc = Opens Device Manager
  • diskmgmt.msc = Opens Disk Management
  • eventvwr.msc (or eventvwr) = Opens the Event Viewer
  • fsmgmt.msc = Opens Shared Folders
  • napclcfg.msc = Opens the NAP client configuration tool
  • services.msc = Opens Service Manager
  • taskschd.msc (or control schedtasks) = Opens the Task Scheduler
  • gpedit.msc = Opens the Group Policy MMC
  • lusrmgr.msc = Opens Local Users and Groups
  • secpol.msc = Opens the Local Security Settings window
  • ciadv.msc = Opens the Indexing Service Window
  • ntmsmgr.msc = Opens the Removable Storage Manager
  • ntmsoprq.msc = Opens the Removable Storage Operator Requests
  • wmimgmt.msc = Opens the WMI (Windows Management Instrumentation) window
  • perfmon.msc (or perfmon) = Opens the Performance Monitor
  • mmc = Opens a blank Microsoft Management Console
  • mdsched = Opens the Memory Diagnostics tools
  • dxdiag = Opens DirectX diagnostics tools
  • odbcad32 = Opens the ODBC Data Source Administration window
  • regedit (or regedt32) = Opens the Registry Editor (these commands actually open different Registry editors, google for the differences)
  • drwtsn32 = Opens Dr. Watson
  • verifier = Opens the Driver Verification Manager
  • cliconfg = Opens the SQL Server Client Network Utility
  • utilman = Opens the Utility Manager (in Windows 7 this opens the Ease Of Access Center)
  • msconfig = Opens the System Configuration Utility
  • sysedit = Opens the System Configuration Editor
  • syskey = Opens the Windows Account Database Security Manager
  • explorer = Opens Windows Explorer
  • iexplorer = Opens Internet Explorer
  • wab = Opens the Windows Address Book
  • charmap = Opens the Character Map
  • write = Opens Wordpad

Now these are not the only things you can type at a run command to get results, but I find that those more than cover most activities you will likely need to do on a day to day basis.

I would say that I find myself using only 10-15 of those commands on any kind of a regular basis. You may only need 4-5 regularly, or none at all. Everyone does things differently, however I have found these commands to be the only thing that stays constant over several versions of the Windows OS. So for me, it takes the Least Amount Of Administrative Effort to simply use these commands.

%d bloggers like this: