Admin’s Arsenal: iPhone Configuration Utility

Jesus holding iPhone I got an iPhone in 2009. I like it, it does what I need it to do. I’m not with the fanboi crowd that thinks that Steve Jobs was a saint, and the iPhone is the holy grail of cell phones. The thing has problems. The fact that I still cannot define a time that I do not want the phone to ring or vibrate, or only ring for specific callers (without jailbreaking) is pretty silly.

But it is still light years ahead of a Blackberry, and in my opinion far easier to use and maintain than an Android device.

All that aside, iOS is here, and our users want it. I’ve got about 10 users with iOS devices, and it’s spreading. I do not support enough mobile devices to justify a Mobile Device Management solution, but that doesn’t mean that I am forced to manage them all by hand either.

Some time ago Apple released the iPhone Configuration Utility (available here for both Mac and Windows computers), designed for exactly my use case.

You’ll notice that Apple has quite a bit of information available at that link, including an MDM solution specifically for iOS devices (which unfortunately is OSX only). Not bad, I’ll tip my hat to Cupertino on that, they aren’t ignoring the Windows people (for once).

The iPhone Configuration utility allows you to define profiles and configure settings for iOS devices (it works fine with iPads).

Let’s take a look at the interface (click the image to see the full size versions):

iPhone Configuration Utility interface

iPhone Configuration Utility interface


Note at the bottom there the setting to control when the profile can be removed from the phone. I would suggest that you choose the “With Authentication” setting, as you never know when you might need to remove the profile, and you don’t want users screwing around in there and accidentally removing the security policy requiring a passcode for compliance reasons (or just general security). Speaking of Passcodes:

Passcode policy

Passcode Policy settings


You can see here that you’ve got pretty granular passcode settings available, which is great because if Apple is known for doing one thing right, it sure isn’t security. If you happen to be in an environment where you need to disable certain settings, the Restrictions policy settings have you pretty well covered:

Restriction Policy Settings

Restriction Policy Settings


Which is great if you need to control things like disabling Siri when the device is locked. The utility also gives you the ability to define Wi-Fi networks that the iOS device is allowed to connect to:

Wi-Fi Policy Settings

Wi-Fi Policy Settings


This is actually pretty handy, you don’t need to give out wi-fi passwords, and you can isolate mobile devices as needed. If for some strange reason you want to allow users to connect their phones to your VPN, there is provision for that as well:

VPN Policy Settings

VPN Policy Settings


This is great for me personally, as I can use this to allow secure connection to our Spiceworks install, as well as remote desktop for emergencies. And of course we need email:

Exchange ActiveSync Policy Settings

Exchange ActiveSync Policy Settings


Pretty standard stuff from here out.

Here’s how I use this:

I have one company wide device security policy that gets installed on all devices. This is basically a passcode and screen lock policy that also disables Siri when the phone is locked. These are company devices, with confidential company information on them. I know it’s inconvenient for you to have to enter a 4 digit passcode when you want to use your phone, but tough. Don’t like it? I’ll remove it when there is no longer any company data on the phone, and that includes email and contacts that have employee’s home contact information in them.

I have one email profile that is basically a shared contacts box that get’s installed on every device.

Each user has an email policy that configures access to their work email.

I have a VPN profile that allows me to VPN into our network from my phone, but no one else has this capability.

This is great because in the 3+ years I’ve had an iPhone, I’ve had to replace or wipe the device at least 10 times. They’re not the most hearty of devices (that crown is still held by the mighty BlackBerry, which I know from experience can survive being thrown from the second floor of a building into parking lot during a torrential downpour), and water is like antimatter to them.

Now when I need to change hardware, or reload the device I simply email the four profiles to myself, and bingo all of my email settings are squared away in seconds (iCloud makes this super easy anyway, but it can take a while to get it working).





PowerShell Function: Find-Hotfix

Every now and then you’ll need to verify whether or not a given hotfix is installed on a particulat computer (or group of computers). This function takes all the work out of that task.

    ##  FUNCTION.......:  Find-Hotfix
    ##  PURPOSE........:  Finds computers with a specified Microsoft Hotfix
    ##                    installed.
    ##  REQUIREMENTS...:  PowerShell v2.0
    ##  NOTES..........:  
    Function Find-Hotfix {
         Finds computers with a specified Microsoft Hotfix installed.

         This function reads a list of computernames (one per line), checks each
         to determine if the specified hotfix is installed, and displays a list
         of all computers and the status of the hotfix for that computer.
        .PARAMETER FileName
         Full path and filename of the file containing a list of computers to
         check (one computer name per line). THis is a mandatory parameter. If
         you omit it, you will be prompted to enter a value before the function
         The KB number of the hotfix to check for (just the number). This is a
         mandatory parameter. If you omit it, you will be prompted to enter a
         value before the function continues.

         C:\PS>Find-Hotfix c:\list.txt 2564958

         This example will check all computers listed in the file "c:\list.txt"
         for hotfix KB2564958.

         Sample output:
         Wkstn01    HOTFIX NOT FOUND
         Wkstn02    Security Update
         Wkstn03    HOTFIX NOT FOUND
         Svr01      Security Update
         Svr02      Security Update

         C:\PS>'c:\list.txt' | Find-Hotfix -KB:2564958

         This example does the same thing as Example 1, but the list of
         computers to check is being passed to the Function using pipelining.

         NAME......:  Find-Hotfix
         AUTHOR....:  Joe Glessner
         LAST EDIT.:  21MAR12
         CREATED...:  10APR11

                Param (                        
                )#End Param
        $ErrorActionPreference = "SilentlyContinue"
        $ComputerNames = Get-Content $FileName
        $KBN = "kb" + $KB

        ForEach ($Computer In $ComputerNames) {
            $StrQuery = "select * from win32_pingstatus where address = '" +
            $Computer + "'"
            $WMI = Get-WMIObject -query $StrQuery
            If ($wmi.statuscode -eq 0) {
                $CheckKB = GWMI Win32_QuickFixEngineering -computer $Computer |
                Where-Object {$_.hotfixid -eq $KBN} |
                Select-Object hotfixid, description
                    If ($CheckKB.hotfixid -eq $KBN) {
                        Write-Host -f green $Computer `
                        "`t" $CheckKB.Description "`r"
                    }#END: If ($CheckKB.hotfixid -eq $KBN)
                    Else {
                        Write-Host -f red $Computer `
                        "`t" "HOTFIX NOT FOUND" "`r"
                    }#END: Else
            }#END: If ($wmi.statuscode -eq 0)
            Else {
                Write-Host -f yellow $Computer "`t" "Ping failed!" "`r"
                }#END: Else
        }#END: ForEach ($Computer In $ComputerNames)
    }#END: Function Find-HotFix

PowerShell Function: Invoke-Sound

    ##  FUNCTION.......:  Invoke-Sound
    ##  PURPOSE........:  Beep the system speaker.
    ##  REQUIREMENTS...:  PowerShell v2
    ##  NOTES..........:  
    Function Invoke-Sound {
         Beep the system speaker.
         This function gives the user a wide variety of control over the system
         speaker (and can optionally be used to play a few Windows sounds
         through the regular speakers).
        .PARAMETER Frequency
         The pitch of the beep (larger numbers is a higher pitch). Defaults to

         ALIAS: -f
        .PARAMETER Time
         The length of the beep in miliseconds (1000 = 1 second). Defaults to

         ALIAS: -t
        .PARAMETER Beeps
         The number of beeps to execute (defaults to one).

         ALIAS: -b
        .PARAMETER Sub
         This optional Switch will set the Frequency to 100.

         ALIAS: -s
        .PARAMETER Low
         This optional Switch will set the Frequency to 500.

         ALIAS: -l
        .PARAMETER Medium
         This optional Switch will set the Frequency to 2000.

         ALIAS: -m
        .PARAMETER High
         This optional Switch will set the Frequency to 5000.

         ALIAS: -h
        .PARAMETER Exclamation
         This optional switch will play the "exclamation" system sound using the
         PC speakers (not the system speaker).

         ALIAS: -ex
        .PARAMETER Asterisk
         This optional switch will play the "asterisk" system sound using the
         PC speakers (not the system speaker).

         ALIAS: -as
        .PARAMETER Hand
         This optional switch will play the "hand" system sound using the PC
         speakers (not the system speaker).

         ALIAS: -ha
        .PARAMETER Vader
         Plays part of the Imperial March using the System Speaker.

         This Example will play a 300ms beep from the system speaker with the
         frequency set to 1000.

         C:\PS>Invoke-Sound 2000 5000

         This Example will play a 5 second beep from the system speaker with the
         frequency set to 2000.

         C:\PS>Invoke-Sound -asterisk

         This Example will play the "asterisk" system sound through the PC
         speakers (not the system speaker).

         C:\PS>Invoke-Sound -beeps:5

         This will play 5 beeps from the system speaker using the default
         frequency of 1000 and time of 300ms.

         C:\PS>Invoke-Sound -vader

         Plays a section of the Imperial March from Star Wars :)

         NAME......:  Invoke-Sound
         AUTHOR....:  Joe Glessner
         LAST EDIT.:  27MAR12
         CREATED...:  12FEB10

        Param([Parameter(Mandatory = $False,
            Position = 0)]
            [Int]$Frequency = 1000,
            [Parameter(Mandatory = $False,
            Position = 1)]
            [Int]$Time = 300,
            [Int]$Beeps = 1,
        )#END: Param
        If($Sub) {
            $Frequency = 100
        }#END: If($Sub)
        If($Low) {
            $Frequency = 500
        }#END: If($Low)
        IF($Medium) {
            $Frequency = 2000
        }#END: IF($Meduim)
        If($High) {
            $Frequency = 5000
        }#END: If($High)
        If($Exclamation) {
        }#END: If($Exclamation)
        If($Asterisk) {
        }#END: If($Asterisk)
        If($Hand) {
        }#END: If($Hand)
        If($Vader) {
        }#END: If($Vader)
        ELSE {
            1..$Beeps | %{[System.Console]::Beep($Frequency,$Time)}
        }#END: Else
    }#END: Function Invoke-Sound

Admin’s Arsenal: Launch a script with an email, from your cell phone.

“With great power comes great responsibility.” Call me a bit of a geek, but when Uncle Ben said that to Peter Parker in Spiderman (2002), it sent a chill down my spine. Not because this was the first Spiderman movie that was actually good, but because I immediately thought that there was no possible way to better sum up the best piece of advice that you can give someone who has chosen the IT profession as a career. Thank you Stan Lee.

I mention this simply because what I am about to show you can be a great tool, but can also be used for unconscionable evil. In fact, I learned how to do this from an incident at a former job where a disgruntled SysAdmin had used this technique to set up a “deadman switch” of sorts, and when he was fired, used it to totally wipe out a critical database. I was tasked with figuring out what had happened.

Now for those of you that will fall to the darkside, and decide to use this technique for nefarious purposes, listen up: you will get caught. Not only will you get caught, you will get prosecuted (as did the guy I learned this from). Also keep in mind that with the now infamous Terry Childs case being highly publicized, you will probably end up going to jail too (as you should).

This post is for the rest of you who will use this very powerful technique to make your jobs easier (and likely your personal lives less interrupted as well).

Requirements for this to work:

  1. Outlook 2003 or newer (may work in previous versions, I have not tested it).
  2. A script that does something you want to happen (test it thoroughly and make sure it does only what you intend it to do before putting it into production).

You may also be able to do this with other email clients, but at work I use Outlook so I’ve only ever tried it in Outlook.

For demonstration purposes, I used a VBScript named “testScript.vbs” (I know, original right?) which only contains one line of code:

wscript.echo “WORKING!”

I use this script frequently for testing purposes, so it is what I had on hand, and is totally safe (it’s not going to burn your network down if you accidentally fire it off while setting this up).

Once you have that script (or your own test script) in place, we can get to the actual setup.

Setting up the rule in Outlook:

  1. Launch Outlook, and go to Tools>Rules and Alerts…
  2. In the E-mail Rules tab, select the New Rule… button.
  3. In the Rules Wizard, under the Start from a blank rule heading, select Check messages when they arrive, and click the Next > button.
  4. In the Select Condition(s) screen, place a check in the following boxes: from people or distribution listwith specific words in the subjectsent only to mewith specific words in the body.
  5. In the Edit the rule description box below, set people or distribution list to the email address you will be sending the activation email from (in my case I use my work email address when sending from my BlackBerry, and my gmail address when doing this from another computer). It is possible to add more than one email address here.
  6. In the Edit the rule description box below, set specific words in the subject to something that you know you will never use as a subject line unless sending an Activation Email for this script (I use something like this: SCRIPT-scriptname).
  7. In the Edit the rule description box below, set specific words in the body to an activation code (I use something like this: 1RS114523$%%#234). This is the “password” for launching the script, so make it something that is really hard to guess, and then store it in KeePass!.
  8. Click the Next > button at the bottom of the window.
  9. In the Select action(s) box, select start application. I also check assign it to the category category box (that’s not a typo), and then assign it to the Remote Script Activation category which I created so that all Activation Email that I send are easily identified.
  10. In the Edit the rule description box below, set start application to the script you want to run. By default the Select an Application to Execute window has the Files of type box set to .exe files only, to find a script, change this to All Files (*.*) using the drop down menu.
  11. Click the Next > button at the bottom of the window.
  12. Click the Next > button at the bottom of the window again (unless you want to set any exemptions to this rule).
  13. Name your new rule, and make sure that the Turn on this rule box is checked.
  14. A summary of this rule is displayed at the bottom of the window. If this is not correct, you can click the < Back button to make any changes. If everything looks good, click the Finish Button at the bottom of the window.

NOTE: This is a client side only rule, which means that Outlook must be running for the rule to work (leave Outlook open and just lock your workstation).

WARNING: There are many tools that make it possible to send email that looks like it came from an account that is not yours. This is why it is very important to use a really strong “password” when setting things like this up. The last thing you want is for someone to figure out what you are doing and then be able to execute scripts in the context of your user account.

Testing it out:

  1. Create a new email from the email address(s) that you entered in step 5 above.
  2. Make the subject line the text that you entered in step 6 above.
  3. In the body of the email you are sending enter the text that you specified in step 7 above.
  4. Send the email.

When Outlook receives this email, the script that you specified in step 10 above will launch. Go ahead and test it out, I’ll wait…

Holy shit!!! What can I use this awesome technique for?!?!?

Well the answer to that is pretty much only limited to your imagination (and what you can do with a script or executable file). I have about 200 of these rules set up (I use different “passwords” for each of them so I keep a list of them in my BlackBerry and on my desk at home) and here are some of the things I can do with them:

  • Reboot all servers.
  • Reboot an individual server (I have a rule for each one).
  • Reboot all workstations.
  • Reboot individual workstations (there are only a couple that give me issues).
  • Lock all workstations (all are Win XP), this one was really tricky to set up but it was necessary for a particular application).
  • Clear out the print queue on our print server (all printers).
  • Clear out the print queue on our print server for an individual printer (I have individual rules for each one).
  • Send an emergency message to all users’ desktops (in case I have to reboot servers, workstations, or lock workstations to fix something critical).
  • Change user password and lock workstation, for each user on the network (individual rules for each, in case of employee termination).
  • Change the Domain Admin accounts’ passwords (in case it is compromised while I am not in the office, this is just a safety thing).
  • Send email to users letting them know I am starting scheduled maintenance.
  • Stop (and start) services, or specific groups of services (like those used by our Infernal Accounting software grrrrr).

The possibilities are really fairly limitless if you can figure out how to do what you want with a combination of scripting and automation software (like AutoIt is pretty useful for doing things that you can’t do with VBScript or batch scripts).

While it is possible to extend the usefulness of this technique to home application, it is primarily going to be of use to IT Professionals, managing large(r) networks. To take full advantage of this you’ll need to invest some time in learning to automate things with scripts.

Kung Fu for SysAdmins: Windows 7 made easy

Back when I was in IT trade school I was taught a really valuable lesson in how to make your life a bit easier as an administrator; one of my instructors walked up to my computer, unplugged my mouse, and said “now do what you were supposed to, just without the mouse.”

At the time I was like “what a dick”, but since then, I’ve really come to appreciate the lesson he was getting at: shit happens, and sometimes it is just faster to do it without a mouse.

So I keep hearing about how people making the transition directly from Windows XP to Windows 7 are going to have trouble (granted, the issues mentioned are minor) adjusting to some of the changes Microsoft has made to where settings are located. I would argue that only people who haven’t put in the effort to learn the correct way to access these settings are going to have issues.

Let me elaborate. One of the common complaints I hear from fellow administrators about Windows 7 is that the setting to change folder options is now more difficult to find. It’s been changed from Windows Explorer>Tools>Folder Options>View Tab, to Windows Explorer>Organize>Folder and Search Options. Sure you could pop open google and find instructions in relatively little time, or you could do it the correct way from the start (which works on all versions of Windows since XP): Run>Control Folders>View Tab (in XP).

This is not the only thing that can be accessed using Windows Control Commands either. See if like me, you have been using this method since Windows 2000 (or there abouts), this was never an issue (this particular setting actually changed in Vista, but many people have opted to skip Vista and go directly to Windows 7).

Here is a list of some of the things you can access in Windows without the mouse (type these at a Run Prompt):

  • control = Opens the Control Panel Window
  • control admintools = Opens the Administrative Tools
  • control keyboard = Opens the Keyboard Properties Window
  • control color = Opens the Display Properties (at the Appearance Tab in Windows 7)
  • control folders = Opens the Folder Options Window
  • control fonts = Opens the Font Policy Management Window
  • control international (or intl.cpl) = Opens Regional and Language Options
  • control mouse (or main.cpl) Opens mouse properties
  • control userpasswords = Opens the User Accounts Editor
  • control userpasswords2 (or netplwiz) = Opens User Account Access Restrictions
  • control printers = Opens the Printers and Faxes Window
  • control desktop (Windows Vista/7 only) = Opens Control Panel>Personalization
  • appwiz.cpl = Opens the Add or Remove Programs Utility
  • optionalfeatures = opens the Add or Remove Windows Component utility
  • desk.cpl = Opens the Display Properties (Themes Tab)
  • hdwwiz.cpl = Opens the Add Hardware Wizard
  • irprops.cpl = Opens the Infrared utility (does nothing if no IR devices are installed)
  • joy.cpl = Opens  Game Controller Settings
  • mmsys.cpl = Opens the Sound and Audio device properties window (Volume Tab)
  • sysdm.cpl = Opens the System Properties window
  • telephon.cpl = Opens the Phone and Modem options window
  • timedate.cpl = Opens the Date and Time Properties window
  • wscui.cpl = Opens the Windows Security Center in XP (opens the Action Center in Windows Vista/7)
  • access.cpl = Opens the Accessibility Options Window (does not work in Windows 7)
  • wuaucpl.cpl = Opens Automatic Updates
  • powercfg.cpl = Opens the Power Options Properties window
  • ncpa.cpl = Opens the Network Connections window
  • bthprops.cpl = Opens the Bluetooth Control window (does nothing if no bluetooth devices are installed)
  • certmgr.msc = Opens the Certificate Management MMC
  • compmgmt.msc = Opens the Computer Management
  • comexp.msc (or dcomcnfg) = Opens the Computer Services MMC
  • devmgmt.msc = Opens Device Manager
  • diskmgmt.msc = Opens Disk Management
  • eventvwr.msc (or eventvwr) = Opens the Event Viewer
  • fsmgmt.msc = Opens Shared Folders
  • napclcfg.msc = Opens the NAP client configuration tool
  • services.msc = Opens Service Manager
  • taskschd.msc (or control schedtasks) = Opens the Task Scheduler
  • gpedit.msc = Opens the Group Policy MMC
  • lusrmgr.msc = Opens Local Users and Groups
  • secpol.msc = Opens the Local Security Settings window
  • ciadv.msc = Opens the Indexing Service Window
  • ntmsmgr.msc = Opens the Removable Storage Manager
  • ntmsoprq.msc = Opens the Removable Storage Operator Requests
  • wmimgmt.msc = Opens the WMI (Windows Management Instrumentation) window
  • perfmon.msc (or perfmon) = Opens the Performance Monitor
  • mmc = Opens a blank Microsoft Management Console
  • mdsched = Opens the Memory Diagnostics tools
  • dxdiag = Opens DirectX diagnostics tools
  • odbcad32 = Opens the ODBC Data Source Administration window
  • regedit (or regedt32) = Opens the Registry Editor (these commands actually open different Registry editors, google for the differences)
  • drwtsn32 = Opens Dr. Watson
  • verifier = Opens the Driver Verification Manager
  • cliconfg = Opens the SQL Server Client Network Utility
  • utilman = Opens the Utility Manager (in Windows 7 this opens the Ease Of Access Center)
  • msconfig = Opens the System Configuration Utility
  • sysedit = Opens the System Configuration Editor
  • syskey = Opens the Windows Account Database Security Manager
  • explorer = Opens Windows Explorer
  • iexplorer = Opens Internet Explorer
  • wab = Opens the Windows Address Book
  • charmap = Opens the Character Map
  • write = Opens Wordpad

Now these are not the only things you can type at a run command to get results, but I find that those more than cover most activities you will likely need to do on a day to day basis.

I would say that I find myself using only 10-15 of those commands on any kind of a regular basis. You may only need 4-5 regularly, or none at all. Everyone does things differently, however I have found these commands to be the only thing that stays constant over several versions of the Windows OS. So for me, it takes the Least Amount Of Administrative Effort to simply use these commands.

Digital Locksmith: Change the root password on OSX; several methods


I’m not a big fan of Macs. If I wanted to run BSD I would. If I want the easy GUI I’ll run Windows. If I want the elitist snob crowd, I’ll run Gentoo Linux (kidding, step away from the door and please put the axe down now).

I am also not a big fan of Apple’s marketing (hey Steve, here’s a hint; those adds were funny for like the first 10, now they make you look like a snobby braggart, and somewhat of a jerk), especially now that Apple is saying that no reasonable person would believe their marketing (wait, what?).


That being said, I do know a thing or two about them, for instance, how to reset the root password without having the root password.

NOTE: Do not do this if you have FileVault Enabled!!! If you reset the root password and have FileVault enabled this will not reset the FileVault master password, and any files protected with FileVault will not be accessible. There is a discussion in the Apple Forums that discusses a way to possibly reset the FileVault password, but I have not tried this, so I cannot verify that this method works. The discussion is available here, if you try this I strongly urge you to backup all files (including system files) before you try it.

Method 1:

  1. Restart your computer,
  2. Dold down Command-S during boot, and type the following at the terminal prompt:
  3. /sbin/fsck -y {ENTER}
  4. /sbin/mount -uaw {ENTER}
  5. mv /var/db/.applesetupdone /var/db/.applesetupdone.orig {ENTER}
  6. reboot {ENTER}

Once you’ve done that the computer reboots and ask you to set up an admin password. From there you just change all other account passwords in the account preferences.

NOTE: Step 5 in this process renames the /var/db/.applesetupdone file so that if you encounter issues you can change it back and be back to square one.

Method 2:

  1. Click Restart at the log in window.
  2. While the computer is restarting, hold down “Command-S” until you see text scrolling through the window. This boots the computer into single user mode.
  3. At the Localhost% prompt type:
    /sbin/mount -uw / {ENTER}
    /sbin/SystemStarter {ENTER}

    You will then see various services starting up.

  4. When the Localhost% prompt reappears, type:
    passwd root {ENTER}

    It will then ask you to type the new root password twice, so do so.

  5. After entering the new password, type:
    reboot {ENTER}

At the log in window, enter user name root with the new password. Once you are connected, you can use the Multiple Users application (/Applications/Utilities) to change your normal user’s password, or create a new user account.

If you cannot get that to work, and you just want to get the files off, you can use Target Disk Mode to do so, assuming that an Open Firmware Password has not been set, and that the files you want are not protected by FileVault.

But what if that fails? Well you have one final option if the computer is not protected by an Open Firmware Password: reinstall the System files by booting to an Install disk and selecting “Archive and Install”. This will only restore the System files, and all the users and their files should be accessible. Again this should be the method of last resort.


Banish Windows Notepad: Replacing Notepad with Notepad++


It’s no secret around these parts that I hate Windows Notepad. It hasn’t been updated (in any useful way) since Windows 95, and is just plain inadequate for most tasks I need a text editor for. Up to this point I have been content to simply never use it, however as I am finding myself working with text files more and more these days, I would like to completely replace it.

Now obviously I am a big proponent of Notepad++, and this would be my ideal replacement for notepad.exe and luckily for me, there is a launcher made specifically for this. Before we begin, we will need to download the following files:

  1. The current Notepad++ install package from here.
  2. The current Notepad++ launcher from here.

Once we have these files, we can begin the process:

  1. Install Notepad++.
  2. Unzip the Notepad++ launcher, and have it ready to be copied (we will need to put this in a couple different directories.
  3. Turn off hide invisible files in Tools->Folder Options->View.

Now at this point it is pertinent to mention that there are several methods that may work for preplacing Notepad, you may need to try each one until you find the one that works for your OS version (Method 1 worked for me on one XP sp2 install, but I had to use Method 2 on another.

Method 1

  1. Go to %windir%\system32\Restore
  2. Select filelist.xml and right click->Properties and uncheck Read-only
  3. Edit the file, adding:
  4. <REC>%windir%\notepad.exe</REC>



  5. Copy the Notepad++ launcher to %windir%\system32, replacing notepad.exe there with the Notepad++ launcher.
  6. If this worked, you should now be able to open a Run dialog, and type: notepad {ENTER}, which will launch Notepad++.

Method 2

  1. Copy the Notepad ++ launcher to %windir%\system32\dllcache
  2. Copy the Notepad ++ launcher to %windir%\system32
  3. A dialog will pop up hit cancel.
  4. If this worked, you should now be able to open a Run dialog, and type: notepad {ENTER}, which will launch Notepad++.

Method 3

  1. Copy the Notepad ++ launcher to %windir%\servicepackfiles\i386
  2. Copy the Notepad ++ launcher to %windir%\system32\dllcache
  3. Copy the Notepad ++ launcher to %windir%\system32
  4. Copy the Notepad ++ launcher to %windir%
  5. When you replace notepad.exe in %windir% and %windir%\system32, a “Windows File Protection” message box appears, click Cancel. Then another message box appears, click OK.
  6. If this worked, you should now be able to open a Run dialog, and type: notepad {ENTER}, which will launch Notepad++.

Now, enjoy the goodness that comes from having a real text editor as your default text editor.


%d bloggers like this: