Parameter Hunting: Part II

In my last post on the subject, I discussed the concept of using Process Explorer to discover switches you can use for unattended installs/uninstalls used in enterprise software deployment.

Like before, I have a pesky setup.exe package that wants to guide me through an installation GUI, and would not respond to the usual setup.exe /s /q etc. and so forth…

This particular installer was for a very obscure serial hub manufacturer so there was Googling my way out of this; instead I needed to figure out what was used to build the installer, then work backward from there.

Once against, I launched my trusty Process Explorer (as Administrator) and inspected the setup.exe’s process…to my delight, scrolling down the “Strings” tab I came across this:

Note the string, “This installation was built with Inno Setup.” With that in mind, I was able to look up the documentation associated with the package builder to discover the built-in parameters I needed for silent installation.

While this specific technique might not work for every situation, it never hurts to have another tool in your toolbox!

Parameter Hunting

Preface: Often in our line of work, the answer requires a little digging. The purpose of this post is to walk you through my thought process in an effort to illustrate how I go about linking disparate pieces of information together to arrive at a solution.

Last week, I was tasked with creating a script to silently uninstall an application across a managed environment with nearly 800 endpoints spanning multiple physical locations and at least 3 separate domains – that was the easy part.

The hard part was that this application was installed as .EXE file rather than an MSI package (i.e. I couldn’t just script out msiexec /x…). While it did have an uninstall.exe file, this called the GUI uninstaller, and I wasn’t about to have someone go through and click ‘next’ ‘next’ ‘next’ for each one!

Many .EXE’s have CLI parameters you can invoke, so I started with the usual suspects:

  • uninstall.exe /?
  • uninstall.exe –?
  • uninstall.exe /help
  • uninstall.exe -help
  • uninstall.exe –help

None of these worked (it wouldn’t be post-worthy if it was that easy)!

Next, I went looking for any documentation that was available for the application – I had:

  • Googled the manufacturer for any documentation/examples – nada
  • Read all of the .txt files in the installation folder – zilch
  • Reviewed the .ini and .config files for clues, saw something vaguely useful – a reference to “NSIS” – tabled it and kept looking

Finally, I decided to use SysInternals Process Explorer to inspect the application:

  1. Run the application you want to inspect
  2. Open Process Explorer (as administrator)
  3. Find the application on the list
  4. Right click on the application and select “Properties…”
  5. Under the “Image” tab, you will see a field for “Command line:”

The Command line will tell you what commands/switches it runs. In this case, the uninstall.exe was running with the switch, “_?=C:\Program Files\[Application Name]”.

I decided to Google the switch itself, which lead me to the Nullsoft Scriptable Install System documentation. I was able to work out that the application used NSIS to create the installer/uninstaller package, and through that, found some examples, one of which (/S) runs the installer/uninstaller silently!

This was exactly what I was looking for! All I had to do was append the command with “/S”, and sure enough, it removed the application without any prompts or launching the GUI!

It just goes to show that persistence pays off, and a little time and effort can save your organization/client hundreds of hours of manual work.

Obscure Skype for Business desktop sharing issue

A colleague of mine reported an issue with Skype for Business where he was unable to either share his screen (or application or PowerPoint presentation), nor could others share their screens with him.

From the user’s side, clicking on the Present button allowed him to toggle what he wanted to share, which would appear to work – the border indicated “connecting” while the recipient(s) waited for the presentation to begin. After 30-40 seconds, the presentation error (…”the invitation has expired”) and time out.

If you encounter this issue, you can try the following registry hack, which worked for me:

  1. Open Regedit as an administrator
  2. Navigate to:
    HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
  3. Add the following DWORD and value:
    MaxUserPort=0000x3a98 (15000)
  4. Reboot for the changes to take effect.

You can find more information about MaxUserPort and other TCP/IP registry settings here. This issue seems to be newly introduced with Windows 10 version 1809.

Blogging with Purpose

When I decided to create this blog, I did so with the expressed purpose of helping others (and myself) find answers that were difficult for me to come by. Either the information I wanted was scattered across several websites, buried deep in some forum, or worse still, phrased in an unclear or misleading way.

On very rare occasions, I’ve somehow managed to solve the problem and be the first (to best of my knowledge) to publish it! In my role, the emphasis is on proven technologies, so it isn’t often that I encounter an issue that’s so obscure that no one else has bothered to write about it.

Even after I’ve decided what to write about, I then will spend hours, sometimes days editing my article for spelling, grammar, readability and clarity. Not every article I write makes the cut, and I’ve got about a half dozen of these sitting in my queue that might never see the light of day.

As one might expect from this focus and model, I don’t publish many articles. I rationalize this by inferring that perhaps (content) quality is more important than quantity. But then how does an author define, “quality?”

That depends on the purpose of the blog. Some blogs are written to entertain, some for profit, others to inform while others still are a collection of seemingly random thoughts and ideas the author wanted to capture.

Does a Blog need an excuse?

For instance, suppose you’re an eccentric Welch change management consultant named ‘Rich’ with a blog whose URL suggests that it’s all about the intricacies of bovine partner-dance.

You could write about everything from social media, to technology to a badger you met on the way to the bathroom wearing a tiny badger-towel with “New Forest 1994” written on it (surprisingly, I’m not making this up – although you’d think I were given that that cheeky brit had since taken down the post it referred to)…

Whose Blog is it anyway?

Can we blog for the sake of writing? Why not!

Does every blog post have to contribute something useful to humanity? Certainly not. As Andy Leonard infers, one shouldn’t worry about what to write – time and practice will solve that for you – only that you write at all; Taking that first step.

So next time your Saudi-American friend’s eyebrow raises and suggests in an ever-so-slightly mocking tone, “You should blog about that…” Smile back and say, “Yes Yousef, I think I will!”

Disclaimer: No talking badgers, Welshmen or change management consultants were harmed in the writing of this post.

P.S. Rich, Stu and Adam – thanks for helping me retain my sanity and sense of humor in a time and place where both were hard to come by.

A Tale of Two Plugs

I’ve been living and working in Saudi Arabia for about 8 months now, and in this part of the world, the most common outlet types I’ve encountered are the two pronged German “Schuko” CEE 7/4 plug and the three pronged British Standard 1363 plug (see image below):

 

From left to right: NEMA (ungrounded and grounded), German “Schuko” CEE 7/4, British Standard 1363.

The BS plug (no pun intended) is what came with my work-issued IBM Thinkpad, which came with me back to the States. When I returned to my office this morning and powered up my laptop, I was greeted with this:

Upon further inspection, I was able to determine why:

What you’re looking at are two deep scratches where the prongs of the BS 1363 plug impacted back of the display, fracturing the screen on the other side. The AC Adapter and Laptop were placed inside my soft case, which was packed in my checked luggage bag. The laptop and AC Adapter were placed in separate compartments of the soft case, which seemed to offer sufficient protection.

This kind of damage is virtually impossible to accomplish with a NEMA plug, and with the inner partition of the case between the laptop and the adapter, it never would have occurred to me that this could happen. Some BS 1363’s plugs feature folding prongs (e.g. SlimPlug, ThinPlug), though these products were developed to cope with size – nevertheless, my laptop AC Adapter wasn’t equipped with folding prongs…

The good news is, being a relatively new laptop, it’s still under warranty, and our vendor can come out and replace the display for me!

Moral of the story? If your device uses a BS 1363 plug, be sure to wrap something around the prongs to keep them from banging up other equipment it might be stored with during transport :).

Credits:
http://en.wikipedia.org/wiki/AC_power_plugs_and_socket