Restore Default Junctions

I recently changed my user name on Windows. Using some registry trickery I was also able to change my actual user folder. With the exception of a few programs that were using static pointers to my user folder (Dropbox), everything went well. But later I started getting errors from Windows Backup like this though.
Backup encountered a problem while backing up file C:\Users\ddaydj\Documents. Error:(The system cannot find the path specified. (0x80070003))
I was ignoring it for a while, but got tired of my backups having errors. After looking around my computer and doing some research, I realized my junctions that were created with the user profile, were still pointing at my old user folder (I did an article about junctions a while back). So I went ahead and made a script to go through and delete all the default junctions in my user folder and recreate them.

Below is the script I wrote. You can copy and paste it into notepad and save it as a .cmd file. It requires that you run it as an administrator, so if your user account is not an admin change the 3rd line where it says %USERPROFILE% to the path to your user folder (Example: C:\Users\ddaydj).

Edit: Well, I just learned a lot more about doing batch files. Below is an updated version of the script that should be significantly nicer to look at and easier to understand (not to mention 71% smaller). Also, if you want your My Games folder to redirect to Saved Games, remove the REM from line 17.
@ECHO OFF
SETLOCAL
SET MYUSERPROFILE=%USERPROFILE%
CALL :MKJUNCTION "\Application Data" "\AppData\Roaming"
CALL :MKJUNCTION "\Cookies" "\AppData\Roaming\Microsoft\Windows\Cookies"
CALL :MKJUNCTION "\Local Settings" "\AppData\Local"
CALL :MKJUNCTION "\My Documents" "\Documents"
CALL :MKJUNCTION "\NetHood" "\AppData\Roaming\Microsoft\Windows\Network Shortcuts"
CALL :MKJUNCTION "\PrintHood" "\AppData\Roaming\Microsoft\Windows\Printer Shortcuts"
CALL :MKJUNCTION "\Recent" "\AppData\Roaming\Microsoft\Windows\Recent"
CALL :MKJUNCTION "\SendTo" "\AppData\Roaming\Microsoft\Windows\SendTo"
CALL :MKJUNCTION "\Start Menu" "\AppData\Roaming\Microsoft\Windows\Start Menu"
CALL :MKJUNCTION "\Templates" "\AppData\Roaming\Microsoft\Windows\Templates"
CALL :MKJUNCTION "\AppData\Local\Application Data" "\AppData\Local"
CALL :MKJUNCTION "\AppData\Local\History" "\AppData\Local\Microsoft\Windows\History"
CALL :MKJUNCTION "\AppData\Local\Temporary Internet Files" "\AppData\Local\Microsoft\Windows\Temporary Internet Files"
REM CALL :MKJUNCTION "\Documents\My Games" "\Saved Games"
CALL :MKJUNCTION "\Documents\My Music" "\Music"
CALL :MKJUNCTION "\Documents\My Pictures" "\Pictures"
CALL :MKJUNCTION "\Documents\My Videos" "\Videos"
GOTO:EOF
:MKJUNCTION
RD "%MYUSERPROFILE%%~1"
MKLINK /J "%MYUSERPROFILE%%~1" "%MYUSERPROFILE%%~2"
ATTRIB +S +H +I "%MYUSERPROFILE%%~1" /L
ICACLS "%MYUSERPROFILE%%~1" /deny *S-1-1-0:(RD)
Edit #2: Turns out this wasn't what was causing my problems Windows Backup. My registry modifications to migrate my profile were incomplete and I also needed to change all the entries here to point to the new folder, HKU\SID\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders. The script is still helpful for cleaning up junctions though.

Posted by ddaydj at 12/03/2011 09:04:00 AM 0 comments

HTTPS is less secure?

There's been a crazy trend with modern web browsers that I really think needs to be addressed.

Typically, when you're going to access a website it uses HTTP, which is not very secure. Everything going between you and the site can be easily seen by everyone. HTTPS encrypts your communcation with the site by using a certificate. Certificates on the sites that you visit are generated by a Certificate Authority (CA). Your computer comes built-in with a list of who all the CAs are and when you get a certificate for a website, it check that it was issued by someone your computer trusts.

In case you didn't guess, certificates from these places cost money. A common thing to do for connections that are only going to be used inside your network, or for smaller sites is to use a self-signed certificate. These certificates provide the same level of encryption that the ones from a CA do. The difference is your computer can't verify where it came from.

So my problem comes in with how modern browsers handle these self-signed certificates. When you go to a site with a self-signed certificate Internet Explorer, Firefox, and Chrome all hit you with a page warning you that the site you are about to connect to may be insecure. Even worse, the latest version of Firefox actually gives you the warning, but won't let you click through it and automatically stops you from visiting the page.

I understand the need to warn users that a site might not be using a certificate issued from a CA, but to treat it like its somehow less secure than going to a site without encryption is just crazy.
Posted by ddaydj at 11/26/2011 07:27:00 AM 0 comments

Automatically open a KeePass database

I'm not sure if this is a new feature or not, but I found a useful thing to do with KeePass. You can use command line switches to specify things like which database to open, and then give it the things it needs to open it, like your password and the location of the keyfile. Having KeePass launch automatically when I log on is very convenient for me. The issue with this is that the shortcut would end up having your database password in it for every who went poking around your computer to see. The latest version of KeePass has an option to encode a password using your Windows account so it will only work on that profile.

To set this up, make a new entry in KeePass for your master password. In the auto-type tab, change the default sequence to {PASSWORD_ENC}. Now, what I did was made a small batch file called keepass.cmd and placed it in my startup folder in the Start Menu. The contents of the file looked like this.

SET DATABASE="C:\path\to\Database.kdbx"
SET KEYFILE="C:\path\to\pwsafe.key"
SET PASSWORD_ENC="blah"
START "" "C:\Program Files\KeePass Password Safe 2\KeePass.exe" %DATABASE% -keyfile:%KEYFILE% -pw-enc:%PASSWORD_ENC%
Put the full path to your database and keyfile in the quotes on the first and second line. For the 3rd line, use auto-type on your master password to add the encoded version of your password, it will be something insane like 350 characters long. Save the Batch file and you can now run it to automatically open your KeePass database. Because of the way the password is encode, it will only work on your current windows account, if you use multiple computers, you'll need to get the unique encoded password for each one and modify the batch file. I'm pretty sure this will only work with version 2.15 or later. Any questions or feedback is always welcome.
Posted by ddaydj at 7/02/2011 04:53:00 PM 0 comments
Subscribe to: Posts (Atom)