Tag: Windows XP

16-bit Color Limitation in RDP

GPO Editor showing the path to the color policy.
This Policy Needs to be Enabled

If you’ve ever been under the mistaken impression that the RDP client controls the color settings for remote connections, then you came to the right place for help.

Windows XP and Windows 2003 servers won’t show more than 16-bit color depth to RDP clients requesting 24-bit or better color.  You can confirm this by looking at the display settings in the control panel of the remote server.  As a result, black text looks like funny shades of purple, photos look slightly posterized, and any color-critical tasks may be impossible to accomplish by remote control.

To fix this problem, you must enable the following policy:

Computer Configuration > Administrative Templates > Windows Components > Terminal Services > Limit maximum color depth

Set the Color Depth field to 24 bit and click OK.

I can’t explain why Windows would be limited in this way by default, but it is.

Microsoft Updates Crippling Windows XP

Screen shot of the related Neowin article
Check out the comments on this website.

As reported at Neowin, your Windows XP computer may be locked up due to bad updates being sent by Microsoft.  Two of mine were 🙁

The solution, which I found in the comments section of that article, tested, and confirmed on my own computers:

  1. Disable the Automatic Updates service.
  2. Stop the Automatic Updates service (reboot if necessary but do not kill svchost.exe)
  3. Install the correct update from Microsoft.  That link is for computers with IE8 only.  For older versions, check the article I mentioned above.
  4. Reboot the computer.
  5. Reset the Automatic Updates service to automatic and start it. (If you want more updates.)

This is a truly shameful problem for Microsoft’s reputation.

December 7, December 11, More Problems

The subsequent updates released by Microsoft have caused the same problem to occur again.  I’ve updated the link above with the newer patches.

To find newer patches, you have to do a complicated search at the Microsoft Download Center.

Per my latest article about Windows servers, I am now recommending everyone disable the Automatic Updates service on all Windows-based computers.

Split Tunnel VPN, Part 2

Diagram of the split tunnel VPN configuration that does not require static routing
Updated Split Tunnel Design

Two years ago, I devised a Windows XP split tunneling solution that involved static routing.  That solution had the advantage of being cheap, but also had the disadvantage of scaling poorly with any number of client computers.

Now I have a second solution that eliminates the static routing problems.

While researching new VPN security issues recently, I came across an obscure piece of information about the Windows VPN client.  It is nestled cryptically in this one sentence from a Microsoft whitepaper:

When the Use default gateway on remote network check box is cleared, a default route is not created, however, a route corresponding to the Internet address class of the assigned IP address is created.

Absent any other explanation, that sentence requires some mental gymnastics to understand.  Allow me to help with this.

Continue reading Split Tunnel VPN, Part 2

Windows VPN Keep Alive

Batch file properties window.
Batch Shortcut

I enjoy the one-click facility for connecting to my VPN in Windows XP.  It gets the job done, but I sometimes struggle with the famous dead connection bug.  This is a very common problem in Windows that causes the VPN to become unresponsive after two to five minutes of inactivity, even though the status still says “Connected.”

I created a one-click solution for both connecting and maintaining a VPN.  Setting it up is simple.  It involves just these steps, which I will explain below:

  1. Set the VPN “idle time before hanging up” period to “5 minutes” instead of “never.”  This forces Windows to properly reflect any disconnection.
  2. Create a new batch file, which I have provided below.
  3. Edit the batch file to match the name and address of your connection.
  4. Create a desktop shortcut to the batch file.
  5. Edit the shortcut properties so that the batch automatically runs minimized with a nice icon.

Continue reading Windows VPN Keep Alive

Offline Files and Access Errors

Offline Files Folder
The Offline Files detail view shows limited information about permissions.

Another great Windows XP feature with another great set of problems: Offline Files.  If you have a laptop or unreliable inter-site connectivity, then you know of the necessity of keeping a local copy of your shared files to make them available at all times.  The Offline Files feature automatically keeps track of which files need to be synchronized for you, making that offline experience very slick.

Try to do this in a multi-user environment, however, and it will blow up spectacularly.  The most common symptoms appear when double clicking a document icon in offline mode.  Windows loads the program associated with that type of document, and that program instantly crashes or throws a file error.  This happens any time more than one user tries to use the same file offline on the same computer.

Continue reading Offline Files and Access Errors

Split Tunnel Virtual Private Network

Detailed overview of a split tunnel VPN system.
Split Tunnel VPN is Faster for Multitasking

Anyone who has attempted a Virtual Private Network (VPN) connection in Windows XP has run into this problem:  You want to have access to computers at your home or office, but Windows accomplishes this by routing all of your activity to the home network.  If your work involves transferring files to a server and surfing the Internet, then your Internet activity has to piggyback on the VPN and travel twice within your limited home bandwidth.  This means your slow VPN is even slower when you load a website, and any interruption of the VPN will break all of your connections to FTP sites, IM services, etc.

You may have tried to coerce Windows into routing your traffic to two different gateways, but quickly realized it wasn’t designed to do that.  Adding entries to the local routing table can solve the problem temporarily, but doing so requires administrative privileges and ugly dynamic logic to handle a gateway address that changes every time you connect the VPN.

My solution for this scenario comes in two parts:  1. A static address for the VPN client computer, and 2. A persistent route for the VPN client’s static address.  This is a bit easier said than done, so the following tutorial includes screenshots and details.

Continue reading Split Tunnel Virtual Private Network