|
Welcome to
mickyj.com
|
For those of you who are regular readers, please forgive me my spelling mistakes. I am great at fixing Servers, terrible at spelling.
Mickyj.com Blog list
On the 6th of August, I mentioned to people that there were going to be hidden messages in my Blogs. Various people have asked me for a clue.
If you use your HEAD, this sentence has a clue.
The mickyj.com blog has come of age. It is now being linked in on other websites. Take a look at
Partnerpoint
|
|
 |
Send feedback about this particular blog
Read Feedback from others
4 October 2006
Template madness
Ok, I have lived with it. I know it does not work this way but my one wish is to make a user template in SBS that I can dictate users home drives and Profile folders in. Cut and paste is just not doing it for me. Yes, that is right. You can make your own user template under SBS 2003, use it in all your wizards etc but you still can not set the profile and users home drive. Maybe in the next version ?
|
 |
Send feedback about this particular blog
Read Feedback from others
3 October 2006
Wake on LAN for RWW
Yes !!! it has been done. Trinity computer just won the German MS Partner Award – Best Small Business Solution 2006 with their "Wake on LAN for Remote-Webworkplace" (WOL4RWW) AddOn to SBS!!!
www.trinitycomputer.de
David from the
Adelaide Small Business Server users group had asked me to put this through to Microsoft on MVP wish. Looks like we all now have an answer !
|
|
Send feedback about this particular blog
Read Feedback from others
2 October 2006
The book has arrived!!
Tony Campbell's book is in my hands !! It has been a long time in the making. Countless nights editing have been done, and that is just my time. I can not imagine how much Tony has spent on it. Check it out !!! It is being distributed in Australia by Woodslane. It is called "Pro Windows Small Business Server 2003". Enjoy.
|
|
Send feedback about this particular blog
Read Feedback from others
1 October 2006
Strange SBS 2003 behavior
We had a strange issue. An SBS 2003 server with two Gb network cards. One (external) comes up as 100 mbit (Expected in our 10/100 switch). The internal comes up as 10 mbit. We thought it might be the drivers or network patch lead but changing both lead to the same issue. We
decided to wait for a new switch and then found some other issues. The DHCP service came up as running on 192.168.16.2 with a scope of 10.0.0.x (Our internal range). This was weird.
I fixed this by changing the binding order of the network cards in the advanced settings of the network places settings. Then I had an issue with Wins. The service was started but under the WINS manager it said it could not find a WINS server. We then found File and print services was off on the internal card. This fixed that error. Now I had my major error. The machine took 20 minutes to boot and I could not run the CEICW wizard. It told me that there was a DHCP error on the internal card. The one wizard I rely on to fix all network issues had failed me. What do I do ? Rebooting made no difference. The cards, DNS,
forwarders and scope were all correct. Believe it or not, it came down to a replacement switch. I did tell you this was a strange error.
|
|
Send feedback about this particular blog
Read Feedback from others
29 September 2006
Connectcomputer wizard playing up!
We are migrating network workstations over from a previous domain. We add the server to the Internet explorer Zones, get a DHCP lease and run http://server/connectcomputer. The wizard appears to start and run. We select a workstation from the list, the machine starts to go through its paces. It reboots the PC, logs on as SBS network setup and then stalls with the start menu open. It goes no further. You can leave the machine until the cows come home. It is not doing anything. Adding a further PC to the domain shows the workstation we selected for the other workstation is still free to be used. Checking in the AD shows the workstations old name is joined to the domain. When you try to log the machine onto the domain, it can't find a machine account. All very weird. We thought we might manually join the PC's to the domain. I know roughly what the connect computer wizard does (assigns users, profiles, applications, remote users, Internet explorer zones etc). It is starting to look like allot of work. I suspect
the issue is some for or registry modification when the computers were on the old domain.
Remembering Susan Bardleys comments on using the wizards (And she is always right), I thought I would look up what this wizard actually does. Now I am off the belief, the best way to fix this fault is an fdisk and reinstall. The wizards just do to much.
Take a look at : "So exactly "what" does connect computer do anyway? "
Morel of the story ... Use the wizards.
Here is a summary:
1. Checks Client OS and takes appropriate path (ATAP)
2. Causes an activex control to become available.
3. Determines whether the computer is or is not a member of the domain, and
is or is not a DC or SBS server, (ATAP)
4. Tests resolution to the SBS server (ATAP)
5. Checks for multiple non VPN network connections (ATAP)
6. Checks account permissions, allowed to join computer to domain?
7. Assigns users, and migrates local profile(s), if they exist, to domain
profile (SID mapping)
8. Assigns required local permissions to domain user account.
9. Provides selection of computer name from list, automatically if there is
one-to-one mapping of user/computer on the SBS.
10. Joins the domain (creating a temp user account for autologon to ease the
process) - including getting the client computer in the correct AD OU so the
GP applies correctly.
11. Sets some runonce reg keys to clean up after the above process.
12. After required input is provided, steps through the above process,
including automatic restarts as required.
13. Now we are into Application Deployment (Susan shows some on her blog).
This is seen on the workstation as the Client Setup Wizard, which is
automatic on login after the above 12 main steps are complete.
14. The list of configurations made after Application deployment:
My network places
TAPI information
Connection Manager
Fax Printer
SSL Certificate
ActiveSync (special, just for SBS and mobility devices)
IE
Outlook
Additional global settings:
DNS Timeout Value
Deleted Item Recovery
Remote Desktop permissions
Network Printer(s)
Disable getting started screen (annoying XP thing)
Disable ICS
(used to turn off ICF, but now handled by GP (xp firewall settings))
Disables network bridging
|
|
Send feedback about this particular blog
Read Feedback from others
27 September 2006
Unlike ISA 2004 (Where there is an Apply button), When you make changes to Internet Security and Acceleration (ISA) Server 2000, there is a delay before these changes take effect. There are two registry keys that you can modify to control this behavior.
When you apply the Deny Anyone or Deny Any Destination rule, this can take about fifteen seconds before it the rule is applied on a stand-alone server; on an array it can take up to one minute. ISA administrative services aggregates changes before it writes them to storage. You can control this behavior through the following two registry values:
NotifyAfterIdlePeriod
NotifyIfNotIdlePeriod
ISA Server notifies its services of changes to objects in storage only after no more changes are being made to the specific object for a length of time that is specified by the NotifyAfterIdlePeriod registry entry. You can configure this entry, which is initially set to five seconds (5000 milliseconds), in the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fpc\Notification Parameters
The NotifyIfNotIdlePeriod registry entry determines when ISA Server should notify its services, even if modifications are still being made to the object.
You can configure this entry, which is initially set to 60 seconds (60,000 milliseconds), in the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fpc\Notification Parameters
|
 |
Send feedback about this particular blog
Read Feedback from others
26 September 2006
Error printing a PDF with a Magazine sort and Saddle stick to a photocopier
The error was:
ERROR: undefined
OFFENDING COMMAND: get
OPERAND STACK:
Private
--nostringval--
--nostringval--
--nostringval--
It turns out Adobe 6 did not know where to place the commands to saddle stitch etc. We uninstalled Adobe reader 6, installed Adobe reader 5 and everything now works.
|
|
Send feedback about this particular blog
Read Feedback from others
25 September 2006
Play the ISP's at their own game
There is one particular ISP where you wait on hold up to three hours whilst looking for technical support. When you finally get through, they say the fault is your end or you go on hold again. I have had to charge a client for this time previously and it is not a nice
experience. Well, I have a way to escalate through the system with this ISP and it seems to work for some others. Unplug your DSL modem. Ask the tech person, can you see my modem. When they say "yes" and "there seems to be nothing wrong" tell them your Modem is unplugged. They will get all
embarrassed and escalate your issue.
This particular ISP uses account locking. If your modem becomes disconnected, the session remains open at their end and you can not reconnect. This escalation forces them to reset the account and usually everything is then fine with .... ahem (Telstra Bigpond).
Enjoy !
|
|
Send feedback about this particular blog
Read Feedback from others
24 September 2006
ISA 2004 lockdown
ISA 2004 has this new feature whereby it turns off the firewall service if it cannot edit it's
MSDE logs. When the firewall service goes off, the server goes into lockdown and the network cards do not function. This is great if the reason you can not log is someone has hacked you and the logs are being tampered with, this is not so great if the server is just working very hard as it is the end of the financial month rollover and
MSDE is not able to process what it needs to. I turn on flat file logging (back into the text files ISA 2000 used) and under the alerts, tell the logging alert not to shutdown the firewall service. I have seen this issue to many times to ignore. I have seen missing, corrupt data etc from these unexpected server disconnections.
Take a look at Disabling Firewall Service Lockdown due to Logging Failures
|
|
Send feedback about this particular blog
Read Feedback from others
23 September 2006
Uninstall Officescan without knowing the password
I recently had to upgrade an installation of Officescan. The client was new to us and we did not know their passwords for the Trend suite.
I have had this previously and had to manually remove clients from workstations. I have started seeing it more and more so I thought I should mention it here. Take a look at the Solution Details 16840.
Manually uninstalling the OfficeScan Corporate Edition (OSCE) 5.5 server and client.
Solution: Perform the following manual OSCE uninstallation process in the following:
I. OSCE SERVER
1. Stop the OfficeScan Master Service. If this is not possible, use Task Manager or Sysinternal’s Process Explorer tool to remove the ofcservice.exe file from the system memory.
NEW! Microsoft has moved Sysinternals to Here
2. Delete the ..\OfficeScan program directory.
3. Disable the sharing of the ..\PCCSRV folder (ofcscan share).
4. Delete the OfficeScan program group from the Start menu.
5. Delete the HKLM/software/trendmicro/officescan registry key.
6. Proceed to the Device Manager and enable the View Hidden Devices option.
7. Remove any hidden devices pertaining to the OfficeScan Master Service (right-click and select Uninstall).
8. On the Internet Services Manager, remove the ../officescan virtual directory on the default Web site.
9. Reboot the server
II. OSCE CLIENT
1. Stop the OfficeScanNT Listener and the OfficeScanNT Real-time Scan services. If this is not possible, use Task Manager or Sysinternal’s Process Explorer tool to remove the ntrtscan.exe and tmlisten.exe files from the system memory.
NEW! Microsoft has moved Sysinternals to Here
2. Remove the pccntmon.exe file from memory by using Task Manager or Sysinternal’s Process Explorer tool.
3. Delete the ..\OfficeScan program directory.
4. Delete the OfficeScan program groups from the Start menu.
5. Delete the following OfficeSscan registry key entries:
Delete the HKLM/software/trendmicro hive.
Delete the OfficescanNT Monitor key at the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run hive.
6. Proceed to the Device Manager and enable the View Hidden Devices option.
7. Remove the following hidden devices pertaining to OfficeScan (right-click and select Uninstall):
Trend Micro VSAPI NT
Trend Micro FILTER
NTRTSCAN (if available)
TMLISTEN (if available)
8. Reboot the OSCE client machine.
|
|
Send feedback about this particular blog
Read Feedback from others
20 September 2006
Show all devices
This is neat. Instead of manually editing the registry to enable you to view all devices (including unplugged ones) here is a script. In fact, the following page has numerous really helpful scripts. kellys-korner-xp.com Click here for the VBS file mentioned
This enables you to view all devices under Windows XP especially those nasty "ghosted" network cards holding old IP addresses. You can get to them in device manager and remove.
|
|
Send feedback about this particular blog
Read Feedback from others
19 September 2006
Are you me or am I you ?
I have a PC, on a domain, that can not connect to a specific secondary machine on the domain to share it's printer.
No matter what I try, by IP or UNC path, I get weird Active Directory errors and strange questions popping up. Both machines reboot fine. The roaming profile roams on both and I can surf etc. These two PC's just can not talk (Both are listed in the Active directory). I tried pinging the offending PC, 10.0.0.15. It timed out. Every other machine can ping this machine. The netmask is fine. Just what is the problem ?
Then I notice, both PC's are assigned IP addresses by DHCP and both are 10.0.0.15. How is this possible ? I have two machines, on the same network, they have the same Ip address and there are no conflict warnings (This is Windows XP). DHCP lists them both with their unique names and Wins lists them both. Whoa. This is freaky. No wonder they work fine unless they try and talk together. Then they have no idea who the responding person is and packets go to one machine, not the other. How is this possible ?
I found two faults. Firstly, both the machines are a copy of the same hard
drive. It was Ghosted whilst a member of the domain. Both have the same SID.
I used the following tool (After putting one PC back into a workgroup).
New Sid from Sysinternals. Finally a tool that is free (unlike Symantec Ghost Sid walker). This still did not work fully. The files and local machine SID had changed but now I discover the Mac address is the same on both machines
courtesy of a Registry Hack. Take a look here. No wonder I had so many issues. Anyway, all fixed and back on the domain.
NEW! Microsoft has moved Sysinternals to Here
|
|
Send feedback about this particular blog
Read Feedback from others
18 September 2006
Hot computer case ?
Have you noticed more and more PC's are trying to go silent ? (Defined as a dull roar less than 30db). Most of the noise in computers are their fans. The larger the radius of a fan, the slower it can run yet move the same amount of air as one of those small fans that makes a air
whooshing noise.
Here are some facts for you. A case of dimensions 20x30x20 cm has 12 (cubic meters) litres of air, it needs to move 10x that per minute. It needs to shift 120 litres of Air per minute.
Next time you are after a quiet computer, remember the awesome job the fans are doing. Provide adequate airflow around the PC and maybe even the room.
If you do not, you will kill your PC and raise the heat in the room.
|
 |
Send feedback about this particular blog
Read Feedback from others
17 September 2006
RIP E3
The gaming community morns the loss of the worlds largest gaming and technology event. No more freebies. We have seen great hardware, concepts and games come from the Demo's at these events. (I am not so interested in the games but it seems the best developers come from these arenas). I guess this leaves us with Vendor or industry specific trade shows. Heaven help the person who takes that last bit of techie goodness away from me !
|
|
Send feedback about this particular blog
Read Feedback from others
16 September 2006
Asus and Gigabyte ? Amd and ATI ?
Traditional manufacturers of competing or wildly different products come together ? I wonder what the melting port will produce. AMD and ATI are in
Acquisitions and Gigabyte and ASUS are partnering. Lets hope the technology in GPU's (Which allow many teraflops in calculations) moves
across into FPU's and in a year from now, we are running PC's previously only seen to Nasa.
|
|
Send feedback about this particular blog
Read Feedback from others
15 September 2006
Lets revisit the humble UPS and calculations
Strictly, Watts = V*A*Power factor correction. The trouble being that (especially) with consumer equipment, you don't know what the power factor (Pf) is. You are then faced with the prospect of trying to find it out (from the manufacturer or by measurement) or making an assumption. The assumption you make depends on what sort of equipment it is (inductive loads are bad for Pf) and if it has any kind of PFC (power factor correction) circuitry. Ideally, Pf = 1 (Watts = V*A*1) but it can vary widely.
With most computer equipment, use a PF of .8 as a rough guide. Remember, a 500 Watt power supply will not necessarily deliver or use 500w. It depends on what is attached to the computer and how much each of these items draw. 500 Watts is the top end for a 500 W power supply.
Some UPS companies suggest you take your value in wattage and multiply that value by 1.4. This assumes that your AC/DC conversion power supply is about 60% efficient (i.e. it 'wastes' 40% of the power it consumes as heat etc.).
A 350 watt power supply with a computer motherboard (40), stick or ram(20), basic video card (30), network card (10), CPU (80) and hard drive (40) could be using 220 Watts when flat out.
This is 220 x 1.4 = 308 watts after inefficiencies are taken into account. You could also say, 2 Amp power unit with 240 volts x .8 = 384 VA.
Remember, try not to load your UPS over 60 % utilization. This gives you some run time. A 720 VA ups is 60% loaded at 432 VA, a 1200 is 60% at 720 VA. Then there is sorts of run time batteries supplied, quality etc and how much work is actually happening draining the batteries and supplying the load.
|
|
Send feedback about this particular blog
Read Feedback from others
14 September 2006
Tarpitting and SCL levels
Today I performed a very normal task. I added a second internet email domain to an SBS 2003 server. I created a new Recipient Policy in the Exchange System Manager as I normally would. I navigated to the Recipients folder, expanded it and went to Recipient Policies. Right-clicked the Default Recipient Policy
under properties went to the E-Mail Address Policy tab.
On the E-Mail Address Policy tab I added "@new domain name", I left it unselected as primary, updated the recipient policies, forced the updates and went in the AD. I manually set those who would use the new domain and then set about testing it. (In order to make things happen faster, I re-run the Recipient Update Service (RUS)).
Then came my fun. As per my normal routine, I RDP or gained access to a remote server. I then used this to
Telnet back and test the email connector. As the MX is still replicating out there somewhere on the ether, this is the only way to see that the server will receive email correctly.
I telneted into port 25 and all looked normal. I typed in the normal commands "helo", "mail from:", "RDCP to:" etc and made a few spelling mistakes. As most people will know, typing into a port
directly means you can not delete mistakes so the whole task started to drag on a little. Then it got really slow. I was being tar pitted by a Windows 2003 SBS with Exchange SP2. The more I typed, the slower it got. It took forever to get to the "Data" command to actually send an email test. This is great against spammers, it is not
nice for us honest people testing. I can live with this. Just open a new command window and telnet whilst typing faster and less spelling mistakes. So I got around this. Now comes the real problem. No matter what domain I picked to send to, I got error 550 access denied. I checked, there were no mail filtering products installed. I was dealing only with Exchange. Then it dawned on me. My SCL rating in exchange was set to deny access at a rating of 7 or above. My test sending email address had failed the SCL test and was blocked.
This was a great way to test out the new technology. Not a good experience for testing the mail connector. Changing the SCL temporarily let my tests through so all is good. It pays to think out side if the square when working through IT issues !
You can find more info on adding additional email domains here
|
|
Send feedback about this particular blog
Read Feedback from others
13 September 2006
Permanent Recovery Console
Ever had a server that was a little unreliable ? If you have to keep it, at least install the recovery console tools.
Install the Windows Recovery Console After Windows is Already Installed on the Computer
Click Start, click Run, and then type
CD-ROM drive letter:\i386\winnt32.exe /cmdcons in the Open box, where CD-ROM drive letter is the drive letter assigned to your CD-ROM drive.
Click OK, follow the instructions on the screen to finish Setup, and then restart your computer.
|
|
Send feedback about this particular blog
Read Feedback from others
12 September 2006
Before I even start today, Check these two links then come back to this page:
Link 1
Link 2
Don't cheat, go on, take a look first.
Ok, I trust you. What did you think ? Are these amazing ? I thought so. Now we can all make
fantastic photos by taking three photos at different exposures and
overlaying. The results speak for themselves.
Check out HDR technology at www.hdrsoft.com
If you have ever photographed a high contrast scene, you know that selecting the correct exposure will not avoid blown out highlights and flat shadows. Photomatix Pro offers two ways to solve this problem:
Exposure Blending: Merge differently exposed photographs into one image with increased dynamic range.
Tone Mapping: Reveal highlights and shadows details in an HDR image created from multiple exposures. The tone mapped image is ready for printing while showing the whole dynamic range captured.
The results speak for themselves.
|
|
Send feedback about this particular blog
Read Feedback from others
11 September 2006
No, I am not going to comment on the Horrible anniversary of the twin towers. I will leave that to the media. For something more techie:
Have you ever wanted to list the complete ownership structure of the folders on your server ? Maybe you will need to reference this back if you accidentally take ownership of the entire drive ? Just drop to a command prompt and run :
"Dir *. /q /s > c:\owners.txt" then open owners.txt with notepad to read.
Maybe you also want to know he folder permissions ?
You can use the resource kit "Cacls.exe" tool to get this.
Unfortunately you can not recurse through subdirectories so a good VBS script that does this for you would help (I have one called listacl.vbs I will put on my scripts page at a later date).
Now, to make sense of your results :
The following table lists valid values for permission.
| Value | Description |
| n | None |
| r | Read |
| w | Write |
| c | Change (Write) |
| f | Full Control |
| Output | ACE applies to |
| OI | This folder and files |
| CI | This folder and subfolders |
| IO | The ACE does not apply to the current
file/directory. |
| No output message | This folder only |
| (IO)(CI) | This folder, subfolders and files |
| (OI)(CI)(IO) | Subfolders and files only |
| (CI)(IO) | Subfolders only |
| (OI)(IO) | Files only |
|
|
Send feedback about this particular blog
Read Feedback from others
10 September 2006
Recently I have been archiving all my home computer data. With a 10 MP Digital camera, it is surprising how much data you swallow.
I have written a VBS file to create text indexes of disks that I can later search for items.
The problem is, Each of the 100 or so disks I insert into the DVD rom drive, autorun. This means, I cancel the Autorun popup, then run my VBS tool.
If you're in the habit of exchanging CDs frequently, you may be frustrated by this CD drive's Auto Insert Notification feature.
You can easily disable the drive's Auto Insert Notification feature so that discs will no longer launch.
This is different for different operating systems. As an example, you can click Start, Settings, and Control Panel.
Double-click the System icon and select the Device Manager tab.
Select your CD-ROM drive, click the Properties button, and then select the Settings tab.
Clear the Auto Insert Notification check box, save your changes, and then reboot the PC if necessary.
You can always re-enable Auto Insert Notification later if you wish.
If you can not do it this way, here is a website that lists a whole heap of other methods for various operating systems.
|
|
Send feedback about this particular blog
Read Feedback from others
9 September 2006
Are Registry Keys Case sensitive ?
As I understand it, some yes, some no. Keys and Value Names are not ever, AFAIK, however the
actual values, what's called Data in REGEDIT, often *are* case-sensitive (not to mention other format sensitivities.) Depends on the value.
The Registry is a database. A Lookup Reference. When a program needs a value for some operation, it looks it up in the Registry (and often gets shunted
to several places within the Registry before finally getting a return). What format the Value needs to be in depends on the final destination, the app
that's going to use it.
Basically, the data will be read back as it was written.
|
|
Send feedback about this particular blog
Read Feedback from others
8 September 2006
Another favorite son, a legend, passed away. Long live Brocky.
He was the King of the mountain. What can I say. Holden drivers loved him, Ford drivers loved him.
Brocky's enemies loved him. Another one to be sorely missed doing something he loved.
Peter Brock was killed in an accident while taking part in the Targa West rally in Western Australia.
RIP Peter Geoffrey Brock, February 26, 1945 - September 8, 2006.
You will be never forgotten.
|
|
Send feedback about this particular blog
Read Feedback from others
7 September 2006
Can you edit the registry external to windows ?
Yes, use a Nordahl disk utility.
Boot from a Nordahl disk
Accept the suggested NT partition.
Accept the full path to the registry directory.
Type system
Type 9 (for Registry Editor)
Type ? (to see the available commands)
Type ls (to see the current keys)
Lets say you need to edit "ControlSet003\Control\Session Manager\BootExecute" and make a change ?
Type cd ControlSet003 (it's case-sensitive!)
Type cd Control
Type cd Session Manager
Type ed BootExecute
Type autocheck autochk *
Type --n
Type q
You will be prompted to save or discard your changes.
|
|
Send feedback about this particular blog
Read Feedback from others
6 September 2006
Have you ever needed to reinstall a driver (due to an error), you can't find he disk but know you previously had it on the machine ? Look for the inf file in C:\windows\inf or C:\windows\inf\other (On some machines these are C:\winnt\inf).
When it starts looking for files, it will ask for your CD or floppy driver disks. You don't have these handy but you might be able to trick the system into using the existing files by pointing the browse path to C:\windows\system or C:\windows\system32 Or C:\windows\system32\drivers
|
|
Send feedback about this particular blog
Read Feedback from others
5 September 2006
Simple notepad trick (Well known)
Step 1: Open Notepad
Step 2: Write following line in the notepad.
"this app can break"
Step 3: Save this file as notepadtest.txt
Step 4: Close the notepad.
Step 5: Open the file again.
What did you see..??
Notepad displays seemingly-random Chinese characters, or boxes if your default Notepad font doesn't support those characters.
It's not an Easter egg (even though it seems like a funny one), and as it turns out, Notepad writes the file correctly. It's only when Notepad reads the file back in that it seems to have an issue.
We can't blame Notepad: it's a limitation of Windows itself, specifically the Windows function that Notepad uses to figure out if a text file is Unicode or not.
Text files containing Unicode (more correctly, UTF-16-encoded Unicode) are supposed to start with a "Byte-Order Mark" (BOM), which is a two-byte flag that tells a reader how the following UTF-16 data is encoded. Given that these two bytes are exceedingly unlikely to occur at the beginning of an ASCII text file, it's commonly used to tell whether a text file is encoded in UTF-16
The text you saved is one of the few that causes the IsTextUnicode to return true.. the characters 'th','is',' a','pp' .. form unicode characters. If you live in china.. you probably would see some valid characters instead of squares.
|
|
Send feedback about this particular blog
Read Feedback from others
4 September 2006
The passing of the Croc hunter Steve Irwin, Author Colin Thiele dies and a police chase.
Yes, today has seen everything. My mother was taught by Colin and he wrote some fantastic books,
later turned into films. Steve Irwin was also truly Australian.
RIP Colin Thiele 1920 - 2006
RIP Steve Irwin February 22 1962 - September 4 2006
To top this day off, I was an unwilling witness to a police chase at about 3:30 am on the following morning after returning from a server I had just rebuilt after CA's little trick of killing Lsass. The cars were approaching speeds of 130 kms or more. I was almost involved in a head on.
Back to Lsass, yes, we have a client with CA and yes, Lsass was quarantined by the latest CA/Etrust Antivirus pattern.
Unfortunately we did not know this. As we were one of the first, we resorted to using the recovery console, backup tapes and a file system recovery using the SBS 2003 CD disk. We are actually back up and running. I just wish we had the information about CA before we discovered it for ourselves.
More is available on this on Susan's blog. (I wish we had access to this before it struck).
The main issue is If you restart Windows Small Business Server 2003 the server may boot to a gray screen and appear to be hung. The server may respond to a ping but you cannot access it any other way. (Or Lsass might actually force the machine to reboot)
There is also a secondary issue that will affect your server even after you are able to boot up into normal mode again, this has to do with SSL sites not working.
More information is now available on the Microsoft support pages.
|
|
Send feedback about this particular blog
Read Feedback from others
3 September 2006
Microsoft Windows XP Fundamentals for Legacy PC's
Wha ??? This allows you to use old PC's all over again. Talk about a rebirth. check out this article.
Microsoft Windows Fundamentals for Legacy PCs (WinFLP) is a Windows-based operating system designed for enterprise customers with legacy PCs who are not in a position to purchase new hardware. WinFLP provides the same security and manageability as Microsoft Windows XP SP2 while providing a smooth migration path to the latest hardware and operating system.
Windows Fundamentals for Legacy PCs (WinFLP) requires:
A minimum of 611 MB of free hard drive space. Actual requirements will vary based on your system configuration and the applications and features you choose to install. Installing all optional components requires 1151 MB of disk space. These requirements are reported on the screen as you select options in the Setup wizard. Additional hard disk space may be required if you are installing over a network. Also, you should reserve additional space for future updates and service packs.
A computer with 233 megahertz or higher processor clock speed (300 MHz is recommended); Intel Pentium/Celeron family, or AMD K6/Athlon/Duron family, or compatible processor is recommended.
64 MB of RAM. 256 MB of RAM is recommended.
|
|
Send feedback about this particular blog
Read Feedback from others
2 September 2006
www.firewallleaktester.com
This website, on one hand, enables you to test your software personal firewall thanks to different test programs ('leaktests'), and on the other hand, shows a global vulnerabilities view of the most common personal firewalls in a summary page.
Firewall Leak Tester provides also documentation and advices to improve your security dramatically.
Check it out !
|
|
Send feedback about this particular blog
Read Feedback from others
1 September 2006
Again with the Exchange 2003 SP2 questions!
Yes, people still are asking about making their stores larger.
Click Start, click Run, type regedit in the Open box, and then click OK.
Locate and then click the following key in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\
\Private-GUID
On the Edit menu, point to New, and then click DWORD Value.
Type Database Size Limit in GB, and then press ENTER. (this is case sensitive)
Double-click Database Size Limit in GB.
In the Value data box, type the new limit you want your database to have.
(It can be between 18 and 75)
Click Decimal in the Base box, and then click OK.
Quit Registry Editor.
now restart the stores
For an in-depth look go to
petri.co.il or
vladville.com
|
|
Send feedback about this particular blog
Read Feedback from others
26 August 2006
Worlds Worst network ?
Ok, I have found a contender. I should have become vary when I saw the router had the default user name and password combination of Admin and password.
I should have gotten worried when I saw unshielded ribbon cables being used in the place of cat5 (And this was for people using Cad programs - Doh).
I should have run away when I saw the server had two network cards both on the same range. (192.168.0.2 and 192.168.0.254, with the same netmask ... How does this route ? .... Badly/not at all). Then there were the workstations getting the gateway, DHCP and DNS from the router and the server is SBS2000 (This should be the base of the network not the router).
I like a challenge so I jumped in. (Or I love pain, whichever you believe)
Ok, there is this backup.vbs file that starts up Ntbackup and manipulates RSM. It does not backup the Exchange information store so there are log files dating back 3 years (Gigabytes worth).
Then there is a single partition. Everything is on C: drive and the standard folders/shares are gone. There is no Clientapps, Users or Company drives.
Exchange logs, databases, ISA URLcache and more ... All on C:. Where is the RAID5 when you need it ? Where are the multiple partitions
separating the OS from Applications and data?
In ISA, the outgoing and incoming listeners are not configured (Obviously people were surfing somehow, but not here in ISA). In Exchange, the local domain structure is not in the default email policy. Someone has made the machine a Certificate Authority with an Expired Certificate so Outlook Web Access and in fact any local website does not work. Opening the system administration tool for Exchange and opening the Connectors shows that there is no outgoing or incoming SMTP connector. Using this tool there is also no access to the Public folders properties as a certificate error comes up when you try. How is their Exchange email working ?
My first step was to change one of the servers IP address and then, lo and behold everything failed (Yes it got worse). I found the fault in RRAS where the internal NIC was firewalled against all the users (Under the General; IP routing section). Both TCP and UDP was blocked with filters. Then I found in ISA that there was no local domain table. What ? How does any of this actually work ? Maybe it just does not.
If it was not for the pain I felt looking at this mess (And obligation to the world of SBS), I would have given up. I can not leave a server like this.
I decided it was time to play with the ISA packet filters. I wanted to speed things up a little so I restarted the Microsoft ISA control. (This is ISA 2000 running on a Windows 2000 SBS )
Please note: The server boots okay and all the services are working perfectly, however when I make a change that requires to re-start it won't.
All ISA associated services start apart from the Web Proxy, Cache downloader and Firewall. I do not get Internet access and the external network card looses it's gateway. (I discovered later by disabling and re enabling the NIC this came back. Sometimes the card even took an IP of 0.0.0.0 even though I have statically assigned the card an address).
When I try to restart the services, I get an error saying RPC is unavailable for the Cache Control and the Web Proxy server returns with an error code of 2147944122 . I found a work around by again restarting the ISA management service and then manually kicking off the failed services and all then runs fine.
I finally found a fix (a tool called rras_fix.vbs) and the cause.
Some dope has installed ISA and then proceed to manually configure RRAS and ISA. RRAS needs to be configured through ISA in SBS 2000. So I went looking for the Small Business Server Internet Connection Wizard (ICW). Ok, it was not there. There are no admin tools. They were never installed. Suddenly it dawns on me. This server has been all manually put together from the start to finish. No wonder there are so many holes. The ISA LAT contains every IP imaginable, Outlook and Exchange are both installed on the server (doh), The active directory is a mess, and there are Windows 95 and Windows 98 machines on the network that keep falling off. No wonder, ... WINS was not installed. There were no roaming profiles, home directories or logon script. In fact, the SBS logon script was never run for any profile. Desktop faxing was configured but the server has one serial port (for the UPS). The external serial fax modem is just hanging around for good looks.
The workstations event logs show policy errors, profile errors, Kerberos errors, DNS and domain faults. Their MYOB was told to use Netbeui (Which is not even installed). The browser was showing no computers in the network places, and then I found machines sold with XP Home installed onto this network. Someone had been hacking registries. I could not find the SBS 2000 Cal disks or any
licenses.
After finally sorting all this out (Still with only one C: partition) I realized the backups had not run in weeks. Then I found every PC had all the same contents of server drives mapped to their workstations, but under different drive letters.
Someone had renamed the administrator account (I could not rename it back as the AD reported the account was in an unusual state). We then looked at resetting the IP addresses on the photocopiers and found that they were acting as parallel printers with Netgear print servers attached. These did not want to play ball the first or second time.
All of this so far has been a disaster. Then I looked at their antivirus. It was Symantec which, speaks for itself. As the site had no documentation, I was roving blind and not liking what I found. Finally I got to the UPS which was told to shutdown in 20 minutes, but had 10 minutes of runtime. Then the time services was out of sync and NTP was complaining.
All this, and on a first visit to the server. It was like the first date from Hell.
I am happy to say the server is now much happier. The network is at least 500% faster and everything seems to work. I still have some little glitches but I have to wonder, should I have just reformatted the server and started again ? Maybe I should listen to the voice in my head.
|
|
Send feedback about this particular blog
Read Feedback from others
20 August 2006
|
Can't Log On to Windows XP?
If that’s your only problem, then you probably have nothing to worry
about. As long as you have your Windows XP CD, you can get back into your
system using a simple but effective method made possible by a little known
access hole in Windows XP.
This method is easy enough for anyone to follow – it doesn’t require
using the Recovery Console or any complicated commands.
If you have a healthy system and your sole problem is
the inability to logon to Windows due to a forgotten password you can easily change or wipe out your Administrator
password during a Windows XP Repair.
Here’s how with a
step-by-step description of the initial Repair process included.
|
1. Place your Windows XP CD in your cd-rom and start your computer
(Your XP CD is bootable – and you will need to have your bios set to boot from CD)
2. Keep your eye on the screen messages for booting to your cd Typically, it will be “Press any key to boot from
cd”
3. Once you get in, the first screen will indicate that Setup is
inspecting your system and loading files.
4. When you get to the
Welcome to Setup screen, press ENTER to Setup Windows
now
5. The Licensing Agreement comes next - Press F8 to
accept it.
6. The next screen is the Setup screen which gives you the
option to do a Repair.
It should read something like “If one of
the following Windows XP installations is damaged, Setup can try to
repair it”
Use the up and down arrow keys to select your XP installation
(if you only have one, it should already be selected) and press R to
begin the Repair process.
7. Let the Repair run. Setup will now check your disks and then start
copying files which can take several minutes.
8. Shortly after the Copying Files stage, you will be required to
reboot. (this will happen automatically – you
will see a progress bar stating “Your computer will reboot in 15
seconds”
9. During the reboot, do not make the mistake of “pressing any key”
to boot from the CD again! Setup will resume automatically with the standard billboard screens and
you will notice Installing Windows is highlighted.
10. Keep your eye on the lower left hand side of the screen and when
you see the Installing Devices progress bar,
press SHIFT + F10. This is the security hole! A command
console will now open up giving you the potential for wide access to
your system.
11. At the prompt, type NUSRMGR.CPL and press Enter.
Voila! You have just gained graphical access to your User
Accounts in the Control Panel.
12. Now simply pick the account you need to change and remove or
change your password as you prefer. If you want to log on without having
to enter your new password, you can type control userpasswords2
at the prompt and choose to log on without being asked for password.
After you’ve made your changes close the windows, exit the command box
and continue on with the Repair (have your Product key
handy).
13. Once the Repair is done, you will be able to log on with your new
password (or without a password if you chose not to use one or if you
chose not to be asked for a password). Your programs and personalized
settings should remain intact.
|
This has been tested on Windows XP Pro with and without SP1 and people have also used
this method in real situations.
This security hole allows access to more than just user accounts. You can also access the
Registry and Policy Editor, for example. And its access with mouse control. Of course, a Product Key
will be needed to continue with the Repair after making the changes
NOTE: you cannot cancel install after
making the changes and expect to logon with your new password.
Canceling will just result in Setup resuming at boot up and your
changes will be lost.
Ok, now that your logon problem is fixed, you should make a point to
prevent it from ever happening again by creating a Password Reset
Disk. This is a floppy disk you can use in the event you ever forget
your log on password. It allows you to set a new password.
Here's how to create one if your computer is NOT on a
domain:
Go to the Control Panel and open up User Accounts.
Choose your account (under Pick An Account
to Change) and under Related Tasks, click "Prevent a forgotten
password".
This will initiate a wizard.
Click Next and then insert a blank
formatted floppy disk into your A: drive.
Click Next and enter your logon password in
the password box.
Click Next to begin the creation of your Password disk.
Once completed, label and save the disk to a safe place
How to Log on to your PC Using Your Password Reset Disk
Start your computer and at the logon screen, click your user name and
leave the password box blank or just type in anything. This will bring up
a Logon Failure box and you will then see the option to use your Password
Reset disk to create a new password. Click it which will initiate the
Password Reset wizard. Insert your password reset disk into your floppy
drive and follow the wizard which will let you choose a new password to
use for your account.
Note: If your computer is part of a domain, the procedure for creating
a password disk is different.
See here for step by step instructions: http://support.microsoft.com/default.aspx?scid=KB;en-us;306214& | |
|
