Blog

When something really messes up Chrome, being logged into your Google account and having Chrome sync settings makes repairing things pretty painless. 

Recently, I couldn't get my LastPass Chrome extension to log into my LastPass account. Since I rely heavily on LastPass to handle various website credentials, I'm handicapped if I can't get it working in the browser extension.

I tried a number of things, including removing and reinstalling the Chrome extension. However, the only thing that solved the problem was to reset Chrome completely. Fortunately, I could restart the browser, log into Google and wait a few minutes for everything (default home pages, bookmarks, browser extensions, etc.) to sync. In this particular case, I had to add the LastPass extension again since the last sync must have been when I had it removed while trying to troubleshoot this problem. The reset fixed the problem and the sync brought me back to my standard Chrome configuration.


 

I came across a few customers having trouble opening PDF attachments while in Quickbooks. The following message would be displayed, and sometimes it would be random.

"There is a problem with Adobe Acrobat/Reader. If it is running, please exit and try again. (523:523)"

The workaround to resolve the issue is to open Adobe Reader and uncheck "Enable Protected Mode" in the Edit -> Preferences -> Security (Enhanced) options.

‚Äč


 

I recently had a patching issue with SQL Server 2014 SP3. When I tried installing the SP3 update it kept failing with error code 0x858C001E. It turns out that this can be caused if the program files directories for SQL Server are compressed.  The folder paths to check are listed below as documented here: https://wiert.me/2017/03/16/fixing-0x858c001e-error-on-sql-server-20122014-updates/ 

For x86 systems, ensure these directories are not compressed:

  • C:\Program Files\Microsoft SQL Server
  • C:\Program Files\Microsoft SQL Server Compact Edition

For x64 systems, ensure these directories are not compressed:

  • C:\Program Files\Microsoft SQL Server
  • C:\Program Files x86\Microsoft SQL Server
  • C:\Program Files x86\Microsoft SQL Server Compact Edition

I found that some of the directories were compressed due to the customer trying to free up disk space on the system drive.  After uncompressing the Microsoft SQL Server folders, the update installed, and the server needed a reboot to complete.


 

We have a customer who is in the process of migrating from one domain ("domain 1") to another so the domain name that will match their current company name ("domain 2"). They have moved a majority of their client PCs from domain 1 to domain 2. The Exchange servers are still in domain 1 and using credentials for domain 1.

After moving to domain 2, users started reporting intermittent Outlook connectivity issues and that they were unable to search in Outlook. Domain 1 has an internal primary DNS zone for their public email domain. In testing, we found that Outlook functioned properly when not connected to the internal network and for client PCs still on domain 1. I originally added conditional forwarders for the public email domains to forward queries from domain 2 to the internal zone on domain 1. This resolved the connectivity issues, but their Outlook search still did not work. I removed the conditional forwarders and duplicated the internal primary DNS zones on domain 2, which resolved the issues.


 

Part 1: When installing the Fortigate Single Sign-On Agent you need to configure the service account as a local admin on the server where it's being installed.  Fortinet support states that the account has to be a domain admin, but I have confirmed that it only needs local admin rights, and not domain admin rights. 

Part 2:  When installing the Duo Authentication agent on a server to use multi-factor authentication with a Fortigate, it uses port 1812 to communicate with the Fortigate for Radius authentication.  If you have already installed the Fortigate SSO Agent on that same server it will already be using port 1812 to communicate with DCs on the network.  This will cause the Duo agent to fail to start each time you attempt to start the service.There are a couple of possible fixes to this:

  1. Change the port on the Fortigate SSO agent to another port (1813).  This will also require that you specify that port on the Fortigate DC Agents installed on your domain controllers.
  2. Change the port used by the Duo agent to another port.  This can be done in the configuration file found in the Duo installation directory.  This will also require that you change the default Radius port on the Fortigate via CLI to match what you specified in the Duo configuration.  This may cause issues if your Fortigate uses multiple Radius clients/agents.

 

In older versions of vCenter (and associated VMware products), installing corporate certificates was a pain. It was an extremely manual process to update each component. Just take a look at https://kb.vmware.com/s/article/2034833 to get an idea. 

With vSphere 6.x, certificate replacement is considerably simpler. You still need to have a certificate for each of the components, but VMware has automated a lot of the pain points into a simple certificate wizard. In addition, instead of creating individual certificates for each piece, you simply sign a certificate (created with a special template model), replace the root VMCA certificate with your custom signed one, and regenerate all the subordinate certificates signed by your custom signed root VMCA certificate. 

It's only slightly more complex when you have a separate PSC and vCenter appliance setup, but only in that you need to update all the PSCs before updating vCenter so that the connectivity between the two appliances remains secure. Check out https://kb.vmware.com/s/article/2147542 for all the details. 


 

I was working on a Windows 10 PC connected to a domain. This PC could be pinged by DNS name and IP address.  RDP was also working.  There were no other issues on network.  No domain policies were in place that should have been keeping PC admin shares from working.  But it was still failing after registry settings changes, removing and re-adding to domain, etc.
 
I found an article about shares not working if there is a misconfigured DNS entry somewhere.  I looked on the secondary DNS server and there was an old, incorrect entry for that PC.  Removed the DNS entry and shares began to work.

 

If you're frustrated with trying to edit text on your mobile device and placing the cursor in the correct location, try this:
  • Press and hold the space bar on the virtual keyboard
  • When the keyboard goes blank (on iOS), drag the cursor where you want to edit then release
  • This also works in all directions so you can move the cursor up and down, or left/right. You don't have to stay in the area of the virtual keyboard.

 

As iPhone models have advanced, Apple has been changing the process for resetting (rebooting) iPhones. Up until the 6s model it was a matter of pressing and holding the power button and the home button, at the same time, until the phone screen turned off and the Apple logo appeared.
 
With the iPhone 7 you would press and hold the Volume Down button and the Power button and wait for the screen to turn off and the Apple logo to appear.
 
Beginning with the iPhone8, the process has changed to a sequence. Press and release Volume Up then Volume Down then press and hold the Power button until the Apple logo appears.
 
Knowing how things have changed is important because now, should you resort to the old "press and hold" technique, the results are much different. I learned this when I was attempting to reset my new phone. I pressed and held a volume button and the power button and as I waited I noticed an emergency call (911) was being initiated. Fortunately the screen shows a countdown and you can release the buttons without calling 911.
 
During the same "how do I reset my phone" episode, I pressed the power button rapidly several times (at least five times). I learned this also (by default, although it can be disabled) starts an emergency call. Since the call was in progress I stayed on until the call was answered and I explained the call was an accident. (I didn't get in trouble.) Should you accidentally call 911, don't hang up. Emergency service dispatchers must treat every call as an emergency. If you hang up, it takes time and resources as they have to call you back and if they can't reach you may send out the police to check on you.  
 
By the way. If you initiate the Emergency SOS feature TouchID or FaceID is disabled and you will need to enter your passcode to unlock your phone. This feature keeps a malicious person from access to your phone by pointing the phone at your face or placing your finger on the reader.
 
This is an example of "version freeze." Many (most) users may never realize software and device enhancements as we continue to do things out of habit. Usually based on the version we first learned. 
 

 

I was working with a customer who was upgrading all of their PCs from Windows 7 to Windows 10. Many of the existing programs were old, outdated, and incompatible with Windows 10.
 
One particular issue we had was installing their Digital Persona fingerprint scanner to work with the TIB website. It turns out that on HP devices that have HP Protect Tools, or any of the built in HP security software features, those must be uninstalled first before the fingerprint reader software will install.
 
I uninstalled Protect Tools, and tried to run the fingerprint scanner installer again, but received an error that HP Protect Tools was still installed. Research showed to rename certain folders in C:\programs and even to rename certain .dll files as well. Did all of that, and it still showed that Protect Tools was installed.
 
I called support for TIB since they were the ones that provided the initial troubleshooting steps, and it was their fingerprint scanner. They were unable to help beyond mentioning the .dll files to rename. I then called HP support to see if there were any particular registry keys that I might need to change to prevent the error. They said there were not any, and suggested that I would need to reinstall the OS to remove any of their preinstalled software. This was not a viable solution as I had spent hours already installing other software, and this was one of the last items remaining on our list of programs to install. I continued to research and one article suggested I would need to go to HP website and reinstall Protect Tools, and then uninstall it again.
 
I reinstalled Protect Tools and then went through the uninstall process again. This time I paid closer attention to the uninstaller. While the uninstaller is running, there are a few prompts that come up, asking for verification of uninstallation. One of those prompts is a little sneaky and turned out to be the culprit. It is a yes/no prompt and asks if you wish to proceed with uninstallation. It provides information about the uninstall, but if you keep reading, it says "Press Yes to save current settings and preserve data for future use, Press No to completely uninstall."  Those aren't the exact words, but something similar. I clicked No and after the Protect Tools uninstaller finished, the Digital Persona software installed without issues.