Blog: Networking

Small Business Server 2008 has several "Connect to the Internet" wizards under Getting Started Tasks in the SBS Console.  Depending on your order of setup, running the "Set up your Internet Address" task may activate DHCP without telling you it is doing so.  A key problem here is that, when activating it, a scope is auto-created which includes the entire subnet on which the SBS server sits.  The only exclusions auto-created might be the SBS address and that of the SBS’ gateway.  This could occur on a production subnet and cause IP-address conflicts with other live devices if not noticed quickly.


 

It’s good to check with your Internet Service Provider (ISP) every once and a while to make sure there haven’t been any changes to their DNS servers.  I was recently working with a customer who was having a problem viewing a certain webpage.  Even though the webpage was valid, when the customer would try to access it, an “under construction” page would appear.  Troubleshooting revealed that when their DNS servers had to do a recursive query, they were getting invalid IP addresses from their ISP’s DNS servers.

I called the ISP’s tech support and the case was quickly escalated to tier 2.  When I received a call back, the engineer explained that the DNS servers that were entered for resolving recursive queries did not actually respond to queries, but were authoritative only. I was given a different pair of IP DNS server IP addresses to use for queries.  Once the change was made, the website displayed correctly.


 

If you have forgotten a password on a Xerox Workcentre 5225 you won't find any documentation on Xerox's website on how to reset the password. If you ask them they will tell you that a technician (who you have to pay) will need to reset it. There is a way around this however. You can enter what is called "debug" mode and reset the password if you have lost the password to the printer (WARNING: Do not try adjusting anything in debug mode that you do not know how to do as it could have negative effects). In order to enter debug mode you will need to hold down the 0 button on the control panel for approximately 5 seconds, then while still holding this down press the start button. You will then be prompted to enter a passcode. The default is "6789". Now that you are in debug mode you can change the username/password just like you would if you had already logged in as the admin as follows: [more]

  1. Press the <Machine Status> button on the Control Panel.
  2. Press the [Tools] tab.
  3. On the Tools screen press the [Authentication/Security] Settings.
  4. Press [System Administrator Settings].
  5. Press [System Administrator's Login ID]
  6. On the System Administrator's Login ID screen, Select [Keyboard]
  7. Type in <username here> for the Login ID, and select [Save]
  8. On the Retype line, select [Keyboard]
  9. Enter the same Login ID, and select [Save] twice.
  10. If prompted [Do you want to change the System Administrator's Login ID?] select [Yes]
  11. Press [System Administrator's Passcode].
  12. On the Passcode screen, Select [Keyboard].
  13. Type in <Passcode here> for the [New Passcode], and select [Save].
  14. In [Retype Passcode], select [Keyboard].
  15. Enter the same passcode, and select [Save] twice.
  16. In the [Do you want to change the System Administrator's Passcode?] screen, select [Yes].
  17. If prompted choose to reboot the machine after the changes have been made.

 

I have a few notes to share on DFS in Windows 2008 R2. First of all, Microsoft changed the way DFS replication is done starting in Windows 2003 R2. In previous versions, DFS replication for SYSVOL shares on domain controllers as well as DFS replications was handled by FRS (File Replication Service). Starting in Windows 2003 R2, the service was overhauled along with the management interface. Replication for DFS is now handled by DFS Replication Service and the two (DFSR and FRS) don’t play ball with one another. That is to say that you can’t use pre-windows 2003 R2 servers in the same DFS replication topologies with post-windows 2003 R2 servers. However, SYSVOL in all versions continues to use FRS until all domain controllers are Windows 2008. Additionally, once you have your DFS tree in place and get your replication topology set up, you’re not done. Make sure to edit the file exclusions list for the replication group. By default, a new replication group EXCLUDES files with the ~ (to start the file), .tmp, and .bak files. The ~ makes sense, but .tmp and .bak could be  a problem depending on the type of data in the share.


 

After recently upgrading Firefox I noticed several old versions of the Java Console under the Add-ons section.  I could see the versions but could not uninstall them because the button was disabled.  Uninstalling Java removed the most current version but not the old versions.  After some digging I found that Firefox 3.6 started showing disabled add-ons.  I was able to remove the old add-ons by going to c:\program files\Mozilla Firefox\extensions and removing the folders starting with “{CCAFE”. [more]

While looking into this I found an free tool for automating the procedure to remove old versions of Java - http://raproducts.org/javara.html


 

One of our network support customers reported that their Kyocera Task Alfa multi-function device was taking 10-15 minutes to copy scanned documents to their network folder. After testing the scan function for about 30 minutes, I was unable to reproduce the problem. I moved on to another task, at that location and about 20 minutes later I heard a user complain that her documents didn't show up in her folder. I began investigating, since I could not reproduce the issue. As I looked at the Kyocera job logs I heard the faint sound of a phone error message "You must first dial a 1 and area code". I went into the fax job and found a fax was trying to send and kept failing and once the job failed completely the scanned items appeared in the network folder. The customer has the Kyocera configured to send faxes directly from their desktop. I determined who the user was that was trying to fax and found they had been trying to send the fax for a couple of days with errors. It appears as long as the Kyocera Task Alfa is trying to send a fax it does not allow scans to be transported to the network. They are held in memory until the fax job completes.


 

Bomgar allows us to work on our customer’s desktop if they have an Internet connection. A small applet is installed on their desktop when the session is started and de-installed at the conclusion of the support session. However, with UAC on Windows 7 and Vista, it is frequently a frustration for us to work at the administrator level on their computer. There is a little icon at the top of the screen presented after the connection is established that will alleviate this issue. The following uTube video describes how to instantiate this feature: [more]

www.5min.com/Video/Bomgar-Training-06-Remote-Vista-Support-and-Elevate-to-Admin-39200366


 

There was a conflict between the Lenovo fingerprint software and PGP whole disk encryption on T400s and T500s.  If the Lenovo fingerprint software is installed, using your domain password at the PGP boot prompt didn't work and you could lock yourself out.  You'd have to use a one time password to boot.
Under Windows 7, fingerprint drivers are native and, if you enable the fingerprint reader and enroll your fingerprints, it works fine with PGP WDE.


 

Normallly when you open two PowerPoint documents they open in the same instance of PowerPoint.  This makes it difficult to compare two presentations.  The solution is simply to open another instance of PowerPoint by using a second user account.

In the Start menu, SHIFT-right click the PowerPoint icon, choose "Run As" and enter the details for the other user. You need to have Admin privileges to do this.
You will also find that the second instance saves by default to the second user’s "My Documents" but this can be changed in Tools > Options > Save tab.

I was then able to open separate PowerPoint presentations on each monitor!


 

We use MRTG on our internal network to help monitor bandwidth for several network connections.  After setting up monitoring for several VPN’s I noticed a couple of the busier VPN’s would “flat line” during the day but look normal after hours.  When MRTG can’t access the device to get data, it continues to plot the previous value which creates this flat line effect.  Therefore I initially thought there was a problem with those VPN’s, but the VPN’s were working fine.  After digging further I noticed the MRTG cfgmaker utility put  “MaxBytes[xxxx]: 1125” for the graph of the VPN interface.  This tells MRTG how to scale the graph, but it also discards data above that threshold.  So during the day the bandwidth was above the threshold and displaying the flat line graph because it was displaying the last known good data value.  I increased the value on the MaxBytes statement to fix the problem.