Blog: Networking

A client recently had a problem where printing to an HP P2035 printer from the network. When the printer was pointed to installed driver, the print spooler on the print server would crash.

The cause of the problem was that the only model specific driver to date (10/21/09) for the P2035 model was a Host-based driver – also known as: Graphic Display Interface (GDI). The driver must NOT be a Host-based printer (AKA GDI or Windows-only Printer) - Host-based Printers, will not function in a Terminal Services Environment (without 3rd party printing software). The only other available driver was the HP universal driver. [more]

In the documentation I found out that the printer does support PCL5 language. However, there is not a model specific driver in this language provided by HP. The P2015 model does have a PCL 5e driver available. I downloaded that model and installed it to the printer server and test servers. I then tested printing and things seemed to function.  However, further testing revealed failure to print images from Adobe and bank specific applications while using the P2015 driver with this printer. Images would come out as black squares. Several modifications were made to the printer settings, but nothing seemed to fix this issue. The problem was not documented on HP’s support site, probably due to the fact that this is a new model of printer.

When flashing the NVRAM or the Hard Disk on any of the HP printers make sure that you remove any added on devices that can store data on them such as the Bar DIMM USB devices used to print barcode fonts. If they remain in place when flashing the NVRAM or HD it will erase the data on the addon device as well.

I recently ran across a free open source utility called Keyfinder that extracts license keys for the software you have installed on your computer.   You can find more information and download it from http://magicaljellybean.com/keyfinder/. [more]

There is a configuration file that indicates where in the registry the key is located for various products - it can be expanded for additional products.  You can also load the hive from another drive if you have an accessible drive from another system and need the keys for software that was installed on it.

A user a one of our client's site was experienc an issue where a Symantec Antivirus full scan was started when the user logged in every morning.  The scan was scheduled to run at 1:00 AM, but it seemed to be ignoring the schedule.  The problem was caused by the computer being in sleep mode during the evening when the scan was scheduled to run.  The scheduled scan would not bring the computer out of sleep mode to run the scan at the scheduled time.  As soon as the started to login the computer would come out of sleep mode and the scan would start.  The power saving options are a per use setting.  Without group policies in place, this setting must be completed for each user on each computer.

Windows 7 has a feature called Problem Steps Recorder that you can use to document a procedure or recurring error. From Start, run ‘PSR’, at which point you’ll notice a small, floating bar where you can start and stop recording, as well as add comments during the recording. This utility will take a screen-capture each time you click something or hit a function key, as well as document in text the action taken for each step. When you stop recording, it will prompt to save a zipped MHT file, which you may need IE to view. Here are a couple resources explaining how to use this feature: [more]

• How do I use Problem Steps Recorder?
• Windows 7 Walkthrough: Problems Steps Recorder

One of our employees started experiencing regular account lockouts a few weeks ago.  The lockouts started soon after a domain password change.  At boot, and random times throughout the day, his account would just reach the maximum bad attempts and lock.  We checked to make sure he didn’t have any saved credentials under the “Managed Network Passwords” settings of his user account.  The few he had didn’t appear to be related, but after a while we went ahead and cleared them all out.  We checked all his services to make sure none were using his domain account to start.  We also checked scheduled tasks, but none appeared to be the problem.  We thought it might be one of his startup applications, so we disabled all his HKLM/HKCU Run and Startup folder items.  This didn’t fix the problem.  We noticed the account would lockout even before he tried to login, so we were sure it had to be something starting up with the computer (not part of his profile).  The event log kept saying the failure was coming from a stored credentials (though we had removed all the ones we knew of).  We eventually cleared the registry key where all stored passwords are saved, which also caused us to have to remove and rejoin the domain (machine account password probably got cleared).  None of this worked. [more]

We tried to remove all applications we thought might have some old credentials cached.  We removed his ThinkPad fingerprint software, disabled his backup software, removed Symantec.  When none of this worked, I had him decrypt his drive and remove PGP Desktop (multiple day process).  The problems still persisted.  We then booted into safe mode (with networking) to see if the lockout would still happen with a bare minimum of services.  It didn’t.  We ran msconfig to do a “diagnostic startup” (safe mode not in safe mode).  We waited at the logon screen to see if the account would lockout.  It didn’t, so we logged on and began starting services one by one.  (NOTE: msconfig sets services to Disabled, so you must  1) run it  2)set it back to normal startup  3)when prompted to reboot, don’t … then services will be back to their default settings.)  We started a few services, then noticed we actually weren’t on the network because the DHCP service wasn’t running.  We started all network related services and made sure we were authenticated on the network.  We waited to see if what we had brought up so far would cause the lockout.  It didn’t.  We started working through the rest of the services one by one, and eventually two by two.  We finally got to the service “SeaPort”.  The service has no description, but research shows it to be installed alongside any Windows Live “essentials”.  After starting the service, the account locked out.  We played with the service a few times (unlocking, restarting it, unlocking, etc.) to verify it was the problem.  We disabled the SeaPort service and rebooted (with everything else set back to “normal”).  No lockouts!  After a while, we started the service (just to make sure one last time after a clean boot).  The account locked out.  We permanently disabled the service.

A problem I have had since upgrading to Vista was being unable to access domain resources once I connect a VPN session to a customer site. Accessing file shares on our network or connecting to Activity would require me to run "cmdkey.exe /delete /ras" to clear the RAS credentials cached when the VPN was established. I never had this issue with my Windows XP installation. So, after getting fed up with always having to run the command, I finally found a solution. Which is to disable using RAS credentials on my VPN connections. To do so, follow these steps: [more]

1. Locate the .pbk file that contains the entry that you dial. To do so, click Start, type *.pbk in the Research Bar, and then press Enter.
   • Vista location (C:\Users\<USERNAME>\AppData\Roaming\Microsoft\Network\Connections\Pbk
   • XP location (C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk)
2. Open the file in Notepad.
3. Locate the following entry: UseRasCredentials=1
4. Modify the entry to the following: UseRasCredentials=0
5. On the File menu, click Save, and the click Exit.

We have a VMWare ESXi 4 infrastructure that we wanted to have VM’s with two separated networks: DMZ and Internal. This was accomplished by using the VLAN tags within the virtual switches to separate the traffic. However, when the VLAN tags were implemented on the separate switches, then we could no longer access the host itself at it’s ip address. The reason was that we did not assign a VLAN ID to the host itself. This can be done at the configuration option of the ESXi console (F2). Alternatively, one could have a completely isolated NIC card that is just for servicing the host machine that is independent of the NIC card(s) for the embedded VM’s.

I have been troubleshooting an issue with terminal services sound redirection for one of our customers for a while. Audio mapping was enabled and all of the GPOs had been checked and re-checked. Resultant set of policy showed everything should be working. The volume showed to be muted when looking at the sound settings through the control panel. You could unmute the sound and click apply and the "muted" check box would automatically re-check itself. All types of troubleshooting were done from DirectX diagnostics to a Microsoft PSS case. Skipping three days forward, the root cause was due to rdpclip.exe not running at user login. This process is started at each login subject to the existence of a registry key which was missing. [more]

The reason it was missing was due to a previous fix for performance issues. The registry key that was missing was  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd:StartupPrograms --> rdpclip  . I added it back and tested and sound redirection worked. However, now the performance issue is back. At login, there are several users who experience very high CPU usage for the rdpclip.exe process. Since rdpclip.exe is responsible for several types of RDP redirection, it was undesirable to remove the registry key again to fix the issue. I was able to determine through additional troubleshooting that audio mapping was the root cause. I can enable any type of redirection via terminal services redirection except audio mapping and the performance problem does not occur.  At this time we still have not found a fix for the performance issue.