Blog: Networking

A customer’s Outlook Active Sync stopped working for their phones. I connected to their 64-Bit Exchange 2007 server and found that nothing in IIS was working.

Looking at the event logs found where .NET 1.1 had been installed right before IIS stopped working.

IIS 6.0 supports both 32-bit and 64-bit. However IIS 6.0 does not support running both at the same time. ASP.NET 1.1 runs only in 32-bit mode. ASP.NET 2.0 runs in 32-bit mode or in 64-bit mode. Therefore, if you want to run ASP.NET 1.1 and ASP.NET 2.0 at the same time, you must run IIS in 32-bit mode. However Microsoft Exchange Server 2007 only supports Microsoft.NET 2.0, 64-bit version.

The problem was that Microsoft .NET Framework 1.1 was installed on the Exchange server and broke IIS since it is running in 64-bit mode for use with Exchange 2007.

• I uninstalled .NET 1.1
• Went to a command prompt
• Used the following command to disable the 32-bit mode:
  cscript %SYSTEMDRIVE%\inetpub\adminscripts\adsutil.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 0
• Then used the following command to install the version of ASP.NET 2.0 and to install the script maps at the IIS root and under:
  %SYSTEMROOT%\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe -i
• Restarted IIS, World Wide Web Publishing Service, and HTTP SSL

[more]After completing the steps above everything began functioning as it should.

I found that the reason .NET 1.1 was installed, was because all the management server sessions were being used and access to the VM host was needed. An installation of Virtual Infrastructure  Client 2.0 was started but canceled on the Exchange server. VI Client 2.0 requires .NET 1.1 which was automatically installed before the VI installation was canceled.

When working with an ASA 5505, if you change the ip address of the internal interface to a different subnet, make sure you enable http access to the new subnet or you won’t be able to use the Cisco ASDM interface anymore. Command: http 192.168.0.0 255.255.255.0 inside.

I installed a 64bit version of Windows 7 as a virtual machine and when trying to startup, it would hang in a loop of start and restart.  Amongst the loops as the vmware machine would cycle, an error would appear and disappear.  After watching closely I could read enough to see it referred to a bios setting.  That led me to the fix below.

I found out “Virtualization Technology” (VT) must be enabled in the bios settings of my laptop.  VT is an option for Intel CPUs.  This is a requirement VMware implemented for running 64bit virtual machines.  VT is not required for running 32bit virtual machines.

To enable VT, access the Bios Setup Utility on the computer which will host the virtual machine.  Typically, to get to the Bios Setup Utility you press the F1 key when you see the manufactures start up screen when starting or restarting the machine.  When the Bios Setup Utility starts, you will enter Config > CPU.  There you will see the option to Enable VT. [more]

Also, it is documented you must power down the host machine again after enabling VT.  Enabling VT, saving the configuration and continuing with the start up will not enable VT.  It takes and additional cold boot to enable VT.

After the second start, I launched the VMware workstation and powered on the Windows 7 without a problem.

In the past, I’ve used products that emulate having multiple versions of Internet Explorer installed to test websites in previous versions on Internet Explorer.  Those products worked okay, but they were always a little flaky.  Sometimes Javascript or cookies wouldn’t work right, Windows updates would break versions, and some would not work under Vista.  They also did not allow you to install any web developer tools to help troubleshooting any problems you found.   I found a better solution when I ran across the Internet Explorer Application Compatibility VPC Images that Microsoft provides for free.  Microsoft offers the following five Virtual PC hard disk images as free downloads: [more]

• Windows XP SP3 with IE6. Expires January 1, 2010
• Windows XP SP3 with IE7. Expires January 1, 2010
• Windows XP SP3 with IE8. Expires January 1, 2010
• Vista Image with IE7. Expires 120 days after first run.
• Vista Image with IE8. Expires 120 days after first run.

These images work well and since they are full blown XP and Vista images you can also install different versions of other browsers on them to test with too.  You could also use the images for testing desktop applications in Windows XP or Vista.  In addition to downloading the disk images you’ll also need Virtual PC 2007 (http://www.microsoft.com/windows/virtual-pc/support/virtual-pc-2007.aspx).

I created a virtual machine with an “independent persistent” disk.  This prevents VMware from being able to take snapshots.  Since the method for backing up an entire virtual machine on a stand-alone ESXi server is to take a snapshot and then copy the snapshot to a network location, this prevented me from being able to back up the server.  (I could only back up the virtual machine if I shut it down.)

I was able to correct the configuration by powering off the virtual machine and editing the virtual machine settings.

I was attempting to add a PAT (port address translation) rule for https (TCP 443) on a customer's Cisco ASA. The rule kept getting rejected with the error that it could not be created.  After trying a few times, I figured out the ASA was rejecting the rule because ASDM (Adaptive Security Device Manager) access, which uses https had been enabled on the outside interface.  I changed the port number for ASDM and I was then able to create the PAT rule.

Working on an ISA server the other day I had to change the LAN IP addresses.  I was RDP’d into the server from the internal network when I made the change and applied it.  I waited a few seconds and tried to reconnect to the server (by name).  DNS has updated properly with the correct IP address, and I could ping the address, but I couldn’t RDP back to the server.  The server was virtual, so I used VI to connect to the server console.  I didn’t see any issues, but rebooted the server to be sure.  When the server came up, I still couldn’t RDP.  I checked the Terminal Services service and it was not running.  I tried to start it, but it failed.  I checked the event log and it mentioned something about the service binding.  I ran the Terminal Services Configuration console, checked the Properties of the RDP-Tcp object.  On the Network Adapter tab, the “All network adapters configured with this protocol” was selected (which is the default, but wasn’t working).  I manually selected the LAN NIC and hit Apply, and RDP started working again. [more]

I was experiencing long delays when attempting to delete files from my laptop or external USB drives.  For example, deleting a 1.5 GB file would start a continually rotating flood bar of deleting.  It would run for 30 minutes or more before I would give up and click the cancel bar in the dialog window.

The canceling would also present a never ending flood bar lasting 15 minutes or more.  After doing some research regarding an early Vista problem with file moves and deletions I looked at several configurations but could not find the problem.

Finally realized during the installation of PGP desktop I had enabled a secure delete (shred) feature.  When I disabled the shred feature, my never ending delete processes went away.

I had a situation come up this week where a user was able to change the security on a file that they had created. This type of action was not desirable and I was having a hard time tracking down how this was happening. It turned out to be the following: User had modify permissions for the folder and subfolders so they were free to create and delete files. However, the CREATOR OWNER permission was also on the folder and was set to FULL CONTROL. Thus, when the user created a new file, they were the owner. As such, they were then given the ability to change the permissions. So, the gotcha is be careful how the CREATOR OWNER permission is used…and keep a watchful eye on curious users.