Blog: Networking

I recenly rebuilt a vCenter environment for a customer. We decided to use the vCenter Server Appliance 6.5. The configuration of the vCenter Server Appliance was fairly simple and operates very similar to vCenter Server installed on Windows. We attempted to setup email alerts, but were unable to get the alerts to send. We initially thought the alerts would not send due to an issue with the SMTP relay. Since this was not a Windows OS, I was not able to login to the OS and test the STMP relay using telnet. I checked my configuration of email alerts several times and the administrator of the SMTP servers checked his as well and everything looked correct on both sides, but emails still would not send.

After researching for quite some time, I found that I could use the "mailq" command to view the email queue on the vCenter Server Appliance. I connected to the vCenter Server Appliance via SSH, ran the "shell" command to get to the full shell, and then ran the "mailq" command. This showed me that several messages were in the mail queue and not being sent. I began to troubleshoot this more and eventually found an VMWare article regarding a bug in the vCenter Server Appliance 6.5 that prevented SMTP from working correctly. This article had been published one day before I found it, which was about a month after I first started troubleshooting the issue. From looking at the files, the original code had the wrong patch in the sendmail.cf file. 

Here is a link to the VMWare article with instructions on how to fix the bug: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2148396

The following must be done to successfully SCP the file to the vCenter Server Appliance: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2107727

After a software update on a 2008 SBS Server, we encountered a problem with the Quickbooks installation. What used to work with Quickbooks now showed an error message that there was a problem verifying the program’s signature.

Viewing the executable’s properties and looking at the Digital Signatures tab, it showed an error with the signature verification there too. I checked to executable from a 2008 R2 remote desktop server and the digital signature tab showed no problems.  Looking through the folder’s previous version for the executable from before the upgrade, it was observed that it was signed with SHA-1.  The new file was signed with SHA-256.

I was able to find the following information about code signing and 2008 SBS does not support SHA-256 signing.   https://social.technet.microsoft.com/wiki/contents/articles/31296.implementing-sha-2-in-active-directory-certificate-services.aspx .  The software vendor was notified and said they’d work on signing with SHA-1 again on next release.

There is a problem on some Surface machines (Surface Pro 4 specifically) where the thumbnail previews on the taskbar disappear quickly… to quickly to be useful. The issue only occurs when using a power adapter and not when running on battery power. The solutions are:

1. Disable the battery driver in the Device Manager (Microsoft Surface ACPI-Comliant Method Battery)
2. Replace the power adapter (model 1625 seems to be problematic, and model 1706 seems to work fine)
3. Update registry settings (see link below)

The issue and solution in detail can be found here:  https://www.tecklyfe.com/workaround-taskbar-thumbnail-previews-disappear-quickly/

Have you ever inadvertantly installed a toolbar or other adware during a Java update? There's a setting to stop this behavior. Open the Java Control Panel and select the Advanced tab. Then select "Suppress sponsor offers when installing or updating Java" at the bottom of the window.

A few months ago, I installed the latest Exchange 2013 Cumulative Update that was available (CU14) on the Exchange cluster. Shortly after everything was brought back online, I noticed that the Content Index state was marked as failed. Trying to re-seed the content index from another database server wasn’t working either. I tried going through the process to completely rebuild the content index (stop the Exchange search services, delete the content index folder, restart the services) and it seemed to work as the crawling process took 12-16+ hours.

Unfortunately, it never did finish. I kept seeing errors in the event log that made it seem like crawling would finish, but there was a final process that continued to fail time and time again. The Exchange search services would crash constantly, restart, and crash once more – each time failing to bring the content index online.

It turns out that this was a known issue with Microsoft Exchange 2013 CU14 (as well as Exchange 2016 CU3). Microsoft has committed to providing the fix in the next CU, but until then there wasn’t really a workaround. The biggest impact this failure had was that searching public folders was a lot more difficult. You could go through the Advanced Find features and do a search that didn’t access the index, but the instant searches would fail to find anything.

CU15 was released in December and resolves this particular issue (among other issues that may have popped up in the last 3 months).

https://blogs.technet.microsoft.com/rmilne/2016/12/14/exchange-2013-cu15-released/

https://support.microsoft.com/en-us/kb/3202691

A customer had several Cisco 2960 switches that were not managed and did not want us to come onsite to configure them for management. Since she had a Cisco console cable and the switches currently did not have a password, we were able to assist her remotely. The switches were already cabled together and in production. There was an intentional loop cabled between the switches for redundancy. This loop was being shut down by spanning-tree.

As I started entering the global configuration commands on the first switch, I lost my connection to their network because I was connected over the Internet. The commands I had just entered was “spanning-tree portfast bpduguard default”, which enables BPDU Guard globally. Since the switches were already cabled, when I enabled BPDU Guard globally, it put the interfaces connected to the other switches in an err-disabled state as it should. I walked the customer through removing the global spanning-tree commands and performing a shut/no shut on the interfaces connected to the other switches. This allowed my remote connection to come back online.

The proper order to perform these changes is to add the “spanning-tree portfast disable” command on all interfaces connected to other switches before enabling the global spanning-tree options. After the individual interfaces were configured, I entered “spanning-tree portfast bpduguard default” globally with no issues. 

I recently worked with a customer because their C: drive was out of space. He had another drive in their laptop (D: drive) that had 500GB of free space.  I decided to move all offline files from the C: drive to the D: drive. I found the following article and worked through it:

https://support.microsoft.com/en-us/kb/942960

After getting the offline files synced, I started working to clean up the old location of the offline files. I took ownership and I was able to delete most of them, but I kept getting an error that I could not delete some of the files because “the file name was too long”. I spent a long time researching and trying to figure out how to gain this space back by deleting the files. I eventually created a share to the folder, accessed it from another system, and I was able to successfully delete it from there.

Recently, a customer said they were no longer able to shadow remote desktop sessions for some new thin clients that were installed.  The error message was "Access is Denied".  It turns out that these new thin clients were dual monitor setups.

According to  https://support.microsoft.com/en-us/kb/2484290 , this is normal behavior when trying to shadow a multiple monitor session.

After installing Windows 10 and Office on a new laptop, I started getting the following error message when I tried to click on any link in any email message or click on a table of contents link in a Word doc:

"Your organization's policies are preventing us from completing this action for you. For more info, please contact your help desk"

While it's not an entirely bad thing to have email links require a copy and paste, it's a real problem with other links like the Table of Contents in a long Word document.

There is a KB article at https://support.microsoft.com/en-us/kb/310049 that discusses this issue. The solution for Windows 10 is to find a system that doesn't have the problem and export a registry key then import it into the offending system. The key it references was missing from my system.

The steps that worked for me were to find a Windows 10 system that didn't have the problem, run regedit and locate the following subkey:

HKEY_LOCAL_MACHINE\Software\Classes\htmlfile\shell\open\command

Then you export the subkey to a file, copy the file to the system having the problem and import it into that system's registry (either by double clicking the .reg file or importing it via regedit).

There is a last verification step to verify the String (Default) value of "HKEY_CLASSES_ROOT \.html" key is "htmlfile".