Blog

We recently ran into an issue where one of our client's users locked himself out of PGP.  A gotcha was encountered entering the WDRT after pressing F4.  The shift key should NOT be used to enter letter characters.  The characters will show as capital without the shift key being pressed.  If the shift key is used, a different bit stream will be sent, but will look the same, and the token will not work. 
Networking, PGP,
 

Ran across this issue three different times; a user installs Adobe Reader update and Google Chrome gets installed. The user then uninstalls Chrome and when they try to access hyperlinks from any program, it fails. They would receive the error "This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator."  Going in and changing default browser settings did not fix the problem. It requires registry changes to fix the default browser.

Restore registry settings in the User Profile: [more]

  1. Click Start, click Run, type Regedit in the Open box, and then click OK.
  2. Locate the following subkey:
    HKEY_CURRENT_USER\Software\Classes\.html
  3. On the File menu, click Export.
  4. In the Export Registry File dialog box, enter HKCU_Classes_HTML_Backup.reg and click Save.
    Note: This will create a backup of this registry key in the My Documents folder by default.
  5. Right click the (Default) value for the .html key and select Modify...
  6. Change the value from "ChromeHTML" to "htmlfile"  (or from FireFoxHTML to htmlfile)

Repeat steps 1-6 for .htm .shtml .xhtm and .xhtml k

I have read that you can change the default browser prior to uninstalling and this will not be a problem. However I have not tested this.

General, Chrome,
 

e recently had a client who was receiving the following error message in Microsoft Outlook: "Your automatic reply settings cannot be deployed because the server is currently unavailable. Try again later."

The reason this error message is displaying is because Outlook can’t see your Client Access Server. [more]

To get Out-of-Office to work you need to add a bypass to your proxy server for your CAS. To do this you need the name of your CAS (typically the exchange server).

Open up your Internet Options settings in Control Panel and click on the “Connections” tab.  Make sure that the “Bypass proxy server for local addresses” is ticked then click on “Advanced”.

In the “Exceptions” panel type in your CAS server name followed by .* then press OK->OK -> OK to close all of the windows.

Close and reopen Outlook and out of Office settings options should now work.

General, Outlook,
 

We have a customer who has a server that runs Windows NT4. One of the hard drives on the 15 year old server started failing, so we decided to virtualize the server. To add to the complexity, the server was on a workgroup and not on the domain like all the other servers. I installed VMware Standalone Converter on the server that would host the VM, but when I started the virtualization process, I received an error saying the remote agent could not be installed.
 
We figured out that the latest version of VMware Standalone Converter to support NT4 was version 3.0.3-89816, which is not available for download now. Luckily, we had a version of this file already downloaded. This version is a cold clone ISO. I created a CD and attempted to run the conversion from the CD. When you boot from the CD, you can only virtualize remote systems. I tried this process from the host server and the NT4 server, but both failed. Installing the v3.0.3 on the host server and then running the conversion also fails.
 
Here is the process you must go through to convert an NT4 server to a remote VM: [more] 
  • Create a bootable CD from the VMware Standalone Converter version 3.0.3-89816
  • Insert the CD in the NT4 server and browse the contents of the CD
  • On the CD, navigate to the VMWARE-CONVERTER folder and run the “VMware Agent.msi” file
  • After the install completes, run VMWARE-CONVERTER\converter.exe
  • After the agent is installed locally, you have the option to convert the local machine
  • Finish the wizard, inserting the necessary settings (VM host server, authentication, etc.)
Networking, VMware,
 

We had problems getting to the Internet on one customer’s terminal server after removing Java 5 and installing Java 6.33.  All other terminal servers were working normally except for this one.  It appeared that the WPAD.dat file was not being utilized and all Internet traffic was trying to go out directly.
 
My suspicion was that this had something to do with Java, so I tried uninstalling and reinstalling Java.  This still did not fix the internet issue. [more]
 
I used procmon utility on a working system to review all of the file open/close functions that happen when IE tries to launch a website.   What I found in the process log was that on a working server, I would see the WPAD.dat file being opened and closed, then jsproxy.dll, and then later on jscript.dll.  On the server with the problem, I never saw jscript.dll being opened.
 
I used the command “regsvr32 c:\windows\system32\jscript.dll” to re-register the DLL, and Internet started working!
Networking, Java, Terminal Server,
 

Simple erasure of a disk (or thumb drive). Windows 7 “full” format will overwrite each byte on the disk with zeroes.  This began with the Vista o/s and is true also with Windows 7.  This can cause problems for virtual machines running on a SAN.  Here is the statement from Microsoft KB 941961: [more]
 
The format command behavior has changed in Windows Vista. By default in Windows Vista, the format command writes zeros to the whole disk when a full format is performed. In Windows XP and in earlier versions of the Windows operating system, the format command does not write zeros to the whole disk when a full format is performed.

The new format behavior may cause problems for the on-demand allocation modes that a volume storage provider, such as a Storage Area Network (SAN), supports. Problems may occur because the new format behavior prematurely triggers allocation of the backing space.

In the on-demand scenario, zeros do not have to be written to the whole disk because the volume storage provider initializes the on-demand-allocated data. To avoid causing unnecessary on-demand-allocation, you must use the quick format option.

Networking, SAN, Windows 7,
 

Typically, we run memory diagnostics from a bootable CD, but if you are trying to troubleshoot a computer in another city this is not always possible. Windows 7, Vista, Server 2008, and Server 2008 R2 have a built in utility called mdsched.exe. The utility can be started from a Windows session and will start automatically at the next reboot. The default is a simple memory diagnostic, but extended testing can be performed. Results will display during the test, on screen after the test, and in the Event Viewer under Applications and Services > Microsoft > Windows > MemoryDiagnostics-Results > Memory Diagnostic Tool  after the test is complete.
More detailed information can be found here: [more]

http://www.sevenforums.com/tutorials/715-memory-diagnostics-tool.html

General, Windows 7, Windows 2008 Server, Windows 2008 R2,
 

Over the years, many people have asked me about backup for home machines.  Burning files to DVDs and carry them to a different location is problematic.  It's a lot of trouble to make frequent offsite backups.  I recently did some research and decided on using a program called Duplicati for backup and Amazon S3 (Simple Storage Service) for storage.  I think having the backup program and the storage separate is the best solution.  I can even back up to multiple providers in case one of them just goes away without warning.

Duplicati is free and open source and runs on Windows, Linux and MacOS.  It has a nice GUI interface plus a rich command line.  Duplicati has built-in AES-256 encryption, which means you hold the key and your backups are encrypted before leaving your network.  It creates normal zip files and then encrypts them with AES Crypt, so even if Duplicati breaks, you can still download, decrypt, and unzip your backups using other standard tools. [more]

Duplicati will back up to many different cloud providers (Amazon S3, Rackspace, Google Docs, SkyDrive, Tahoe-LAFS, WEBDAV, FTP, SSH) as well as file based locations.

I chose Amazon S3 for storage because of the history of reliability of Amazon.  The cost if not much either.  You get 5 GB free, and then it’s 12.5¢/GB/month after that.  So you can store 50GB for less than $6/month.  It is even cheaper if you choose the Reduced Redundancy Storage (RRS).

Get Duplicati here http://www.duplicati.com/.

Sign up for Amazon S3 storage here http://aws.amazon.com/.

General, Amazon, backup,
 

While installing a wireless network at a youth camp where I volunteer,  I was having issues getting the wireless distribution system to see the wireless access point in the building where the main router is located. If I place the WAP in the attic I could get a decent signal. So I moved the WAP to the end of the building, in the attic and mounted it inside the wood eave of the building. I was then getting a good signal to my other building. It wasn’t till after I had done this that I realized it never would of worked the first way I was trying. Most of the older buildings, such as the one the network originates from, have stucco exteriors. Part of the process of installing stucco (at least the old way) is to wrap the building in a wire mesh to help hold the stucco. It finally occurred to me that the wire mesh was creating a faraday cage around the building preventing the wireless signal from reaching outside.
Networking, wireless,
 

I’ve been working on migrating an Exchange environment to 2010. This process includes an upgrade to the Unified Messaging role of Exchange to 2010 as well. We had purchased a UCC certificate to include all the Subject Alternate Names our Exchange environment would need and I had already applied it to the CAS server successfully. Since this certificate also included the FQDN of our UM server, I added the cert. and assigned the UM service to it so that Exchange could start processing voicemails through 2010 instead of 2007. [more]

After I had moved a couple of mailboxes (including mine) over for testing, I discovered that I could no longer receive voicemail. People were redirected to the Subscriber Attendant instead of my individual mailbox. There were events logged on the UM server saying the following:

Event ID: 1400 Source: MSExchange Unified Messaging
The following UM IP gateways did not respond as expected to a SIP OPTIONS request. Transport = TLS, Address = lync.ourdomain.com, Port = 5061, Response Code = 0, Message = This operation has timed out.

After considerable troubleshooting, I ran across a forum posting (http://social.msdn.microsoft.com/Forums/en-US/communicationsserversdk/thread/2733adf2-c91b-4b94-bf43-be93cdd2d5ef/) from someone who encountered the same issue and called for a support incident with Microsoft to figure out what was going on. In order for UM to work in a Lync phone system environment, the Subject Name of the certificate installed must be the FQDN of the UM server itself. It won’t work if it’s just included as a Subject Alternate Name; it must be the Subject Name.

I generated a new certificate from our internal CA with the UM server as the SN of the certificate, installed and assigned it to the UM roles (leaving our UCC cert running the remaining roles), and immediately started receiving voicemail notifications.

I found one other blog posting after the fact that backed this claim up even more (http://therealshrimp.blogspot.com/2012/03/multiple-exchange-um-servers-and.html).

Networking, Exchange, Exchange 2010,