Blog

After installing Windows updates a customer’s HP 6000 Desktop, running Windows 7, would not POST (Power On Self Test). After powering on it would display a HP logo and go no further. I had access to another identical system so I switched the memory, then hard drive and got the same problem both times. I decided to just put the other system in place of that original one. I connected all the cable and got the same problem on the second desktop. At that point I unplugged all but the display and power, since I have seen keyboards cause this type of problem, this time it booted without hanging. I reconnected the mouse and keyboard and it booted fine. I then reconnected the USB printer and it would not POST. I put the original system back in place, without the USB printer connected and it worked fine.

The HP 3005 printer that was connected was bought refurbished and apparently had started affecting the boot process. The decision was made to replace the defective printer so it was retired.

I experienced some odd behavior in Word last week while working on an audit report (I was docked in my office).  Periodically, the blinking cursor in Word would disappear and my document would appear to freeze up.  Neither Word nor my laptop was not locked up because I was able to scroll in the document but when doing so, the document would turn black and my text would either disappear or become garbled, with lines appearing to repeat over and over.  This would last for 20-30 seconds or more.  I tried rebooting to no avail.
 
At one point, I noticed the proofing cursor was animated, as it does when it is writing to disk. [more]

This made me think the problem might be network latency.
 
I mentioned my problem to another information security auditor. He suggested it might be related to offline files.  I thought I had reversed the “Always available offline” option for this folder.  However, upon further investigation I found out that I had not.  Once I did so, the problem did not recur.

Cisco's IOS documentation says that pre-shared keys used for VPNs can be 128 characters long.  If you try to specify a 128 character key this message appears "Pre-shared key length exceeds 127 characters.   Key not added."  So, I have been using 127 character pre-shared keys for a long time.  Then IOS 15 came out and we are still doing VPNs just fine with that version, but not using 127 character pre-shared keys.  It still allows them but the VPN will not come up and "%CRYPTO-4-IKMP_BAD_MESSAGE" is logged, which means the keys do not match.  It now looks like the pre-shared keys cannot be longer than 125 characters.

Microsoft has introduced a technology that competes with the QR codes. One of the main differences in the Microsoft Tag is that there is a tracking mechanism that will tell the tag owner how many people have accessed the tag… and also allows the tag owner to change the contents of the tag over time.  QR tags are static.

All the tagging technology (readers, creators and the web site to control the content) are free at this time from Microsoft. [more]

Here are a couple articles of interest:

http://tag.microsoft.com/overview.aspx

http://www.signsoveramerica.com/sign-blog/index.php/2010/11/15/qr-codes-vs-microsoft-tag-reader-predicting-the-winner/

I was having some problems with my laptop's Bluetooth radio turning itself off when I reboot without powering off. I found an online posting indicating resetting the BIOS to defaults would fix the problem. I went into the BIOS setup and reset it then rebooted. However, that changed the system enough to make Bitlocker to ask for the recovery key. I put in the recovery key then suspended Bitlocker on the C drive after Windows came up (as the Bitlocker message instructed). I then resumed Bitlocker and it seemed to work after another reboot. [more]

However, when I rebooted the laptop at home later that day, Bitlocker asked for the recovery key again. I found another Microsoft support entry that indicated the problem might be that the boot order was changed. That made sense because my configuration at home involved an external USB device that wasn't connected at the office.

I suspended Bitlocker then rebooted and went into the BIOS setup and made sure the first (and only in this case) boot device listed was my C drive.

After rebooting, I resumed Bitlocker protection and haven't had a problem since.

I was recently assisting a client who was receiving TSCAL (licensing) errors when logging into 2008 terminal server via a Wyse thin client.  After researching found that it was caused by the default User not having write access to the registry that is needed to be able to re-write the hardware ID under MS licensing.  Here is how I was able to fix the problem: [more]

1. Login as Administrator locally in to the device and disable the write filter
2. Launch the registry editor and navigate in to Hkey_local_machine\Software\Microsoft\
3. Select MSLicensing > right click select Permission  > Click on Advance tab
4. Set the User  and the Power User  to have full control

When out of town on an audit there are times when I need to shutdown my laptop (rather than just letting it go to sleep) but I don't want to take the time or chance any problems when installing Windows updates. For example, I needed to get to a bank for a meeting and installing updates first thing in the morning wasn't what I need to happen (especially when one was Windows 7 Service Pack 1 which would take a long time to install).

The problem is when I use the Start button to select shutdown, the only option I have is install updates first then shutdown. A co-worker showed me there is a plain shutdown option available if you use Alt-F4 - easiest if all windows are minimized. That's a good one to know! [more]

As part of a Citrix environment overhaul, another network engineer and I discovered a very frustrating limitation of using group policy with Citrix published applications. The problem centers around the inability to apply IE group policy settings using loopback mode processing. I'll warn you ahead of time, there are lots of details so hang with me....and remember this is all going to converge at the application of group policy. Here is what we found...

When a user with an empty roaming profile (new user) has their profile created as the result of running a published application, the user portion of the registry hive (ntuser.dat) is not created in its entirety. The users' hive can be loaded and a number of noticeable differences exist between it and the default user registry hive. If the user profile is created by logging on locally (console), via RDP to the same machine, or via Citrix published desktop on the same machine, the profile that is created is complete. I was unable to find any noticeable differences between the default user registry hive and that of the newly created roaming user profile when the profile was created in this way. Additionally, once an incomplete profile had been created via published application session, the profile could NOT be "fixed" by logging on via RDP or published desktop. Once the registry hive was created in an incomplete fashion, it seemed to be affected from then on. So why are we talking profiles...I thought this was about group policy? Well, it is...I'm getting there. [more]

We found that users running published applications did not have group policy correctly applied. We were trying to set policies on Internet Explorer using Internet Control Panel settings in the user portion of the GPO. Specifically, IE security zone settings such as trusted and intranet sites would not apply. We also noticed that each security zone seemed to be locked. In the Security tab of the Internet Options dialog box, all the icons were the same....blue IE symbol with a lock next to it. The "Sites" button and the "Custom Level" button were also grayed out. So, here is the where the profile problem merges with the group policy problem. I found that by manually exporting certain keys from the default user profile registry hive under \Software\Microsoft\Windows\CurrentVersion\Internet Settings\ and importing them into in a incomplete user registry hive, I could fix the problem. That is, once the keys existed in the user registry hive that pertained to the settings I was trying to set via group policy, the policy was applied correctly...no issues. Makes sense right....if the group policy is setting registry keys in order to apply certain policies, it’s not going to work if the keys don't exist in the first place.

So things have come full circle. Group policy isn't working because the user profile is messed up. So why is the user profile not getting created correctly? Well, this is actually a Microsoft problem --> http://support.microsoft.com/kb/899270. And the script they provide doesn’t work…we tried it. Actually, there is more to the problem than that, but here is a summary of the information that we gathered. By design, Citrix published applications, remote applications in Windows 2008, and the "start this application on connection" functionality of RDP (mstsc.exe) running against Windows 2003 servers implement limited logon functionality so that the session footprint is smaller than a normal desktop session. Part of the "limited functionality" is that the user session does not start explorer.exe. So, any application that depends wholly or in part on explorer.exe could have issues. Some of the important pieces of functionality that explorer.exe implements are the following:

1. The run registry entry
2. The RunOne registry entry
3. Startup applications 

If you have ever noticed the small gray box that is displayed the first time you log on as a new user, you have seen the effects of explorer.exe running at session logon. It goes by fast, but it says something like "applying internet explorer customizations", "setting up windows media player..."...stuff like that. That little box is normally initiated by explorer.exe. It is called runonce.exe. What we found was that if we initiated runonce.exe in a logon script, the user was created correctly when running published application; thus, group policy was applied correctly as well. Testing also showed that this process could also fix a previously created broken user registry hive (ntuser.dat). All we had to do is add the following to our logon.bat file

start /MIN %windir%\system32\runonce.exe /AlternateShellStartup

Citrix has documented this problem in a support article (http://support.citrix.com/article/CTX104374) and they refer back to the previous MS KB listed above. Numerous forums threads exist on this issue and we were unable to find a resolution elsewhere that did not include scripting registry imports to the user profile at logon. This workaround seems to be a more flexible and reliable.

If you’d like to delete a “block” of text such as spacing at the beginning of several rows of text, use the Ctrl+Shift+F8 key combination.

Place your cursor at the beginning of the first line, press Ctrl+Shift+F8 [more]

Use the right arrow key to highlight the area you wish to delete on the first row, then the down arrow to highlight the same area on the additional lines.

Presto, change-o…the unwanted text (or spaces) are gone!

Line 1
Line 2
Line 3
Line 4
Line 5

This is admittedly not as cool, but I accomplish the same thing in Notepad (assuming the block of “text” I want to delete on each line is identical) by using Ctrl+H (Replace), entering the “text” (or spaces) I wish to delete, leaving the “Replace with” field blank and clicking Replace All.