Blog

I installed Exchange 2010 on a new Windows 2008 R2 server for a customer. I was attempting to do a test move on a mailbox from the old Exchange 2003 server and it failed. I found that the Microsoft Exchange Mailbox Replication service was stopped and it would not start. I did some online research and was unable to find a solution.  After further investigation it was discovered that the VaultLogix Classic Agent used for the online backup was using the same port as the Mailbox Replication service. I spoke to a VaultLogix support technician who showed me a registry key that would change the default port from 808 for the agent.

I change “HKEY_LOCAL_MACHINE\SOFTWARE\EVault\InfoStage\Agent\AgentPortNumber” to port 807 and was then able to start the Mailbox Replication service. [more]

During the installation of the backup agent it will not allow you to change the port. However another method to change the port number once it is installed, is by opening the Classic CentralControl application right click on the server name and choose “Properties. Then change the port number to an available port.

We probably all have many accounts set up on many web sites.  Since it is a very bad practice to use the same password on more that one site,  I have used Password Safe for years for keeping up with accounts and passwords.  I have recently switched to using Lastpass.  Lastpass has a very long list of features.  Here are a few of the features:

• Automatic form filling, like Roboform
• One click login - click on the site, it brings it up and logs on for you
• Synchronizes everywhere - Windows, Mac, Linux, IE, Firefox, Chrome, Safari, iPhone, iPad, Android, Blackberry, Windows Mobile, even Symbian and Palm
• Generates strong, secure passwords
• Stores miscellaneous notes

Another great feature is a program called pocket.  This stand alone program will download your entire database and save it locally.  It will also decrypt it and export it to a CSV file.  This means if Lastpass ever goes away, you still have all your data which can be accessed or imported into another password manager.

The best feature is how it stores your data.  Everything is encrypted and decrypted locally and the Lastpass servers never have your key or unencrypted data.  The encryption part of the software is very simple.  It just uses a SHA256 hash of your email address (account) and master password for the encryption key. [more]

This is all free, except the mobile versions require a premium account which costs $12 per year.  There is a 14 day free trial of the mobile versions.

In an attempt to be fair, here are some other password managers.  You may prefer one of these over LastPass, which is what I use and recommend.  I used Password Safe for many years, but it is not multi-platform and there is no synchronization between machines.  KeePass is another nice one, but I have never used it.  Both of these are open source on sourceforge.

Here is a list of some online password managers, with some brief comments about why I did not choose each one (except for the AGPL license).  My "online only" comment means you must access the web site in order to use the passwords stored there.

• www.agatra.com (no longer supported)
• www.needmypassword.com (web site out of date, misspellings and grammatical errors, online only)
• www.passlet.com (cert expired, beta software, online only)
• www.passpack.com (designed for sharing passwords, subscription priced on number of passwords and shared users, online only)
• www.spyshakers.com (mainly designed for privacy, requires more setup, online only)
• www.shibbo.com (either online only or purchase a portable app, does not seem to be maintained - web site from May 2007 said software on usb pendrive "soon available!" and it still says that today, based in Spain, web site not tls encrypted)
• www.clipperz.com (online only, seems to beta, main web site not tls encrypted, most of the source is AGPL v3)

If you need to connect to a VPN that uses RSA’s SecurID authentication and if you are using the RSA SecurID App on the iPhone it can be tricky entering the SecurID passcode in the VPN connection dialog.  Fortunately you can copy and paste the passcode on the iPhone.  Open the RSA SecurID app and enter your PIN.  Press and hold the passcode field until the [Copy] appears.  Copy the passcode.  Initiate the VPN connection and paste the passcode in the appropriate field.

Here are some items to consider when upgrading to vSphere/vCenter 4.1:

1. vCenter 4.1 requires a 64-bit OS.
2. Windows 2008 R2 is now officially supported with vSphere 4.1.
3. When asked what account to use for the service, the local system option was greyed out.  I had to enter my current credentials, then go back after the installation completed and change the service account to local system.
4. The Update Manager can upgrade VM hosts.  I had to get the hosts up to version 4.0 before it would work, though.
   

I was setting up Backup Exec 12.5 to function as a VCB proxy to back up our VMs at a VMDK level and ran into a few problems. Version 12.5 has this functionality built in so it was fairly simple to back up a VM from the SAN to the VCB proxy. Restoring it back to the vCenter cluster, on the other hand, was a different story. The first problem I ran into was in running a simple restore. The job would fail as it would try and convert the machine. Simple fix: Install VMWare Converter Standalone on the proxy. [more]

Problem 2: The job would fail and give me a suggestion that I might try restoring the machine as a redirected restore job.

Problem 3: When I tried to set up the job for a redirected restore, I receive “Access is denied.” when it attempts to connect to the vCenter and datastores.

Solution: UAC was causing the access to be denied. If I started Backup Exec as an administrator or disabled UAC on the machine, I was able to get access to the datastores and set up the redirected restore. From there, my restore jobs were successful. Now I did run into other slight problems with this restore, but I’ll save that for another time.

To find a "lost" window (displays off the side of the screen after undocking from multiple monitors):

XP:  Right click the icon on the taskbar, select "move", then use the arrow keys to move the window to where it is visible.

Windows 7:  Hover your mouse over the icon on the task bar until the thumbnail appears, right-click the thumbnail, select "move" and then move the window with the arrow keys.  Alternately, you can click the icon on the taskbar (so that the application has focus), hold down the Windows key, and press the right or left arrow key.  This will snap the window to the side of the screen.  (Sometimes, you have to hit Windows-arrow multiple times.) [more]

Windows 7 has "mouse gestures".  You've probably seen what happens when you drag a window to the top of your screen, but try grabbing a title bar and giving your mouse a shake.  It will minimize all other windows (or bring them back if you just minimized them that way).

I have done a couple SBS 2003 to SBS 2008 migrations in the past and because the customers were relatively small with less than 20 users, we opted to just build the new SBS 2008 server with a completely new domain and then migrate the data. We would recreate all the user accounts, mailboxes, and shares and choose a maintenance window to do the switchover. It works fine for companies with low complexity and downtime flexibility. However, I just started an SBS 2003 to SBS 2008 migration for a company that operates pretty much 24-7 and they have a fairly high complexity level on the application side.

I have tried some of the SBS 2000 -> SBS 2003 migration tools and they were pretty pathetic, but I had to have an easier way for this migration. After some research, I came across a set of processes that you can use to migrate SBS 2003 -> SBS 2008. They are documented pretty well by Microsoft here: http://www.microsoft.com/downloads/details.aspx?FamilyID=52b7ea63-78af-4a96-811e-284f5c1de13b&displaylang=en.  The process is pretty tedious...I won’t get into it here. You can read the doc if you are interested.

The gotcha is what I encountered during the migration install. [more]When you provide the unattended install file for the SBS 2008 install, first it goes through and installs the OS. After a reboot, it starts the actual migration process. I was watching closely and noticed that it seemed to hang at about 20%. I looked at the event logs on both ends and couldn’t find anything then after some a search on Google I found a user blog that mentioned accessing the sbssetup.log file via file share during the install. I checked it out and it indicated that the new SBS server could not find a server in its AD site to replicate with. I reviewed AD sites and services and noticed that there was no subnet associated with the current default AD site. I added the subnet and waited a few minutes and the progress began to move forward…yeah success!

No so fast. It move about 10% and stalled again. Again after looking in the log file, it was an AD replication problem. This time the SBS 2003 server had a sysvol replication journal wrap problem. I found the MS article on how to fix it and applied the registry fix and restarted NTFRS. Again, progress.

The migration ran for another 3 hours and stopped about 95%. Another log reviewed showed the problem was DHCP related. I connected remotely to the DHCP service and I could see that the scope was getting created and the server options were set, but the reservations were not there. I started reviewing those thinking there might be something there holding it up. By accident, I found that one of the MAC addresses in one of the reservations had a trailing space following the MAC. I removed that reservation and after a short wait, the migration continued and finally finished….6 ½ hours later.

So two things. 1. Watch the log file 2. Get lucky

Recently, an unscrupulous individual was trying to setup a fake copy of one of our customers for what was likely a phishing scheme on a server located in Netherlands.  Upon examining the whois record, there was a contact listed as the admin with an address and phone number.  Upon calling the number the individual that answered the phone of course knew nothing about the person that registered the website.  Other entries appeared to indicate that Yahoo was involved in the hosting.  However, in order to actually connect to the website, the DNS records are registered with name servers that are usually from the webhost provider. Below is a screen shot of the Whois results (with some of the information removed). [more]

After querying the name server’s DNS for citibo.com, it was clear that these servers were pointing back to a server named hosting1-nl.santrex.net.  Santrex.net showed to have hosting servers located in Netherlands.  A trouble ticket was created for abuse on the santrex.net website, and a few hours later, the webhost provider suspended the account.  While we were still waiting for the FBI to get back with us, it was really helpful to contact the webhost provider, and get the website taken down.

I received a machine from a customer that would not boot. The machine had been operating flawlessly for several months… then suddenly it would not boot. The typical error was: “The file is possibly corrupt. The file header checksum does not match the computed checksum. Also, once in a while I got an error from BOOTMGR:.  I ran diagnostics on both of the hard drives (mirrored) in the system from a BIOS diagnostic option and they reported NO errors. [more]

I could not boot from the Windows 7 CD. I could not boot from the recovery CD made from Windows 7. I finally made a bootable USB drive with DOS and it worked. I then saw an option in the BIOS to run a memory test… did it and it failed.

The entire problem (after hours of troubleshooting) was a bad memory stick!