While setting up SNMP monitoring for some oddball devices I found a good website for SNMP and MIB information. Mibdepot.com has the MIB’s and OID’s for almost any SNMP enabled device you can think of. There are several search options available, including by manufacturer or by OID variable name.
I’ve been a part of the Office 2010 Technical Preview program for a little while now and have been impressed with a few of the changes that have been made from Office 2007. I received an email last week saying that the Technical Preview is coming to a close this month (November) and will be transitioning to a Beta release. I don’t know if this will be a public Beta release or not, but I’m definitely excited to get a new build of Office 2010 installed for play… I mean, “testing.”
One of my favorite new additions is in OneNote 2010. You can now dock your notes to the desktop (as demonstrated in the two pictures below) which allows you to take notes while looking at other documents, webpages, etc. [more]
On a recent IT audit, the bank was using a Samba directory instead of Microsoft’s Active directory for user authentication on their workstations. We use an audit tool called DumpSec to dump the user accounts out of Active Directory. However, when I tried to use it on the Samba directory, I got an error message and a partial list of users (about 6 accounts out of 85). After trying several fixes, including joining a VM to the domain and running DumpSec using the root credentials, I unchecked the “Show computer accounts” option in DumpSec (see screenshot below) and it worked. [more]
A client recently had a problem where printing to an HP P2035 printer from the network. When the printer was pointed to installed driver, the print spooler on the print server would crash.
The cause of the problem was that the only model specific driver to date (10/21/09) for the P2035 model was a Host-based driver – also known as: Graphic Display Interface (GDI). The driver must NOT be a Host-based printer (AKA GDI or Windows-only Printer) - Host-based Printers, will not function in a Terminal Services Environment (without 3rd party printing software). The only other available driver was the HP universal driver. [more]
In the documentation I found out that the printer does support PCL5 language. However, there is not a model specific driver in this language provided by HP. The P2015 model does have a PCL 5e driver available. I downloaded that model and installed it to the printer server and test servers. I then tested printing and things seemed to function. However, further testing revealed failure to print images from Adobe and bank specific applications while using the P2015 driver with this printer. Images would come out as black squares. Several modifications were made to the printer settings, but nothing seemed to fix this issue. The problem was not documented on HP’s support site, probably due to the fact that this is a new model of printer.
When flashing the NVRAM or the Hard Disk on any of the HP printers make sure that you remove any added on devices that can store data on them such as the Bar DIMM USB devices used to print barcode fonts. If they remain in place when flashing the NVRAM or HD it will erase the data on the addon device as well.
I recently ran across a free open source utility called Keyfinder that extracts license keys for the software you have installed on your computer. You can find more information and download it from http://magicaljellybean.com/keyfinder/. [more]
There is a configuration file that indicates where in the registry the key is located for various products - it can be expanded for additional products. You can also load the hive from another drive if you have an accessible drive from another system and need the keys for software that was installed on it.
A user a one of our client's site was experienc an issue where a Symantec Antivirus full scan was started when the user logged in every morning. The scan was scheduled to run at 1:00 AM, but it seemed to be ignoring the schedule. The problem was caused by the computer being in sleep mode during the evening when the scan was scheduled to run. The scheduled scan would not bring the computer out of sleep mode to run the scan at the scheduled time. As soon as the started to login the computer would come out of sleep mode and the scan would start. The power saving options are a per use setting. Without group policies in place, this setting must be completed for each user on each computer.
Windows 7 has a feature called Problem Steps Recorder that you can use to document a procedure or recurring error. From Start, run ‘PSR’, at which point you’ll notice a small, floating bar where you can start and stop recording, as well as add comments during the recording. This utility will take a screen-capture each time you click something or hit a function key, as well as document in text the action taken for each step. When you stop recording, it will prompt to save a zipped MHT file, which you may need IE to view. Here are a couple resources explaining how to use this feature: [more]
One of our employees started experiencing regular account lockouts a few weeks ago. The lockouts started soon after a domain password change. At boot, and random times throughout the day, his account would just reach the maximum bad attempts and lock. We checked to make sure he didn’t have any saved credentials under the “Managed Network Passwords” settings of his user account. The few he had didn’t appear to be related, but after a while we went ahead and cleared them all out. We checked all his services to make sure none were using his domain account to start. We also checked scheduled tasks, but none appeared to be the problem. We thought it might be one of his startup applications, so we disabled all his HKLM/HKCU Run and Startup folder items. This didn’t fix the problem. We noticed the account would lockout even before he tried to login, so we were sure it had to be something starting up with the computer (not part of his profile). The event log kept saying the failure was coming from a stored credentials (though we had removed all the ones we knew of). We eventually cleared the registry key where all stored passwords are saved, which also caused us to have to remove and rejoin the domain (machine account password probably got cleared). None of this worked. [more]
We tried to remove all applications we thought might have some old credentials cached. We removed his ThinkPad fingerprint software, disabled his backup software, removed Symantec. When none of this worked, I had him decrypt his drive and remove PGP Desktop (multiple day process). The problems still persisted. We then booted into safe mode (with networking) to see if the lockout would still happen with a bare minimum of services. It didn’t. We ran msconfig to do a “diagnostic startup” (safe mode not in safe mode). We waited at the logon screen to see if the account would lockout. It didn’t, so we logged on and began starting services one by one. (NOTE: msconfig sets services to Disabled, so you must 1) run it 2)set it back to normal startup 3)when prompted to reboot, don’t … then services will be back to their default settings.) We started a few services, then noticed we actually weren’t on the network because the DHCP service wasn’t running. We started all network related services and made sure we were authenticated on the network. We waited to see if what we had brought up so far would cause the lockout. It didn’t. We started working through the rest of the services one by one, and eventually two by two. We finally got to the service “SeaPort”. The service has no description, but research shows it to be installed alongside any Windows Live “essentials”. After starting the service, the account locked out. We played with the service a few times (unlocking, restarting it, unlocking, etc.) to verify it was the problem. We disabled the SeaPort service and rebooted (with everything else set back to “normal”). No lockouts! After a while, we started the service (just to make sure one last time after a clean boot). The account locked out. We permanently disabled the service.
A problem I have had since upgrading to Vista was being unable to access domain resources once I connect a VPN session to a customer site. Accessing file shares on our network or connecting to Activity would require me to run "cmdkey.exe /delete /ras" to clear the RAS credentials cached when the VPN was established. I never had this issue with my Windows XP installation. So, after getting fed up with always having to run the command, I finally found a solution. Which is to disable using RAS credentials on my VPN connections. To do so, follow these steps: [more]