CoNetrix

Blog

We had a problem with a computer that could not be connected to via RDP. There were no errors. It would blink the connecting message up on  the screen and then goes away but it never actually connected. This was a windows XP machine (I think with SP2 or 3) and had all of the configuration set correctly. The server could contact everything on the network regularly and it could be pinged from other PCs, connected to through WMI and SMB. The firewall was disabled as well. After some research I found that some had this same problem and had fixed it by updating the video card drivers. Not really expecting much results but with few options at this point I decided to update the video card drivers on the problem machine. Sure enough updating the Video card drivers fixed the problem.

Networking, Windows 2003 Server, Windows XP,
 

WinDirStat, Windows Directory Statistics, has been around a long time and is still being updated.  WinDirStat is a disk usage statistics viewer and cleanup tool for Microsoft Windows.  Some of us have used Spacemonger, which presents a treemap view of disk usage.  Spacemonger’s biggest advantage over WinDirStat is that it is faster.  Here are some advantages that WinDirStat has over Spacemonger:

  • Displays directories and files in a hierarchal list.
  • Easy analysis by file type – a pane lists them, and it will highlight all files of that type in the treemap view.
  • Color coding based on file type.
  • You can just only scan a folder (I have used subst with Spacemonger many times). [more]

I suggest you just try it out and start clicking on stuff.  Be sure to check the configuration options (you will want to turn off the Pacman Animation).

The most recent version is packaged as an installer. However, I actually extracted the files and it runs fine.

Networking, Software Utility, tools,
 

When approving new updates for WSUS recently, the server I was working on ran completely out of space on its drive were the WSUS content folders were stored and this caused WSUS to crash. There is a utility located in WSUS’s ./Tools folder named WSUSUTIL.EXE. This utility can be used for many different WSUS tasks such as copying the WSUS content folders to a new location. The syntax for this is:

wsusutil movecontent contentpath logfile

contentpath = The new root for content files. This must exist ahead of time
logfile = The path and file name of the log file to create

Despite the name of the command, this does not actually “move” the content folder. It only copies the files and redirects WSUS to begin using this new folder instead. You will still need to clean up the old path. [more]

A full list of switches and commands can be found via TechNet: http://technet.microsoft.com/en-us/library/cc720466.aspx

 

Networking, Windows 2003 Server, WSUS,
 

We recently noticed a situation where our clients systems were not getting Daylight Savings Time (DST) or Windows Malicious Software Removal Tool updates. After researching I found that Microsoft classifies some updates as Update Rollups in WSUS.

  • Cumulative Security Updates for ActiveX Killbits
  • Updates for Intelligent Message Filter for Exchange
  • Daylight Savings Time updates
  • Windows Malicious Software Removal Tool

So, you must  select Update Rollups in order to have them available in WSUS.  For any given product or product family, updates could also be available among multiple classifications (for example, Windows XP family Critical Updates and Security Updates).

The following table lists examples of update classifications: [more]

Update ClassificationsDescription
Connectors Software components designed to support connection between software.
Critical updates Broadly released fixes for specific problems addressing critical, non-security related bugs.
Development kits Software to aid the writing of new applications that usually includes a visual builder, an editor, and a compiler.
Drivers Software components designed to support new hardware.
Feature packs New product functionality usually included in the next full product release.
Guidance Scripts, sample code, and technical guidance designed to help in the deployment and use of a product or technology.
Security updates Broadly released fixes for specific products, addressing security issues.
Service packs Cumulative sets of all hotfixes, security updates, critical updates, and updates created since the release of the product.

Service packs might also contain a limited number of customer requested design changes or features.
Tools Utilities or features that aid in accomplishing a task or set of tasks.
Update rollups Cumulative set of hotfixes, security updates, critical updates, and updates packaged together for easy deployment.

A rollup generally targets a specific area, such as security, or a specific component, such as Internet Information Services (IIS).
Updates Broadly released fixes for specific problems addressing non-critical, non-security related bugs.
Networking, Security and Compliance, WSUS,
 

A user was having problems opening Adobe PDF files from Internet Explorer getting an error that the file could not be found.  The file could be saved to desktop and then opened from there just fine.   From what I could tell, IE was trying to save the PDF file to a folder in "%Userprofile%\Local Settings\Temporary Internet Files\Content.IE5".

From my admin account, I could browse to the user's Content.IE5 folder, but the user's account was not able to see or browse to this folder at all.  This was causing problems being able to save anything to Temporary Internet Files for retreival.  I checked the permissions on this folder and they all appeared to have sufficient access.

In order to fix this, the Temporary Internet Files for the user needed to be recreated.  This was done by going to Tools, Internet Options, clicking "Settings" under Temporary Internet Files, and selecting "Move Folder".  It will list the current location, so simply select the same location and it will recreate the entire thing. 

After this was done, the user could browse to Content.IE5 folder and save/open PDF files in Internet Explorer.

Networking, PDF, Adobe Reader, IE,
 

Just a friendly reminder at how easy it is to gain access to your files if your machine is running. I locked myself out of a Windows Vista virtual machine I was playing with (It wouldn't allow me to log onto the domain and I didn't have the local admin password). After some quick Google searching, I ran across the free Offline NT Password and Registry Editor. You boot to a light distro of linux, it copies the SAM database, asks what you want to do with the password (in this case, clear it), saves the SAM database back, and presto! You're in.  This also illustrates the importance of implementing full disk encryption.

Networking, Security and Compliance, Windows Vista, Windows XP,
 

One of our clients has an Exchange 2007 environment that has been in production about a year.  Recently they have started to get some complaints about performance. From time to time, users will see the pop-up noting Outlook is waiting on Exchange server. I began troubleshooting using the Exchange performance troubleshooting tools that are packaged with the Exchange Management GUI. Results showed that the server was experiencing extremely high RPC/MAPI traffic. I began to look for a tool that I had used several times in Exchange 2003 called ExMon, which is a real-time MAPI connection monitor. I found references to it online, but the download was nowhere to be found. It turns out you have to call Microsoft to get it for Exchange 2007…it isn’t available as a download on the Microsoft.com site. Using the ExMon tool and a lot of google searching led me to the root cause of the issue: Blackberry Enterprise Server.

Turns out that a lot of people fight this exact problem. BES enabled users generate between 4x and 16x the amount of MAPI traffic a regular “high usage” outlook user would generate…its even documented in BES admin guide that you should plan for each BES user to be equivalent to 3.6 users. And this is extremely conservative. [more]From the performance numbers I have gathered, in the case of our client the number is more like 6-6.5x. There are reports online from BES admins noting over 10x in there environments. BES requires a special type of mapi dll in order to function. That is why you have to install the Exchange 2003 Management tools on the BES server. It abuses the mapi protocol using combinations of mailbox notifications and full mailbox scans to implement its functionality. The load increases exponentially as mailbox sizes grow. It just makes sense that the BES enabled users would be the ones with the largest mailboxes. In this case there were a handful of users with > 1GB mailboxes that are BES users…bad combination. Bottom line, if BES will be used enterprise wide, planning should included the increased load BES will create…most importantly the IOPs on the disk subsystem. MAPI calls are expensive disk operations.

Networking, BlackBerry, Exchange 2007, Exchange Server,
 

Many years ago, PC makers came out with the “enhanced keyboard” and the control key got moved.  It used to be located to the left of the caps lock key, but for some reason that is still unknown, it got moved to way down below the left shift key, where you really have to cramp up your hand to reach it. The most popular solution to this is to switch the caps lock and the control keys.  I use a nice GUI program, KeyTweak http://webpages.charter.net/krumsick.  Since NT, Microsoft Windows has had a registry key that lets you remap your keyboard. This lets you remap just about every key by setting this registry key.  It is the most complete utility I could find.  It works with Windows NT/2000/XP/Vista/Win 7. Since this is a feature built into Windows, no kernel mode driver, service, or anything else needs to be running. You can edit the registry yourself, but this tool makes it really easy.  It has an option to show the registry entry and what all the bytes mean.

General, Windows Vista, Windows 7, Windows XP,
 

When you setup a group policy that assigns internet settings located in User Configuration\Windows Settings\Internet Explorer Maintenance\Security\Security Zones and Content Ratings you have to copy your current internet settings to the GPO. These settings are useful if you wish to use the “preference mode” option so that the setting is set once and then the user has the ability to modify it from there. This all works fine when importing from IE6 but if you try to import settings from IE7 it will not work properly and you will get an error when trying to view the settings of that GPO:

“An error occurred while generating report:
An unknown error occurred while the HTML report was being created.”

There is rumor that this problem has been fixed in the Vista version of GPMC and I am assuming that this would include the server 2008 version but I have not tested this yet. A workaround as mentioned in the article linked below is to set the internet settings from here: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Site to Zone Assignment List. This works great accept that you do not have the option to use the “preference mode”. [more]

http://sdmsoftware.com/blog/2008/03/gpmc_report_errors_related_to.html
Networking, IE7, Windows Vista, Windows 2003 Server, group policy,