Blog

Recently I was cleaning up some Exchange mail-enabled contacts and moving them to different OU’s.  I had to create a new contact and kept getting an error for a duplicate email address.  I couldn’t find the duplicate using the normal search methods, so after some digging I found this site that provided a custom LDAP query: [more]

http://www.danlance.co.uk/index.cfm/2007/11/14/How-to-find-the-user--entity-an-email-address-is-associated-with-in-Exchange-2003

Basically you search for attribute “(proxyAddresses=smtp:[email protected])” to give you the object with this email address.

Sans.org published a notice today that there is a 0-day exploit for Internet Explorer in the wild.  The updates released by Microsoft yesterday did not fix this vulnerability.  The specific exploit checks to be sure it is running in IE7 on XP or 2003 before it does anything, but whether other versions are exploitable is not yet known.

The article says "At this point in time it does not appear to be wildly used, but as the code is publicly available we can expect that this will happen very soon."

http://isc.sans.org/diary.html?storyid=5458

I have had problems with Word crashing when I try to open a document, particularly when online and opening a Word document on the file server.  I can usually get it to work if I open Word first and then open a document but even that doesn't work at times.

I finally found a post online mentioning problems with add-ins.  I looked at the add-ins and my Adobe Acrobat installation had installed a PDF add-in, my scanning application had installed 2 PDF add-ins and I had the add-in from Microsoft to create PDF files.  I disabled the PDF add-ins and have not had the problem since. [more]

Also, under Vista,  in order to remove most of the add-ins, I had to have administrative access by running Word as administrator.  There isn't a "Run as administrator" option when I right-click on the short-cut.  I had to find the actual WINWORD executable and right-click on it to run as administrator.

There is a small, simple utility called clip, which takes whatever is given on it’s input stream and places it on the Windows clipboard.  There are many useful things this can be used for.  Here are a couple of things that save a lot of time and work for me.

1)  Add the clipboard to your Sendto menu.  Make a command file, like clipboard.cmd, that has this command in it.

clip < %1

Then create a shortcut to this command file in %userprofile%\sendto.  Then you can right click on a file and send it to your clipboard.

2)  Generate passwords to your clipboard.  I use wapg by Adel I. Mirzazhanov (http://www.adel.nursat.kz/apg/download.shtml) by running a command file like this: [more]

@echo off
set /p PWSIZE="Enter size of password to generate: "
wapg -M SCNL -E"?!|" -n1 -a1 -m%PWSIZE% -x%PWSIZE% | clip

Just think about all the things that you can pipe to your clipboard!

If you are using XP, you will have to copy clip.exe from a Windows 2003 server (%windir%/system32) to your machine.

I would like to mention that using a clipboard extension program will also let you see what you are about to paste.  Ditto will even let you edit it right there before pasting it.

AVG recently released an update that mistakenly identified a valid user32.dll file as containing a virus.  It instructs users to delete the file, which of course makes the system unbootable.  This affects AVG 7.5 and 8.0 running on Windows XP.  AVG says this only affects a few non-English versions, but the volume of reported incidents indicates this may not be completely accurate. [more]

• http://www.avg.com/support
• http://www.tomshardware.com/news/avg-antivirus-virus-removal,6587.html
• http://www.winhelponline.com/blog/avg-false-positive-user32-dll-restore-tool

Cisco devices will ignore leading spaces when entering passwords, but spaces after the first text character are considered valid.  This includes trailing spaces, so if you have a device that will no longer accept your login after changing the password, try adding a space at the end.

When installing service pack 2 for SQL 2005, sometimes a bug presents itself where the installer needs access to some files that are inside the C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA folder. The bug is that these files do not have the correct permissions set. Even the Administrator does not have permission on these files. If you set the permissions for the data folder to the administrator being the owner, it will not propagate down into all the files. You have to go into each file in the data folder and make sure that Administrator is the owner and has full control of all of them. You then log in as administrator and the service pack will install successfully.

You know the situation… you’re keeping lots of plates spinning, multi-tasking, generally having a productive day when you look down and realize that you have 87 windows open on your task bar…the Windows Weeds. In my particular situation I was about to install a Proliant Support Pack (a conglomeration of driver updates approved by HP for a particular server model). The order of events was as follows: [more]

• Downloaded compressed PSP from HP website to a network location
• Extracted PSP to a child folder on the network
• Was planning to copy the extracted files from the network to a Temp directory on the terminal server I was working on to perform a local installation of the PSP
• Received a support call for a different problem and turned my attention to that task for a while
• Came back to the PSP task. On the terminal server to be updated, I saw that there was already a d:\cnx\temp folder that had what appeared to be my extracted PSP files in it. With so many windows and directories opened I thought I had already copied the extracted files over to the local directory before I got called away to the other task.
• Upon installing the extracted PSP files from the local directory, several core networking components crashed rendering the teamed NICs on this server useless. Re-running the PSP as a whole as well as just installing the updated networking driver portion of the PSP did not help at all.

As it turns out, the directory and PSP files that were in d:\cnx\temp were created by another engineer during maintenance procedures several months ago. It was just coincidence that the same type of installation files (just an earlier version) were in the exact network location I was going to create…what are the odds?!? When extracted, PSP files from different versions look the same, so there was nothing to tip me off that I was actually installing an old (and also corrupted) PSP.

Lessons learned:

1. Keep a tidy task bar
2. Clean up old temp files when finished with them
3. Question your presuppositions if things aren’t adding up (i.e. “I KNOW these are my PSP files”)
4. The unlikely is still a possibility (ie. same files –just diff versions- in the same directory). 

PCWorld published an article yesterday titled "Holiday Travel Tips: Protect Your Laptop and Privacy."  It is a good and timely article; however, a few additional tips you might find handy include:

1. Cable lock your laptop anytime it will be out of your possession (in your car, hotel, etc.).  Cable locks are relatively inexpensive and provide an excellent additional layer of protection.
2. Encrypt any confidential information on your laptop - it is best to utilize full-disk encryption.
3. Shut down your laptop when you are not using it - some encryption software can still be compromised if a laptop is stolen while logged in or in "sleep" mode.

We hope you have a fun, safe, and secure Holiday season!