Welcome to 

    mickyj.com

   


















     

   
 

    

    


Welcome to Mickyj.com SBS RSS feed

Follow me through the highs and lows of IT in general



New additional blog (Added August 2011). Mickyj Mindspill at msmvps.com



Reset Explorer folder views, Import foreign Volumes and sort out that Tilde

Send feedback about this particular blog
Read Feedback from others


17 April 2007


How do I reset explorer folder to detail view for all my folders including network drives ?

This question was easy to answer from the Microsoft Knowledge base but it included to many registry edits for my liking. I have found the "reset all folders" option for Explorer in Windows XP did not always work. Sure I could manually step through the folders resetting views to details but this was tedious. I now have the answer in the form of a VBS script. Thanks to Keith Miller. Check it out on my scripts page

What's that strange file (~) on my desktop?

Users of Outlook Express 5.5 or 6 who have applied a specific Microsoft security patch (330994) may notice a file appearing on the desktop with the name ~ (tilde). The patch causes backup copies of the address book (which are generated automatically by Outlook Express whenever something is added or changed) to be renamed to ~. (The default name of the backup file is (username).wa~, where (username) is the name of the current user.) The renamed file appears in the same directory as the shortcut used to launch Outlook Express. Most often this is the desktop, which is how the file winds up residing there. The ~ file can be deleted without any ill effects but ... this is their backup address book so I would move it somewhere safe.

Would you use external hard drive units to archive data ?

I would never use an external hard drive for general everyday data storage. Many will probably disagree with what I have to say, but external hard drives should really be used only for temporary backup. I would never suggest using an external hard drive as your only copy of your data or for regular everyday use. There are several reasons for this:

  • External Hard drives are generally slower than Internal Drives.
  • Many of them come preformatted with Fat32, so you are limited to files no larger then 4gig.
  • They are more likely to fail because they are normally subjected to a greater likelihood of accidental bumping or dropping.
  • Many external drive enclosures are not properly cooled for continuous usage and thus lead to premature failure.
  • You often have no idea what brand of hard drive is actually inside the enclosure.

    Reading this, you would suspect I am anti external hard drive. No, they are cool and I use them all the time. I have had to replace a number of them and I am very careful. I never rely on them.

    Will "import foreign disks" damage my data ?

    No however do not convert it to a basic disk. this process will destroy the data on the disk.

    Recently I had to test this. I have a Promise 2 disk Raid (Mirror) on a Dynamic Volume. The server died. I plugged the mirrored drives individually into a secondary PC and could not see the volumes. I opened the drive manager, right-clicked on the column that appears in the middle (where it says my disk name), and saw an item that says "Import Foreign Disk" or "Import Foreign Volume". I imported it and could read it.

    When you move a dynamic disk from one computer to another this dynamic disk is flagged in Disk Manager" as a foreign disk. In order to access this foreign disk you must import it first.

    I resurrected the original server, moved the disks back and the RAID said the disks were the same as they were before and still in a mirror. It did not break the mirror and the volumes are fine.

    I did discover that USB to IDE devices did not let me see the Dynamic disk so I had to wire in the drive via the IDE cable.




  • End blog for:17 April 2007

    Spoofed email - Did I send that ?
    Send feedback about this particular blog
    Read Feedback from others


    16 April 2007


    For Cos, Spoofed email

    Spoofed email is the practice of sending an email using someone else's email address, but not from their machine or with their knowledge. They pretend to be you to gain someone's confidence and any replies or email bounce backs, go to you (or the stolen address).

    This practice is rarely done by a person. It is usually done by a virus or spamming tool. The virus gets into someone's machine, emails all the addresses in their contact lists to a server and then leaves the machine. This workstation could also be running the actual spamming tool or the server could then run the tool.

    These lists can end up having millions of recipient email addresses sent by anyone of millions of email addresses.

    As these spoofed emails usually come from an unsuspecting person on a compromised pc and as the persons real sending address is faked, it is usually pointless to try and figure out who really sent it and why.
    It is also useless trying to stop the emails. Once someone has your address, they can pretend to be you anywhere in the world. They could even setup hundreds of PC's with your email as the send address (In any country or multiple countries) thereby stealing your identity.

    If you are getting thousands of complaints or bounce backs, most internet providers will suggest you change your email address and tell all your friends to update their address books. That is really all you can do.

    You can not prosecute and the Crimes authority rarely follow these things up as the compromised workstations vanish as quickly as they appear (People clean up their PC's with antivirus etc and remove the nasties).

    I hope that this helps explain this for you.

    Bowing to pressure

    I have found the need to create a webpage on my site linking to the latest Windows 2003 SP2 issues with SBS 2003.
    You can find this at http://www.mickyj.com/sbs2003sp2.htm




    End blog for:16 April 2007

    My Website has run out of room
    Send feedback about this particular blog
    Read Feedback on "who is the idiot"


    15 April 2007


    My Website has run out of room

    Yes, I have run out of room with my ISP and this website/blog. If anyone has some space I can use to keep this site going, please let me know. I am now in the process of deleting items and I would really rather not.

    New logon script

    Very exciting stuff (For me anyway). I have released the beta for my new SBS logon script at http://www.mickyj.com/scripts.htm If you use it, send me your thoughts (And wants).

    How do you backup your PDA or Smart phone ?

    Do you have a PDA with no built in backup tool ? I use the one that came with my IPAQ and even though it was branded HP, it was really made by Sprite software. I have found it reliable, very fast and it backs up the registry, file system and PIM's with ease. Whilst it is not free, I highly recommend you have a look at
    http://www.spritesoftware.com/

    IPAQ h5550, GlobalSat SD - 502 and Microsoft streets and trips 2005. (And other IPAQ musings)

    I own a IPAQ (As per pervious message). It is a h5550 or 5550 series. Whilst I have read lots of information that is available to turn this into a GPRS mobile phone, seen a wealth of documents on turning it into a remote control, I found zero information on setting it up with a GlobalSat SD - 502. The GlobalSat website and others, do not list the h5550 as being compatible. I have seen in the newsgroups that there are lots of people out there who own these units. They have three questions. 1) How to recover from a flat battery, 2) how to reset the unit and 3) how to use this as a GPS unit or specifically with the SD IO card from GlobalSat.

    The first answer, widely known, when these units go flat, it is painful to resurrect them. Plug them in for at least 8 hours to charge. Try and turn it on. Then plug it in for another 3 hours, remove the battery, re insert and try to turn it on. Press the soft reset switch and with a pinch of luck, it comes back on. Some people have found other solutions by using the USB or car charging as these are alternative voltages for the charging circuit.

    How to reset it ? Press the calendar, address bottom two buttons and poke the soft reset for a few seconds.
    I have once upgraded the Wlan firmware and the system then hung at the Startup screen the bar graph showing percentage loaded, stopped at about 5%. I left it for hours it still did not boot. I tried flattening the battery in the main unit, removing the large battery, resetting it and swearing at it. It eventually started up after flattening the standby battery and all is good.

    Now for the big one. How do you get the GlobalSat SD-502 to work ? Firstly, as stated, it is not known to be compatible. I can confirm however, it works. It also works with Microsoft Streets and Trips 2005 (Also not stated as compatible). I also have used it with the Tom-Tom 6 software and am wildly impressed. So much so that this little baby is about to be velcro'd to my dash permanently.
    If you do the right thing, follow the manual, it tells you how to install the drivers. It does not tell you how to use it or set it up. This is a major failing on Globalsat's behalf.
    If you do as I did, inserted the SD portion of the card into your unit and expected to see a 512 MB media card as promised, you will be sadly disappointed. If you expected it to recognize or do anything, again, you will be disappointed. If you expected to install your GPS software or use the bundled GPSinfo and find the unit ... you guessed it, you will be sadly disappointed. You need to bind the unit to a com address (Serial) and do a hard reset for the device to become available. This includes the SD card. You do this wit the modem utility that appears under your programs file. After the reboot, I ran GPSinfo first. I then saw the com port list with a GPSunit bound to one com port. This is also where there is a problem. I selected to bind it to Com5, it choose Com4. I then tried it on Com3, it choose Com2. Anyway, once it is running and it has detected a few satellites, it works very well. I took it for a drive with Tom-Tom for PPC ver. 6. I was very impressed. Tom-Tom told me what lane to be in, how long to the corner, how to navigate roundabouts and it even changes it's route from A to B, if you take a wrong corner. Very impressive and the Female voice even sounds a little sexy. (Maybe I have been around computers to long.

    Oh and when I contacted GlobalSat US, they wanted $15 for a support incident for what I told them was a fault under warranty. (Now I know it was not a fault but I think saying it is $15 just for an email support incident is plain rude)

    ok, who is the idiot

    Kevin Beares is a nice person. I met with him whilst I was in Redmond. Who the heck was the person who released the Beta of Windows Home Server to the world whilst under NDA ? Now Kevin has to punish someone. I hope he finds them as this kind of thing is unnecessary and painful to the IT industry. To see what I am talking about, please go to http://www.itworld.com/Comp/2218/070413msleak

    ok, My Pc's lights are on when it is turned off. why ?

    An age old question. It is a design spec, it allows rechargeable mouse or cell phones to still be charged even the PC is turned off. This also allows the PC to wake up by USB or PS2 mouse and keyboard.

    Rules are part of your mailbox PST file

    Ok, my PST file died. I am in morning and Outlook is coming to the funeral. I started a new PST file and discovered, all those lovely rules I had, handling spam and all the IT related newsletters I get, are gone. Yes, I had remembered to export them on a previous occasion but it is worth knowing, they are a part of the PST file and not a separate file like the NK2 nickname file.

    MSI Support ?

    It took MSI support the time from my blog 21 Jan 2007 to today, 15th April to reply to my question regarding "My PC Will not shutdown" If anyone else has this issue, they suggest to "first clear CMOS as described in the manual. Then enter BIOS to load optimized defaults. Save + exit. If it doesn't work, and since your PC has been shutting down normally for about 2 year, the battery on the board may run out, suggest you change a new CMOS battery for a try"

    Thanks MSI !

    No More WinXP In 2008

    Windows XP is to be phased out by year's end. The bell is tolling for Microsoft Windows XP, with Redmond's plan to stop Windows XP OEM copies as an option for system builders (System roll back rights are in force presently). That means this; any Windows PC bought from a retailer must come with Vista - regardless of what the customer wants.

    While you can already find a multitude of retail machines running Vista, you might still want XP, be it lack of drivers for hardware or poor application support.

    In January 08, that'll no longer be possible. Many businesses are still ordering machines running XP in bulk due to concerns over Vista.

    More at: http://www.wservernews.com/9NORQO/070416-Windows-XP

    Netgear WPN824 in basic config mode

    I am using a Netgear WPN824 and want it purely as a switch (It was what was lying around). It does Wan, ADSL and WiFi. I do not want to use any of these. I plugged it in and of course, it is running a DHCP service and playing havoc with my SBS network. I tried to remote into the IP address but it has this stupid smart wizard. It is trying to find wan links and will not let me simply turn options off. I found a handy little link to get around this smart wizard. http:\\192.168.1.1\basicsetting.htm or http://www.routerlogon.net/basicsetting.htm/ now you can configure it manually and turn off everything you do not need.

    Samsung PABX with WIP Phones.

    These are a great little PABX. You can use the WIP (WiFi 802.11a/b/g) to transfer calls and more. Just make sure the install knows a few things like: 2.4 GHz can be interfered with by Microwave ovens, Dect phones etc
    Careful not to overlap with other WiFi points
    make sure it is not in the same IP range as your network or at least have WPA on, SSID off.
    Turn off the DHCP service if you have an SBS box.


    SBS Premium, Veritas 11d goes on after SQL 2005

    If you need to use the SQL management tools, remember to install Veritas after SQL 2005. If you do not, SQL thinks it is an upgrade and will not let you install the management tools.

    Norton Internet Security will not uninstall ?

    Use the Norton tool for NIS 2002. It works for NIS 2006 (Enough to remove the registry entries and services). You can find rnisupg.exe here

    How can I get my PS3 or Xbox to work with my Telstra Cable modem ?

    If you have a Motorola SB5100 (Surf board) cable modem which is a bridge device, You need BPAlogon from Telstra on an XP or 98Se machine. Plug the Cable modem into the NIC in the workstation, once BPAlogon has run and you are logged in, the workstation gets a Telstra IP address. You might need the open source updated bpalogon from http://www.ozcableguy.com/

    There is also a heartbeat registry entry you can add from http://www.ozcableguy.com/ to stop the Telstra connection from dropping (Specifically with an ICS connection).

    Now, the workstation, install Internet Connection Sharing (ICS). Install a second network card (Maybe a USB NIC). Run the lead from this off to a switch.

    Setup the Xbox etc to use the ICS machine as it’s DNS and gateway.

    Plug the game machine into this switch and you should have internet access

    Update for Joe C from Tony S.

    The Microsoft patch referred to in my blog on 10 April 2007, which broke the audio driver, there is a Microsoft Article about it now. KB935448

    Thanks to Tony for finding this for us.





    End blog for:15 April 2007

    Back to work
    Send feedback about this particular blog
    Read Feedback from Tony


    10 April 2007


    Start-up error - For Joe C

    Joe receives a message that states:
    "RTHDCPL.EXE - Illegal System DLL Relocation. The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL c:\Windows\system32.HHCTRL.OCX occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL."

    I believe that he just installed the new patch KB 925902. The mentioned file is the Realtek HD Sound Effect manager in the control panel. From other peoples comments, If you uninstall the patch the exe loads and the error message goes away. The sound works fine though so you can leave the patch installed. It fixes a pretty serious security flaw. Hopefully Realtek will update software soon.

    Fax modems on SBS 2003 - for Mike F

    Mike has just bought a new box to run 2003 SBS R2 including an internal fax modem to use with Fax services and Direct Banking. He found that very few Internal Fax modems actually work under SBS 2003 R2. After contacting one major Manufacture, they admitted they do not have a product that works with 2003 SBS. Mike needs suggestions on internal Modems that are compatible.

    Yes Mike, I have a modem I use. I would start by not using internal. I recommend the Netcomm Mega I Modem. Others also recommend the Book trout cards. The modem does not specifically need to be compatible with SBS. It needs to be compatible with Windows server.

    Here is my "Cheat" Sheet.
    Do not use internal or USB modems. They are normally software HCF modems. They use the Systems processor to do the work. If Ram or the processor is busy, they tend to cancel faxes or die half way through receiving.

    Do not use a V92 modem. Even if it is V90 backwards compatible. The V92 standard is to help dial up internet users, not faxing. It has a 12 second handshake (instead of 24) and tries to negotiate G3 faxing. If the modem at the other end is an old 14,400 baud unit or V90, they either hang up or just hang.

    You need an external normal V90, class fax 1 and 2 modem. The mega I Modem does the job well. If you do not have enough Serial ports, do not buy a cheap Serial I/O card. I buy Digicards (about $145 ex). I have tried other cheaper units but they are next to useless

    Anything using the older Rockwell 56k chipset will work well (Including OEM Discovery modems).

    If you can get it, another option is the MultiTech MT5600-ZDX External V.90 Serial Modem. I hear good things about these with SBS. I have about 30 sites using Desktop faxing. About 1/2 are Mega I Modems and the remainder are older Netcomm V90 Roadsters (External Serial). I have heard some reports of a member of our SBS group using an internal Netcomm but I am unsure which one and how reliable it is.


    Missing to-do list elements ?

    A have a colleague has installed SBS 2003 R2 Premium onto a HP ML350 G5 using the smart start ver 7.7
    After the final stages of the SBS setup (He installed no additional hardware so this is a vanilla install) we go to the To Do list and it only has 3 options.

    Activate the server
    Add a user or Computer
    Setup Faxing

    The to do list has lost most of the wizard links. Manually running the wizards from their respective sections of the MMC work fine. We found that the latest version of HP Insight manager tried and failed to completely install MSDE and this was the final result. Does anyone out there have any feedback on this ?




    10 April 2007
    How to travel with small infants
    Send feedback about this particular blog
    Read Feedback from others


    1 April 2007


    (AKA, How to survive travel through three daylight saving changes, 4 currencies, 4 continents, 50 hrs flying, 9 flights, loose a day on the dateline and navigate 8 time zones, with an infant and by going the wrong way (East) around the world in 21 days).

    I have learned a few secrets that should be of benefit to any parent traveling on aero planes with small children.

    There is heaps of travel advice out there for this kind of travel. I found it hard to sift through it all and come up with solutions that did not contradict something else I had read. There are the emergency Nappies/Diapers that are needed, getting milk through quarantine, carry on luggage limits, stroller/pram issues, Air pressure changes and infant reactions to it, sickness including ear infections, keeping them from being bored, getting them to sleep, controlling them and much much more. It is a big task.

    I had lots of advice telling me either of two things.
    1) Don't worry, she will sleep when the plane takes off. It will be easy.
    2) You are insane, don't do it. You will regret it.

    I have also had advice about "doping" the infant with Phenergan, Vallergan and Piriton. This is not recommended and I would avoid it. Our infant is 1.5 years old and we did this trip without these drugs. We did use some pain relief but nothing as strong as these.

    I now confirm opinion 1 but only if you do the preparation and planning.

    One sage piece of advice is "Don't worry about what other people on the flight are thinking, you will not be likely to ever see them again. Instead focus on your children. If they are fussy, focus on making them more comfortable for them, not because they are annoying someone else."

    Besides, most of the other travelers are brothers, sisters, parents or grand parents and know what you are going though.

    Before you arrive at the airport for your flights, make sure your travel agent has arranged kids/baby meals. Our agent did, but we never got one. We ended up working out how many milk bottles our daughter would need and used milk to keep her full during the flight. We usually took three. One at take off, one during and one at landing. I will explain further a little later.

    We pre-booked everything. From Shuttles/taxies to accommodation. We made sure there was a minimum 24 hours between flights so that we could manage every layover. It took longer to circumnavigate the globe but it was worth it. Our pre booked transport told us when they were picking us up, to the minute. Some told us 4 hours before the flight. I thought that this was weird and to much however, having experienced this, we found no more than 10 free minutes in the lounge before boarding. The shuttle agencies know what they are doing and we did not miss a single flight, did not arrive to early or late. Everything was prefect. (They know the traffic conditions and do the trip many times a day)

    Make sure you have infant tickets for your child. Even traveling on your lap, they need tickets and passports (and visa's in some countries).

    At some airports (like Heathrow) you could be standing inline at the ticketing booth for over 2 hours. Check your child does not need changing or a quick feed. Make friends in line. It is easier to get along with those people on the plane if they think you are approachable and your child is cute. Have your passports and itinerary out before you get to the booth. Remember, Domestically, you can only check in one bag but international is 2. They will allow you 2 on Domestic if you can show you are going international. We always take one each and end up buying a third overseas to bring back the clothes we bought and souvenirs. We always plan 7 days of clothes and use a Laundromat every 7 or so days. It helps keep the baggage down and it beats bringing back dirty clothes.

    With the ticketing, some airlines now prefer you to self ticket and book in on the internet or at Kiosks. This can be a pain if you are new to the concept. This is particularly used by British Airways. You need to swipe your passports through a machine, type in all your flight details, how many bags, how much they weigh etc. This is to much to do if you have an infant in tow. The BA ticket desk will do it for you if you ask nicely and they see your hands are full.

    Get your tickets, put them into your passports and do not put them away just yet. Head to security. They will likely check your passports and tickets. Before you actually get there, put your sunglasses, watch, jewellery, wallet etc into your carry on luggage. Much easier than doing this in the line for security x-raying. Once you get to security, it is different everywhere. In Paris, there was none (Very scary). In Singapore, it is actually at the departure gate and not a central place. Some airports make you taste baby milk, water and food. Some make you take your shoes off. Some book your Stroller on as checked luggage, some to be dropped at the gate, some at the airplane door and some ask you to carry it as carry on (if it is small enough). You will also be asked to check it as a large item at other locations. If you take it with you, it needs to also go through security.

    Here was my procedure:
    Tub 1: Shoes, tickets (With staples), passports (If not in your carry on bag) (At some airports)
    Tub 2: Jackets
    Tub 3: hat (At Some airports)
    Tub 4: Laptop
    Tub 5: Video Camera (At some airports)
    Tub 6: Liquids in small 1 liter bags (nothing over 100 ml)
    Tub 7: baby milk, water, food
    Tubs remaining - Carry on luggage
    Then the stroller

    Then walk through, get frisked, scanned etc

    Your child will need to be coaxed through by themselves. You can not guide or carry them through.

    If you get pulled aside for bomb residue tests, have your partner take as many items from each of the tubs into a single tub so that others behind you can get their items. If you have medications, have letters from your doctor to show at this stage. If you have food, they might throw some out. They may ask you to taste milk etc. If you have special baby antibacterial detergent, be prepared for them to throw it away. If you have sealed baby food, they will ask you to open it and it will be likely you then need to throw it away (As you can not put it in a fridge). Now reassemble.

    Use the stroller to hold all your goods, wheel off into a quiet corner and make sure you have everything and re pack.

    As a side note:
    We found Sydney Australia, San Francisco (CA) and Seattle (WA) very security conscious. All of these airports were nice to deal with except Seattle's concept of ground transport is hard to understand. (You catch the lifts up, walk over the traffic to the car park and then down to the Taxis). San Francisco is a very friendly airport compared to LAX and as you can fly direct there from Sydney, it is now our preferred airport into the USA. New York Newark and JFK airports are ok but not the nicest. The Paris (Charles De Guille) airport has to rate as the worst, most disorganized, messy airport I have ever been to. Their complete lack of security is disgusting and their ticketing officers have no idea what they are doing. The 1 hr flight from Paris to London is a joke. Heathrow is definitely the worlds busiest. There are so many people aimlessly roaming around. leave your partner with your child and bags, then go and find out where you are meant to be. The best planes are Singapore Airlines and Qantas. Followed by British Airways and Air France. Then way behind are Alaska airlines, Continental airlines, American Airlines and other American Carriers. I find Japan Airlines to be even lower on the scale.

    In this order I rate their service, amount of room and being infant friendly. This is all rated from my experience in Economy.

    The only saving graces for Heathrow and Charles De Guille are the Concorde's they have on display. The best Airport was Changi in Singapore.


    Back to traveling ...

    Get a couple of small bottles of water (On this side of security you can have them)

    Now get to the holding gate room. Give your infant some baby Panadol (20 mins before boarding). Also, give them something small to eat. You want them to get thirsty about 5 minutes before boarding.

    If you still have your stroller, be prepared to pack it up and hand it over. This means you need to be able to carry your infant and your carry on luggage. Listen out for the early boarding call for parents with kids. It is worth getting on the plane early, get the infant used to the plane and unpack a little into the seat pockets.

    When you get to your seat, put three bottles into the seat back of one seat, the change mat etc into the other. Get the blankets, pillows ready, Ask the flight crew if they provide infant seat belts (Some do not). Get a small treat ready and the bottles of water into the seat backs. Have some favorite toys ready and if it is a long flight, have the Baby Panadol in easy reach. Everything else, up into the overhead lockers. Do not have anything under your feet. It will get messy and crampt down their fast enough. You will have menu's, head phones, in-flight magazines, lost blankets, food, toys and potentially a child rummaging around down there.

    You can not be seated in an emergency or over the wing seat with an infant. You can be seated at the rear (very common for infants) or request to be seated behind a bulk head with a bassinet or you can try to get an empty seat for your child (Even if you have not paid for a seat). This will not happen on a full flight. In the US, due to standby seating, if you get an empty seat, it will likely be filled so do not count on it (Try to get two seats together near the aisle. This means your child is not draped across the person in the middle and you can get up to change the infant easily). If you get the bassinet seat, even if you do not use it, it gives you heaps more leg room and it is easier to look after your infant.

    If you require a bassinet onboard, you must notify the airline at the time of reservation (They might not have bassinets). Bassinets may be requested for infants up to 18 months of age, but the recommended age limit for bassinet use on international flights is eight months. The weight limit is 11kg (25lbs). The bassinet size is 71cm x 31cm (28in x 12in). The depth is approximately 26cm (10.5in). Infants paying 10% of the adult fare who are too large for bassinets are not entitled to a seat and must be nursed. Alternatively, the payment of a child's fare would ensure a seat. Bassinets are subject to availability. The safest way for an infant to travel on an aircraft is in a Child Restraint Device (car seat). Carriage of a lap held infant is allowed however research has demonstrated it does not provide the protection of a child seat. Some airlines do not believe in lap belts for infants (believing in a parent holding the child in stead) whilst others insist on lap belts.

    During take off and landing, bassinets must be closed and you must nurse your baby.

    The planes are compressed whilst still on the ground. When the main doors are shut and the air crew are asked to "Arm doors and cross check", the plane is compressing. If you infant has not had some pain relief by now, you are about to experience something terrible. The child will start crying, then screaming, then kicking and trying to wriggle free. The infant will likely be out of control. Of course this affects every infant differently however, on our flights, we saw this in other infants regularly and once for ourselves. At lift off, they are very distressed and it is not until you are at cruising altitude does the infant calm down and go to sleep.

    As your infant is now thirsty (We found the breakfast cereal Cheerio's did this beautifully) you can give them a drink (The first bottle). Do not let them drink it all. Just a bit here and there. They then swallow and help reduce the pressure building in their ears.

    From http://www.qantas.com.au/info/flying/beforeYouTravel/specialNeeds/childInfants

    "Your baby or young child may cry on take off and landing due to the brief 'popping' in their ears as cabin pressure adjusts to altitude. This is perfectly normal. By giving your baby a bottle or breastfeeding at this time, you will help to relieve the 'popping' sensation. For older children and for yourself, the 'popping' can be simply alleviated by chewing on a toffee or sweet. "

    If it is a long flight, you will use the second one about the time of a main meal in the new time zone. The third one (Landing) is a real trick. You feel the plane start to decelerate for landing. You should have given your child some Panadol and now they need to swallow and chew again. We found cheerio's and the normal bottle was not enough incentive. We had 9 flights to convince our infant to swallow whilst landing and each one was harder than the last. We had to do something new each time so that the infant was interested in swallowing. We were lucky as our daughter has teeth and is 18 months old. We tried a sugar free lolly on a stick for the first landing (Her first lolly). She loved it, she had minimal pain and a great landing. The second landing was prunes and sultanas. The third was a Hershey's chocolate bar. Then Skittles and smarties. Each time had to be unique as if we tried something twice, she would not eat it. We treated her, gave her fluid and landed well.

    Just before landing, if quarantine was an issue, we washed out the milk bottles in the toilet and put all fruit etc into a single bag for disposal.

    During the flight, we were 1 meter from the business class toilet but 30 rows from the economy toilet. We requested to use the Business class toilet for changing and were allowed but were not allowed to leave soiled nappies there as the business class toilet was not far from their drinks bar and food.

    Whilst on the flight we allocated 1 nappy/diaper per 2 hours. If we ran out, we asked the air crew and they had some emergency ones.

    On one flight, for unknown reasons, the milk curdled in her bottles. We got permission from the air crew to wash out the bottles and use their onboard milk.

    We packed a carry on full of new toys and books that we pulled out at varying intervals throughout the flight. This kept her happy.

    I also found that carrying a comfort item, such as a favorite blanket or stuffed animal was essential. This helped comfort them and they were better able to sleep. Another must is if your child takes a dummy/pacifier, bring extra. Be sure to carry with you a complete change of clothes, because 'accidents happen'. You might also pack extra pants as they are on your lap a fair bit.

    Again from the Qantas website:
    "A limited supply of nappies and baby wipes are available onboard international services, in case of emergency. On domestic services, nappies are available, however, as these are limited, we recommend bringing a supply of your own.

    Cabin crew will prepare, heat and wash bottles or pacifiers (dummies) on request. There are no private areas onboard the aircraft to breastfeed babies but you are welcome to feed your baby in your seat.

    You'll find baby changing tables in selected washrooms on the aircraft. Use these facilities rather than change your baby at your seat. This is for your own comfort and that of fellow passengers. Washrooms are equipped with special disposal chutes for nappies. Nappies must not be disposed of in the aircraft toilets.

    On long flights when there is time to sleep, change your small children into their pyjamas and settle them in their seat or on your lap. The more normal their routine, the more likely they are to sleep. It is often helpful to bring along a favorite bedtime toy for them to cuddle.

    On the whole, children sleep very comfortably onboard aircraft. For safety reasons, children are not permitted to sleep on the floor of the aircraft. Please also make sure that your child does not have any limbs protruding into the aisle while they sleep . This can be dangerous both for the child and for unwary passengers."


    We found our daughter was to long for the bassinet and her legs stuck out the end. We started opting for a spare seat or the bulk head region for leg room only.

    When landing, don't aim to be the first person off the plane. You will have a mess on the seats, under your feet and in the backs of the seat pockets. Take you time. It is likely the seats behind you will become empty quickly, dump pillows and blankets on these. Now empty the seat backs and clear the floor onto a seat. Pull down your carry on luggage and stow everything into it. You can be the last of the plane. The Air crew are usually happy to talk to you or help out whilst you do this. Now slowly get off the plane. In some airports, your stroller will be waiting as you exit the plane, others where you claim your baggage or from your overhead locker.

    Use the stroller by hanging bags off it (Around the handles).

    My rule of thumb is get on early, be the last off, check seats/floor/seat backs - check for everything. There is no rush, be the last to immigration and customs. This is made easier if you extend layovers by 24 hrs so that you do not have a connecting flight and you have a shuttle waiting for you.

    When you get to customs declare everything. Food, Medications, souvenirs etc. We did this and managed to keep everything. Also, the declare line was shorter and faster than the other line that was being x-rayed. We also got waived off separately at immigration / passport control. We sometimes ended up getting through before anyone else.

    Now we head off to the shuttle, fold up the stroller, into the back of the van, to the hotel.

    At the hotel, we let our infant explore, play with their favorite toys and have some fun. The most useful things I found to use at hotels were a portable DVD player with the Wiggles, Bananas in Pyjamas etc and some crayons. Although, if she draws on Windows etc with the crayons, have some toothpaste handy to clean the glass :)

    If you do not have a fridge in the room, ring the reception. They might supply a small fridge or let you use the restaurant fridge. If you can not get cream milk for your child, ask room service. They can supply warm or cold.

    Another note, when using the hotel shampoo and conditioner bottles, when empty, save them. Buy some antibacterial dish washing liquid, empty it into these smaller bottles to get through airport security.

    We also opted not to use the cribs / Bassinets provided. Our baby got upset. We used king size beds and she slept with us. It made the nights more peaceful.

    We also discovered, do not use Tylenol or Sudafed for pain relief on the flights. It gave our daughter stomach pains and she would get upset and out of control 30 minutes after ingesting it. I have heard Benadryl works much better.

    Would I do this world wide trip again ? - yes. For all the fears of upsetting our infants sleeping pattern, feeding etc, all the screaming and bad flights we had been told about, we did fear this trip. In reality, it was a good trip. Just make sure they have a favorite toy, pain relief, can chew and swallow during crucial moments and do not count on airline child meals.

    Most airlines will have Children's Activity Packs to so that will help. Now, at home, we just have to get her sleeping pattern back into sync.

    We had two major hiccups.

    There was an Ice Storm in New York. Our 4 day stay turned into an overnight layover. We rang our hotel ahead of time and cancelled reservations, rang the airport, found the various airline and airport websites / blogs and kept ourselves informed about delays. We went straight back to the hotel we had just left and stayed there an additional 4 days. The airline helped us with accommodation with a "flight interrupted certificate". They can not do much more with a flight interrupted by an "act of God" incident. We have travel insurance so the additional days, taxi fares, missed pre paid accommodation and tours should be covered. The ticketing officer also accidentally took to much of my daughters e-tickets and when we got to New York, they wanted to resell the tickets to us again (This would have cost lots of money) but instead found a way to reissue the tickets. It pays to ask them to check if they can re issue.

    Whilst in Paris our daughter got sick. Again, travel insurance covered us to find an English speaking doctor and pay the bills. When in London, we went to the St Mary's hospital emergency department (Interesting fact: This is the complex where price Harry was born and Alexander Fleming discovered Penicillin) and got free consultation and medication. It is hard to see a doctor anywhere if you are not enrolled in their medical system. Use hospitals and Travel insurance to get around this. If you need to keep the medication cold, get a hot/cold pack from the chemist for the air travel.

    When you are overseas, don't forget, it is illegal for most Shuttles and Taxi's to transport infants without a car seat. If you can not take one with you as checked luggage, tell your shuttles upfront that you need one.

    If your child wakes in the night due to jet lag or time zone changes, and proceeds to scream the hotel down, have favorite toys or a DVD to calm them. It is worth it.

    I hope my advice helps someone out there. I am by no means a reputable person on this topic but I feel 9 flights (Some as long as 18 hours), 4 continents etc make me slightly an expert with at least my infant and that some of this might help.




    1 April 2007
    Windows Server 2003 SP2 released
    Send feedback about this particular blog
    Read Feedback from others


    16 March 2007


    I can not understand why the SBS MVP's were not included on the testing for SP2. It has totally taken us all by surprise. None the less it is here. I also find it hard to understand why it was released on Patch Tuesday whilst the 1900 or so MVP's were in the Keynote speech with Bill gates.
    Here we all are in Seattle/Redmond listening to Bills every word whilst chaos awaits in the newsgroups.

    Regardless, We have had the word from the SBS PSS Supportability guys.

    You can “safely” install Windows Server 2003 SP2 onto SBS2003 SP1 or R2. You do not need to uninstall IE7 prior to the installation – the release notes that suggest this are yet to be updated.

    Whilst the sustained Engineering team have run over 100 scenarios to test this on SBS, installing SP2 onto pre-SBS2003 SP1 has not been tested and is not recommended. If you have a “gold” SBS2003 installation you should upgrade to SBS2003 SP1 first and then upgrade to Windows Server 2003 SP2.

    If you have SBS2003 SP1 and are yet to upgrade to R2 (if you are entitled to it) you can install SP2 prior to installing the R2 updates.

    As normal – make sure you have a full and tested backup of the server prior to the upgrade and READ the release notes prior to the installation.

    http://technet2.microsoft.com/WindowsServer/en/library/ed5382af-e819-4d33-ace0-225d31b7ab751033.mspx?mfr=true
    Watch out for any installations of SP2 onto an evaluation copy of SBS2003. Do not install SP2 if you are yet to "upgrade" to the full product version. Same applies if you are going to install the transition pack onto SBS2003.




    16 March 2007
    It's very cold and wet in Seattle ....
    Send feedback about this particular blog
    Read Feedback from others


    13 March 2007


    The flight from South Australia, to Sydney then on to San Francisco was a long one. About 16 hours all up. The Welcoming at the San Francisco International Airport was great and we had a great time looking at the Golden Gate bridge, on Pier 39 and the cruise around Alcatraz. We went on the Cable cars and looked around the streets where Sony Filmed the latest Bravia ad (With the rubber balls on Leavenworth and Union streets). We saw the Sea lions on the Fisherman's Warf and did allot of touristy things. Then, off to cold wet Seattle. It was 3 degrees Celsius here, snowing on Mt Rainer and the border to Canada is all fogged in. We braved the cold to see the flying fish market at Pikes place. We did the Space needle, Boeing tour, underground tour, lock tour and the smith tower tour last visit so this year is more laid back. We feel like locals here. We know where everything is and are at home in our surroundings. I have setup office on the 18th floor of my Microsoft provided accommodation and overlook the monorail. Life is good.

    I took note to take a photo out of the plane window of Medina, just on lake Washington. This is Bill Gates fortress of Solitude. I will look at it later and see if I broke his privacy.

    My Fellow MVP's and I had a great party at the Rock Bottom Brewery, in Seattle, on our first evening together. It is hard to make the planes and appointments with all the Jet lag, time zone change and suddenly Daylight saving. Lucky Microsoft are eager to make sure we are at our scheduled events and presentations.

    This morning I had breakfast with the Community team and Dev teams. Very informative. Microsoft care about helping you to communicate with them and some new technologies are on the horizon.

    Now I am heading off to the Washington State Convention and Trade Centre. Time to look at Home server and Longhorn SBS server. Time to use the old brain cells.

    Thanks for tuning in.




    13 March 2007
    3 work days to go !
    Send feedback about this particular blog
    Read Feedback from others


    1 March 2007



    Off to the US
    Wow, time has gone quick. I have three work days to go and then I am heading off to the US. I will be in Redmond, Microsoft country in less than a week. I will still try and post where I can. Keep the emails coming and I will answer what I can.


    Network goes offline - Answer for Robert
    I have a client who is experiencing a random offline network. You can't predict when or who it will affect. We have turned offline files off on the workstations and optimized the network. We had yet to find a fault. Until now. It appears the fault appears when someone starts searching the servers mapped drives for files. It seems the search results window starts to slow down and then the network goes offline. Obviously the Indexing service and the constant paging of the servers drives is enough to grind the network down.

    I have now observed this at a second clients site.


    Missing USB safe removal icon - Answer for Cos
    I don't know why Windows has to be so annoying about things like this, but every now and then the "safely remove hardware" icon disappears from client system trays. so here's where it is (at least under Windows XP) in case anyone else has this problem:

    Right-click on My Computer
    Select Properties
    Click on the Hardware tab at the top
    Click on Device Manager
    As an example, lets go with a hard drive, click on "Disk drives." For other devices, you might have to hunt around.
    Right-click on the removable drive
    Select Properties
    Click on Policies
    Under the optimize for performance option, there should be a link called "Safely Remove Hardware." If you click that, you'll bring up the good old hardware removal screen that Windows was trying so hard to hide from us.

    If you want an Icon that will bring up the Safely remove Hardware window, just right click on the desktop and choose new Shortcut, then in the location field type "%windir%\System32\RUNDLL32.EXE shell32.dll,Control_RunDLL hotplug.dll", and save, then just click


    Wininet.dll - Windows 98 - Answer for Angelo
    The file, wininet.dll is a module that contains Internet-related functions used by Windows applications. I came across a solution where it was 0 bytes in size. Nero would not run and ACDSEE would crash (these were the only symptoms). Replacing the file Wininet.dll Fixed the problem.


    Netgear DG834 - Answer for Eugene
    I had to change a DG834 from a router to a Bridge. I could not find the option in the Web interface. I discovered that there is a hidden web page on the DG834 (http://192.168.0.1/mode.htm or http://192.168.0.1/setup.cgi?next_file=mode.htm) and then you can flick it into Bridge mode (RFC 1483).


    applnch.exe causes a mapi32.dll error on my server - Answer for John
    If you have the administrator running the default SBS logon script, which tries to run Applauch.exe and install Outlook to the server, you might get this error.

    Event Type: Information
    Event Source: Application Popup
    Event Category: None
    Event ID: 26
    Date: 26/02/2007
    Time: 5:35:44 PM
    User: N/A
    Computer: SERVER
    Description:
    Application popup: applnch.exe - Unable To Locate Component : This application has failed to start because MAPI32.dll was not found. Re-installing the application may fix this problem.

    No upgrade from ISA 2004 to 2006 for SBS 2003
    .... But ISA 2007 will be included in SBS Longhorn Premium. A new version of ISA currently called ISA 2006 is scheduled to be released this year. Microsoft will not be providing SBS customers with a free upgrade from ISA 2004 to ISA 2006.

    Furthermore, current SBS 2003 networking tools such as Configure Email and Internet Connection Wizard, ChangeIP and Remote Access Configuration Wizards will not configure the new version of ISA 2006 because of new and removed features.

    Due to the new features provided by ISA 2006 not benefiting the majority SBS customers directly, the SBS product team has decided not to release a QFE/Hotfix/Patch to change the networking tools to configure ISA 2006.

    New major features of ISA 2006 include: Branch Office Gateway Scenarios with remote management Publishing of multiple Exchange or SharePoint servers HTTP compression For customers without MSDN/Action-Pack subscriptions, ISA 2006 would be an approximate US $1500 upgrade for limited benefits to small businesses.


    Microsoft are still planning to ship ISA 2007 with SBS Longhorn Premium Edition

    Trend Micro Pccillin internet security 2007
    To install the latest Trend Micro Pccillin internet security 2007, make sure to Uninstall Spybot and have XP SP2 installed.

    Background image
    Do you have wayward users who reset their background image and your AD policies do not permit it?. How did they do this ? It is likely they were using IE and right clicked and image and clicked set as my wallpaper.

    If you want to set it to the normal Windows color and can not be bothered resetting the AD policies, go to this image and right click, "set as background" ... here


    Time zone editor
    With the time zones and daylight saving being altered all the time, you can use TZEdit and start creating .reg files to push out and correct the issue.

  • www.softshape.com/cham/manual/tzedit.htm
  • support.microsoft.com/kb/886775

    Vista Upgrade Paths
    For a discussion on Vista Upgrade Paths have a look here


    Backup issues, Trend Micro and VSS
    If Quarantined virus files are skipped and your backup reports a failed status on your Windows Small Business Server 2003-based computer (Trend Micro) look here

    Failed Backups and TM's Real time scan

    Pesky deleted shares
    If you delete a shared folder, before removing the share, the following event is generated:

    Event ID: 2511
    Source: Server
    Type: Error
    Description: The server service was unable to recreate the share sharename because the directory drive:\ no longer exists. To prevent receiving this error:

    Windows NT 4.0
    1. Run File Manager, Winfile.exe.
    2. On the Disk menu, select Stop Sharing.
    3. Select the deleted folder and press OK.

    Windows 2000
    1. Run Computer Management from Administrator Tools.
    2. Select System Tools / Shared Folders / Shares.
    3. Select the share you wish to remove and select Stop Sharing.

    An alternate method for both Windows NT and Windows 2000
    1. Use Regedt32 to navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
    .. Services\LanmanServer\Shares.
    2. Select the share you wish to delete and press the Delete key on your keyboard.
    3. Exit Regedt32.
    4. Shutdown and Restart your computer.




  • 1 March 2007
    How do I use Robocopy to backup my server data before migration ?
    Send feedback about this particular blog
    Read Feedback from others


    26 Feb 2007



    How do I ? - Answer for Jerome
    This is how I do a file backup of a server (After an NTbackup)

    Copy Robocopy.exe to the root of the C:\ drive

    Make a batch file. I call it "backupserver.bat" in C:\

    From here you need to put robocopy into the batch file and specify the drives at root level, i.e. C:\ not C: and D:\ not D:

    robocopy source dest /e /r:0 /w:0 /z /eta
    robocopy source1 dest1 /e /r:0 /w:0 /z /eta
    robocopy source2 dest2 /e /r:0 /w:0 /z /eta
    call c:\backupserver.bat

    This gives you a network restartable copy of the the files. This will run through the batch file lines, one after the other, doing the servers drives. The destination could be a mapped drive on another workstation (Use "net use" to mount share volumes). When it gets to the last line, it will start the whole process again.

    This will capture any changed files in the system. This means you can run this script once overnight (it will take hours) and then run it through out the day and it will do increments to your backup destination, of files changed throughout the day by users.

    The final backup (The day of the server swap over) running it once with all users logged off and some services stopped will do a final capture of new or changed data. It should take mere minutes unless lots got uploaded to the server.

    The last script I used looked like

    net use q: \\workstation\backup
    robocopy C: q:\c /e /r:0 /w:0 /z /eta
    robocopy D: q:\d /e /r:0 /w:0 /z /eta
    robocopy E: q:\e /e /r:0 /w:0 /z /eta
    call c:\backupserver.bat

    Q:\C where C is a folder in the share on a workstation, shared as backup

    Alternatively,
    you can do a faster backup by running the various drive backups all at once.

    start c:\robocopy "\\server\c$" c:\backup\c /e /z /r:0 /w:0 /eta
    start c:\robocopy \\server\D$ c:\backup\d /e /z /r:0 /w:0 /eta start c:\robocopy "\\server\e$" c:\backup\e /e /z /r:0 /w:0 /eta

    Each start command produces it's own command window to watch.
    Download Robocopy here



    No Notes Activesync via Exchange

    You can Synchronize your Inbox, Calendar and Contacts via Exchange and Journals, Notes etc by direct cable connect.

    Whilst Activesync 4.5 has now been released I am still unaware of a way to sync your notes via GPRS, 3G or WiFi. If anyone has a third party solution I want to know.

    More discussions here

    SharePoint Services v3.0

    SharePoint Services v3.0 is out and there is a whitepaper for SBS 2003 to help you install it side by side with Companyweb.

    Microsoft have just released Windows SharePoint Services v3.0 to the web for download. Along with it, the SBS team have released a whitepaper on how to install WSS v3.0 alongside the existing Companyweb so that you can begin to take advantage of the cool new improvements in WSS v3.0 today.

  • Whitepaper link

  • More information on WSS v3.0 here

  • WSS v3.0 can be downloaded direct from here

    From the WSSv3 Beta evaluation guide (I assume it is in the full product) A Recycle Bin - Yay

    Recycle bins, or undelete functionality, is another important improvement that has been added in Windows SharePoint Services V3. It is available in both lists and document libraries. Deleting an item from a list triggers a multilevel series of events. First, the item is sent to a Web-level recycling bin. From here, the item can be undeleted by any individual who has been given appropriate rights. When the item is deleted from this bin, the item is sent to a second recycling bin, controlled by the site administrator. Among the design features of this bin are timers that enable you to automate the removal of old documents. For example, an administrator may decide that the vast majority of requests for item restores happen within the first 90 days. In this scenario, the administrator may set the timer such that items older than 90 days are permanently deleted.

    MSN Messenger Malware warning

    WARNING: Winfixer and Errorsafe are being distributed via MSN Messenger (now Windows Live Messenger) banner advertisements
    Sandi's Spyware sucks blog

    Pushers of the Malware known as winfixer managed to infiltrated a provider of advertising content for MSN banner ads. The dangerous ads appeared in the Windows Live Messenger contact pane, as well as in banner ads on groups.msn.com.

    The end of Phising as we know it ?

    Phishers are going to find the new Microsoft IE7 features very hard to get around. High Assurance is up and running. When you visit a High Assurance Certificate SSL or https site, the certificate is checked. If it is safe and authentic, the address bar goes green. If you have followed a bad link that is trying to steal your information, it will not activate assurance. Sandi's Spyware sucks blog



    Frankenmachine ?

    what's the official definition of "frankenmachine"?
    Recently this term has been used in the newsgroups.

    I consider the following a frankenmachine
    1. a machine you build from scratch, rather than buying as a whole unit
    2. something only built with the junk you have in the cupboard or laying around.
    Here is the Wikipedia definition



    Overload

    I have seen it, used it, but does anyone understand the Cisco "Overload" command ?

    This command will use the specified ip address of your interface for NAT. The overload command enables the use of port assignments (PAT), so you can get the system to work using only one IP address. PAT allows thousands of concurrent connections, all using the same IP address but different port assignments.

    If you don't want to use the interface's address, you can create a pool of only one ip address and still use the overload command to use PAT.

    Windows Installer Cleanup Utility

    Microsoft has updated the Windows Installer Cleanup Utility. With the Windows Installer Cleanup Utility, you can remove a program's Windows Installer configuration information. You may want to remove the Windows Installer configuration information for your program if you experience installation (Setup) problems. For example, you may have to remove a program's Windows Installer configuration information if you have installation problems when you try to add (or remove) a component of your program that was not included when you first installed your program.

    http://support.microsoft.com/default.aspx?kbid=290301



    Internode speed test

    I have touched on speed tests before. Here is a good one for Internode.

    Internode tests

    1200-1290 kilobits per second for a 1.5 Megabit ADSL link
    400-440 kilobits per second for a 512k ADSL link
    200-220 kilobits per second for a 256k ADSL link



    Microsoft Activation Centers Worldwide Telephone Numbers

    Ever gone to http://Eopen.microsoft.com to activate a license only to find they are closed for maintenance ? Here are some numbers to call to activate or get keys on the phone
    Telephone Numbers



    Remove Hidden Data

    Worried about Office products hidden Meta data ? Remove it with this tool. Office 2003/XP Add-in: Remove Hidden Data



    Do you need to calculate SHA hashes for your MSDN downloads ?

    Try : AccuHash



    Outlook Synchronization

    There’s a heap of utilities that can Synchronize email for you, along with a simple method that uses Briefcase.
    Take a look at slipstick sync page


    There are also Sharing solutions: http://www.slipstick.com/outlook/share.htm


    In Office 2007, there are WSS 3 Calendars, Tasks, Lists and Contacts are all read-write in Outlook 2007 now so that’s a solution not to synch your PST but to access shared info from both machines. Reminders now work for non-default folders in Outlook 2007. Even just using the Outlook Connector with a paid MSN Subscription will do the same. You can get a month trial for free.

    You do need to manually copy items to WSS or MSN.

    Email can simply be left on the server while you are away. Set your home computer to download and your laptop to leave it on the server. Or use IMAP.

    There’s also the Microsoft Sync PowerToy
    Click Here






  • 26 Feb 2007
    Musings for the day
    Send feedback about this particular blog
    Read Feedback from others


    25 Feb 2007



    Customize Active Directory ?
    The Active Directory uses Group Policy to provides a way to provide access control for all aspects of local and network resources based on user account, group membership, computer name, etc. However, there are some things that Group Policy can't do by default.

    Hide specific drives (by letter)
    Prevent access to specific drives (by letter)
    Redirect Internet Explorer Favorites
    Apply a specific desktop wallpaper
    Disable access to the Internet
    Modify applications such as VNC, Windows Moviemaker

    You can do all these tasks and more by using custom ADM files. Basically any setting that can be changed on a per-user (or per-computer) level can be managed centrally.

    What are ADM files?
    ADM files (also known as Administrative Templates) are text files formatted to be inserted into Group Policy objects. Group Policy uses them to provide any and all of the control settings available. For example, your can download Office XP/2003 ADM files and Internet Explorer ADM files from Microsoft to customize the end-user experience.

    An ADM file contains a description, registry settings, and related values.

    You can add or delete ADM files on the Add/Remove Templates screen. There are two types of ADM files: USER and SYSTEM. The USER type modifies user specific registry settings while the SYSTEM type modifies computer specific registry settings that apply to all users.

    Creating custom ADM Files If the syntax of the ADM file is incorrect, it may fail to import into your Group Policy object. The link below is an ADM file that can be downloaded (it must be renamed to CustomUser.adm to work properly):

    ADMFile.doc




    1. Documentation and Notes
    At the beginning of the file you will want to add any important information you can think of preceded by two semicolons per line:

    ;; Creator: Network Administrator
    ;; Date: 25/02/07
    ;; CustomUser.adm file for Mickyj example (user settings)


    2. Set Class
    The class must be USER or SYSTEM depending on where the registry settings that are to be changed reside
    CLASS USER

    3. Set Category
    This will group the settings to provide easier viewing and administration
    CATEGORY "Custom Options"

    4. Create a Policy
    A "policy" is a particular setting that can be set to an enabled/disabled mode which controls whether or not the registry setting will be changed An example policy with on/off settings:

    POLICY "Re-Direct Favorites to Home Directory"KEYNAME "Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders"EXPLAIN "Re-Direct the Favorites Folder to the H:\Favorites directory"VALUENAME "Favorites"VALUEON "H:\Favorites"VALUEOFF "%USERPROFILE%\Favorites"The above policy will redirect the users Internet Explorer Favorites directory contents to their personal home directory on H:\Favorites.

    POLICY: Display name of the policyKEYNAME: Location in the registry that the setting is found EXPLAIN: Simple explanation of what the setting does (for reference) VALUENAME: Name of the registry value that will be modifiedVALUEON: Enabled effect of the settingVALUEOFF: Disable effect of the settingIn the above example a REG_EXPAN_SZ entry is modified. It is important to know what type of registry entry is being modified because the ADM syntax is different for each. Other registry entry types:

    REG_SZ:

    POLICY "Media Player Recording Path Redirect"KEYNAME "Software\Microsoft\MediaPlayer\Preferences"EXPLAIN "Media Player Recording Path Redirect"PART "CDRecordPath" EDITTEXTVALUENAME "CDRecordPath"DEFAULT "H:\\My Music"END PARTEND POLICYREG_DWORD:

    POLICY "Disable Proxy Settings" KEYNAME "Software\Microsoft\Windows\CurrentVersion\Internet Settings"EXPLAIN "Disable Proxy Settings"VALUENAME "ProxyEnable"VALUEON NUMERIC "0"VALUEOFF NUMERIC "1"END POLICYIn the above examples it is the EDITTEXT and NUMERIC settings that specify the registry entry type.



    5. Close Category
    This closes the category created earlier; it is possible to contain multiple (or no) categories in a single ADM file:

    END CATEGORY

    6. End and Strings
    These are required closing entries to complete file processing:

    #endif[strings]Bringing it all together

    With an understanding of the format and syntax of ADM files, a sample file, and a general knowledge of the Windows registry, you are now ready to create custom ADM files.

    Virtually any user or system setting can be seamlessly applied to hundreds or thousands of users with just a few moments work. From controlling applications, the Windows user environment, to even controlling automatic log off, custom ADM files are a necessary part of properly securing a Windows XP workstation computer network.

    From our VSS discussion the other day - 22 Feb Virus in Shadow Copies (Thanks Merv)

    You can use the command line to work out where and what your shadow copies are:
    vssadmin list shadows > shadows.txt

    to list info about all the shadow copies (including the creation dates and times) so you can identify the creation date/time of your problematic shadow copy. (The key should be the “HarddiskVolumeShadowCopy4” part of the problematic shadow copy).

    Then you can delete just that specific shadow copy that contains the virus without having to delete all Shadow Copies by going to:

    Computer Management | (rt. click) Shared Folders | All Tasks | Configure Shadow Copies | Select the Target Volume | Shadow Copies of Selected Volume



    Free AVG uses what ports to update ?

    Does anyone know what IP address and ports AVG free uses to download updates?

    AVG Forums

    I have a home user behind a Cisco router where they are only allowed outbound access to sites and ports the home user stipulate (Stops kids going to the wrong sites). AVG will not update unless we enter and allow all the IP addresses used and any ports for the Update process.

    AVG Free uses port 80 to get the updates... but there is no one server for updates. It first checks with either update.grisoft.cz (193.86.103.18) or backup.grisoft.com (212.67.88.66) and then gets redirected to one of the many update servers that are located around the world.

    There is no local server for one area.

    This is going to make this hard. Does anyone have a list of servers ?

    Open with Notepad - Context Menu option for all files

    If you are like me then a lot of times you want to use notepad to quickly open and look at files. Some files you can choose the Open With > Notepad but not all file and particularly not for files with no extension. My solution is to add a context menu option "Open with Notepad" to all file types including files with no extension.

    To do this you need to add the following keys to your registry:

    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\*\shell]

    [HKEY_CLASSES_ROOT\*\shell\opennotepad]
    @="Open with Notepad"

    [HKEY_CLASSES_ROOT\*\shell\opennotepad\command]
    @="C:\\WINDOWS\\system32\\NOTEPAD.EXE %1"

    Disclaimer: Modifying the registry can cause serious problems that may require you to reinstall your operating system. I cannot guarantee that problems resulting from modifications to the registry can be solved. Use the information provided at your own risk.

    DNS error - Answer for John S.

    Event Type: Error
    Event Source: DNS
    Event Category: None
    Event ID: 6702
    Date: 15/02/2007
    Time: 11:12:33 PM
    User: N/A
    Computer: SERVER
    Description:
    DNS server has updated its own host (A) records. In order to ensure that its DS-integrated peer DNS servers are able to replicate with this server, an attempt was made to update them with the new records through dynamic update. An error was encountered during this update, the record data is the error code.


    If this DNS server does not have any DS-integrated peers, then this error should be ignored.

    If this DNS server's Active Directory replication partners do not have the correct IP address(es) for this server, they will be unable to replicate with it.

    To ensure proper replication:
    1) Find this server's Active Directory replication partners that run the DNS server.
    2) Open DnsManager and connect in turn to each of the replication partners.
    3) On each server, check the host (A record) registration for THIS server.
    4) Delete any A records that do NOT correspond to IP addresses of this server.
    5) If there are no A records for this server, add at least one A record corresponding to an address on this server, that the replication partner can contact. (In other words, if there multiple IP addresses for this DNS server, add at least one that is on the same network as the Active Directory DNS server you are updating.)
    6) Note, that is not necessary to update EVERY replication partner. It is only necessary that the records are fixed up on enough replication partners so that every server that replicates with this server will receive (through replication) the new data.

    - This can be caused by having two NICs in a machine that are missconfigured. On the outer NIC, it is suggested to disable the File and Print Sharing service, Client for Microsoft Networks service and NetBIOS. It also can be due to using an ISP’s DNS in your IP properties. Usually getting rid of this and using a forwarder fixes this problem.

    Browser Elections - Answer for Neil S.

    My system event log is filling up with the following event:

    Event Type: Information
    Event Source: MRxSmb
    Event Category: None
    Event ID: 8027
    Date: 4/15/2003
    Time: 8:38:09 AM
    User: N/A
    Computer: --------
    Description:
    The browser running on the Domain Controller has lost an election. The computer that won the election is Server Name, on the transport \Device\NetBT_Tcpip_{GUID. The data contains the election version, election criteria, and remote computer time up, and the same information for the current computer.

    This event is being logged about every 10 seconds and Neil is unable to browse the network in My Network Places and it gives the error "the list of servers for this workgroup is not currently available".

    Running "browstat sta" at the command prompt produces


    Status for domain "Domainname" on transport \Device\NetBT_Tcpip_{40DFF093-C514-46CA-89FD-FDE6227904CB}
    Browsing is active on domain.
    Master browser name is: "servername"
    Master browser is running build 3790
    1 backup servers retrieved from master "servername"
    "servername"
    There are 8 servers in domain "servername" on transport \Device\NetBT_Tcpip_{40DFF093-C514-46CA-89FD-FDE6227904CB}
    There are 1 domains in domain"servername" on transport \Device\NetBT_Tcpip_{40DFF093-C514-46CA-89FD-FDE6227904CB}

    Status for domain "Domainname" on transport \Device\NetBT_Tcpip_{150C23D9-8C59-4D49-8A12-0398FD4D3F15}
    Browsing is active on domain.
    Master name cannot be determined from GetAdapterStatus. Using "servername"
    Master browser is running build 3790
    1 backup servers retrieved from master "servername"
    "servername"
    There are 1 servers in domain "servername" on transport \Device\NetBT_Tcpip_{150C23D9-8C59-4D49-8A12-0398FD4D3F15}
    There are 0 domains in domain "servername" on transport \Device\NetBT_Tcpip_{150C23D9-8C59-4D49-8A12-0398FD4D3F15}

    Also getting error

    Event Type: Error
    Event Source: MRxSmb
    Event Category: None
    Event ID: 8003
    Date: 15/07/2006
    Time: 5:30:13 PM
    User: N/A
    Computer: server
    Description:
    The master browser has received a server announcement from the computer "server" that believes that it is the master browser for the domain on transport NetBT_Tcpip_{40DFF093-C514-46CA. The master browser is stopping or an election is being forced.

    We looked though the following links

  • Troubleshooting the Microsoft Computer Browser Service

  • Understanding Browsing

  • Control Network Browser Elections

    Finally we discovered the fault. The server was attached to a brand new Fibre backbone. The Fibre backbone had a redundant link which unfortunately appeared as a loop between the Fribre switches. That caused the Browser elections and caused a whole mess.

    Just goes to show, sometimes, the faults are physical. You can have the best info and links in the world. They all seem appropriate. Then is comes down to the unexpected.




  • 25 Feb 2007
    Fuel Cells
    Send feedback about this particular blog
    Read Feedback from others


    24 Feb 2007



    Hydrogen Powered Fuel Cell Bicycle light
    A Canadian company has developed and now commercializes micro-structured fuel cells for a wide variety of applications. They currently offer such products as the pictured bike light, a standard micro-flashlight, and a general purpose charger.

    From the Angstrom website: "Angstrom's micro hydrogen bike lights can be affixed to a helmet or handlebars. Each bike light runs on hydrogen that is stored in a 21cc cartridge, which provides the equivalent energy of about 10 AA disposable alkaline batteries. The only by-product is water vapor. The light provides about 20 hours of continuous run-time between refueling. Cyclists refuel their cartridges with hydrogen gas. Refueling takes only minutes to complete".

    Nice to see a micro fuel cell company thinking outside the usual military or laptop box. Another Canadian company makes hydrogen electrolyzes. Looks like the Canadians have it all worked out.

    http://www.angstrompower.com/





    24 Feb 2007
    Malware and Hoax
    Send feedback about this particular blog
    Read Feedback from others


    23 Feb 2007


    John Howard hoax
    If you receive an email with the subject

    John Howard, the current Prime Minister of Australia have survived a heart attack

    and in the email body

    John Howard, the current Prime Minister of Australia have survived a heart attack Read more: http://url

    Don't follow the link. It is Malware and a hoax.

    Many security experts have warned of a virus being distributed via email claiming that the Australian prime minister has had a serious heart attack. The Malware may have come from home-grown Australian virus writers, since the initial distribution is largely confined to email addresses in Australia.

    Some of the other emails read:

    "Mr Howard, 67 years old, was at Kirribilli House in Sydney, his prime residence, when he was suddenly stricken. Mr Howard was taken to the Royal North Shore Hospital where the best surgeons of Australia are struggling for his life."

    The email contains a link to a website containing malicious code, and forwards recipients to an error page for The Australian newspaper to persuade users that they have found a dead link.


    "It seems that the hackers are back to their old tricks of spamming out sensational headlines in the hope that computer users will forget to think before they click, and visit the website hosting the malicious code," Sophos.

    "The scammers have registered several domain names that appear to be associated with The Australian newspaper, and have gone to great effort to make people think that they really are visiting the genuine site by pointing to the real error page.

    "Everyone should be on their guard against this kind of email con-trick, or risk having their PC infected."

    Virus writers use a variety of social engineering techniques to get users to open attachments or visit specific web pages, and current events are very much in fashion.
    Recent examples have included Valentine's Day, the European storms and Christmas.

    Links:
  • http://www.irishdev.com/NewsArticle.aspx?id=5134

  • http://www.net-security.org/secworld.php?id=4788


    Wireless security discussion with Michael Kleef
    The position of EAP/802.1x with WEP as opposed to WPA/WPA2.

    EAP/802.1x with WEP provides:

    Authentication – really important to use to define based on ACL’s who can and cant access the wireless network
    Rotating encryption with WEP 128 bit (dynamic WEP) – WEP itself is still notoriously vulnerable but rotating it certainly helps to mitigate the risk
    EAP (protocol for authentication) provides the choice of PEAP/Digital Certificates for authentication and access control


    WEP on its own does not deliver either authentication or rotation of the encryption keys and thus is vulnerable to attack. As one of your attendees raised, WEP can now be cracked in as little as 3 minutes by collection of around 500,000 frames of traffic. This can be achieved on 802.11g (54MBits) access points in 2 mins 40 secs and on 802.11b (11Mbits) AP’s in 8mins 20 secs. Thus your window of key rotation in the EAP/802.1x solution must be less than either of these using 802.1x Authentication.

    WPA is an interim solution till 802.11i was ratified and WPA2 is based on 802.11i. WPA is not a “wrapper” to address WEP (though it was built to address WEP’s lack of security) as there are three fundamental differences.

    The encryption protocol is TKIP and much stronger than WEP thus must be a preference if your devices can support it EAP Authentication and key rotation are both built into the solution and not added on later like with WEP It addresses the disassociation and packet replay attacks that aren’t addressed by 802.1x/EAP based WEP solutions

    Important to note that whether using 802.1x/EAP with WEP or WPA, the choice of authentication (PEAP, EAP-TLS or others) is still yours to make. WPA doesn’t care about the authentication itself as that is handed off to a RADIUS provider and a yes/no response from the auth provider defines whether you have access or not

    WPA2 differs slightly in that it’s using AES encryption (government grade) instead of TKIP and is based on the ratified standard of 802.11i. Other fundamentals of WPA are present such as WPA-PSK which is an initial (and common to all clients) fixed key used to provide the initial encryption before the key is rotated. Because it’s fixed it doesn’t scale well in a business environment (has to be input into all clients like WEP keys), and this is especially where access control becomes important. For this reason its important to still use WPA/WPA2 with an authentication provider (RADIUS) in order to provide a more scaleable and manageable solution. For home use, WPA-PSK is fine. Thus home users can use WPA just like businesses and enjoy the same level of security (key rotation and encryption) without the backend infrastructure that businesses have.

    So while it’s a very good thing to move to WPA (and even better to WPA2), there's one key factor in why you may not be able to. The (immediate) downsides of WPA and WPA2 are that older hardware may not either support it or at best require a hardware flash update to upgrade it. Thus 802.1x/EAP and WEP may the solution you end up using for compatibility reasons, just be aware of setting your key rotation times appropriate depending on the speed of Access Point hardware you choose. Move your customers to WPA/WPA2 as soon as you can.





  • 23 Feb 2007
    A day in the life of an Engineer......
    Send feedback about this particular blog
    Read Feedback from others


    22 Feb 2007


    Where for art thou Netgear pro safe VPN FVX 538?
    We have an FVX 538 teaming two ADSL1 connections interstate. It kept dropping the lines every few minutes. This was very inconvenient as we monitored them and configured them remotely. It turns out we had it set to use DNS as a keep alive. Internodes DNS server had failed so the unit would not stay up. Be careful using these kinds of practices to keep routers up.

    Deja vu ?
    Even if you're the most careful of computer users, you may be unaware of a potentially big waster of hard disk space: duplicate files. Applications can litter your hard disk with duplicate files, or you can actually create duplicate files by copying files from one folder to another.

    This is happening more and more with Digital Camera photos and the various ways of viewing and editing them.

    Windows XP's default installation doesn't provide you with a utility for tracking down duplicate files.

    Microsoft does have a tool called Duplicate Finder, which is part of the Windows XP Service Pack 2 Support Tools.

    Download the Windows XP Service Pack 2 Support Tools and follow the instructions for installing the Complete installation version.
    Open the Run dialog box
    Type Dupfinder in the Open text box and click OK.
    Once DupFinder loads, simply select the drive or folder to search and then click the Start Search button.
    When DupFinder completes its search, you can scan through the list and examine the duplicate files.

    Notes:

    Use either the Print Report or Export Data commands on the File menu to create a permanent record of the duplicate files.
    Use the Sort command on the View menu to reorganize the list for better analysis.
    To get more detailed information about any file, select the file, pull down the File menu, and select the Info command.
    Leave duplicate files in the Windows folder and its subfolders alone.

    If you don't recognize the duplicate file, it's better to use the Rename or Move commands on the File menu rather than the Delete command.

    Boot from USB
    A bootable flash drive can come in handy. Here is a link detailing everything from configuring the BIOS to allow the USB port to act as a bootable device, creating a bootable image of Windows XP using the free PE Builder software and then formatting and copying the image onto a UFD.

    http://articles.techrepublic.com.com/5100-10877_11-6160062.html?tag=nl.e064




    22 Feb 2007
    A day in the life of an Engineer......
    Send feedback about this particular blog
    Read Feedback from others


    21 Feb 2007


    MSExchangeTransport IMF error code is 0x800710f0
    If you see this you can likely ignore it. It is a known issue with large emails.

    "An error occurred while Microsoft Exchange Intelligent Message Filter attempted to filter a message with ID <004601c754eff5c3df40$5a8006ca@your8b90449968> , P1 From smtp:xxx@xxx.com.au and Subject xxxxx. This message will not be filtered. The error code is 0x800710f0. "

    http://exchangepedia.com/blog/2006/05/imf-does-not-scan-messages-larger-than.html

    Exchange 2007
    There appears to be no rush to adopt Exchange 2007. Whilst it removes public folders (Some do not like this) it includes many more great features. The server can now be split up into smaller units on separate servers allowing better fault tolerance and balancing. There are some issues people are facing. Exchange 2007 is 64 bit and will not support virtualization (at the moment). It does not support Longhorn servers or longhorn directory servers. The management tools will not run on Vista desktops. There is an immense amount of re-education required and a large investment in the product and training. I am sure these are just introductory temporary issues and solutions are on the way. This is the first update since Exchange 2003 so it would need to be a big leap in technology.

    Trend Micro IMSS
    We had a user sending emails into a mail server where the email just vanished. It disappeared from the IMSS real-time log, did not appear in quarantine and did not bounce back. It was not in the retry queue and not delayed. It turns out reading the logs in \Trend\IMSS\ISNT\Logs\ we found "Decompressed count exceeds limitation, Scan Engine skipped scanning:" and "Final action is Delete". It looks like the Zip file policy was to tight. Always check the logs.

    HP NX 7200 MT (Mini Tower)
    We have observed a computer from HP that routinely runs very slow. It seems to be whenever a USB or legacy device is in use. Task manager looks normal but the interrupts usage in Process Explorer is very high. After talking to HP, we were told to go into the BIOS and turn off PCI serial number generation. This seems to have fixed the error. Now the system experiences a Blue stop error during every second boot. It is a parity error. We have had the ram replaced. Changing the BIOS setting back to on, fixes the blue screen error but then it runs slow again. Has anyone else reported this?

    New AMD SMB push
    AMD in Australia are working with IBM to put AMD processors into the SMB market. Michael Apthorpe has been given the task or spearheading this. Expect allot of marketing around SMB and AMD in the next few months.

    Windows Server 2003 SP2
    Windows Server 2003 SP2 is coming with all the improvements you've been missing. As well as operating system additions and enhancement tools, you can look forward to lots of other new toys.
    It is currently scheduled for release during the first quarter of 2007. Windows Server 2003 Service Pack 2 (SP2) contains a long list of fixes and improvements that will provide a more stable and robust computing environment for organizations that choose to deploy it. Because of the similarities in the code base and its origins based on Windows Server 2003 code, SP2 also covers Windows XP x64. Read more

    How to Create and use System Restore in Windows Vista
    No matter how careful you are, when it comes to installing drivers and applications in Windows Vista, there are just going to be times when you need to perform a system restore. Get some advice here Read more

    Vista Drivers
    Are you hunting high and low for drivers ? Take a look at Radarsync.com/vista

    Rww timeout in SBS 2003 (And R2)
    (Modifying the Public Timeout Values for RWW)
    The Default of 20 minutes on a public computer is very long.
    We can change this value to 5 or 10 minutes to provide increased protection for your system in case a user walks away from a public kiosk without logging off.

    1. Run Regedit.
    2. Navigate down the tree to the following key: HKLM\Software\Microsoft\SmallBusinessServer\RemoteUserPortal\
    3. Right click the entry called PublicTimeOut and select Modify.
    4. Enter the new timeout value you want to have and press OK.


    How big should my ISA cache be ?
    A good rule of thumb is to set 20 MB of cache size per user up to 100 users and then 5 MB per user for more than that. There are also some discussions on the isaserver.org forums and the recommendations there are dramatically lower. Some even suggest not setting the cache larger than physical RAM. What are people out there setting their servers to ?

    Recover outlook oft passwords - Microsoft word macro
    Public Function OutlookPwd() As String

    MsgBox CreateObject("Outlook.Application") _
    .ActiveInspector.CurrentItem.FormDescription.Password, _
    vbExclamation, "Forgotten?"

    End Function


    Old IE proxy settings from non existent servers keep recurring when I add a new user!
    These settings can be set by Group policies. Group Policies are nothing more than server based pushed registry settings. The default user profile on a workstation is created once, the first time a workstation sees a server (And new users are built from this profile and registry settings). If you made a new server and did not reformat your workstations, the default user profile still has the policy or registry changes of the old server. After a few reboots with the new user, you might find this issue rectifies itself as the policies start to apply.

    Virus found in Shadow Copy storage
    Trend Micro displays the virus as being in
    \Device\HarddiskVolumeShadowCopy4\Data\prg\xxx\RFILES\

    How do you fix this? use the VSSadmin command line utility to find out which volsnap has the virus and delete the whole volsnap after a successful backup.




    21 Feb 2007
    I am back ..... !
    Send feedback about this particular blog
    Read Feedback from others


    19 Feb 2007

    Absent (AWOL)
    Yes, I have not blogged for a while. Thanks to all those that emailed me to see if I have died. I could blame the huge amount of work I have been doing lately however, it is a more basic problem. My laptop power supply died and I lost my connection with the world. This is going to one of my biggest blogs in a long time.

    Exciting news, Ripcurl has gone public. What is Ripcurl ?
    Update for Windows Small Business Server 2003: Windows Vista and Outlook 2007 compatibility (KB 926505)


    Connecting up 07
    Yes, I will be back by popular demand amongst the previous delegates. Tell me what you want ! I am still looking for ideas for the presentation ! Email me.

    Redmond bound
    It is less than 2.5 weeks and I will be making my way to Redmond, Washington State, USA. I am going to the Microsoft "Mothership" for a little while and Catching up with some Microsoft friends and fellow MVP's. No, I can't smuggle you back a copy of Vista. No, I can't get you a Windows Home Server Beta (Actually if you are interested in this product email me). I will be off to the offices of Microsoft to take in the knowledge and visit some local SBS user groups.

    Page updates
    Yes, I have been updating some pages. There are getting to be so many, it is getting harder. As you, the reader, are building my site with all your questions, I guess it is testament to all the readers thoughts.

    I have updated the

  • Vista page - Check out the newsgroups listed for help
  • Dates page - The latest events on offer and group meetings
  • Beta page - WSUS 3.0 Release Candidate now available and Trend have released a Beta of Trend Micro Worry-Free Remote Manager (WFRM)

    TOSHIBA
    At the close of the Copyworld Expo here in Adelaide, I went to tea with my fellow expo presenters and sales people and enjoyed the company of Terry Walker, General Manager Electronic Imaging Australia Toshiba Australia Pty Ltd. Toshiba are at the forefront of many new technologies. All I can say is watch that space !! www.toshiba.com.au

    latest MS Business and Technology Assessment Toolkit
    Have a read of the following site at CRN and then download the new Microsoft Business and Technology Assessment Toolkit here: https://partner.microsoft.com/40025740?msp_id=assesssmbneeds

    Trend Micro comes to town
    Wayne Small, a legend. A good person I lean on occasionally is coming to with the latest Trend Micro event.
    "Watch IT industry expert Wayne Small (SMB IT Guru) demonstrate how best to deploy new technologies to better service your SMB clients and improve your operations."

    Issues with the Office 2003 90 Day Trial
    Once installed and SBS tries the Outlook Install, it wouldn't replace the Outlook so when you open Outlook after Install it asks for CD Key which will not work. The only workaround is to remove Office 2003 Trial or at least the Outlook portion of it BEFORE installing SBS Outlook and then all will be well.

    Hidden Utilities Tool
    This tool "Hidden Utilities XP" allows access to nearly 100 hidden utilities that are not easily accessible to the user. System information, diagnostics, repair tools and more in both Windows and Command Line utilities are now easily opened as well as a few often used applications. Hidden Utilities XP includes easy access to 53 Windows tools and 43 Command Line utilities.
    Take a look here

    SMALL BUSINESS SUMMIT (March 19-23, 2007, REDMOND)
    Did you know that you and your customers can attend the second Small Business Summit on the Microsoft campus in March? The "SAVE THE DATE" button is active at www.sbsummit.com


    Microsoft Home server
    The Qdogs and Qchamps, as Microsoft have called them, the Microsoft Internal testers, have been given permission to blog about their experiences with Windows Home Server. They are still under strict guidelines on what they can and cannot share, but it may give you some insight on how pumped these folks are about this product. As an MVP, I have had a play and this is a very promising idea.
    To get you up to speed Watch the videos, and have a look on this blog. It uses an altered file system, and it doesn't use RAID. You can select specific folders to "mirror" (though they don't use that term) and it ensures that they are on separate physical disks.
  • On 10
  • Paul Thurrott January 7, 2006 - Windows Home Server Preview
  • HP press kits
  • Channel 9

    Swing Migration problem
    A friend of mine set up a plain Win2003 server (from SBS2003 R2 CDs) in preparation for a swing migration. After joining the new server to the domain, he attempted to run DCPROMO and came up with errors and he could not promote the server to become a DC. We looked at and followed the usual steps as outlined in the Swing Migration technical papers. He updated the schema on the SBS2000 DC (ADPREP x2). He then also Joined the server to the domain successfully. This problem could be solved with the following link http://www.petri.co.il/forums/showthread.php?t=1978

    A Cost Analysis of Windows Vista Content Protection
    This is an interesting take on what all the CD and DVD (Now HD and Blueray) protection is really doing to us. Whilst I do not necessarily agree, it is an interesting read. http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.html

    Cool Live searching site
    You just have to check this out. It is a nicely dressed woman with a nice attitude and only desires to answer your questions. http://www.msdewey.com/

    Transfer SQL Permissions etc between instances.
    I have found this very useful of late How to transfer logins and passwords between instances of SQL Server

    Do you need a nice way to collect your New Feeds ?
    Hamster is an open source news and email server for Win32.

    Domain Admin Password Recovery (Thanks Merv for this information)
    I have posted ways to do this and tools in the past. Here is a new idea that works.
    Running SBS 2003? DSRM password has not been changed? If so, the following should work…

    I. DSRM (Directory Services Restore Mode)
    If the domain Administrator password was changed from the Server Management console, the local Administrator password should have remained unchanged (SBS 2003 initially syncs the Domain Administrator and (DSRM) Local Administrator passwords). If so, the procedure below should let you change the Domain Administrator password and get you access to your server.

    II. Change Domain Administrator Password Procedure

    Reference...
    http://forum.s-t-d.org/viewtopic.php?pid=13450 To recover a lost/forgotten AD Domain Admin password:
    1. Boot using F8 - Directory Services Restore Mode
    2. Logon with Local Administrator username/password
    3. Launch Regedit and navigate to: HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/Spooler
    4. Change ImagePath value to: (pAssword is a password of your choice)
    c:\windows\system32\cmd.exe /k net user administrator pAssword /domain
    5. Reboot and wait for the error from the print spooler failure
    6. Logon with your newly set Administrator password (pAssword - case sensitive)
    7. Undo registry setting in step 4 or printing will not work.
    8. Start Print Spooler Service
    9. If desired, reset Domain Administrator password using Console


    Windows version 1
    Ever wondered how Windows 1 was marketed ? Take a look at this Google link (first goes to external links webpage)

    Deploying Windows Mobile 5.0 with Windows Small Business Server 2003
    Download the whitepaper here (first goes to external links webpage)




  • 19 Feb 2007
    Upsilon 2000 and Remote Desktop 6
    Send feedback about this particular blog
    Read Feedback from others


    3 Feb 2007

    Upsilon 2000
    What is Upsilon 2000? It is an OEM software bundled with UPS's. It seems to work ok. It lacks some features compared to the APC Powerchute but it works. Until recently, I had no issues with it. Then we came across Windows server R2. We thought it was just a Windows server issue but the same thing goes wrong in SBS 2003 R2. There is no communication between the UPS and the Server. We are using Serial cables and have tried USB. The software refuses to communicate. It gets a little scarier.

    During some installations, it stalls at 99%. It just hangs there and you have to end task. The software never fully installs and can not be removed from add/remove. Clicking the uninstall in the start menu just brings up an error. When you look in services, Rupsmon is starting but never starts.

    We had to do some research so left it to go and find a solution. Then we discovered when the Rupsmon hung, Exchange email in/out no longer worked and Outlook 2003 goes offline. This was now getting a little worrying.

    Then I had an update to one of it's services. USBmate.exe. I installed it and rebooted as Asked. I rebooted remotely. I waited and Waited. I could not long on through RDP. The server was not responding. I telneted to the server on port 25 and it answered. RDP was not working, Exchange was. I logged into RWW, bounced to a PC and tried to RDP back to the server. I could not get to the server. I tried to VPN in, it would not authenticate. I was unsure if ISA was down or Terminal services. I decided to again RDP to a desktop, use the manage computer to remote to the server and look at the services. I got onto the server, I disabled Rupsmon and USBmate. I used the Shutdown tool to reboot the server and I was back online.

    Until this is fixed, I need to move away from using Upsilon. This is scary. If anyone is considering using this software, just hang tight for a solution. If you have it already working, please tell me how.

    This only occurs in the R2 versions of the products. As the SBS 2003 R2 and Windows R2 are actually different products (SBS R2 does not have the Windows R2 components) I suspect is it something in the Service Pack 1 for Windows 2003 causing it.

    RDP 6
    For my second rant of the day, I needed an enhanced feature of the new Microsoft Remote Desktop Connection.
    I downloaded WindowsXP-KB925876-x86-ENU.exe
    I installed it and started working with Client servers. I was first a little concerned, I thought I had some Malware running as I had a prompt for a Password and Username that I did not expect. Then I noticed that the prompts now wanted domain names. I accepted this and started working on remote servers. Then I tried to look at a local server. Who uses names for local servers? Not me. I know their IP address and it is faster to type these in. Typing this in just brings up an error. I was trying to get to it via 3389 direct using "/console" and then tried it without. It kept saying I could not log on as I already had a local session open. I went to the server, I was not logged on. I checked the TS sessions, there were none. Not even one disconnected.

    Ok, time to solve this or uninstall it. It turns out, If you tell RDP6 to connect to an IP or name it prompts you to logon as machine\username. Normally I would not notice this, wanting to logon to a domain account instead. If you just type in the "Username" it assumes you are trying to attach to the server using credentials from the localhost. (i.e. If you replace machine\username with simply username the default logon realm of the target system will be used (normally domain for the systems I access) but next time you connect it will again change to machine\username.)

    If you change the username to domain\username future connects will default to this. But if you don’t put the DOMAIN\username in, it puts in YOURLOCALMACHINENAME\username on the target system.

    Once you put the domain in there, it will remember it – which is great if you’re just connecting to your own boxes in your domain. However, when Support staff are touching a dozen different boxes in a dozen different domains every day, it doesn’t help that it remembers the last domain you use, because that’s not the domain you are logging into this time.

    A way around this is to save the DOMAIN\username for each server you are connecting in to, so you only have to type the password You can actually save yourself allot of grief by using the Remote Desktops tool from the w2k3 admin tools, it will give you a MMC with all your remotes listed with the usernames and passwords cached, just click on the server you want. Just protect your machine as it will have all your remote connection passwords saved.

    Why Run HP smartstart from CD?
    HP have a USB Key Utility which is a Windows application that will allow the user to copy the SmartStart CD or Firmware Maintenance CD contents to a USB memory key. Users may then run the SmartStart and Firmware Maintenance applications from a USB key instead of from the CD. http://h18023.www1.hp.com/support/files/server/us/download/26504.html

    Reverse lookups
    I have a client infected with the dreaded http://www.viruswarn.com/SecurityNews/tabid/54/Default.aspx Trojan.Peacomm Malware. I looked through the ISA 2004 logs and found the Ip address that was controlling it. I had no way of working out who this was or who I could contact. These reverse lookup tools came in very handy.

  • Website to perform a reverse lookup
  • Whois 2.5


    Now for some Pet Peeves
    The dreaded Microsoft Office macro warnings. Would you believe, most users of most networks do not know they can avoid the warnings or modify the settings? It might mean they need to be more vigilant on what they open or modify their habits but still, to modify the default macro settings, in word as an example, go to Tools- Expand and locate Macro and then security. Now set the configuration to your desire. Such a simple way to stop the popups.

    At another site, a user can not embed a local network URL to a file they have been working on. They have a company policy to put in links in their Outlook Emails to point others to files. In Outlook they usually go to insert Hyperlink, browse, select the file and send the link. The link is highlighted like a hyperlink but takes form "X:\administration\procedures\xyd.doc" . The browse feature will not appear unless users decide to use word as their email editor. This is set in Outlook under Tools - Options - Mail format. It is a check box.




  • 3 Feb 2007
    10 Years !
    Send feedback about this particular blog
    Read Feedback from others


    1 Feb 2007

    Today is my 10th Wedding Anniversary. It has been a good 10 years and my Wife has followed me through my IT career, To Redmond, USA and back. We have a daughter and lots of memories.

    Instead of spending some time blogging, I am off with my wife. Here are some links to look at if you are bored and expected to read something here IT related.

  • A link to new hardware I think is special
  • Instructions to clear Malware from your PC
  • Free things for you
  • A list of Vista links
  • Scripts I use for server support
  • Trend Micro Installation Instructions
  • New Tools in review
  • My top 20 of tools




  • 1 Feb 2007
    PS3, A change in Redmond, Route tables and ISA 2004
    Send feedback about this particular blog
    Read Feedback from others


    31 Jan 2007

    PS3
    In today's spam I am told that the Playstation 3 will be released on the 23rd March 07 in Australia. I felt I had to mention this because if I did not, the next spam you delete could contain this important bit of information and you would live the rest of the months to come, not knowing. For some this is a huge event. Unlike the Wii with it's snapping hand controller restraints, I am sure Sony would love to see their controllers used to excess and your excitement so much that the controller ends up across the room embedded in the TV or wall.

    Unlike some, I will contain my excitement for the PS3 and be happy to play someone else's.

    Now for some real news. Jim Allchin is hanging up his Microsoft hat.

    Jim Allchin
    Jim Allchin, the co-president of Microsoft's Platforms and Services Division, officially hangs up his hat tomorrow (Jan. 31 US time, Feb 1 Australian) after 17 years with the software giant. This is news. Windows Vista is probably the product Allchin will be most remembered for, given that it was his last, his legacy at Microsoft stretches all the way back to the days of Windows 95 and Windows NT. Go for it Jim, onto bigger and better.

    Route Print
    I had to refer to one of those dreaded Windows routing tables today. Have you ever run the "Route Print" command at the command prompt and wondered just what language came back at you ? Yes, it is English. I was talking to a colleague and wondered ..... How do you read the route table? How do you understand it ? The first column is the final destination that you want to get to, then it's netmask. Then trace back to the gateway and interface that exists on the PC that you are likely to use. If you have two routes to the same destination, the lowest metric wins. Ok, so that was a quick no nonsense look at it. If you want to know more (And I did) take a look at:

  • Making Sense of Routing Tables
  • Microsoft Documentation

    Ping my ISA?
    Why can I not ping my ISA 2004 box? Thanks to David W for this question.

    It is a little harder than ISA 2000.

    By default after the ISA2004 installation only members of "Remote Management Computers" are allowed to ping the ISA server. You need to either add your desired hosts to this computer set or modify the appropriate system policy to allow desired networks (or network sets) to ping the ISA server.

    Crown Protocol
    Magicolor Crown print protocol is playing up .. Ok, I have seen this a few times now. You install the Crown Printer Management Protocol (Or Crown +). You go to print and the print job comes on the Oki printer. However .... The print job does not leave the queue. You reboot your PC and everything reprints. As per previous times, I uninstall the Crown protocol, tell the printer to use a normal TCP/IP port, use RAW and port 35. As long as you know the IP address of the printer, all works much better.

    SNMP
    Printer SNMP information? Thanks for asking this one Spenser

    My SNMP information in my printer driver is missing. Printers on networks use bidirectional instructions and data usually by SNMP (Sometimes also http). If the printer is not feeding info back to you and you have a hyper active and very secure IT guy who has blocked SNMP, ask him to unblock port 161. We see this allot in Australian Public Schools with the Administration and Curriculum networks. Both networks cannot see each other except for a few allocated IP's that the Vlans allow to cross talk. Unfortunately the Admin network does not allow port 161 to cross the divide.

    Logon Script Hijack
    Logon script failure? Thanks for asking this one Martyn.

    I added a user to my SBS network and now my VBS logon script will not run and just passes an error back to me. SBS loves to place a text entry at the end of the VBS file to run the client setup wizard. It is a non VB line in a VBS file. Remove the line. If you have used my sample logon script from Here , you will still have this client setup wizard running elsewhere.

    SBS Member server ?
    Can I run SBS as a member server? Thanks for asking this one Jerome.

    No, you can't do that. SBS must be a Domain controller and hold all 5 FSMO roles in the Active Directory at the Root of the Forest. If not it will start shutting down on you. Windows 2003 server is different to "Windows server 2003 for Small Business Server". It is a slightly modified version of Windows 2003 server.




  • 31 Jan 2007
    Vista, Trend Micro and life
    Send feedback about this particular blog
    Read Feedback from others


    30 Jan 2007

    OK, Today is a big one. Grab a coffee and try to keep up.

    Vista Arrives
    Firstly, We have Vista. Available to OEM's for a While, but now available to the masses. Is the hype and waiting in line worth it? Probably. We see in the news, people lining up, camping out and huge billboards. Is it really that good? I would suggest it is. It is a new concept for Windows. It uses some old truths and builds it into a new experience. I know some will complain about their old programs not working, heck I complained when Xtree Gold for DOS did not work in Windows XP, but for Microsoft to do wonderful things, they need to cut their ties and march on. Do I have a copy? Will I install it? Yes and Yes. Will I be happy with it? Possibly, I would be amazed, then missing the old ways, give in to it and just live with the features and then really begin to like it. I figure I will have the whole range of emotions. For those that marched down to Harvey Normans, Myers or DickSmiths (etc) and demanded to be one of the first ... More power to you. I would rather take my time and grab a copy with the hype burns away.

    If you want to trial it, or find out more basic information, I have some basic links for you at http://www.mickyj.com/sbs_vista.htm


    Trend SMB 3.5
    The second slightly smaller news on the planet is that Trend Micro today announced the global availability of the 3.5 versions of their industry leading Worry-Free solutions - Client Server Security and Client Server Messaging Security for Small and Medium Business.

    Trend Micro solutions protect PCs, Windows Servers and Exchange servers against Spyware, viruses, spam and other Malware. These integrated solutions automatically protect data confidentiality, resource availability and employee productivity.

    To download Client Server Messaging Security for SMB v3.5, please go to - http://www.trendmicro.com/download/product.asp?productid=39

    To download Client Server Security for SMB v3.5, please go to - http://www.trendmicro.com/download/product.asp?productid=40

    Trends latest offering gives us

  • All-in-one Integrated Defense against viruses, Spyware, Trojans, worms, phishing, spam and inappropriate content from one central management console.
  • NEW! Detects, blocks and cleans Spyware
  • NEW! Blocks emerging threats like Rootkits and bots
  • NEW! Cleans Spyware deeper so it won't re-install
  • Automatic Threat Protection that stops threats sooner - before full signatures are available
  • Zero Administration because of the ease of implementation and use

    I love Trend Micro. Whilst I prefer Trend Neatsuite, the SMB version is also great.

    ActiveSync 4.2
    I promised today was a big blog, .... From Trend and Microsoft to items I saw today onsite

    We tried our first attempt at Activesync 4.2 on SBS 2003 and a Kjam Mobile PC Phone today. Previously I have stayed with the safe ActiveSync 3.8 (Standard for SBS 2003) and older Phone Devices.



    It was not easy to understand the differences from 3.8 and it took a little while to get it working. Some good news, you seem to be able to sync it to two or mail profiles.



    If you ran the CEICW wizard in SBS, selected Outlook Web Access and Outlook mobile Access, created a certificate and completed the wizard, there is not much left to do.



    TIP: you will no longer automatically deploy Active Sync with the Add applications to Workstations Wizard anymore. This will install the older ver 3.8.



    After manually copying the .Cer Certificate file to the device and double clicking it, we then uninstalled Activesync 3.8, installed 4.2, plugged in the device, typed in the PC name we were sitting at, selected the mail server settings (https://mail.domain.com.au/exchange) and put in the log on information. Then we selected Emails, contacts to be sync'd by exchange and the other folders by PC.



    Now after that deep discussion (not) we setup GPRS in the communications and synchronized. It all worked that easy. All done.



    If you want to see the complicated discussion on this, as posted a few days ago, look at:

    Deploying Windows Mobile 5.0 with Windows Small Business Server 2003
    TIP: If the phone had a previous computer association, make sure to deselect it from handling the email (at the handset) or delete the association.

    SBS Fax modems
    From here we move to a current Discussion in the Adelaide SBS users group. Just what fax modem can you use on SBS and expect it to work ? I previously covered why not to use internal modems, USB or v92 modems. (Scroll through this link ). Software modems tend to hammer Server CPU's and you can loose faxes (or parts of them) during transmitting (If they actually negotiate and connect at all).

    Looks like the consensus is to use the Netcomm Mega i v90 Serial modem and MultiTech MT5600-ZDX External V.90 Serial Modem.
    If you need more serial ports use a Digi card (Or use an older Stallion easy10 ... If you can get it)

    Sick Roaming Profile
    Now to the final musing of the day. Roaming profiles with shortcuts pointing to crazy links on workstations. We came across a machine with a copy of Microsoft Word 2003 that had a strange issue. Opening a local word file was ok. Opening from a network share took a good 1 minute to open into Word (a mere 27 kb file). We tuned off the antivirus, deleted Normal.Dot. Turned off Macros, toolbars and add ins. We turned off offline file caching and cleaned up the system. It still did not work. We uninstalled and reinstalled Office, still no solution.

    Then we found a tool, called Smartdraw, that could create Word files from within itself. It was a recent installation on the network. This user had a roaming profile and lived between 2 machines. One machine was licensed for Smartdraw and the other not. His roaming profile brought across his desktop icons for Smartdraw and linked then to the other computer in the form \\workstation name\c$\Program Files\Smartdraw\Smartdraw.exe. As the other PC was a laptop and not turned on, clicking the link took a good minute to find that the workstation was not available and then give us an error. I decided to look in the registry and found over 20 links to smart draw as \\workstation\c$\Program Files\Smartdraw. I removed these links and now Word is fixed. It is looking for a Smartdraw component when it starts and accesses network based files. It looks like Smartdraw is not roaming profile compatible. It must play with the local users registry hive and link office to it. When it can not find it, it trawls the network looking for the files.

    SideBySide
    Error 59 in the event log for SidebySide. This is now the Adware or Trojan called SidebySide. It is easily mistaken for an infection of some kind however, I am here to make your lives easier. The error is benign and will not affect the program that reports the error. It simply can not find a specific DLL file. You can fix this by downloading the Microsoft Visual C++ 2005 Redistributable Package

    Ok, I promise, you can go back to your regular surfing habits, watch TV etc. I have given you enough to think about today.




  • 30 Jan 2007
    Vista Notes from the Dark side
    Send feedback about this particular blog
    Read Feedback from others


    27 Jan 2007

    Expect Vista SP1 In December!

    Redmond is planning its first SP1 with bug fixes and enhancements for the new OS. They already asked for businesses that want to be beta testers and said: "Interested customers should contact their Technical Account Manager at Microsoft to get nominated". Vista for consumers goes into retail next week! SP1 is going to be a bunch of fixes, as opposed to XP SP2 which was reworking major sections of the engine.

    Updated MS Toolkit Allows Full Vista Compatibility Check

    With Windows Vista finally released to manufacturing, administrators are bracing for the inevitability of supporting the new operating system. The big unknown isn't whether a given machine can support Vista, but whether a given application will run properly in Vista. And since Vista features some of the most radical changes to Windows since Windows went 32-bit, this is no small issue.

    A New version of a Microsoft toolkit lets admins audit their entire environment for Vista compatibility issues. Check back later for links.

    If I Run Vista, Do I Still Need 3rd Party AntiSpyware?

    Whilst Windows Defender is a great tool, if you have a network and want central scanning I would say yes. Also if you want up to date solutions and current removal tools, I would say yes. The Defender updates are currently not issued fast enough and not as effective as some of the other free tools out there.




    27 Jan 2007
    Exchange bloated?
    Send feedback about this particular blog
    Read Feedback from others


    26 Jan 2007

    As exchange slows down or approaches an unmanageable size .....

    What do you do? You can tell your users to clean up their mailboxes, empty their deleted items and run an offline defragmentation running ESEUTIL. You could also reduce your work overheads and reclaim up to 80% of your Exchange Store with ExchangeCompress.

    Exchange Compress is a Microsoft Exchange Server based application that has five major user selectable functions. Clean up the deleted and sent items folders. Compress the attachments in all the mailboxes in a selected store. Strip the attachments from the email and store the attachment on disk as a file in either a shared network location or the user's home directory. This can be done completely transparent to the user, who will still see the attachment as normal. Defragment the selected stores that make storage contiguous, eliminating unused storage and reducing the database size. With the Exchange Compress Analyze function, you can evaluate the impact of your selected actions before committing your updates to the Exchange Store.

    Download FREE trial copy here.




    26 Jan 2007
    Windows Mobile Phone Settings and Activesync
    Send feedback about this particular blog
    Read Feedback from others


    25 Jan 2007

    Mobile Phones

    Do you know that Telstra's setting for MMS and GPRS is Telstra.mms.mnc001.mcc505.gprs? Did you know error INTERNET_29 or 80072EFD in Activesync might mean you have a certificate problem? Ever since Exchange 2003 SP2 and SBS 2003 supported Mobile Smart Phone technology, we have had to learn more and more about the tools that make them work. We have had to fault find Certificate errors and much more. Here are some of my favorite links for solving these and many more issues.

  • A list of common ActiveSync errors
  • A compressed document about Phone technologies, WAP, GPRS, 3g and others
  • Telstra's Configuration page for Smartphones.
  • Discussion on Telstra MMS settings
  • The most complete list of Mobile phone setting information I have ever seen.
  • Deploying Windows Mobile 5.0 with Windows Small Business Server 2003




  • 25 Jan 2007
    Outlook PST file approaching 2 Gb
    Send feedback about this particular blog
    Read Feedback from others


    24 Jan 2007

    2 Gb PST files

    How big is your Outlook PST file? Have you heard the rumor that 2 Gb is the maximum? Have you also heard you can worry about recovering your PST file if it gets to 2 Gb when it happens? Don't!. Fix it NOW! When you get to 2 Gb you can certainly recover the data but some of the methods involve cutting everything you have received that is stored past the 2 Gb limit, off. You loose it. Other methods involve using Exmerge and Exchange. If you do not have access to Exchange, the best rule is just don't let it get that big. Use the archive feature. Better safe than sorry.

    Here are some methods of recovery for you.




    24 Jan 2007
    Exchange SP2 - error message Ox C103798A
    Send feedback about this particular blog
    Read Feedback from others


    22 Jan 2007

    OxC103798A

    Ok, Post 2 for the day. I have a client with an SBS 2003 server with Exchange 2003 SP1. When they try and install Exchange SP2 they get a failure at the "Microsoft Exchange System Management Tools" section. The installation Wizard comes up with

    "Setup Failed while installing sub-component Exchange System Management Snap-ins with error code OxC103798 (Please consult the installation logs for a detailed description). You may cancel the installation or try the failed setup again."

    I have asked for the Installation logs to be passed along to me.

    Has anyone else seen this ? There is very little on the internet and most articles are about Exchange 2000.

    Some suggestions are to not try installing it remotely, use the local console. Also uninstall the old IMF first (Almost a Given these days).

    All ideas Welcome




    22 Jan 2007
    Reindex from the Dark side of the moon
    Send feedback about this particular blog
    Read Feedback from others


    22 Jan 2007

    The Active Directory is rebuilding indices

    This is not a nice one to greet me on a Monday Morning.
    After rebooting a clients server I got "The Active Directory is rebuilding indices" and it just hangs there. I left it for 45 minutes and then decided it was hanging longer than it should and there was no hard drive activity. I have seen this once before and it sorted itself out after 30 minutes. From looking on the internet, Others have left this for over a week and no result.

    I realize if the AD is really corrupt, I need a recent copy of the System State. It would be a simple case of booting into AD restore mode and restore this backup. I did not trust this backup and wanted to work with what I had. I had some Sage advice from Wayne Small (SBS MVP) and also fingers crossed for me from Henry Craven (SBS MVP). Thanks Guys. We got through this.

    I booted into AD Restore mode, Ran a "Chkdsk /f" from the command prompt and set the antivirus and Exchange IS services to disabled. I ran the Chkdsk (Scheduled for next boot) and whilst it found zero faults, the server booted back up. I have since restarted the services and are back to normal.

    It is interesting to note that the Event log lists no fault and the CHKDSK found no issues and everything seems good.

    Googling "active directory rebuilding indices" Seems to provide similar advice.





    22 Jan 2007
    Shutdown Blues
    Send feedback about this particular blog
    Read Feedback MSI and an update


    21 Jan 2007

    My PC Will not shutdown


    I suspect that there is nothing we can do here. The Windows 2000 component shuts down, the hardware does not. The power button starts the PC, but will not shut it down (Not even with a 10 second press).

    For his user, the workstation with w2k professional used to poweroff on shutdown, but stopped the other day. The user ends up with a blank (black) screen with the monitor then going into green mode. The power button on the workstation will not power it off and you can hear it running. The user needs to turn it off at the wall.

    I have tried the age old tested fix of Popping in to Control Panel and looking at the Power Options. Under the APM tab, I ensured 'Enable APM support' was ticked. As it was already, I unticked it anyway, applied, then re-ticked it. I also reset the ACPI bios to defaults and redetected he hardware in Device Manager. It just will not shut down.

    This is starting to sound like hardware. Does anyone else have advice for this person ?




    21 Jan 2007
    Think beyond the boundaries of the square my little padawan
    Send feedback about this particular blog
    Read Feedback from others


    20 Jan 2007

    DDoS attack by Wedding Photo

    In computer security, a Distributed Denial of Service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users.
    DDoS attacks have two general forms:
  • Force the victim computer(s) to reset or consume its resources such that it can no longer provide its intended service.
  • Obstruct the communication media between the intended users and the victim so that they can no longer communicate adequately.

    The Company I work for was looking into a server with a very low byte count on Drive C: (Where Windows SBS 2003's core operating files are stored). It had a very slow internet connection and was almost unbearable through Remote access. The local users were also struggling. The server did not show any one task taking all the resources but behaved very much like an attacked server.

    After looking at the event log, checking services, clearing temp files and the like, we scanned the hard drive for all files larger than 30 MB. We found 50 Gb of quarantined 120 MB files stored in Trend Micro Officescan. A closer look revealed it was the same file, lots of times. By reading the header (At the command prompt we used the "type" command and piped it though the More utility) we saw that it was an email. We also then saw that the sender was internal on the network. We then found this person had sent an email with 120 MB of Photos out to the world. The Exchange and Scan mail connectors were overloaded and the email was being temporary quarantined for scanning and never quite reaching the email queue before another copy was made and scanned again and again hence filling the hard disk and bringing the server to it's knees. This person has since stopped trying to send such a large email.

    This caused the symptoms of a DDoS on the server and brought the system down. Who would have thought, simple wedding photos ...........





  • 20 Jan 2007
    My SBS 2003 Power user logged into the server and now has to much power (Or knows he has lots of power)
    Send feedback about this particular blog
    Read Feedback from others


    16 Jan 2007

    Ok, so you made someone an SBS server power user with the add user Wizard and templates. They have then logged onto the server, invoked the Power user console and then logged back into their PC and their roaming profile is forever trying to bring up the Console, causes a security error and logs them back out.

    First thing to do is slap their hand. The power user would have used the remote desktop or RWW to access the server, maybe discovered their mistake and backed out but the changes to their profile have now been made. Staff and users should not be logging into the server, neither locally or remotely. If they need power, make someone a Mobile user, they have enough power to do their job but can not log onto the server. ok, so here is how it works.

    Based on my research, in the SBS environment, when a user logs onto a client, AppLauncher is invoked by the logon script (Setup.exe). AppLauncher compares the Apps.dat and the client's registry settings to determine whether to install any SBS applications. Before the installation of client applications occurs, there are some checks that are necessary to insure that AppLauncher enters a safe system environment:

    If the client is the SBS server, and the logged on user belongs to the Domain Admins group, AppLauncher will check the existence of the registry key (REG_DWORD): HKCU\Software\Microsoft\SmallBusinessServer\Administration\ AdminConsoleShortcut

    If key is present or set to 1, AppLauncher will exit quietly.

    If key is not present or set to 0, AppLauncher will create a Server Management shortcut (%allusersprofile%\Application Data\Microsoft\SmallBusinessServer\Administration\ ITProSBSConsole.msc) in the %userprofile%\Start Menu\Programs\Startup directory. AppLauncher will also create the AdminConsoleShorcut key and set it to 1 so that it will not create the shortcut next time.

    This is cool so far except, if the client workstation is the SBS server, and the logged on user belongs to the Domain Power Users group, AppLauncher will check the existence of the registry key (REG_DWORD):

    HKCU\Software\Microsoft\SmallBusinessServer\Administration\ PowerUserConsole­Shortcut

    If key is present or set to 1, AppLauncher will exit quietly.

    If key is not present or set to 0, AppLauncher will create a Server Management for Power Users shortcut (%allusersprofile%\Application Data\Microsoft\SmallBusinessServer\ Administration\MySBSConsole.msc) in the %userprofile%\Start Menu\Programs\Startup directory. AppLauncher will also create the PowerUserConsoleShortcut key and set it to 1 so that it will not create the shortcut next time.

    This means your power users account has been logged onto the server and his local profile edited.

    This means the user had the following shortcut created C:\Documents and Settings\username\Application Data\Microsoft\SmallBusinessServer\Administration\ITProSBSConsole.msc

    Which became part of his roaming profile. This shortcut will only work from the SBS server and not a workstation.

    At the workstation, the MMC decides your user is trying to run a security restricted application and hence logs them off. You are going to need to get into their profile and get rid of the MMC that it trying to start with each logon. Now reduce their group membership.

    Simpler just to tell them not to do it or make them a mobile user.




    16 Jan 2007
    Think beyond the boundaries of the square my little padawan
    Send feedback about this particular blog
    Read Feedback from others


    15 Jan 2007

    Outlook 2003 can not print

    I visited a client today who could not print from Outlook. They can print from other Microsoft Office applications, do a test print (From in the printer dialogue) and even configure the printers. They just can not print from Outlook. When they try from the Outlook item list, the selected printer is grayed out and they can not select memo or table Outlook style printing. If they open and item and try to print, Outlook crashes with a non descript message telling us Outlook did a very bad thing. I tried the normal items like turning off Outlook Com and normal Add - ins. It made little difference. I tried changing the default printer and a few other options. This is clearly Outlook gone bad.

    Previously, when I have a corrupted settings, I clear the Outlook Mail Profile. It is very little to do with printing but I thought a clean slate might help. Wallah. Fixed. He can not print. I have no idea why this fixed it but it just shows you. Something as unrelated as a mail profile can affect a print job. When you are stuck, you might need to try something unusual and an unusual fix might give you the right result. Today's lesson, think outside the square. Get back to basics and look at the problem on a fresh slate.





    15 Jan 2007
    Reinstall SBS Monitoring after failure
    Send feedback about this particular blog
    Read Feedback from others


    13 Jan 2007

    Reinstall SBS Monitoring

    You can simply add/remove the SBSmonitoring tool. This does not fully remove it.

    1. Control Panel -> Add Remove Program -> Windows Small Business Server 2003.
    Set Server Tools to Maintenance. Set Monitoring to Uninstall and continue the setup process. 2. Control Panel -> Add Remove Program -> Microsoft SQL Server Desktop Engine (SBSMonitoring) -> Remove.
    3. Rename the C:\program files\Microsoft SQL Server\MSSQL$SBSMONITORING Folder.
    4. Reboot the server.
    5. Control Panel -> Add Remove Program -> Windows Small Business Server 2003.
    Set Server Tools to Maintenance. Set Monitoring to Install and continue the setup process.
    6. Reboot the server.
    7. Start MSSQL$SBSMONITORING and SQLAgent$SBSMONITORING services.
    8. In Server Management Console -> Monitoring and Reporting: run the "Set Up Monitoring Reports and Alerts wizard”




    13 Jan 2007
    Trend Micro Scan mail real-time (SMEX) will not run
    Send feedback about this particular blog
    Read Feedback from others


    11 Jan 2007

    The Service will not start, the web interface will not update and the tool tells me the engine is old and need updating.

    This turned out to simply be a missing pattern file. I have seen the same issue with IMSS and Interscan. The services will not load and it does not tell you why (Not in a meaningful way anyway). The pattern file (20 MB) is simply missing. I copied the one over from IMSS and started the service fine. All fixed. I could not find this on the Trend Knowledge base so I had to blog here just for you :)

    I was asked today about XML Character encodings for RSS feeds. Here they are.

    & amp; = & (ampersand, U+0026)
    & lt; = < (left angle bracket, less-than sign, U+003C)
    & gt; = > (right angle bracket, greater-than sign, U+003E)
    & quot; = " (quotation mark, U+0022)
    & apos; = ' (apostrophe, U+0027)




    11 Jan 2007
    Bill Gates officially announces Home Server
    Send feedback about this particular blog
    Read Feedback from others


    10 Jan 2007


    I did a survey on this idea about 12 months ago. It was an infant then, that we could not talk about, but now it is here. Check it out at these links.
  • Press information
  • Interview on 9
  • Stop Digital Amnesia
  • Interview on 10

    Download the word document Here




  • 10 Jan 2007
    I am turning over a new leaf
    Send feedback about this particular blog
    Read Feedback from others


    9 Jan 2007


    Some sage advice from a co worker (Sam) has lead me to ditching my old HTML blog (which I edited in notepad) and my secondary RSS feed, and combining the two. The old blogs will be left as archives and from this day forward, I will only publish in RSS. This means the latest blogs from my site are ported through an RSS2HTML script for your viewing and hopefully, the RSS feed will be more active.

    Thanks Sam !




    9 Jan 2007

     

     
    New additional blog (Added August 2011). Mickyj Mindspill at msmvps.com

     

     

     

     

        

     

         ( )

    View Previous posts before 10 January 2007

     

     

     

     

                                                                 This page was written and designed by Michael Jenkin 2011 ©