Microsoft has released a public beta for its hypervisor-based server virtualization technology known as Hyper-V, which will be included in three versions of Windows Server 2008 when it ships early next year.
http://blogs.technet.com/windowsserver/archive/2007/12/12/Yes_2C00_-Virginia_2C00_-there-is-a-Hyper_2D00_V-beta.aspx
Friday, December 14, 2007
Monday, December 10, 2007
Wednesday, December 5, 2007
Internet connection speed test
To test speed of your internet connection in Switzerland, use this site:
http://speedtest.cnlab.ch/
Globally - use http://www.speedtest.net
http://speedtest.cnlab.ch/
Globally - use http://www.speedtest.net
Thursday, November 29, 2007
Microsoft IAS uses Global catalog
We had a case when users could not use wireless when WAN link to HQ was down. The reason is that Cisco wireless authentication (WPA2-Enteprise EAP) is done on the local DC with IAS, but Global catalog was not enabled on the DC. Since the WAN link to HQ Global catalog was not available users could not connect to wireless. Error message:
Event Type: Error
Event Source: IAS
Event Category: None
Event ID: 3
Date: 11/27/2007
Time: 5:25:18 PM
User: N/A
Computer: xxx
Description:
Access request for user host/xxx was discarded.
Fully-Qualified-User-Name =
NAS-IP-Address = xxx
NAS-Identifier = xxx
Called-Station-Identifier = xxx
Calling-Station-Identifier = xxx
Client-Friendly-Name = xxx
Client-IP-Address = xxx
NAS-Port-Type = Wireless - IEEE 802.11
NAS-Port = 215
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server =
Reason-Code = 4
Reason = The Active Directory global catalog cannot be accessed.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 ....
The workaround - enable GC on all DCs used for wireless.
http://technet2.microsoft.com/windowsserver/en/library/7f26a61e-8dfa-455f-b596-53aa6349f0511033.mspx?mfr=true
Event Type: Error
Event Source: IAS
Event Category: None
Event ID: 3
Date: 11/27/2007
Time: 5:25:18 PM
User: N/A
Computer: xxx
Description:
Access request for user host/xxx was discarded.
Fully-Qualified-User-Name =
NAS-IP-Address = xxx
NAS-Identifier = xxx
Called-Station-Identifier = xxx
Calling-Station-Identifier = xxx
Client-Friendly-Name = xxx
Client-IP-Address = xxx
NAS-Port-Type = Wireless - IEEE 802.11
NAS-Port = 215
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server =
Reason-Code = 4
Reason = The Active Directory global catalog cannot be accessed.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 ....
The workaround - enable GC on all DCs used for wireless.
http://technet2.microsoft.com/windowsserver/en/library/7f26a61e-8dfa-455f-b596-53aa6349f0511033.mspx?mfr=true
Thursday, November 15, 2007
Windows Desktop Search
WDS found itself in the midst of a controversy on October 25, 2007 when WDS 3.01 was automatically pushed out and installed to Windows systems when they updated themselves via WSUS. Microsoft hasn't yet responded on the situation.
Tuesday, November 13, 2007
HP UPS R5500 XR firmware
Latest firmware for UPS is 2.04, during the upgrade UPS may switch off the segment, althought in theory it should not.
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01102953&prodTypeId=321957&prodSeriesId=3368539
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01102953&prodTypeId=321957&prodSeriesId=3368539
Cisco ASA new releases
Cisco released ASA 8.0(3), Secure Desktop 3.2.0.136 and AnyConnect 2.1.0148 around Nov 7 2007
Cisco ASA WebVPN cifs "Error contacting host."
There is a bug CSCsk29306 in ver. 8.0(2) and it looks like in 8.0(3) it still not solved. Workaround - reload.
Friday, October 26, 2007
MTU
There was an issue when some PCs could not perform a specific (mmbe,f8) operation in SAP and produced error "connection reset by peer".
The problem was fixed by addding MTU parameter (1300) into WXP registry, it was missing for some reason. Refer to the SAP note 155147
Wednesday, October 17, 2007
UserDump Tool
For the issues described here
Userdump tool from Microsoft:
http://support.microsoft.com/kb/241215/en-us
Userdump tool from Microsoft:
http://support.microsoft.com/kb/241215/en-us
Friday, October 12, 2007
Windows XP virtual PC SID change
As you know it's easy to clone Virtual machines, but two clones must have different SID to work correctly simultaneously in the network, such as Active Directory. There is a MS tool called "newsid" that allows to change SID and PC name. The tool can assign random or predefined SID to the system. Clones also need different MAC address.
Thursday, October 11, 2007
Cisco Secure Desktop and Vista
Cisco Secure Desktop release. 3.2 does not support Secure Session in Vista. It will perform only cache clean.
http://www.cisco.com/en/US/docs/security/csd/csd32/release/notes/CSDRn32.html#wp39068
| Operating Systems1 | Cache Cleaner2 | |||
| 1 Includes both English and non-English support for 32-bit Microsoft operating systems. Cisco Secure Desktop does not support the 64-bit versions. 2 Cache Cleaner also supports WebLaunch of Cisco AnyConnect on a PC running Windows 2000 or XP. |
Thursday, October 4, 2007
Exchange cluster error id 1146
The error described earlier is back again:
0000130c.00001324::2007/10/04-02:47:25.190 ERR [RM] SymInitialize failed, GLE=-1073741819.
0000130c.00001324::2007/10/04-02:47:25.190 ERR [RM] Failed to initialize Dbghelp.dll.
0000130c.00001324::2007/10/04-02:47:25.190 ERR [RM] Active Resource = 000A4778
0000130c.00001324::2007/10/04-02:47:25.190 ERR [RM] Resource State is 12, "ResourceTypeControl"
0000130c.00001324::2007/10/04-02:47:25.190 ERR [RM] Resource name is TR_Mailbox
0000130c.00001324::2007/10/04-02:47:25.190 ERR [RM] Resource type is Volume Manager Disk Group
00000af4.00001320::2007/10/04-02:47:25.299 ERR [FM] NotifyChanges got an RPC failure, 1726.
00000af4.00001320::2007/10/04-02:47:25.299 WARN [FM] Resource monitor 130c NotifyChanges returned failure.
00000af4.00001320::2007/10/04-02:47:25.299 WARN [FM] Last resource monitor state: 12, resource 673656.
The error definitely is in Disk resource. We use Veritas Software Foundation, so this error might needs to be escalated to Symantec.
0000130c.00001324::2007/10/04-02:47:25.190 ERR [RM] SymInitialize failed, GLE=-1073741819.
0000130c.00001324::2007/10/04-02:47:25.190 ERR [RM] Failed to initialize Dbghelp.dll.
0000130c.00001324::2007/10/04-02:47:25.190 ERR [RM] Active Resource = 000A4778
0000130c.00001324::2007/10/04-02:47:25.190 ERR [RM] Resource State is 12, "ResourceTypeControl"
0000130c.00001324::2007/10/04-02:47:25.190 ERR [RM] Resource name is TR_Mailbox
0000130c.00001324::2007/10/04-02:47:25.190 ERR [RM] Resource type is Volume Manager Disk Group
00000af4.00001320::2007/10/04-02:47:25.299 ERR [FM] NotifyChanges got an RPC failure, 1726.
00000af4.00001320::2007/10/04-02:47:25.299 WARN [FM] Resource monitor 130c NotifyChanges returned failure.
00000af4.00001320::2007/10/04-02:47:25.299 WARN [FM] Last resource monitor state: 12, resource 673656.
The error definitely is in Disk resource. We use Veritas Software Foundation, so this error might needs to be escalated to Symantec.
Wednesday, October 3, 2007
HP DL360G4 HDtach
I'm trying to measure the disk performance of the HP DL360G4,G5, DL380G4 servers.
I have configuration with two disks 72GB 15K in mirror (RAID 1+0 in ACU settings)
HDtach 3.0 gives me burst speed 145 MB/s, which is twice lower than shown SCSI Ultra320. Is it normal? Is it possible to improve the performance without changing from mirror to stripe?
MXtreme borderware reporting error
MXtreme 6.5 update 4 (we use it as SMTP gateway for Exchange)- in the monthly reports the calculations gone really bad. It shows negative! number of clean messages. Then obviously in the pie chart you can not see them.
I had the same issue a year ago, but no solution was provided by Borderware at that time. Now it seems that new version 7.1 has improved reporting engine.
Tuesday, October 2, 2007
Green address bar in Vista IE7 - Extended Validation Certificate
Some https sites now have this new type of certificates - EV
IE7 in Vista will highlight EV site with green colour and will show the Certification Authority who certified the site. Example: https://sourceforge.net
Read about EV:
http://www.microsoft.com/windows/products/winfamily/ie/ev/default.mspx
http://en.wikipedia.org/wiki/Extended_Validation_Certificate
IE7 in Vista will highlight EV site with green colour and will show the Certification Authority who certified the site. Example: https://sourceforge.net
Read about EV:
http://www.microsoft.com/windows/products/winfamily/ie/ev/default.mspx
http://en.wikipedia.org/wiki/Extended_Validation_Certificate
Monday, October 1, 2007
Vista roaming user profiles
Roaming profiles have different structure in Vista and XP. If you have profiles defined as
\\fileserver\profiles$\%username% in the ADUC for a user, then XP will use this path for roaming profile, but Vista will be looking for the same folder but with .V2 extention. So, add second folder with the samename.V2 for those who use both XP and Vista
\\fileserver\profiles$\%username% in the ADUC for a user, then XP will use this path for roaming profile, but Vista will be looking for the same folder but with .V2 extention. So, add second folder with the samename.V2 for those who use both XP and Vista
Desktop wallpaper for servers
Microsoft has a nice free tool - backinfo (and bginfo). It allows to show tech info about the server in the Desktop background. Very useful for the servers that you access with Remote Desktop Connection (RDP).
Tuesday, September 18, 2007
Memory leak
Investigating memory leak on on of the W2003 servers.
1) Server gives error once a week since 1 month now.
Event Type: Error
Event Source: Srv
Event Category: None
Event ID: 2019
Date: 8/20/2007
Time: 5:53:20 PM
User: N/A
Computer: SCHGVAIT003
Description:
The server was unable to allocate from the system nonpaged pool because the pool was empty.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 04 00 01 00 54 00 ......T.
0008: 00 00 00 00 e3 07 00 c0 ....ã..À
0010: 00 00 00 00 9a 00 00 c0 ....š..À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 02 00 00 00 ....
Nonpaged pool is limited to 256K on that server.
2) Poolmon utility from Windows support tool was used to identify leaking driver:
start poolmon.exe, then press B key to sort by bytes allocated.
Driver with tag "Ddk" allocated 51820464 bytes in 3 days.
3) Identify driver
poolmon.exe /c - will create drivers tags in localtag.txt
4) Suspect- CPQCISSE.sys ver 6.2.0.32
5) Looking if newer driver is available at HP - no, I have latest one
6) Suspect Trend Micro firewall - unistalled, memory leak stopped.
1) Server gives error once a week since 1 month now.
Event Type: Error
Event Source: Srv
Event Category: None
Event ID: 2019
Date: 8/20/2007
Time: 5:53:20 PM
User: N/A
Computer: SCHGVAIT003
Description:
The server was unable to allocate from the system nonpaged pool because the pool was empty.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 04 00 01 00 54 00 ......T.
0008: 00 00 00 00 e3 07 00 c0 ....ã..À
0010: 00 00 00 00 9a 00 00 c0 ....š..À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 02 00 00 00 ....
Nonpaged pool is limited to 256K on that server.
2) Poolmon utility from Windows support tool was used to identify leaking driver:
start poolmon.exe, then press B key to sort by bytes allocated.
Driver with tag "Ddk" allocated 51820464 bytes in 3 days.
3) Identify driver
poolmon.exe /c - will create drivers tags in localtag.txt
4) Suspect- CPQCISSE.sys ver 6.2.0.32
5) Looking if newer driver is available at HP - no, I have latest one
6) Suspect Trend Micro firewall - unistalled, memory leak stopped.
Friday, September 14, 2007
ZIP gets corrupted in Sharepoint
This is how to fix the problem:
change MIME type to octet stream for .zip files
http://www.combined-knowledge.com/Downloads/White%20Papers/How%20to%20Prevent%20Zip%20file%20Corruption%20in%20Sharepoint%202003.pdf
change MIME type to octet stream for .zip files
http://www.combined-knowledge.com/Downloads/White%20Papers/How%20to%20Prevent%20Zip%20file%20Corruption%20in%20Sharepoint%202003.pdf
Wednesday, August 29, 2007
youtube video workaround for Bluecoat
Youtube streaming is not supported by Bluecoat ProxyAV, therefore you need to add exception and skip antivirus scanning for youtube.
http://forums.bluecoat.com/viewtopic.php?t=1585
http://forums.bluecoat.com/viewtopic.php?t=1585
Thursday, July 26, 2007
Cisco ASA and WebVPN
Cisco released new firmware for ASA - 8.0(2).
WebVPN significantly improved: provides RDP, Citrix, VNC access, AnyConnect - SSL VPN client, better Cisco Security Desktop. If you use WebVPN I suggest you to update ASAP. The admin interface is somewhat different, sometimes confusing. But it gives all you need to get stable WebVPN.
Unfortunately there are some known bugs in this version, as example:
CSCsj00288 CSD - Keystroke Logger check fails when HP Quick Launch app is running
I just discovered new release of CSD - 3.2.0.136, let's try...
WebVPN significantly improved: provides RDP, Citrix, VNC access, AnyConnect - SSL VPN client, better Cisco Security Desktop. If you use WebVPN I suggest you to update ASAP. The admin interface is somewhat different, sometimes confusing. But it gives all you need to get stable WebVPN.
Unfortunately there are some known bugs in this version, as example:
CSCsj00288 CSD - Keystroke Logger check fails when HP Quick Launch app is running
I just discovered new release of CSD - 3.2.0.136, let's try...
Wednesday, July 25, 2007
Exchange cluster error id 1146
On a Exchange 2003 SP2, W2003SP2, Veritas Software Foundation 4.3 MP2, Scanmail 7.0
we have an error: ClusSvc Warning Failover Mgr 1146 N/A SCHGVAEX001 The cluster resource monitor died unexpectedly, an attempt will be made to restart it.
The cluster gets restarted causing about 3 minutes downtime for users. It repeats few times during a month. The Ms KB http://support.microsoft.com/kb/886652/en-us does not apply in our case. The problem started after Windows Server 2003 SP2.
MS recommends to run non-MS cluster resources in separate monitors - option option “Run this resource in a separate Resource Monitor” of the cluster admin console. I applied this to Veritas volumes and Scanmail
Let's wait and see what it will bring.
update: problem is gone!!!
update: not really, error is back again. I hope it will not be so often.
we have an error: ClusSvc Warning Failover Mgr 1146 N/A SCHGVAEX001 The cluster resource monitor died unexpectedly, an attempt will be made to restart it.
The cluster gets restarted causing about 3 minutes downtime for users. It repeats few times during a month. The Ms KB http://support.microsoft.com/kb/886652/en-us does not apply in our case. The problem started after Windows Server 2003 SP2.
MS recommends to run non-MS cluster resources in separate monitors - option option “Run this resource in a separate Resource Monitor” of the cluster admin console. I applied this to Veritas volumes and Scanmail
Let's wait and see what it will bring.
update: problem is gone!!!
update: not really, error is back again. I hope it will not be so often.
Monday, July 16, 2007
How to set ACL in Cisco ASA VPN from IAS
Cisco ASA can work with access lists from IAS Radius. Add to the IAS policy the attribute 'Cisco-AV-Pair' as example:
ip:inacl#1=permit ip host 192.168.1.1 any
and
ip:inacl#2=permit ip any host 192.168.1.1
This will limit IP traffic only to/from this host.
ip:inacl#1=permit ip host 192.168.1.1 any
and
ip:inacl#2=permit ip any host 192.168.1.1
This will limit IP traffic only to/from this host.
Friday, June 29, 2007
Script for Windows updates remote installation
Hello,
if you are using WSUS for workstations it is more or less easy, you set GPO to automatically download and install. Then you approve/reject updates in WSUS console. However for server it's better to setup automatically download. The installation itself should be manual. To automate the manual patch installation use this script:
http://www.vbshf.com/vbshf/forum/forums/thread-view.asp?tid=199&start=1
Put this script on the file share, together with follwing cmd
c:\windows\system32\cscript.exe \\server\UpdateHF\updatehf.vbs action:install mode:silent email:yourname@yourdomain.com restart:1
Then you can use GUI for psexec or LANGuard Network Security Scanner or other tools to run this command remotely.
if you are using WSUS for workstations it is more or less easy, you set GPO to automatically download and install. Then you approve/reject updates in WSUS console. However for server it's better to setup automatically download. The installation itself should be manual. To automate the manual patch installation use this script:
http://www.vbshf.com/vbshf/forum/forums/thread-view.asp?tid=199&start=1
Put this script on the file share, together with follwing cmd
c:\windows\system32\cscript.exe \\server\UpdateHF\updatehf.vbs action:install mode:silent email:yourname@yourdomain.com restart:1
Then you can use GUI for psexec or LANGuard Network Security Scanner or other tools to run this command remotely.
Monday, June 25, 2007
HP Version control agent bug
HP VCA shows drivers with old version, but can not install new ones. For example in my HP DL360G4 it was showing "HP ProLiant Smart Array SAS/SATA Controller Driver for Windows Server 2003" version 5.0.0.32, but when I try to install update to version 6.6.0.32, the system would tell that
"The software will not be installed on this system because the required
hardware is not present in the system or the software/firmware doesn't
apply to this system."
Workaround is to rename folder Discovery in C:\hp\hpsmh\data\cgi-bin\vcagent.
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1127033
I believe definitive solution will come with VCA patch soon.
"The software will not be installed on this system because the required
hardware is not present in the system or the software/firmware doesn't
apply to this system."
Workaround is to rename folder Discovery in C:\hp\hpsmh\data\cgi-bin\vcagent.
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1127033
I believe definitive solution will come with VCA patch soon.
Tuesday, June 19, 2007
Sharepoint HTTP compression
as you know, you can enable IIS compresion to improve Sharepoint performance over WAN (http://www.bluedoglimited.com/SharePointThoughts/ViewPost.aspx?ID=63).
However, when you open documents from Sharepoint using Office (Excel or Word), then compression does not work. It looks like it's because Windows WebDav client does not support header "Accept-Encoding:"(gzip or deflate). Without this header compression will not work.
However, when you open documents from Sharepoint using Office (Excel or Word), then compression does not work. It looks like it's because Windows WebDav client does not support header "Accept-Encoding:"(gzip or deflate). Without this header compression will not work.
Monday, May 21, 2007
How to let non-admins to manage Power options in Windows XP
http://blogs.msdn.com/aaron_margosis/archive/2005/02/09/370263.aspx
Friday, May 18, 2007
Sharepoint default timeout on the forms - 30 minutes
(From Sharepoint Help)
About Web Page Security Validation
Web Page Security Validation enhances security by imposing a time limit on pages when the user is submitting information to the server. This feature ensures that the connection between the browser and the server is more secure, and that data is not altered on a user's behalf without his or her knowledge. When users take too long before submitting changes to the server, they receive a message informing them that they must go back to the previous page and retry the operation.
In most installations, a setting of 30 minutes is usually appropriate. If site users experience frequent time-outs because of long data transfer times, consider increasing the interval. However, you should not turn off Web Page Security Validation, as it helps to maintain the security of your server.
About Web Page Security Validation
Web Page Security Validation enhances security by imposing a time limit on pages when the user is submitting information to the server. This feature ensures that the connection between the browser and the server is more secure, and that data is not altered on a user's behalf without his or her knowledge. When users take too long before submitting changes to the server, they receive a message informing them that they must go back to the previous page and retry the operation.
In most installations, a setting of 30 minutes is usually appropriate. If site users experience frequent time-outs because of long data transfer times, consider increasing the interval. However, you should not turn off Web Page Security Validation, as it helps to maintain the security of your server.
ActiveDirectory and Windows command line one liners
http://blog.sapien.com/current/2006/11/28/command-line-one-liners.html
Monday, May 14, 2007
Friday, May 11, 2007
Microsoft Support tools
Some MS prodcut support tools can give a lot of useful info for yourself!
http://www.microsoft.com/downloads/details.aspx?familyid=cebf3c7c-7ca5-408f-88b7-
f9c79b7306c0&displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=cebf3c7c-7ca5-408f-88b7-
f9c79b7306c0&displaylang=en
Thursday, May 10, 2007
Thursday, April 12, 2007
Microsoft Switzerland TechDays 2007
You can download presentations from Microsoft Switzerland TechDays 2007 from here:
http://www.microsoft.com/switzerland/techdays/fr/agenda.mspx
The agenda is in French, but all presentations are in English!
http://www.microsoft.com/switzerland/techdays/fr/agenda.mspx
The agenda is in French, but all presentations are in English!
Wednesday, April 11, 2007
Event Type: Error
Event Source: EXOLEDB
Event Category: General
Event ID: 111
Date: 4/10/2007
Time: 5:44:40 PM
User: N/A
Computer: SCHGVAEX002
Description:
Microsoft Exchange OLEDB was unable to do Schema propagation on MDB startup HRESULT = 0x80040e19.
If you have this event on Exchange server - go to system manager - Administrative groups - ..- folders
Right click and select view system folders
see if you have two schema-root folders - this may be cause of this error. Microsoft suggest to delete one (make sure you have backup!).
Event Source: EXOLEDB
Event Category: General
Event ID: 111
Date: 4/10/2007
Time: 5:44:40 PM
User: N/A
Computer: SCHGVAEX002
Description:
Microsoft Exchange OLEDB was unable to do Schema propagation on MDB startup HRESULT = 0x80040e19.
If you have this event on Exchange server - go to system manager - Administrative groups - ..- folders
Right click and select view system folders
see if you have two schema-root folders - this may be cause of this error. Microsoft suggest to delete one (make sure you have backup!).
LAN Bridging in Cisco
One of the ways to create bridge between two networks is DLSW (and DLSW+ of Cisco)
http://www.netcraftsmen.net/welcher/papers/dlsw1.htm
http://www.netcraftsmen.net/welcher/papers/dlsw2.htm
Do not forget about DLSW vulnerabilities: http://www.cisco.com/en/US/products/products_security_response09186a00807bd13d.html#t1
http://www.netcraftsmen.net/welcher/papers/dlsw1.htm
http://www.netcraftsmen.net/welcher/papers/dlsw2.htm
Do not forget about DLSW vulnerabilities: http://www.cisco.com/en/US/products/products_security_response09186a00807bd13d.html#t1
Tuesday, April 3, 2007
Spoolsv.exe memory leak (again ?!)
Memory leak in spoolsv.exe if you use HP standard TCP/IP port for printers. Non-paged memory pool keeps growing when you print. Solution is to change HP standard TCP/IP port to Microsoft Standard TCP/IP port
Solution was found here: http://www.tek-tips.com/viewthread.cfm?qid=1143952&page=1
Case was escalated to HP who confirmed that they recommend to change to Microsoft port driver.
Solution was found here: http://www.tek-tips.com/viewthread.cfm?qid=1143952&page=1
Case was escalated to HP who confirmed that they recommend to change to Microsoft port driver.
Thursday, March 15, 2007
How to install Microsoft XPS printer
http://www.microsoft.com/downloads/details.aspx?FamilyID=4d951911-3e7e-4ae6-b059-a2e79ed87041&DisplayLang=en
High CPU untilisation of spoolsv.exe
Check if there are documents pending in the printers spool. Recreate all printers.
It helped me. http://www.adminnotes.com/index/2006/01/spoolsvexe_caus.html
This effect was on several PCs after February MS patch.
It helped me. http://www.adminnotes.com/index/2006/01/spoolsvexe_caus.html
This effect was on several PCs after February MS patch.
Vista and computer only wireless 802.1X authentication
AuthMode in XP was a registry setting, in Vista is is slightly more complex: http://support.microsoft.com/kb/929847
Friday, February 23, 2007
.NET runtime error Event Id 0
If you have this bug in your evenviewer: unable to open shim database version registry key-v2.0.50727.00000 - try to install a patch http://support.microsoft.com/kb/918642
Note you will need to be registered on connect.microsoft.com. Go there and subscribe to any Beta testing and then you will be able to download the patch.
Note you will need to be registered on connect.microsoft.com. Go there and subscribe to any Beta testing and then you will be able to download the patch.
winmsd
A quick and easy way to collect inventory from a remote Windows PC:
run under domain admin account: winmsd /computer PC_name /nfo PC_name
This will create a file in curent directory with all PC HW/SW details.
run under domain admin account: winmsd /computer PC_name /nfo PC_name
This will create a file in curent directory with all PC HW/SW details.
Thursday, February 22, 2007
Email security guideline (from US NIST)
http://csrc.nist.gov/publications/nistpubs/800-45-version2/SP800-45v2.pdf
Tuesday, February 20, 2007
Add RAM to HP nc6000
Amazing, but there are video guides on youtube on how to change RAM for quite old PC model HP nc6000: http://www.youtube.com/watch?v=B4Y4MKI1x0M
Thanks to yourtube poster and shame to HP that I could not find the same info on HP.com when I needed it.
Thanks to yourtube poster and shame to HP that I could not find the same info on HP.com when I needed it.
Tuesday, February 13, 2007
Ticker from HP Insight Manager
Last few days I was trying to get some systems health information from HP SIM on intranet. Finally it works (with spagetti of scripts).
mxquery.cmd script on HPSIM server:
mxquery -e "Critical Systems"|find "DeviceName:"|perl -pe s/DeviceName://|sort
on another server (with IIS):
- installed OpenSSH (from HP) and created password-less connection for local user s-chssh.
- perl script connects to the HPSIM using Net::SSH and calls mxquery.cmd script
Now it should be easy to call this script from Web application. Do not forget to impersonate IIS to act as user s-chssh.
HPSIM also provides reports - call mxreport -e report_name.
All above can be simplified if there is IIS (or other web) on HPSIM server. If I can get PerlEx to work with ssh. If I can get ASP to work with ssh.
mxquery.cmd script on HPSIM server:
mxquery -e "Critical Systems"|find "DeviceName:"|perl -pe s/DeviceName://|sort
on another server (with IIS):
- installed OpenSSH (from HP) and created password-less connection for local user s-chssh.
- perl script connects to the HPSIM using Net::SSH and calls mxquery.cmd script
Now it should be easy to call this script from Web application. Do not forget to impersonate IIS to act as user s-chssh.
HPSIM also provides reports - call mxreport -e report_name.
All above can be simplified if there is IIS (or other web) on HPSIM server. If I can get PerlEx to work with ssh. If I can get ASP to work with ssh.
Cisco VPN proxy settings and firefox
Cisco ASA firmware 7.2(2) can set proxy for client. It works fine with IE, but unfortunately, does not work for firefox (at least for version 2.0).
Wednesday, February 7, 2007
Simple, but nice PerlEx report for WAN status
<%use CGI;
use Net::Ping;
my $cgi = new CGI;
#print "Content-type: text/html\n\n";
print "<html><head>\n";
print "<title>WAN health</title></head>\n";
print "<body bgcolor=\"#FFFFFF\" text=\"#000000\" link=\"#FFFFFF\"
vlink=\"#FFFFFF\">\n";
#print "WAN status...";
$p = Net::Ping->new(); %>
<TABLE border="1"><TR><TH>Site<TH>Status
<TR><TD>Bulgaria<TD><%
if ($p->ping("192.168.5.1")) { print "<a
href=\"WAN_detail.aspl\"><img src=\"images/ok.png\"></a>";}
else { print "<a href=\"WAN_detail.aspl\"><img
src=\"images/not_ok.png\"></a>";}%>
<TR><TD>Greece<TD><%
if ($p->ping("192.168.4.1")) { print "<a
href=\"WAN_detail.aspl\"><img src=\"images/ok.png\"></a>";}
else { print "<a href=\"WAN_detail.aspl\"><img
src=\"images/not_ok.png\"></a>";}%>
<TR><TD>Macedonia<TD><%
if ($p->ping("192.168.3.1")) { print "<a
href=\"WAN_detail.aspl\"><img src=\"images/ok.png\"></a>";}
else { print "<a href=\"WAN_detail.aspl\"><img
src=\"images/not_ok.png\"></a>";}%>
<TR><TD>Turkey<TD><%
if ($p->ping("192.168.2.6")) { print "<a
href=\"WAN_detail.aspl\"><img src=\"images/ok.png\"></a>";}
else { print "<a href=\"WAN_detail.aspl\"><img
src=\"images/not_ok.png\"></a>";}
$p->close();%>
</TABLE></body></html>
use Net::Ping;
my $cgi = new CGI;
#print "Content-type: text/html\n\n";
print "<html><head>\n";
print "<title>WAN health</title></head>\n";
print "<body bgcolor=\"#FFFFFF\" text=\"#000000\" link=\"#FFFFFF\"
vlink=\"#FFFFFF\">\n";
#print "WAN status...";
$p = Net::Ping->new(); %>
<TABLE border="1"><TR><TH>Site<TH>Status
<TR><TD>Bulgaria<TD><%
if ($p->ping("192.168.5.1")) { print "<a
href=\"WAN_detail.aspl\"><img src=\"images/ok.png\"></a>";}
else { print "<a href=\"WAN_detail.aspl\"><img
src=\"images/not_ok.png\"></a>";}%>
<TR><TD>Greece<TD><%
if ($p->ping("192.168.4.1")) { print "<a
href=\"WAN_detail.aspl\"><img src=\"images/ok.png\"></a>";}
else { print "<a href=\"WAN_detail.aspl\"><img
src=\"images/not_ok.png\"></a>";}%>
<TR><TD>Macedonia<TD><%
if ($p->ping("192.168.3.1")) { print "<a
href=\"WAN_detail.aspl\"><img src=\"images/ok.png\"></a>";}
else { print "<a href=\"WAN_detail.aspl\"><img
src=\"images/not_ok.png\"></a>";}%>
<TR><TD>Turkey<TD><%
if ($p->ping("192.168.2.6")) { print "<a
href=\"WAN_detail.aspl\"><img src=\"images/ok.png\"></a>";}
else { print "<a href=\"WAN_detail.aspl\"><img
src=\"images/not_ok.png\"></a>";}
$p->close();%>
</TABLE></body></html>
Deal with Interruptions
Very interesting skill for IT personnel:
http://www.erudil.com/pdf/ieee2006-unabridged.pdf
http://www.erudil.com/pdf/ieee2006-unabridged.pdf
WSS 2.0 and alerts on folders
It is very confusing for users to discover that in Sharepoint when they put alert on whole folder they do not receive alerts when there are new files or files have changed in that folder. In WSS 2.0 alert will be sent only if folder itself changes (let's say name of the folder changes). It looks like it was fixed in WSS 3.0. Bad news: upgrade to WSS 3.0 is not just several clicks.
correction: it is not fixed, but slightly improved. You will receive updates if you place new files, but not when a file is updated.
correction: it is not fixed, but slightly improved. You will receive updates if you place new files, but not when a file is updated.
Tuesday, January 30, 2007
SPF record
What is SPF record? It's a nice feature that helps to fight mail spoofing.
By adding TXT field to your domain DNS let's say "v=spf1 mx -all" you can explain to other email systems that only authorised MX hosts can send email for this domain. If you are not sure you can start with SOFTFAIL "v=spf1 mx ~all"
Read more http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx
By adding TXT field to your domain DNS let's say "v=spf1 mx -all" you can explain to other email systems that only authorised MX hosts can send email for this domain. If you are not sure you can start with SOFTFAIL "v=spf1 mx ~all"
Read more http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx
Client proxy settings in Cisco ASA
New firmware 7.2(2) for Cisco ASA allows to set Internet proxy for VPN clients. Very useful feature!
Thursday, January 25, 2007
Checkpoint authentication with Microsoft Radius (IAS)
For some reasons Checkpoint VPN (R60) does not send NAS-Port-Type in authentication request. Microsoft IAS wizard by default creates policy that expects that NAS-Port-Type = Virtual. Remove this field from IAS policy and add other like NAS-IP-Address etc, to identify the VPN component
Cisco ASA bug
If your Cisco ASA WebVPN disconnects with error "Idle timeout" after few seconds then there is a solution for you: the bug has been fixed in firmware 7.2(2) - available since November 2006 from Cisco. It is quite nasty bug, because it appears only after 40+ days uptime of ASA.
Bug Id CSCse29700: http://www.cisco.com/en/US/products/ps6120/prod_release_note09186a0080780553.html
Bug Id CSCse29700: http://www.cisco.com/en/US/products/ps6120/prod_release_note09186a0080780553.html
How to show SCL rating (Junk Mail decision) of the message in Microsoft Outlook
The following is an Outlook configuration file provided by Paul Bowden that will allow you to configure Outlook to expose the SCL property. Copy the SCL.CFG text and save it as SCL.CFG (in the same location as the .ICO files, usually program files\...\office 11\forms\language ID), then follow the instructions below to install it.
SCL.CFG:
;**********The CFG file**********
[Description]
MessageClass=IPM.Note
CLSID={00020D31-0000-0000-C000-000000000046}
DisplayName=SCL Extension Form
Category=Standard
Subcategory=Form
Comment=This forms allows the SCL to be viewed as a column
LargeIcon=IPML.ico
SmallIcon=IPMS.ico
Version=1.0
Locale=enu
Hidden=1
Owner=Microsoft Corporation
Contact=Your Name
[Platforms]
Platform1=Win16
Platform2=NTx86
Platform9=Win95
[Platform.Win16]
CPU=ix86
OSVersion=Win3.1
[Platform.NTx86]
CPU=ix86
OSVersion=WinNT3.5
[Platform.Win95]
CPU=ix86
OSVersion=Win95
[Properties]
Property01=SCL
[Property.SCL]
Type=3
NmidInteger=0x4076
DisplayName=SCL
[Verbs]
Verb1=1
[Verb.1]
DisplayName=&Open
Code=0
Flags=0
Attribs=2
[Extensions]
Extensions1=1
[Extension.1]
Type=30
NmidPropset={00020D0C-0000-0000-C000-000000000046}
NmidInteger=1
Value=1000000000000000
;**********END CFG
1. Go into Tools Options Other Advanced Options Custom Forms Manage Forms
2. Hit the Install button, and choose SCL.CFG …install into your Personal Forms Library
3. Hit OK several times to return to the main Outlook screen
4. Right-click on the Column headings in your Inbox (other any other folder) and choose "Field Chooser"
5. Pull-down the scroll-bar and choose "Forms…"
6. Set focus to your Personal Forms, choose the SCL Extension Form, then click Add
7. Drag and drop the SCL property into your column headings …and voila!
- James Webster
Published Wednesday, May 26, 2004
from: http://msexchangeteam.com/archive/2004/05/26/142607.aspx
SCL.CFG:
;**********The CFG file**********
[Description]
MessageClass=IPM.Note
CLSID={00020D31-0000-0000-C000-000000000046}
DisplayName=SCL Extension Form
Category=Standard
Subcategory=Form
Comment=This forms allows the SCL to be viewed as a column
LargeIcon=IPML.ico
SmallIcon=IPMS.ico
Version=1.0
Locale=enu
Hidden=1
Owner=Microsoft Corporation
Contact=Your Name
[Platforms]
Platform1=Win16
Platform2=NTx86
Platform9=Win95
[Platform.Win16]
CPU=ix86
OSVersion=Win3.1
[Platform.NTx86]
CPU=ix86
OSVersion=WinNT3.5
[Platform.Win95]
CPU=ix86
OSVersion=Win95
[Properties]
Property01=SCL
[Property.SCL]
Type=3
NmidInteger=0x4076
DisplayName=SCL
[Verbs]
Verb1=1
[Verb.1]
DisplayName=&Open
Code=0
Flags=0
Attribs=2
[Extensions]
Extensions1=1
[Extension.1]
Type=30
NmidPropset={00020D0C-0000-0000-C000-000000000046}
NmidInteger=1
Value=1000000000000000
;**********END CFG
1. Go into Tools Options Other Advanced Options Custom Forms Manage Forms
2. Hit the Install button, and choose SCL.CFG …install into your Personal Forms Library
3. Hit OK several times to return to the main Outlook screen
4. Right-click on the Column headings in your Inbox (other any other folder) and choose "Field Chooser"
5. Pull-down the scroll-bar and choose "Forms…"
6. Set focus to your Personal Forms, choose the SCL Extension Form, then click Add
7. Drag and drop the SCL property into your column headings …and voila!
- James Webster
Published Wednesday, May 26, 2004
from: http://msexchangeteam.com/archive/2004/05/26/142607.aspx
Thursday, January 18, 2007
EICAR
I hope you know that you can test your famous antivirus by using test virus signature. Read on http://www.eicar.org/anti_virus_test_file.htm
Troubleshoot slow login and profiles in Windows XP
To create a detailed log file for user profiles:
• Start regedit and locate the following path: HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon
• Create a new value called UserEnvDebugLevel as a REG_DWORD, and set the value to 30002 in hexadecimal format.
Read on http://www.microsoft.com/technet/community/en-us/management/manage_faq.mspx
• Start regedit and locate the following path: HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon
• Create a new value called UserEnvDebugLevel as a REG_DWORD, and set the value to 30002 in hexadecimal format.
Read on http://www.microsoft.com/technet/community/en-us/management/manage_faq.mspx
4GB RAM in Windows 2003 and /PAE switch
I was surprised to see 3.5GB instead of installed 4GB in the "My Computer" properties. Where the memory gets lost?
Hopefully, by adding option /PAE into boot.ini I could increase the reported RAM size to 3.93 GB.
Read on at http://support.microsoft.com/kb/283037
Hopefully, by adding option /PAE into boot.ini I could increase the reported RAM size to 3.93 GB.
Read on at http://support.microsoft.com/kb/283037
Friday, January 5, 2007
HP racks
Warning: HP racks have standard keys, it means that anybody who has HP
rack can open any other HP rack. Nice security feature from HP!
rack can open any other HP rack. Nice security feature from HP!
Thursday, January 4, 2007
SMTP to SMS gateway
# (c) Daniyar, 2007
# mySMTP2SMS gateway prototype
# it uses GSMLIB to send SMS via GSM modem
# install it as the service
# instsrv mySMTP2SMS "C:\Program Files\gsmlib\srvany.exe"
# then add registry keys as explained in the srvany.wri
# usage:
# blat -serverSMTP 192.168.1.48 -port 8025 -f me@gmail.com -to
0796574016 -body "this is a test sms"
use Win32::EventLog::Carp;
use Net::SMTP::Server;
use Net::SMTP::Server::Client;
use Net::SMTP::Server::Relay;
print "mysmtp2sms:start...";
# create a server on IP servers external address
$server = new Net::SMTP::Server('192.168.1.48', 8025)
croak("mysmtp2sms: Unable to create server: $!\n"); # write to event
log
while($conn = $server->accept()) {
my $client = new Net::SMTP::Server::Client($conn)
croak("mysmtp2sms: Unable to handle client connection: $!\n");
# Process the client. This command will block until
# the connecting client completes the SMTP transaction.
$client->process next;
@to=$client->{TO};
$strTo=$to[0][0]; # get only 1 recepient, we do not do a lot of
check here, but you can certainly do some, suc as strip domain name,
etc.
$strTo=~ s/[<>]//g; # remove <> symbols globally
#print "$strTo\n";
#print $client->{MSG};
#print "\n";
@msg = split(/\n/, $client->{MSG}); # split message to lines in
order to cut the header
$l=scalar(@msg); # length
#print "l=$l\n";
$i=0;
$c= ord($msg[$i]);
while (($c!=13) && ($i<$l)) # look for the first empty line that
must be begining of the message body
{$c= ord($msg[++$i]);}
#print "i=$i\n";
$strMsg= join("",@msg[$i+1..$l]); # make a string from message body
without header
$strMsg=~ s/\n//g; # strip new line symbols
#print "$strMsg\n";
# call gsmlib
@arg= ("c:\\program
files\\gsmlib\\gsmsendsms.exe",'-d','COM3:','-b','115200',$strTo,
$strMsg);
system(@arg) == 0
or carp "mysmtp: system @args failed: $?"
}
print "mysmtp2sms:quit...";
# mySMTP2SMS gateway prototype
# it uses GSMLIB to send SMS via GSM modem
# install it as the service
# instsrv mySMTP2SMS "C:\Program Files\gsmlib\srvany.exe"
# then add registry keys as explained in the srvany.wri
# usage:
# blat -serverSMTP 192.168.1.48 -port 8025 -f me@gmail.com -to
0796574016 -body "this is a test sms"
use Win32::EventLog::Carp;
use Net::SMTP::Server;
use Net::SMTP::Server::Client;
use Net::SMTP::Server::Relay;
print "mysmtp2sms:start...";
# create a server on IP servers external address
$server = new Net::SMTP::Server('192.168.1.48', 8025)
croak("mysmtp2sms: Unable to create server: $!\n"); # write to event
log
while($conn = $server->accept()) {
my $client = new Net::SMTP::Server::Client($conn)
croak("mysmtp2sms: Unable to handle client connection: $!\n");
# Process the client. This command will block until
# the connecting client completes the SMTP transaction.
$client->process next;
@to=$client->{TO};
$strTo=$to[0][0]; # get only 1 recepient, we do not do a lot of
check here, but you can certainly do some, suc as strip domain name,
etc.
$strTo=~ s/[<>]//g; # remove <> symbols globally
#print "$strTo\n";
#print $client->{MSG};
#print "\n";
@msg = split(/\n/, $client->{MSG}); # split message to lines in
order to cut the header
$l=scalar(@msg); # length
#print "l=$l\n";
$i=0;
$c= ord($msg[$i]);
while (($c!=13) && ($i<$l)) # look for the first empty line that
must be begining of the message body
{$c= ord($msg[++$i]);}
#print "i=$i\n";
$strMsg= join("",@msg[$i+1..$l]); # make a string from message body
without header
$strMsg=~ s/\n//g; # strip new line symbols
#print "$strMsg\n";
# call gsmlib
@arg= ("c:\\program
files\\gsmlib\\gsmsendsms.exe",'-d','COM3:','-b','115200',$strTo,
$strMsg);
system(@arg) == 0
or carp "mysmtp: system @args failed: $?"
}
print "mysmtp2sms:quit...";
Subscribe to:
Posts (Atom)