Saturday, December 20, 2008

Microsoft's recommendations for speeding up a PC

I found this page that talks about Microsoft's recommendations for speeding up a PC. I think these recommendations are crap, but it's something:

Friday, December 19, 2008

sqldumper library failed initialization message

After uninstalling Business Contact Manager in certain situations, you'll get an error of "sqldumper library failed initialization" - the simple way to fix that is change the service 'SQL Server VSS Writer' from automatic to manual. Then the error goes away

Tuesday, December 9, 2008

turning off numlock at startup

To turn off numlock for the occasional computer that has numlock on when you are on the log on screen:

Set Numlock State on Startup


HKEY CURRENT USER\Control Panel\Keyboard\InitialKeyboardIndicators

0 = numberlock off
2 = numberlock on

If you want the numlock on at the welcome screen you also need to change:

HKEY USERS\.DEFAULT\Control Panel\Keyboard\InitialKeyboardIndicators same number values as above.

Monday, December 8, 2008

Remote web workplace connect to my computer at work has issue

If you are getting an error about the remote web workplace not having the necessary ActiveX control when trying to use remote desktop from Remote Web Workplace:

Then you can fix that by going to Tools -> Manage Add-ons -> Enable or Disable Add-ons

And then enable ‘Microsoft Terminal Services Client Control (redist)’

Saturday, November 22, 2008

iPhone setup for Exchange Activesync

As long as your phone has 2.0 firmware or better, the iPhone supports Exchange Activesync. Here is how to set it up:

Click Settings
Click Mail, Contats Calendars
Click Add Account
Click Microsoft Exchange

As requested:
Enter your full email address
Enter your username (usually the part before the @ sign in your email address)
Enter your email password

Hit Next

A box should pop up asking you for your server. Enter your server name (usually your webmail URL).

Hit Next.

If all goes well, it will say that your account is verified. Tell it to sync your mail and/or contacts and/or calendar.

Thursday, November 20, 2008

Free Antivirus options

Of the dozens of antivirus software products on the market, there are a few open to residential users for free (there's no product I know of that a commercial entity can use without violating the end user license agreement).


1) Avast Antivirus Home Edition
2) AVG
3) Avira Antivir Personal

Sunday, November 16, 2008

setting up BackupExec to notify on backup failure

Here are the steps to making BackupExec send email notifications of failure (instructions for BackupExec 11)

Tools -> Email and Pager notification
Setup the SMTP Configuration tab as needed

Tools -> Recipients
New -> Person
Set the email up as needed

Open the job in "job setup"
Click on notification and set up the user you created to receive notifications

Adjusting memory threshold to get rid of allocated memory alerts

I get allocated memory errors on all my SBS boxes from time to time. There can be reasons that is happening, but on most of my boxes, that is not the case. You can adjust the alert thresholds by using the helath monitor in the MMC:

Tuesday, November 11, 2008

how to handle email after an employee's departure

When an employee chooses to leave or is asked to depart an organization, there are five main options that most organizations choose from:

1) the email address is directly forwarded to another staff member who will sort through it and forward personal emails to the departed employee

2) We put up an autoreply that says “for company related items, email 'this staff member' at this address, for personal related items, email the former employee at this address”

3) A combination of 1 and 2 where we forward all emails to another staff member and we put up an autoreply that essentially says "this employee has left the organization, but your email has been forwarded to [name], who will handle your email appropriately"

4) We allow a non-departing staff member to open the departed employee's mailbox as an extra mailbox where the non-departing staff member can view the departed employee's emails in an inbox separate from his/her own.  This can be used with or without an autoreply on the departed employee's mailbox.

5) We delete the former employee’s address so people get a bounceback when they email that address

Saturday, November 1, 2008

Dealing with corrupt Exchange information stores

Here is Microsoft’s official process of dealing with corrupt information stores:

Often, you can just run an eseutil a couple times on the private information store (but you must make sure that there is at least 20 GB free on the partition you’re running the eseutil on). Here is what you normally run in what order:

Eseutil /r e00 /i

Eseutil /p “d:\exchsrvr\mdbdata\priv1.edb”

Eseutil /d “d:\exchsrvr\mdbdata\priv1.edb”

isinteg –fix

Friday, October 31, 2008

sbsbackup fails with "Script.bks" cannot be found.

One of my SBS boxes had its SBSbackup jobs fail nightly with the following info:


Backup Runner started.
Launching NTBackup: ntbackup.exe backup "@D:\Program Files\Microsoft Windows Small Business Server\Backup\Small Business Backup Script.bks" /d "SBS Backup created on 10/30/2008 at 11:00 PM" /v:yes /r:no /rs:no /hc:off /m normal /j "Small Business Server Backup Job" /l:s /f "H:\backup4\Backup Files\Small Business Server Backup (04).bkf" /UM
NTBACKUP LOG FILE: C:\Documents and Settings\SBS Backup User\Local Settings\Application Data\Microsoft\Windows NT\NTBackup\data\backup05.log
The saved selection file "Script.bks" cannot be found.
The saved selection file "Script.bks" cannot be found.
NTBackup finished the backup with errors.


Apparently, the problem is that selections are invalid - which is strange because I didn't change anything. The solution turned out to be:
1. Start -> Run -> NTBackup -> Advanced Mode -> Backup tab -> Job -> Load

2. Select Small Business Backup Script.bks

3. Click OK on the error message:

Some invalid selections found in C:\Program Files\Microsoft Windows Small
Business Server\Backup\Small Business Backup Script.bks.

4. Job -> Save Selections (overwrite --> Small Business Backup Script.bks)

It seems like this is related to a recovery storage group causing backup trouble.

Monday, October 27, 2008

Sunday, October 26, 2008

Saving a youtube video and/or converting an FLV file to a WMV file

You can save a youtube video with this site:

But when you save it, it comes as an FLV file. You can use some weird players to play that file, but you can also convert that file to a WMV file, which is so much easier and useful.

This tool can convert FLV to WMV:

Basically, unzip it and then from a DOS prompt, run:
ffmpeg -i file.flv newfile.wmv

Tuesday, October 21, 2008

opening an AcerPower FH case

I spent half an hour today trying to open an AcerPower FH case to replace the power supply.  I knew I had done it before and it required taking off the top cover.  I could take off the normal side cover, but not the top cover.  

In order to take off the top cover, you need to remove the front face of the computer.  To do that, there are the small plastic clips on the inside of the case similar to some Dells I have seen.  Open up the side and find the three small plastic clips and push them in while slightly pulling out on the front face.  The front will open like a door (one side swings a bit while the other side is free).

You also have to take off the other side of the case.  In the case I'm opening today, this took a tremendouse amount of muscle.  There were no screws holding in, but it took effort to remove it.  In face, I had to take off the front cover and push the other side case with a flat head screwdriver to get it off, I could not pull it off from the back.

So in summary, this is the order I would use if I could go back in time:

Remove the two big black screws to get the main side door off.
Push the plastic clips near the front of the case in to take off the front cover.
Remove the two silver screws in the back holding the other side door on.
Push the side door off.
Remove the one screw on each side that is holding on the top cover.
Remove the two screws in the front and back that are holding on the top cover.

Thursday, October 16, 2008

configuring pre-4.0 Blackberries to BES

Yesterday, I was setting up a Blackberry 7290 to use the BES box I had created.  The BB was running version 3.8 of the device software so it couldn't use over the air enterprise activation.  After searching, it was just as simple as reinstalling the the BB desktop software and when prompted during the install - tell it to use a BES/corporate server.  I had already created a user on BES for the user who was on this BB - but I don't know how necessary that was.  It seemed pretty easy upon that install, which was nice.

Monday, October 13, 2008

what kind of laptop should I get?

One question I get all the time is - what kind of laptop should I get?

That question is no more easy to answer than what kind of car should I get . . . 

There are many manufacturers with many models with different attributes and price ranges.  I'll try to make this entry non-brand specific and able to be used in the future without mentioning models available the day I'm writing this.

In my opinion, the two most important factors when deciding which laptop to get are price and weight.  Of the hundreds of options you have, this will narrow down your choices significantly.  Most laptops weight between 3 and 8 pounds.  Generally (but not always), the heavier a laptop is, the less expensive.  Generally (but not always), the larger the screen is on a laptop, the heavier it is.  Cost is always a factor.  Generally, most laptops cost between $700 and $3000.  For the most part, you get what you pay for.  In addition to the cost of the laptop, you also need to think about software.  Laptops almost never come with software (such as MS Word).  You often need to buy that separately.

So the next step is to figure out where you are in the aforeomentioned categories.  What is your weight limit and what is your price limit?  Knowing that, it's time to start looking at what is available to you.  My favorite places to look are PC Connection and Dell.  PC Connection is an online retailer that sells virtually all brands of off the shelf laptops (made in a factory to certain predetermined specs).  Dell is the leading seller of made to order laptops (you choose the specs of your laptop and they build it for you to your specs).  PC Connection sells all brands of laptops (except Dell and a small minority) and Dell sells only Dell laptops.  But between the two you are probably looking at 90% of the laptops available.  

With PC Connection, you can look at laptops by weight and by price.  For Dell, it takes a but more fine-tuning.  For Dell, look at the screen sizes and use these approximations of weight.

17" screens - 7 pounds
15" screens - 6 pounds
14" screens - 5 pounds
13" screens - 4.5 pounds
12" screens - 3.5 pounds

Hopefully, this will lead you to what model and brand you want.  Now, you need to think about software, operating system, memory, and warranty.  For software, most people would order a version of Office: Home and Student for home or academic use, Professional (for office use), or try one of the free options like OpenOffice.  A quick google or Amazon search will give you appropriate pricing.  If Windows XP is still available as you read this, you will want Home for home users or Professional if you'll be using it in an office environment.  If you are choosing Vista, you'll choose between Vista Home Premium for home users or Vista Business or Ultimate for an office environment.  You do not want Vista Basic.  Lastly, you'll need memory.  You want 1 GB or more of memory for XP and 2 GB or more of memory for Vista.

You can always go to a Best Buy to look at laptops - which is also an option, and it's what a lot of people do.  What I listed above is how I shop for laptops and how I shop for my client's laptops.  If you have additional questions, please fee free to email me.

Monday, October 6, 2008

fix for WinXP2008 virus and xpsecuritycenter

I haven't tested this yet honestly - but an associate gave me this batch file saying that it would clean out the WinXP2008 virus if you run it in safe mode.  True?  Not sure yet.

Monday, September 15, 2008

making a Blackberry behave like a Treo or Windows Mobile device

By default, Blackberries mix in the sent items and contents of subfolders in one giant mailbox on the Blackberry. I hate that behavior. I'd much prefer it to act like a Windows Mobile device where you only see the inbox and its contents. On a Blackberry, you have the added benefit of being able to see sub-folders and sent items through this method. In addition, I hate the default behavior of items deleted on your BB remaining in your inbox. It's much better with wireless sync of the BB and the inbox so that the two always show the same content.

Step 1:
Turn on "delete on mailbox and handheld"
Go to your Messages folder, push the menu button and go to options.
Go to Email reconciliation and make the value for 'delete on' to be "mailbox & handheld"

Step 2:
Turn off showing filed and sent messages
Go to your Messages folder, push the menu button and go to options.
Go to General Options and make the value for 'hide filed messages' to be "yes"
Make the value for 'hide sent messages' to be "yes"

Sunday, September 14, 2008

NTLDR missing - solution

I reformatted a Dell laptop the other day. Long story short - this recovery partition took the C drive and the system partition was located on D.

I tried to take the C partition and give it another drive letter. Well, I rebooted and I got NTLDR missing. After research, I created a bootable CD from here:

And I was able to use it successfully to fix the issue.

Friday, September 12, 2008

Installing the SQL instance for Blackberry Professional correctly

There is a small trick to getting the SQL to work in Blackbery Professional. It's given me trouble twice, so I decided to document it.

The SQL database window that comes up is missing some data - what it's missing is the \database name. Here is an example of a SQL configuration that worked for me (I used SQL Express 2005 for my db engine).

Thursday, September 11, 2008

changing permissions as needed for exmerge to work

When you download exmerge, it doens't work - which is stupid. First you have to copy the files to %Program Files%\Exchsrvr\bin so that it can find all the necessary DLLS. But then you have to change some permissions on the information store.

This page talks about it, but not completely:

Basically, it works like this. Open Exchange System Manager. Drill down to First Storage Group and then Mailbox Store. Right click on Mailbox Store and choose Properties. Go to the security tab. Click Advanced. Uncheck "allow inheritable permissions from the parent . . . " and choose copy.

Click OK. If you get a warning about permissions and denying permissions or number of permissions, so be it.

Now, for each user AND EACH GROUP THEY BELONG TO clear the deny right for send as and receive as.

So when I wented to allow the administrator user to do an exmerge, I cleared the deny box for send as and receive as for:

domain admins
enterprise admins

After I did that, I was able to do an exmerge.

Saturday, August 23, 2008

dealing with malware that alters display properties

Over the past two weeks, I've seen three pieces of malware that alter the display properties in Windows XP. In each instance, I was able to get rid of malware with Symantec AV 10.1 and then Avast Antivirus 4.8. But the display properties remained changed.

In one instance, it created a strange screen saver that emulated a BSOD. In another instance, it changed the wallpaper to a spyware warning. But the weird thing is that if you go to the display properties, the necessary tabs you need to reverse those problems are gone.

Best course of action is to use this wallpaper hijacker remover:

Here is what an altered wallpaper looks like:

Sunday, August 17, 2008

Sharepoint publicly accessible breaks SBS IIS components?

I'm implementing SharePoint for a client, and they want it to be publicly accessible on their SBS box. As such, I installed SharePoint 3.0 and told ran the "Configure E-mail and Internet Connection Wizard" and told it to configure the firewall and to allow access to the Windows SharePoint Service intranet site. After that, things still worked, but when I ran the "SharePoint Products and Technologies Configuration Wizard" - it created the web site "SharePoint - 80" in IIS Management.

With "SharePoint - 80" in place, OWA does not work, nor does RPC over HTTP. In fact, with "SharePoint - 80" in there, the default web site shows as "stopped." When you try to start the default web site, it says "the process cannot access the file because it is being used by another process." Very strange.

Wednesday, August 13, 2008

allowing SRP on a BB server on an SBS Premium box

I'm documenting my own confusion here, as I know it'll come up later.

When creating a Blackberry Professional Express server, it needs to have SRP access to the Blackberry servers (port 3101). They have a test for this connectivity here:

c:\Program Files\RIM\BlackBerry Enterprise Server\Utility\BBSRPTEST.EXE

I was having trouble with getting port 3101 to connect to the RIM server, and then I thought I made some firewall changes to make it work - but even after disabling the firewall changes I made, it still worked - so I figure it worked without my assistance. For my own knowledge . . .

I opened up port 3101 outbound to all addresses and I made sure the SBS Internet Access Rule was set for all users and was not set to read only for FTP. I made these changes and then it worked. Then I disabled all these things, and it still worked. I have replicated this issue multiple times. Very strange.

This is what the test gives you when it's successful:

c:\Program Files\RIM\BlackBerry Enterprise Server\Utility>BBSrpTest.exe
NetworkAccessNode is
Attempting to connect to (, port 3101
Sending test packet
Waiting for response
Receiving response
Checking response

Monday, August 11, 2008

completely uninstall SBS Monitoring and Reporting

I uninstalled and reinstalled SBS Monitoring and Reporting to resolve a SQL issue with it today. And I referenced this blog post from someone else:

1. Control Panel -> Add Remove Program -> Windows Small Business Server 2003.
Set Server Tools to Maintenance. Set Monitoring to Uninstall and continue the setup process.
2. Control Panel -> Add Remove Program -> Microsoft SQL Server Desktop Engine (SBSMonitoring) -> Remove.
3. Rename the C:\program files\Microsoft SQL Server\MSSQL$SBSMONITORING Folder.
4. Reboot the server.
5. Control Panel -> Add Remove Program -> Windows Small Business Server 2003.
Set Server Tools to Maintenance. Set Monitoring to Install and continue the setup process.
6. Reboot the server.
8. In Server Management Console -> Monitoring and Reporting: run the "Set Up Monitoring Reports and Alerts wizard”

Saturday, August 2, 2008

increasing the number of PPTP users allowed on an SBS box

By default, an SBS box only allows 5 concurrent PPTP VPN connections. You can increase it by going to administrative tools -> routing and remote access and going to Port Properties as seen below:

Thursday, July 31, 2008

WSS v3 upgrade - SBS needs in place upgrade

After spending 3 hours troubleshooting why I couldn't get SharePoint v3 on an SBS box, I found that the problem was the you CANNOT do an in place upgrade. You have to do a side by side install as per this Official SBS Blog entry:

BES install guide for SBS 2003 or Domain Controller

This content is reproduced for future reference from:

Gary's BES install guide for SBS 2003 or Domain Controller

1. Ensure the port 3101 TCP is open on the firewall (Outbound ONLY).

2. Create a new user called BESadmin and ensure you create a mailbox. Ensure this user is ONLY a member of "Domain users"

3. Make BESadmin a local Administrator of the server. This is done in AD via the "Built-in" Administrators group

4. Go to Admin Tools on open "Domain Controller Security Policy" and expand the "Local Policies" and "User Right Assignment". You need to add BESadmin to "Allow Log on Locally" and "log on as Service".

5. Open Exchange System Manager and right mouse click on "DOMIANNAME (Exchange)" and select Delegate Control. Follow the steps and add BESadmin as an Exchange View Only Administrator.

6. In Exchange manager expand the servers folder and right mouse click on your server and select properties. On the properties windows select BESadmin and add the permissions "Administer Mailbox Store, Receive As, Send As"

7. Open Active Directory and from the View menu select "Advanced Features". Then go to each user that will be added to the BES and open their properties, go to the security tab and add the user BESadmin and add the security permission "Send As". (This will overcome some MS patches that prevent BES sending emails)

8. Log on as BESadmin and install the BES software, normally you just install "BlackBerry Enterprise Server" as most sites don't use the MDS services (MDS is a much heavier install). Follow the prompts of the install and the server will be required to restart half way through the install. Restart the server and log back on as BESadmin and the install will continue. (Make sure the Connect Test works and the SRP ID etc is validated during the install)

9. After the install is finished open BlackBerry Manager, an error will appear about MAPI client which you can just hit OK. The MAPI setting windows will appear so just add the server name back in and select "Check Name", if it resolves just hit OK and the manager will start.

10. Within Blackberry Manager click on Blackberry Domain in the left column and then the users SERVERS tab in the center section, select your server within this tab and view the properties below. Ensure that "SRP Status:" is Connected (This can take a few minutes the first time so refresh the screen a few times). Once your status is connected you can start adding users.

11. Within Blackberry Manager click on you server name in the left column and then the users TAB in the centre section, just add a user and the click on that user. You will see all the users’ properties and a drop down menu called "Service Access” and select “Set Activation Password” and set a password of “a” for example.

12. Turn on you BlackBerry device and ensure Wireless is enabled. Go into “Options/Settings” and “Time & Date” and set the correct zone and time etc. Then from the home screen go to enterprise activation and enter the users email address and enter the password that was set in step 11. Press the track wheel and select Activate. Within a minute you should get data returned which indicates the process is functioning correct.


Note: Sites running SBS 2003 premium will need to change the BES "Web Server Listen Port" from 8080 to another available port (e.g. 8090 or 9090) as soon as it is installed. This port needs to be changed as the BES Web Server will be listening on the same port as ISA. To change this setting open Blackberry Manager, select MDS and then "edit Properties" and change the "Web Server Listen Port" to the desired port number.

a. Also ensure you review the IT Policy in BlackBerry Manager. This can be found in BlackBerry Domain > Global TAB > Edit properties. It is recommended that in the IT Policy you go into “Device Only Items” and set “Enable WAP config” to FALSE, this will force user to use the free browser (It uses the internet connection of your BES server). It is also highly recommended that you configure a password policy prior to rolling out any handhelds.

b. If you are unable to activate devices wirelessly you can test your connectivity to Blackberry buy running the following app from the command prompt:
C:\Program Files\Research In Motion BlackBerry Enterprise Server\Utility\BBSrpTest.exe
This will send a signal to BB and wait for a response, it this fails check your firewall settings (open and/or direct port 3101 TCP to you BES server)

c. If you have Domain Admins using BlackBerry devices you may have to run the following script if you are unable to send email for those users devices:
dsacls "cn=adminsdholder,cn=system,dc=domainname,dc=c om " /G "DOMAINNAME\BESadmin:CA;Send As"

Thursday, July 17, 2008

help and support missing on server

I found a Win2k3 SBS box today that had it's help and support feature down which did not help when I was looking up errors from the system log. I found this article which talks about help and support being removed after installing SP 2 on Win2k3. This link will help reinstall it:

1. Open a command prompt.
2. Navigate to %windir%\PCHealth\HelpCtr\Binaries
3. Run this command:

start /w helpsvc /svchost netsvcs /regserver /install
4. Once this command completes the Help and Support service should now appear in services.msc
5. Start the Help and Support service

Sunday, July 6, 2008

increasing the age of populated messages in BB folders

Article KB11632 dicusses how to increase the number of email messages that appear during the enterprise activation process and message pre-population.

That info is here:

Friday, June 27, 2008

some Mac set up concepts

Setting up access to a Windows server:

Go -> Connect to Server and put in cifs://aaa.bbb.ccc.ddd - it's the same as smb

Setting up Entourage 2008 with an Exchange server:

When Entourage first opens up, it asks you what kind of server you are on. Cancel out of that. You are not able to get through that without entering a valid LDAP server that you can log on to.

Instead, go to Tools -> Accounts and create a new Exchange account.

Account ID, domain, and password are self explanatory and the only other field that is required is the Exchange server field, where you can use the URL for webmail (including the HTTPS and the /exchange at the end).

Setting up VNC on a Leopard Mac:

Thursday, June 26, 2008

making BlackBerry show contents of subfolders

On your BB . . .

From messages, Options, Email Settings, Menu -> Folder redirection.
Make sure whatever folders they want the BES checking have a check mark.

Tuesday, June 24, 2008

Sharepoint error: ‘Edit document’ requires a Windows SharePoint Services-compatible application and Microsoft Internet Explorer 5.0 or greater

I had a user get this error when trying to edit a Sharepoint doc:

I read the necessary article from MS, and it was no help:

but then I found this article:

which said that owssupp.dll add-on in IE could be disabled, which in fact was the case. So I enabled the owssupp.dll add-on in IE and then Sharepoint acted normally.

Monday, June 23, 2008

uninstalling Office 2003

Long ago, I stopped installing Office from CDs. There were too many instances where I was doing something with Office (uninstalling, running it for the first time on a new profile, or accessing some feature) where it wanted the original install CDs. So I started either installing it from the network (for desktops) or installing it from a folder on the HD where I had copied all install files.

I thought that this problem went away with Office 2003 - so it did not ask for CDs after the original install. But twice in two weeks I was proven wrong. These were both on installs I did not do since I still to this day follow my Office install methods even though I had thought they were no longer necessary.

Anyway - in each ocassion, I was doing an uninstall, and it wanted the original install CDs. And of course, the god damn install files are different for an OEM CD and a retail CD. I'm just bitter because today I was doing an uninstall remotely and I had to retrieve about 30 CAB files remotely (I found this site - which was immensely helpful, even though it didn't have quite all the CAB files I needed, the rest I FTP'd to myself) -

So the lesson for today is - keep installing from sources you will always have access to. You won't regret it.

Tuesday, June 17, 2008

run the setup wizard on Blackberries

I'm still not a Blackberry guy, but . . .

In this particular case, I'm setting up a T-Mobile BB Curve (BB 8300). There is no Enterprise Activation icon. So I troubleshoot and find this:

The tips listed below are items that will help you if you have received an error message while attempting an Enterprise Activation or if you are unable to find the Enterprise Activation option.

  • If this device is a "re-activated" device, check the software version. You can do this by going to Options (the wrench), then choosing About. The software version must be at least v4.0 or 2.7 (Java & C++ devices respectively). If your software does not meet this standard, you must upgrade it. The software is device specific and is generally provided by the wireless carriers support pages.
  • New devices and re-activated devices all need data service, this data service generally accompanies a phone service (even if the phone portion isn't going to be used). You must always be sure to activate your phone with your wireless carrier. Most carriers have some type of activation process you will need to follow. An example would be Verizon, who requires that you dial *228 and follow the prompts to program your new phone.
  • Registering on the data network is the next step. You can do this by going to Options > Host Routing Tables, then clicking in on the scroll to receive a side menu that will give you the option of "Register Now". Choose this option by clicking on the scroll, and when the registration is complete you will receive a message in your Messages folder that will indicate that it is finished.
  • Check with your wireless carrier to ensure that you have applied the correct data package to your device. A good example of this type of situation is T-Mobile, who requires a special Enterprise Package which enables you to use a Blackberry Enterprise Server.
In addition, as per some other troubleshooting I did on a BB 8800, you really should run the setup wizard on on your BB's home screen. Most of it is meaningless, but the last step asks if you are going to run enterprise activation. For this 8300, I told it I wanted to use Ent. Act. and it gave me the appropriate screen. However, it didn't work. Perhaps that's becuase right before that, I followed a step from the list above and called T-Mobile to request the Enterprise package for this device, and they said it would be active 10 minutes to 48 hours from that point.

Friday, June 13, 2008

uninstall TrendMicro Messaging Suite Client without the password

I loathe the Trend Micro Messaging Suite. But I had an instance today where I had to uninstall the client version of the program from a laptop. The thing about this program is that it requires the Trend Micro administrator's password to uninstall it. This was put in place by someone else, so I didn't have it. I found this trick to having it not ask for the password:

Find HKLM\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc. and set "Allow Uninstall" = 1

Tuesday, June 10, 2008

Windows XP SP 3 won't install with KB 925877 installed

For some insane reason, Windows XP SP 3 won't install if you have a certain hotfix/patch installed. There's no way to uninstall it, but I found this workaround - which worked fine:

When installing today Windows XP SP3 from Microsoft Update, I got an error message immediately after it began downloading the update. Tried downloading the entire package from the Microsoft Download Center and after unpacking the installer, I got an error message saying that I needed to uninstall KB925877, a package related to remote desktop connection.

If you have installed the latest version of RDP, then you must have installed the package KB925877, but this package is not visible on the Add/remove programs, so you can't uninstall it on that location, you must search on the registry editor and delete the corresponding registry.

The exact path is HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Hotfix\KB925877.

Just delete the registry and try installing SP3 one more time, it should run fine and won't give you any other error messages.

Friday, June 6, 2008

don't forget reverse DNS

I recently built a mail server for a client. It went as smoothly as it could have . . .

until I started getting reports of delays and undeliverables from AOL addresses and Juno addresses. I had forgotten to set up a reverse DNS entry. Frankly, I think a reverse DNS entry (PTR entry) is a meaningless way to address spam issues - but what can you do?

Someone seriously needs to take the lead and start enforcing SPF records. Anyway, don't forget to create reverse DNS entries. And in case anyone other than me ever reads this blog - a reverse DNS entry is created by your ISP - not your DNS host.

Thursday, May 29, 2008

ESM: Public folder says "the token supplied to the function is invalid"

I was creating a mail enabled public folder today, and I had to go into ESM, right click on it and check it out, but I got this error:

After some research, apparently it has something to do with the SSL cert. Anyway, this was the solution:

Remove SSL from the Exadmin virtual root in IIS:
1.Click Start, point to Programs, click Administrative Tools, and then click Internet Services Manager.
2.Click your server, and then expand the Web site that contains the Exadmin virtual root (the default Web site is "Default Web Site").
3.Right-click Exadmin, and then click Properties.
4.Click the Directory Security tab.
5.Under Secure Communications, click Edit.
6.Click to clear the Require secure channel (SSL) check box. If Require 128-bit encryption is shaded, click to select Require secure channel (SSL), click to clear Require 128-bit encryption, and then click to clear the Require secure channel (SSL) check box again.
7.Click OK two times.
8.Restart Exchange System Manager.

Saturday, May 24, 2008

DHCP Server not functioning - disable RPC filter in ISA

I found a weird situation on one of my SBS servers where DHCP wasn't working. When I went into the DHCP management console, I saw this:

After some investigation, I had to disable this RPC filter in the ISA firewall. Of the 9 SBS boxes I manage that all serve DHCP, this is the only box I've ever had to do this with. So weird. Here is the RPC filter in application filters I had to disable:

Sunday, May 18, 2008

Hundreds of underliverable emails you never sent

This blog entry's goal is to give a lay person's explanation as to why a user might be receiving hundreds of delivery failures for messages that he/she never sent.

Email is insecure and very exploitable. This is a fact. The standard for email was designed in the late 60s and early 70s, long before spam and other types of abuse existed or were even thought of. Today, we live with the repercussions of the insecurity and exploitability of the original designs of the email standard. For more detail on the email standard and why it's exploitable, please see my advanced user's explanation (forthcoming as of 5/18/08).

What's happening is that an unethical spammer somewhere in the world has set up his/her own email server and is sending out spam. The exploitability of email is that this spammer can send out emails with any email address he/she wants. He can use; he can use; he can use The spammer can send using any address he/she wants - but the email standard does not require that the spammer be a legitimate sender of that domain. The email standard also does not require that the receiving email server check to see that an email is coming from the legitimate server for that domain.

So the spammer can send emails to anyone he/she wants with YOUR address. He/she can be doing that from his/her house in China, Norway, or next door. We have no control over this because it can be done from anywhere in the world. And this spammer is sending emails potentially with YOUR address (as well as other people's addresses) to other people. This process does not involve your server and is not disallowed in the email standard, so we have no control over it.

In these instances where a user gets several hundred undeliverable emails ... the spammer sends out spams to a random list of email addresses (many of which do not exist). And then the recipient's email server sends a bounceback to the sender's address (your email address) that says "undeliverable - this address does not exist."

So what can be done about this? Not a lot, unfortunately. The spammer is taking advantage of an exploitable part of the email standard. It may be unethical and improper, but it's not preventable.

The standard way to deal with this issue is to ignore the emails. Oftentimes, the spammer will send out 200 to 500 of theses emails over a period of 2 to 5 hours and then stop.

For additional questions on this issue, please email me:

Thursday, May 8, 2008

Rescue and Recovery takes up huge amounts of room on Lenovos

I'm working with a Lenovo ThinkPad T60 right now. It has a 68 GB hard drive with only 5 GB free. After some investigation, I found a folder called RRBackups was taking up 22+ GB of space. It's supposed to be some kind of baller additional backup program. Well, I have my own backup scheme, I don't need this one. So I uninstalled it, rebooted, and then deleted the RRBackups folder and voila - there is now 27 GB free on the drive.

Wednesday, May 7, 2008

Google Desktop disables Outlook from being able to open MSG files

I got a call from a client today who said she couldn't open attached email messages. Meaning when someone forwarded her an email and it would appear as an attached .MSG file, she could not open it. On site, I copied the MSG file to the desktop, and I couldn't open it there either. After some research, I came across this:

After upgrading to the newest version of Google Desktop, the problem went away. How strange.

Friday, May 2, 2008

Virtual Private Network Connection option is greyed out when creating a VPN

I had set up a VPN for a user, but when she tried to use it today, the option wasn't there. There were no VPNs. I decided to create it again, but when creating a new connection, the option for Virtual Private Network Connection was greyed out. So weird. After some research, it turns out that her remote access connections service had been disabled. Looking at my XP machine, it should be set to manual, and then it works correctly.

It should look like this:

Thursday, May 1, 2008

Network adapter order

The first time I came across this problem, I was flabbergasted. I had a laptop that was connected to a wireless network and had a wired ethernet cord plugged in. It was using the wireless for all its network connections. From then on, I have checked the network adapter priority on each and every laptop I see. On Vista and XP, I still see the occasional laptop with wireless a high priority than a wired connection. There is NO scenario where that makes sense. Anyway, here is how you change it.

Network Connections -> Advanced -> Advanced Settings

Then you just change the order of the network adapters in the top box here.

Wednesday, March 19, 2008

setting up an SSL cert on an SBS machine with an ISA 2004 firewall

Setting up an SSL certificate on an SBS machine is not hard, and it's in a previous blog.

But there are some additional steps if you also have ISA 2004 on that machine. If you don't make the small, but necessary adjustments you get this error page:

Go into the web listeners in ISA Management and change the certificate that ISA is using
change the TO name in the web listeners (located in the firewall policies for each web publishing rule – SBS OWA web publishing rule, SBS Outlook via the internet web publishing rule, and several others) from publish.domain.local to

And you also need to create a host file entry that pointed to the INTERNAL ip, when you ping it normally, it resolves to the external IP.

Thursday, March 6, 2008

Adjustments needed to make a Bomgar box work on an XP Pro machine in a workgroup

I just got a Bomgar box,, and I wanted to keep track of the changes needed to make an XP Pro box in a workgroup work with Bomgar. Here are the simple instructions with a screen shot of what the final setting should look like:

click ‘Start’ >> ‘Run’ >> type ‘secpol.msc’, once the security policy tool opens, drill down to ‘Security Settings’ >> ‘Local Policies’ >> ‘Security Options’, and finally ‘Network access: Sharing and security model for local accounts’.

Set it to Classic so it looks like this:

Sunday, March 2, 2008

Switching primary monitor on a laptop with an ATI video card

  1. Go to Start Menu->Control Panel.
  2. Either click on "Display" if present or "Appearance and Themes" then "Display" (if you are in category view).
  3. Click on the "Settings" tab.
  4. Click "Advanced".
  5. Click the "ATI Displays" tab (if this tab is not present you should update your video drivers).
  6. Switch the monitors labeled "1" and "2" by clicking the "1" where the "2" is selected or vice versa.
  7. Press "Apply" to apply your change.

Monday, February 18, 2008

Word template,, can still get corrupt

It had been a while since I had seen a corrupt until yesterday. Word would only open in safe mode and I got this error in the application event log:

event id 1000

Faulting application winword.exe, version 11.0.8202.0, stamp 47420667, faulting module winword.exe, version 11.0.8202.0, stamp 47420667, debug? 0, fault address 0x008dd26c.

For more information, see Help and Support Center at

All I did was delete the user's and then it was fixed.

Wednesday, February 6, 2008

storing Office CD key in setup.ini file

Doing Office installs became so much easier when I found that I could store the CD key in a way so that it would populate during the install so that I didn't have to type it in manually.

In x:\files\setup\setup.ini - find the [options] section and add in values as appropriate (you can also add company name, which is nice):

; The option section is used for specifying individual Installer Properties.
USERNAME=User name
COMPANYNAME=Company name

Please note the PIDKEY - which is the CD key is added with no dashes

Tuesday, February 5, 2008

Using Shadow Copies on Windows Server 2003

I have been vaguely aware that shadow copies are a means of recovering files without going to back up, but when I had a user request a file that she had deleted today, I decided to look into it. For Windows 2003 shares, you can recover deleted or saved/changed files BUT shadow copies has to be enabled first. In this particular case, shadow copies was not enabled. But here is how you do it:


Shadow Copy is only available on Server 2003 machines and naturally you need NTFS (not FAT32). Configuration is easy, just click on the root of the any drive, Select a Volume, now press the Settings button. A crucial point is that Shadow Copy only works on network shares, and not on plain un-shared folders. So in passing, note that the number of shares for each volume. 'Best Practice' suggests that you place the 'Shadow' on a separate disk or at least on a separate partition. Personally, I would dedicate a disk to this service thereby improving performance. To change the drive, select the 'Details Button'.

Microsoft provide a schedule of two shadow copies a day, at 7:00 am and 12:00. You may wish to adjust these timings. When you select a schedule bear in mind that when you reach 64 shadows, the system starts over-writing. So make a calculation of how far back you would like to keep copies. My point is that if you go mad and schedule every hour, then you will start over writing within 3 days. Is that desirable? Would you want copies to be over-written so soon? I think not both on the grounds of load on the server and on how long you would want to retain previous versions.


And then once it is enabled, here is how a user could retrieve files:


To Recover a Deleted File

  • Drill down to the folder the file was deleted from.
  • Click in the list and then right-click the mouse to select Properties from the bottom of the menu. Select the Previous Versions tab from the Properties dialog box.
  • Select the version of folder that contains the file before it was deleted. Then click View. This will open the folder showing you the last saved version of the file. You can now select the file and drag and drop or cut and paste it from the folder to the target destination.

It is easier to recover a corrupt or overwritten file because you have something to select in the folder:

  • Right-click the bad file and click Properties.
  • Select Previous Versions as described above. To view the safe version, click View. To copy the old version to another location, simply click Copy and to replace the current version with the older version, simply click Restore.

Thursday, January 31, 2008

Embedding video into a Powerpoint

I already know how to embed an audio file into a Powerpoint (see previous blog entry) - but I had never needed to put video into a Powerpoint until today. I wasn't successful in making this work right - but it seems sound. Here are instructions for embedding a video into Powerpoint:

–Save video or video segment to your computer
–View > Toolbars > Control Toolbox
–Click on More Controls (hammer and wrench icon)
–Scroll down to Windows Media Player
–Draw a box that will become the image below
–Right click on the media player > Select properties
–Click on the empty cell next to “Custom”
–Browse for your video > Click OK
–In slideshow mode, you will be able to play the video embedded with controls like rewind, fast forward, sound, etc.
–You can also right click to open more menu controls, like View > Full Screen

Thursday, January 24, 2008

Outlook not opening with "the operation failed due to an installation problem"

Interesting issue today . . .

I had a user who logged into a Win XP computer (with Office XP and Outlook 2003). When the user logged in and opened Outlook, he got this:

The weird thing is that all users (I tried several others, all local administrators) got this same error. But I know that I set up a user on Outlook about 2 months earlier. When looking in the application event log, I saw this:

After some research, it turned out that I had to add a DWord key of UserData with a hex value of 1 in HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook. So it looked like this:

And then it worked. I feel like I'm going to have to keep creating this key for all users in the future. Perhaps, I should uninstall and reinstall - but not today.

Wednesday, January 23, 2008

WLAN driver causes BSOD only on WPA network

I ran into something very strange today. I had a ThinkPad T41 that was getting intermittent blue screens of death. I ran hardware diagnostics, and they all came up with no problems. To make a long story short, I took it home and reformatted it. No more BSODs. Then I brought it back to my client's office, and I got a BSOD every time I booted up the computer - just after I logged in.

It seemed that whenever the wireless LAN card saw a WPA encrypted network (not even connecting to it - just seeing it), it would give this BSOD - about IRQ_less_or_equal (or something like that). I had to disable the WLAN card with the hardware switch (in this case Fn + F5). Then everything worked fine. In the end, I upgraded the driver for the Intel Pro 2100 3B driver (I think that was the model or something close to it). And after that, all was normal. Very strange.

Thursday, January 17, 2008

Windows XP slow on Preparing Network Connections

I've seen this many times, but never gotten a solid resolution. A laptop takes a long time to process "preparing network connections" on bootup - before you even get to the login screen on XP. I troubleshot this today for a user who said it took 5 minutes to go through that when she was off-site. I timed it, and it was really only one minute and 47 seconds, but that's still an eternity.

Then I tested it when she was on-site. IT TOOK EVEN LONGER.

Then I went into Network Connections Advanced Settings (Network Connections -> Advanced -> Advanced Settings) and moved the IEEE 1394 connection below the LAN and WLAN connections. For some reason, it was at the top. Then on the next reboot, it was less than 20 seconds for preparing network connections.

Saturday, January 12, 2008

upgrading Quickbooks file to 2008

I've done two upgrades to Quickbooks 2008 from 2006. Both times, the QB file was on the network. In order to upgrade the file - you have to install QB 2008 on a machine and open then file. When I opened the file when it was located on the network, it gave me an error about permissions each time. Then I had to restore the QB file from backup. In short, in order to upgrade the file - I had to bring the file down local and open it there and then copy it back up to the network.

Thursday, January 3, 2008

Out of Office Assistant says "Command not available" when you try to acitvate or deactivate autoreply

I came across this issue for the first time two weeks ago when someone was setting an autoreply and again today when someone was deactivating an autoreply. When you go to Tools -> Out of Office Assistant, it tells you "Command not available."

To fix it, you go here for Outlook XP:

or here for Outlook 2003:

and rename the Resiliency key to Resiliency.old

Microsoft does not say why this is the case, but their KB article on this is here: