Wednesday, December 14, 2011

downloading hotfixes from Microsoft (in this case 943545 - storport)

I was attempting to get a hotfix for the storport driver for Windows Server 2003 x86, but the KB page wouldn't give me a link for it. After some research, I found that if you go this link:
http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=943545&kbln=en-us

And then adjust the KB number in the URL, it'll take you to the appropriate hotfix. In my case, KB 943545 was what I was looking for.

The KB article gave no clue as to how to download the hotfix. Very annoying.

Saturday, December 3, 2011

shrinking the SBSMonitoring_log.ldf file

After taking steps to address the size issue of the SBS 2008 monitoring file as described here:

I found that my SBSMonitoring_log.ldf had grown to over 30 GB. The proper size is well less than 1 GB. What we need to do is shrink that LDF file. Here is what I did:

1. Open an elevated SQL Server Management Studio Express
2. Connect to the [servername]\SBSMonitoring database using Windows Authentication
3. Expand Databases and right-click on SBS Monitoring
4. Choose Tasks, then Backup
5. Make a backup of the current database
6. After backing up, right click SBSMonitoring and choose Tasks, Shrink, file.
7. In the opening window, choose Log in the File Type drop down list and click OK.
8. Now the SBSMonitoring_log.ldf file should shrink.


** of note, running the backup in step 4 is recommended, but I didn't run it as I was in a hurry to resolve this problem and it wasn't apparent to me where the backup would go. The C drive would be illogical as I had no space on the C drive. Given my time crunch (the low space on C was causing Exchange problems), shrank the file without backup and it did not cause any problems.

Friday, December 2, 2011

SBS 2008 Monitoring Database Fills to Capacity

On one of my SBS 2008 boxes, I began getting a ton of messages in my event log about the SBS 2008 monitoring database filling to capacity. You'll see events like this:

Log Name: Application
Source: MSSQL$SBSMONITORING
Date: 12/16/2009 4:15:47 PM
Event ID: 1827
Task Category: (2)
Level: Error
Keywords: Classic
User: SYSTEM
Computer: xxx.xxx.com
Description:
CREATE DATABASE or ALTER DATABASE failed because the resulting cumulative database size would exceed your licensed limit of 4096 MB per database.

Log Name: Application
Source: MSSQL$SBSMONITORING
Date: 12/16/2009 4:15:47 PM
Event ID: 1105
Task Category: (2)
Level: Error
Keywords: Classic
User: SYSTEM
Computer: xxx.xxx.com
Description:
Could not allocate space for object 'dbo.EventLog'.'PK_EventLog' in database 'SBSMonitoring' because the 'PRIMARY' filegroup is full. Create disk space by deleting unneeded files, dropping objects in the filegroup, adding additional files to the filegroup, or setting autogrowth on for existing files in the filegroup.


This is resolved by using this process:

The description of the fix doesn't match the problem, but it works.

VERY IMPORTANT - this will make the SBSMonitoring_log.ldf very, very large. In my case, it made that file 30 GB, which ate up almost all the space on my C drive, which was a huge problem. See my next post on how to fix that.

Monday, November 7, 2011

moving Google Docs from one account to another

Functionality changes - so this data is really only relevant in and around late 2011.

I had a client with Google Apps that changed their company and domain name. As such, I created an entirely new account. I moved email, calendar, and contacts by downloading their email with the Google Apps Sync for Outlook, exporting to PST, and then uploading the data to the new mailbox.

But Google Docs wasn't so easy. You're supposed to be able to download all your Google Docs into a single ZIP file. But that wasn't working for me. So here is how I moved Google Docs from one Google Apps account to another that were in different domains.

On the old account, I used this utility to download the Google Docs into a single folder:

Now, I had all the docs in a single folder and they were all in the Word, Excel, PowerPoint, PDF, etc format.

Unlike their download function, Google's built in upload function was working fine. I clicked on the upload button and there were options for "file" and "folder." I chose the folder where I downloaded all the files using that utility above and it imported each Word file into a Google document and each Excel file into a Google spreadsheet, etc. I lost the collaboration information and the dates of the files, but I was able to keep the file content with relatively little trouble.

Tuesday, October 4, 2011

sending as an alias on an Exchange server

There's no easy way to send as one of your aliases on an Exchange server. Let's say your primary email address is dave@abc.com with two aliases of helpdesk@abc.com and dave@xyz.com. Logic would say that you could add the FROM field in your Outlook message and put in one of your aliases. Well, this doesn't work.

There are two workarounds to allow you to send as your aliases. I'll describe them both and give links on how to implement them:

1) create a POP3 account in the local Outlook that does not ever actually POP anything and uses the SMTP info for the Exchange server and the email address for the alias

2) create a distribution list with a single member (the user). Assign send as permissions to that mailbox for the user and then the user can use the FROM field. The down side is that you might be adding many different fake distribution lists for each time a user needs to send as an alias.


Both solutions are lame, but I'll be implementing option 1 from this point forward.

Thursday, September 29, 2011

installing Entourage 2008 EWS and getting error

I had a user with Entourage 2008 and needed to install Entourage 2008 EWS (Exchange web services edition) to work with a new Exchange 2010 server. However, each time we tried to install it, we got this error:

-------

You cannot install Entourage 2008, Web Services Edition on this volume. A version of the software required to install this update was not found on this volume.

To learn how to fix this issue, see "I can't install Office 2008 for Mac updates" at http://www.microsoft.com/mac/help.mspx.

-------

What I found was that you need install the version of Entourage EWS for the specific version of Entourage you have. If you have Entourage 12.2.3, you need to install Entourage EWS 13.03. But if you have a newer or older update of Entourage on your system, you need a newer or older version of Entourage EWS. It's very lame, but based on the version of Entourage you have, you need a certain version of EWS.

In my case, I was on the most recent version of Entourage, so I needed the most recent version of EWS (13.0.11 as of the time of this post), which is the case most people should find themselves in. First, run Microsoft autoupdate and get your Office 2008 up to the newest version. The go to the Microsoft for Mac downloads page here:
http://www.microsoft.com/mac/downloads

Click on Office 2008. Click on Microsoft Entourage 2008 for Mac, Web Services Edition. This will take you to the download for the most recent version of Entourage EWS, which should be compatible with your Entourage if you have it up to date. Download and install and you're ready to go.

Friday, September 23, 2011

sending over port 587 with SSL on SBS 2003

When configuring external users to send over port 587 on Exchange/SBS 2003 - in the scenario that you have users that need to POP the server for whatever reason - here is what I think is the best way to do it:

In Exchange System Manager, go to Servers -> Server Name -> Protocols -> SMTP -> Default SMTP Virtual Server

Right click on the Default SMTP virtual server and choose properties.

Click on advanced and click add. Enter 587 in the TCP port and hit OK. It'll look like this when done:

Click on the access tab. Click on Certificate.

Put your existing 3rd party SSL certificate in place on this virtual server. This must be a 3rd part SSL certificate (like godaddy).

And that's it.

When configuring the email client, tell it to use authentication and SSL over port 587. In Outlook 2007, use AUTO for the type of encryption.


Thursday, September 22, 2011

turning on virtualization assistance in the BIOS

I built my first virtual servers this week, which I will write about later. There was one trick that got me at first.

In this case, I'm using Hyper-V in Windows Server 2008 R2 on a Dell PowerEdge T310.

When I started the first VM, the system told me the hypervisor was not running. One of the things the error told me was that I should make sure that virtualization assistance was enabled in the BIOS. First, I made sure that virtualization was supported for my processor - a Xeon X3430 - which it was. Then I went into the BIOS and found indeed that virtualization was turned off.

After that, I was ready to go.


Monday, September 19, 2011

free tracking software for stolen laptops - preyproject

An acquaintance recently had a stolen laptop, and I was very surprised to find that she had installed a free laptop tracking program on it. I viewed the tracking report from the program/service, and it was incredible.

The service showed the location on a google map of the laptop. It showed a screen shot of the desktop of the laptop. It even showed the a capture from the built in web cam of the person using the laptop. This service/program has a free option which seems to be fully functional, but it also has a paid version with more features. In the case of this laptop theft, the free version was sufficient.

The site for the service and program is:

I have already installed this on my own laptop.

Sunday, September 11, 2011

421 4.3.2 Service not available, closing transmission channel on SBS 2008 - not receiving external email

Yesterday, I had an extremely frustrating issue where my SBS box was not receiving external email. Port 25 was open. I could telnet to the server from *inside* the LAN and get the proper banner, but when I was outside the LAN, I could get:


421 4.3.2 Service not available, closing transmission channel


In the end, my conclusion is that while troubleshooting another issue, I ran the fix my network wizard which deleted my receive connector for external email. There should be 3 receive connectors by default - one for sharepoint, one for internal users to use for sending mail and internal mail, and one for receiving external email from the outside.

This is a proper looking set of receive connectors:

This is what the internal connector should look like for internal usage:


This is what a proper external/internet receive connector should look like:




Default SBS login page and Outlook Anywhere not working on SBS box

The other night, I installed some updates on an SBS 2008 server and rebooted it. In the morning, no users could connect to Outlook via RPC over HTTP (Outlook Anywhere). In the end, I found that the binding had changed on some virtual web sites in IIS and some built in SBS web sites were broken.


I found that the default web site was bound to 443 which made the SBS web applications web site appear as stopped. This is what the default web site binding should look like:


I found that two of these sites said "offline"


And this is what the bindings on SBS Web Applications should look like:


I adjusted the bindings, and then I was ready to go. I have no earthly idea why the bindings changed. It wasn't the updates. They were standard Windows updates. So odd.

Saturday, September 10, 2011

resetting a DRAC card

On a PowerEdge R710, I had a DRAC card acting erratically. From the machine itself, I would enter the DRAC's IP address, and it wouldn't connect. I couldn't ping it - so odd.

From another machine on the network, I was able to get to the DRAC login page, but I would log in - and then all the tabs and buttons would say "undefined" for about a second and then it would log me out. Then I'd try to log in and it would tell me "the maximum number of user sessions is reached."

Basically, the DRAC was unusable at the worst possible time. I reset the DRAC card to factory defaults to fix it. I'd like to uprgade the firmware, but it fails each time. That's a separate troubleshoot I'll do.

Do this on the sever with the DRAC on it:

1) Make sure you have the "Dell Openmanage Server Administrator" installed
2) run "racadm.exe racresetcfg" from an elevated command prompt
3) open up the Dell OpenManage Server Administrator, go to system -> main system chassis -> remote access and change the the IP address for the DRAC from its default setting of 192.168.0.120 to whatever you want. Also edit the user credentials as well for whatever you need.

I pulled this info from this page:


Sunday, August 21, 2011

configuring VAMSoft ORF anti-spam on an Exchange server

If I was to rank spam software for Exchange servers, I'd rank them this way:
1) Postini and other off-site similar services

However, ORF costs way less. As of August 2011, ORF is $249 for the first year and then $99 each year thereafter. This is for unlimited users.

Also, ORF requires minimal configuration, which I'll go over here.

After installing ORF, the first change I make is to add an external DNS server. I add Google's public DNS, 8.8.8.8 as seen here:


The next thing I do is enable the tests I like. Unfortunately, before I did the installation where I took these screen shots, I didn't track which tests I enabled. It's only three or four tests, but here is a screen shot with all the tests I enabled after I had enabled them:



In the test for DNS blacklists, I enable SpamHaus Zen and SpamCop:


The last change I make is to add URL blacklists. I have it check the combined SURBL list and uribl.com blacklist.



After making those changes, click Configuration -> Save Configuration. Then go to Information -> Status Information and choose Start to start the ORF service.

Separately, I also disable any other spam filters. Almost always, I'm replacing the built in spam features in Exchange. I open Exchange Management Console and go to the various hub transport modules and disable any and all spam tests in the anti-spam tab.


Friday, July 1, 2011

mapping drives with group policy on Server 2008

If you want to map drives using group policy instead of scripts, here is the process. In this example, I have made four separate oragnization units (OUs) in ADUC (active directory users and computers) representing the four offices - NY, DC, Chicago, and SF.


Then you go into group policy management. Expand to forest: domain.local -> domains -> domain.local -> Group Policy Objects. Right click on Group Policy Objects and choose NEW. Give it a name like "map DC drives" and hit OK. Right click on the new group policy object you just created and choose EDIT. Expand User Configuration -> Preferences -> Windows Settings. Right click on Drive Maps and choose New -> Mapped Drive.


Create the drive and location as specified like this.


Still in group policy management , right click on the OU you want to apply the group policy to and click "link to existing GPO." Choose the appropriate group policy.


Now, any users you have in that OU will have that group policy that maps network drives applied to them.



At the end, run "gpupdate /force" from an elevated command prompt.

Thursday, June 30, 2011

removing XP Antivirus 2012

I've found XP antivirus 2012 to be easier to remove than most other of the fakealert viruses.

With XP antivirus 2012, you can use control-alt-delete to end task. Then run an rkill. Then run quick malwarebytes scan and remove everything, but don't reboot. Then run a full malwarebytes scan. You may find that the virus restarts even after an rkill after 3 or 4 minutes. Just close the program again and run an rkill and let the quick malwarebytes scan to keep the virus from restarting. Then run the full scan to completely get rid of the virus.

Friday, May 27, 2011

installing quickbooks 2010 Premier on a Win 2008 terminal server (32 bit)

Here's how I installed Quickbooks 2010 Premier on a Windows 2008 terminal server:

run "change user /install"
Install Quickbooks normally
When you first run Quickbooks, it asks you to choose a specific edition, but I got this error:

After some research, I tried solution #2 here:

This resolved the problem, and I was able to choose a business specific edition.

Friday, May 6, 2011

using combofix in safe mode with command prompt

I was faced with a fakealert virus yesterday that existed in safe mode also, which made cleaning it very difficult. I used the command prompt method I used a couple weeks ago to clean it. Luckily, I was on a network - not sure I would have been able to do this on a stand alone computer. Here were my steps:

[on the virus affected machine]
boot into safe mode with networking
log in as a domain admin
create new local administrator (on the chance that I didn't know the local admin password)

[from another machine in the network that is not infected]
from another machine on the network logged in as a domain admin
go to \\10.0.0.54\c$ (affected computer drive)
create a new folder on the root of C called malware
download newest version of combofix and copy it to \\10.0.0.54\c$\malware

[on the virus affected machine]
reboot into safe mode with command prompt
log in as local administrator
run c:\malware\combofix.exe

You won't be able to install the recovery console, but in the two times I've tried this, it hasn't been a problem.

Thursday, May 5, 2011

Google Address Book "Connection to Google is temporarily unavailable"

By default, you get an error about the google address book not being able to sync when you open a Google Apps profile in Outlook. It looks like this:


This is fixed by enabling contact sharing in the Google Apps control panel. I guess this is some kind of global address list from what I'm reading.

Here's how you fix it:
  • In the Google Apps control panel, click the Settings tab, then Contacts on the left side
  • Select Enable contact sharing.
  • Click Save changes.

And when fixed, it should work properly (though I've seen it not work - it makes little sense):

Wednesday, April 27, 2011

intermittent temporary freezes or pauses on Dell Latitude E4200

I've found some issues with intermittent temporary freezes/pauses on Dell Latitude E4200 laptops. But the hard part is that I've found no rhyme, reason, or consistency for the issue. It's certainly partly hardware related - but how? Here's what I know:

Windows will temporarily freeze every 5 to 10 minutes for 2 to 4 seconds. Keyboard and mouse will be unresponsive and the whole OS seems unresponsive during these short periods.

This problem ONLY happens when docked.

Twice, I have been able to narrow this problem down to hardware. In one case, a locally attached (via USB) Laserjet 2300DN and in another case a Logitech webcam. Once these objects were disconnected, the intermittent freezing stopped.

But I can't narrow it down to specific hardware all the time. For one user, he had nothing but the basics plugged in (USB keyboard, USB mouse, VGA monitor, ethernet). I got a different USB keyboard, USB mouse, and a different monitor (DVI this time). I also updated his BIOS and all other drivers. No effect. The intermittent freezing continued. I've seen this issue before and after the installation of Windows 7 SP 1 and with Symantec Endpoint Protection (separate rant on SEP forthcoming in a future blog post) and with MS Security Essentials.

I'm about to troubleshoot this again on another laptop. Interestingly, I've found this issue on 5 different Latitude E4200 laptops out of about 20 I have in place at various clients. So it's clearly not a universal issue. It's hard to troubleshoot because I have laptops with the exact same configuration not giving the same problem and the problem isn't easy to reproduce. If you have any experience with this issue, please feel free to leave a comment.

EDIT - I have resolved this on two laptops just by updating drivers. From the Dell web site, I updated the BIOS, video driver, mouse driver, and WLAN card driver. I'm not sure which one actually did it, but all the drivers should be up to date anyway.

Monday, April 11, 2011

handling windows restore fakealert virus

Today, I dealt with another one of those fakealert viruses. This one was called windows restore. I had to take a couple minor extra steps. I booted to safe mode with networking. I found that the virus had removed the DNS servers (which had been statically set on this computer). I added those back and was then able to download malwarebytes. One thing that was super weird was that it had hidden all files and folders. I ran start -> run -> iexplore to start IE, but I also unhid all files.

After running malwarebytes and removing the virus, I found that all files were still hidden. I ran this from a DOS prompt to remedy that:

attrib *.* -s -h /s /d

And things were back to normal.

Of course I ran these instructions to clean the virus:

Thursday, April 7, 2011

wireless autoswitch for disabling wireless on laptops when connected to the LAN

There's very little talk as far as I can about the problem of a wired laptop using its wireless connection even though it is actively wired. There is no scenario where you want your wireless to take precedence over your wired connection if both are available. But that is the default setting in Windows (wireless is preferred). And even if you make the wired connection the priority via this method:

If you're off the dock and not plugged in - and then sit back down at your dock, you'll still be wireless. I'm pretty sure it's also that way if you are wireless at home, put the laptop to sleep, and then come into the office and dock (wireless will take precedence). With Dell Latitude E Series laptops in ControlPoint, I found an option to disable the wireless when the wired connection is detected.

When working with a client's Toshiba Portege R600 who has very weak wireless within the office, I wanted to disable his wireless when wired but have it automatically re-enable when the wired connection is disconnected. I ended up using Wireless AutoSwitch XPV, which works exactly like I want it to. It's available here:

It costs $7.95 - which is a shame because it should be built into Windows.

Monday, March 14, 2011

auto login on Windows 7

For a residential user, I was looking for an autologin for Windows 7. For XP, I used Tweakui, a part of the Windows XP Powertoys. But for Windows 7, I found these instructions:

  • Press the Windows key + R on your keyboard to launch the “Run” dialog box.
  • Type in control userpasswords2
  • Press Enter. The User Accounts window will display.
  • Uncheck the option “Users must enter a user name and password to use this computer”
  • Click “OK”
  • You will then be prompted to enter the current password and confirm it.
  • After doing so, you will no longer be prompted to enter your password upon login.

I found those instructions here:

Sunday, February 27, 2011

turning off autorenew of SSL certs on godaddy

Godaddy turns on autorenew for all its certificates. I found this set of instructions on how to disable autorenewal:

  1. Login to GoDaddy
  2. Click My Account on the top listing
  3. Click “Renewals” on the left side of the page
  4. In the menu that pops up, click “Payments & Renewing Items”
  5. This brings up the page “Payment Profile” where all auto-renew items are listed
  6. Click the “Auto” column header and look for any items turned “On”
  7. Check the box next to any “On” items and click “Auto Renew ” at the top
  8. On the right side of page, check “Disable Auto Renew” then “Save Changes”.

I'm re-posting this info from here:

Thursday, February 3, 2011

setting up Outlook to sync with a Google Apps account

If you have a Google Apps Premier or Education account, Google provides a plug-in to keep Outlook synced with your Google Apps account. It keeps your calendar, contacts, and email sycned with the Google servers. That way - any content you have in Outlook will also be available in webmail and vice versa (and any other computers you sync to Google will also have that data).

Here's how you set up the Google Apps plug-in:

step 1:
Run the Google Apps plug-in from here:
(click on Download Google Apps Sync)

step 2:
If the Google Apps Sync doesn't run automatically, run it manually like this:

Step 3:
Enter your full email address and password like this.

Step 4:
Click "create profile" (ignore the other options unless specifically told to use them)

Step 5:
Click on Start Microsoft Outlook

Step 6:
Click on OK to choose your Google Apps profile in Outlook (it'll always default to your Google Apps profile):

Wednesday, January 19, 2011

Setting permissions for home folders on Windows Server

There are certain permissions you need to set for the parent folder of user home folders. The essential part is setting authenticated users to "this folder only" on the parent folder - but here is a page that talks about setting those permissions:

Thursday, January 13, 2011

analyzing BSOD mini-dumps

This Dell page talks about troubleshooting of BSODs and gives a link near the end to the Windows Debugger and a tutorial on the Windows Debugger to analyze mini-dumps to determine the cause of blue screens of death.

http://support.dell.com/support/topics/global.aspx/support/kcs/document?c=us&l=en&s=bsdr&docid=DSN_356576&isLegacy=true

Tuesday, January 11, 2011

connecting Outlook 2003 to an Exchange 2010 server

Using its default settings, Outlook 2003 won't connect to an Exchange 2010 server (nor will Outlook 2007 that has been upgraded from Outlook 2003). Exchange 2010 requires encryption between clients and itself when doing MAPI connections. As such, you need to make that change from the default settings on Outlook 2003. Just check the box for "encrypt data between Microsoft Office Outlook and Microsoft Exchange Server" on the security tab after clicking on the more settings button when setting up an Exchange account.

Monday, January 10, 2011

installing Office 2007 on a terminal server

I found this page on how to install Office 2007 on a terminal server. I've used it twice successfully to install Office 2007 Pro Plus (must be open license) on Windows 2008 (you should already have installed the terminal server role before installing Office 2007):





Here are my recommended setting changes:


Under Modify User Settings:

Microsoft Office Outlook 2007 -> Tools Options -> Other -> AutoArchive Settings -> Enabled (and then uncheck turn on autoarchive)


Microsoft Office Outlook 2007 -> Tools Account Settings -> RSS Feeds -> Turn Off RSS Feature -> Enabled



Microsoft Office Outlook 2007 -> Tools Options -> Preferences -> Search Options -> Prevent installation prompts when Windows Desktop Search Component is not present -> Enabled

Microsoft Office 2007 -> Privacy -> Trust Center -> Disable opt-in wizard on first run -> Enabled

Microsoft Office 2007 -> Privacy -> Trust Center -> Enable Customer Experience Improvement Program -> Disabled



Under Set Feature Installation States:

Set all items to Run All from My Computer



Under Outlook:

Outlook profile -> Modify Profile -> Define changes to make to the existing profile. If a default profile does not exist . . .

Specify Exchange server settings -> Make changes here as appropriate for your network (using %username% as the user name (but I do not configure cached Exchange if the terminal server will be on same LAN as the Exchange server)



That's it as far as customizations made to the OCT file. I add the installation key to the config.xml file (as specified here).



I save the OCT as c:\oct.msp

Of note - I have had trouble with the setup not finding the MSP file when it's not in the root, so I just put it in the root.



Then I run (in terminal server installation mode by running "change user /install" in an administrative command prompt):



z:\office2007\setup /adminfile c:\oct.msp

(alter path as needed)









Sunday, January 9, 2011

Attempt to configure Terminal Server failed with error code 0x80004005. Error HRESULT E_FAIL has been returned from a call to a COM component

I've gotten this error twice when installing the terminal services role on a Windows 2008 machine connected to a domain:

Attempt to configure Terminal Server failed with error code 0x80004005. Error HRESULT E_FAIL has been returned from a call to a COM component.

The error appears after the reboot to install the role and looks like this:
As per this page:


there are properties in the OU that the server belongs to that create a problem with terminal services. It seems as though the terminal services role has been installed correctly, but here's what I do:

remove the terminal services role from the terminal server
create a new OU on the domain controller named "terminal servers":

Then open Group Policy Management and and tell your new OU to "block inheritance" so that it doesn't inherit the other problematic policies that create the problem.

move the server to the new OU
if you reboot here, after removing the inherited group policies, you'll likely be unable to use remote desktop to connect to the future terminal server since remote desktop was enabled by the group policies you just removed.
reinstall the terminal services role on the terminal server.


You'll see that the the terminal services role installs with no problems.