Wednesday, July 22, 2015

Quickbooks H202 problems/thoughts

I can't explain how I have so many problems at one client with Quickbooks server/client issue - whereas I have other clients with the same setup with no problems.

After spending 8 hours on it yesterday, here are some more things to troubleshoot/look at:

  1. On the Quickbooks host, ping the host itself with NETBIOS name (meaning if the host is machine X, open a DOS prompt on machine X and ping X).  If you get anything other than an IPv4 address in the reply, make an entry for the QB host in the HOSTS file,
  2. On the Quickbooks host, telnet to each of the ports that should be open to make sure you know what should be open (telnet NETBIOSNAME 8019).  List of ports is below.
  3. On a Quickbooks client, telnet to each of the working ports to make sure they aare working properly (and if not - adjust firewall settings as appropriate).

And even with the above in place, you *still* might have trouble.  I had a Windows 7 physical machine set up optimally that would just not work right.  Whenever a client tried to convert the QBW file to multi-user mode, Quickbooks would give an H202 message.  I also had a Windows 2008 32 bit Hyper-V VM machine that was optimally configured as well.  I would also get an H202 error when trying to put a client (logged in as admin) in multi-user mode.  Every possible thing I could see was optimal.

I ended up creating a new Windows 2008 R2 VM - configured no differently than the two above machines in any meaningful way - that worked.  IP address was given through a DHCP reservation.  There was a HOSTS file entry on it.  I made the firewall adjustments.  I shared out the folder that had the QBW file with appropriate permissions.  I ran the QB database server tool and scanned the appropriate directory.  The initial ND file looked no different than the ND file from the above two machines (Win 7 and Win 2008 RTM 32 bit).  I can't explain it, but at 5 am - I was able to get a reproducible successful state.

Quickbooks ports that need to be open in the firewall:
QuickBooks 2015: 8019, 56725, 55363-55367
QuickBooks 2014: 8019, 56724, 55358-55362
QuickBooks 2013: 8019, 56723, 55353-55357
QuickBooks 2012: 8019, 56722, 55348-55352
QuickBooks 2011: 8019, 56721, 55343-55347
QuickBooks 2010: 8019, 56720, 55338-55342

Initial ND file when you first create it:
// This is QuickBooks configuration File. It exists while users are connected
// to a company file. Do not delete this file yourself. QuickBooks may not
// operate correctly if you manually delete this file.
FilePath=C:\QB\TestCompany, LLC.QBW

Final ND after it is successfully used:
//This is QuickBooks configuration File. It exists while users are connected
// to a company file. Do not delete this file yourself. QuickBooks may not
// operate correctly IF you manually delete this file.
FilePath=C:\QB\TestCompany, LLC.QBW


Friday, July 17, 2015

Installing a Netgear 341U Sprint Mobile Broadband Card on a Mac

I've had some trouble getting a Netgear 341U to install on a Mac.  Here's what I've found to work and also what you're looking for.

The proper Netgear 341U setup shows WWAN LTE as an option as a network to connect.  When the Netgear 341U is plugged in, the WWAN LTE will show as connected.

I've let the drivers install when you first plug the card in, but this did not work for me.  Somehow, they just didn't show the WWAN LTE connection.  The solution seems to be go to Sprint's site and download the drivers from there with the card plugged in.  Download the drivers.  Install the drivers and reboot - all with the card still plugged in.

Drivers located here:

Thursday, July 16, 2015

Disabling WSUS on a formerly SBS 2008 network

Windows SBS 2008 networks define the Windows Update server as the SBS 2008 server.  This works well until you decommission the SBS 2008 server, and you need/want your computers to start searching for updates on the internet again.  Personally, I've found that as long as you have sufficient bandwidth, I prefer getting updates from the internet over managing/maintaining an internal WSUS server.  I'm sure many disagree with me.

The WSUS server is defined in Group Policy.  The Group Policy Object on an SBS 2008 network is called "Update Services Common Setting Policy."  Here's a screen shot of where you disable the setting (change the value to disabled):

Wednesday, July 15, 2015

Set up for a new Mac on a PC network as of 7/15/15

  1. Boot up laptop and log in as admin and create a local password with the domain admin password
  2. Install all applicable Apple updates and make sure the system is on the latest OS and OS patch
  3. Create new user as local administrator that matches (though doesn't necessarily need to match) the user's login name on the Windows domain with matching domain password
  4. Log out and log in as user
  5. Install newest applicable version of MS Office
  6. Set up VPN
  7. Set up all applicable printers
  8. Install applicable antivirus
  9. Set up network drives
  10. Test VPN and ability to access network drives over VPN
  11. Configure Outlook and let email download completely
  12. Configure any applicable broadband card
  13. Add VNC/screen sharing password
  14. Add serial number and computer specs to inventory spreadsheet

Tuesday, July 14, 2015

Moving Hyper-V from Windows 2008 R2 to Windows Server 2012 R2

You can't import a virtual machine created on Windows 2008 R2 into a server running Windows 2012 R2.  There's some aspect that's incompatible.

Here's what worked best for me:

Stop the old VM on the Win 2008 R2 machine
Copy the VHD file to the Win 2012 R2 machine
Create a new virtual machine and tell it to connect to an existing virtual disk
Choose the VHD you moved

If you get error 0×80070569 like I did when you try to complete the new VM wizard, restart the Hyper-V Virtual Machine Management per this page:

Saturday, July 11, 2015

Downloading symbols for use with windbg when analyzing BSODs with windbg

99 times out of 100, I use BlueScreenView to analyze BSODs.  It's a great program for initial analysis.

If I need to go more in depth, I use windb from here

However, when you run windbg, you get errors about missing symbols. I read about the fix for the symbold problem here:

The fix for the symbol error is to type this command at the bottom of the window (part to type in bold):

0: kd>  !symfix
then save the workspace and close and reopen windbg

Now you get no symbol errors when you open the minidump.  Now, you can get get more detail about the BSOD with this command:

0: kd> !analyze -v

Thursday, July 9, 2015

DOS commands to view WLAN status

I found this command to be very helpful in giving me details about my WLAN and all the WLANs around me.  It allows you to get the channels of all the WLANs around you and their signal strength relative to you.

netsh wlan show networks mode=bssid

For info just about your current connection, enter:

netsh wlan show interface

Wednesday, July 8, 2015

uninstall SBS 2008 from domain

My broadstroke steps to uninstall SBS 2008 from my domain.

  1. delete all offline address books in EMC
  2. delete all public folders with these two PowerShell commands:
  3. Disable and then purge all user mailboxes (you do not delete mailboxes as this also deletes the active directory accounts as well)
    a. You do not delete mailboxes, but rather you go to recipient configuration -> mailbox in EMC and highlight all mailboxes and choose "disable"
    b. You'll see all the mailboxes go to the disconnected mailboxes section
    c. Now, you run these two commands to purge the mailboxes in an elevated Exchange Shell:
    d. $users = Get-MailboxStatistics | where-object { $_.DisconnectDate -ne $null } | Select DisplayName,MailboxGuid
    e. $users | ForEach { Remove-Mailbox -Database "Mailbox Database" -StoreMailboxIdentity $_.MailboxGuid -confirm:$false }
    f. Credit for those two commands goes here:
  4. Uninstall Exchange (required following several KBs with steps on deleting things like OAB, user mailboxes, public folders, send connectors, etc)
  5. Transfer the 5 FSMO roles to a new domain controller with the global catalog role via these steps
  6. Remove Active Directory Certificate Services
  7. Demote the SBS server
  8. Remove the SBS server from the domain (put in a workgroup)
  9. Disable and/or remove WSUS from group policy via these steps
IMPORTANT NOTE - When I did a dcpromo to demote my SBS 2008, it somehow broke my DFS namespace even though the SBS 2008 server was *not* the host of this namespace.  I ended up having to create a new namespace after I had demoted the SBS server.  This is definitely something to check on future SBS uninstallations.

Tuesday, July 7, 2015

transferring FSMO roles when decommissioning and SBS server

When decommissioning an SBS server, you need to trasnfer the 5 FSMO (Flexible single master operation) roles.  Here's the process:

Start -> Run

Type roles
Type connections
Type connect to server
where is the name of the server you are transferring the roles to (such as "connect to server contoso1")
Type q
Type transfer rid master
Type transfer infrastructure master
Type transfer pdc
Type transfer schema master
Type transfer naming master

Monday, July 6, 2015

SEP 12.1.5 disabling internet based on "traffic has been blocked from this host svchost.exe"

We use Symantec Endpoint Protection in an unmanaged scenario in our small network.  In certain cases, some staff get their internet access disabled when SEP says "traffic has been blocked from this: svchost.exe"

The quick fix:

1. clicking on Options next to Network Threat Protection
2. Click "Configure Firewall rules"
3. Find "Block UPnP Discovery" and change it from BLOCK to ALLOW

Saturday, July 4, 2015

Set internet failover on Fortigate 40C on firmware 5.2.3

On the Fortigate 40C, setting the dead gateway detection (aka WAN failover, aka link failover) can only be done by command line interface on firmware 5.2.3.

Why?  I have no idea.  But per support, here are the steps to create failover if WAN1 is your primary circuit:

config system link-monitor
edit 0
set srcintf "WAN1"
set server ""
set protocol ping
set gateway-ip
set source-ip
set interval 5
set timeout 1
set failtime 5
set recoverytime 5
set ha-priority 1
set status enable

If you want to check status of the failover, here is the command:

diag sys link-monitor status

Thursday, July 2, 2015

Fix for Netgear C3000 that will not connect to VPN

I found a fix for users with a Netgear C3000 cable modem router that are unable to connect to PPTP VPN.

In my test case, the user was on Comcast and getting error 800 when connecting to her company VPN.

First, make sure you can log into the router.  Default login and password are admin/password.  You'll need to be able to log in.

Netgear has this page which gives a download which makes an update to the router firmware to allow VPN passthrough:

In my test, I had to apply the update and then manually reboot the router, but afterwards, I was able to connect to the PPTP VPN per normal.

Wednesday, July 1, 2015

Invalid partition table on a new Windows 7 install (UEFI vs legacy boot)

I rarely ever edit anything having to do with UEFI, but I found a situation where I was getting "invalid partition table" on a new Windows 7 installation from DVD.

The problem was that I was booting to the DVD from UEFI and then botting Windows from legacy BIOS (or so I think).  When pressing F12 on my Dell Latitude E7240, I got these options:

I was booting to the DVD ROM using "UEFI: HL-DT-ST DVD+/-RW GU60N"

However, presumably when the machine rebooted, it was trying to boot from the legacy hard drive.  If I booted to the UEFI hard drive when botting from the UEFI DVD drive, it would work.  But if booting to the Internal HDD from the legacy boot, I get "invalid partition table."

That's my theory as to why I was getting "invalid partition table"

Based on a sample size of one, this holds true.