Monday, 18 July 2005

Windows Server 2003 Access-based Enumeration

Ever wanted to hide the files and folders that a user did not have access too (just like them old NetWare days?), well now you can with Windows Server 2003 Access-based Enumeration.

Thanks to Brian McCann for this one.

Download the Admin tool.
Download the readme here.

Tuesday, 5 July 2005

Citrix ICA Web Client

This client needs either local administrator or power users rights to run correctly on the workstation. To allow normal users to run it, edit the permissions on this registry key:
HKLM\Software\Microsoft\MSLicensing - Users - Full control

You could this either manually or through group policy.

Monday, 4 July 2005

Installing Windows Sharepoint Services v2 to use SQL Server

You need to do two things:

1. Extract files to temp directory:
stsv2 /c /t:c:\temp\wssv2

2. Install to use external SQL:
c:\temp\wssv2\setupsts remotesql=true

Sunday, 3 July 2005

Upgraded to CS v1.1

I've upgraded the Server to CS v1.1.

It wasn't without problems - The main one was that the tables aspnet_Membership, aspnet_Users and cs_Userprofile did not agree with each other before the upgrade.

Thanks to Derek Larkin for the answer! He also has a blog here.

Saturday, 2 July 2005

MOM 2005 error SQL Server 2000 SP3 or later not detected

Trying to install MOM 2005 on a test 2003 Server only to receive the error message "SQL Server 2000 SP3 or later not detected".

Because I have SQL 2000 SP4 installed as an upgrade of an earlier MSDE incidence (and it seems MOM 2005 install does not detect SQL 2000 SP4 correctly) I had to temporarily change the following reg key:

HKLM\SOFTWARE\Microsoft\Microsoft SQL Server\MSDE\MSSQLServer\CurrentVersion"
CSDVersion REG_SZ change from "8.00.2039" to "8.00.761"

Do not be confused by the MSDE term - This was what the incidence was called before being upgraded to SQL Server 2000.

Don't forget to change it back!

Wednesday, 27 April 2005

Building an MS Cluster with VMWare Workstation 4.5.2

I used to be able to build clusters in VMWare Workstation 4, I'm sure, but when I recently tried it didn't seem to work any more. I found someone (sorry - lost the URL) on the VMWare forums who claimed to have created one on VMWare workstation 5. I tried thier suggestions on VMWare 4.5.2 and with a few changes it worked for me. I created the quorum (100MB) and shared disk (2GB) as fixed size SCSI devices.

Here are the important lines from my node_1.vmx file:

diskLib.dataCacheMaxSize = "0"
diskLib.dataCacheMaxReadAheadSize = "0"
diskLib.dataCacheMinReadAheadSize = "0"
diskLib.dataCachePageSize = "4096"
diskLib.maxUnsyncedWrites = "0"

disk.locking=FALSE

scsi0.present = "TRUE"
scsi0.virtualDev = "lsilogic"
scsi0:0.present = "TRUE"
scsi0:0.fileName = "Disk1.vmdk"
scsi1.present = "TRUE"
scsi1.virtualDev = "lsilogic"
scsi1.sharedBus = "virtual"

scsi1:1.present = "TRUE"
scsi1:1.fileName = "..\shared\quorum.vmdk"
scsi1:1.redo = ""
scsi1:1.mode = "independent-persistent"
scsi1:1.deviceType = "plainDisk"

scsi2.present = "TRUE"
scsi2.virtualDev = "lsilogic"
scsi2.sharedBus = "virtual"
scsi2:1.present = "TRUE"
scsi2:1.fileName = "..\shared\shared.vmdk"
scsi2:1.redo = ""
scsi2:1.mode = "independent-persistent"
scsi2:1.deviceType = "plainDisk"

Wednesday, 6 April 2005

Remove non-existant DFS root

I had to rebuild a DFS root but the 2000/2003 Servers and AD insisted the old one was there though it wasn't! I eventually found this KB article at Microsoft to fix it:
Article ID: 224384

Quickly reset users home directory permissions

This is not my work but that of Shawn Hopkins that I found on Google Groups.

I faced a situation where my users home and profile directories were ok but the users had simply lost their permissions (importing foreign disk, long story....). Shawn's scripts were written for NT but they worked fine with Server 2003. I did the following:

Gave Administrators full access to d:\home and d:\profiles.

Ran this:
net user /domain >> users.txt

Then ran this script:
for /f "eol=; tokens=1,2*" %%i in (users.txt) do cacls d:\home\%%i /T /E /G %%i:C
for /f "eol=; tokens=1,2*" %%j in (users.txt) do cacls c:\home\%%j /T /E /G %%j:C
for /f "eol=; tokens=1,2*" %%k in (users.txt) do cacls c:\home\%%k /T /E /G %%k:C

Then this script:
for /f "eol=; tokens=1,2*" %%i in (users.txt) do cacls d:\profiles\%%i /T /E /G %%i:C
for /f "eol=; tokens=1,2*" %%j in (users.txt) do cacls d:\profiles\%%j /T /E /G %%j:C
for /f "eol=; tokens=1,2*" %%k in (users.txt) do cacls d:\profiles%%k /T /E /G %%k:C

Monday, 21 March 2005

One of those D'OH! moments

Sometime last night (or more accurately in the early hours of the morning) my Server 2003 box decided it wasn't going to have a default gateway anymore. The problem first made itself known when we started getting "Mail Delayed" messages back from Exchange. On investigating the problem using Remote Desktop I found that even though a default gateway was set in the LAN properties, "ipconfig /all" and "route print" showed that the box wasn't honouring it. I then made the brilliant decision to disable and re-enable the LAN card.

D'OH! Remember, I was using Remote Desktop to do this! Luckily I had an EMS connection to the Server so I was able to re-enable the connection from there. I'm lucky that 2003 supports this, unlike 2000, else I would have to crawl around attaching cables to my headless server.
(Image lost due to Blog move)

One of those D'OH! moments

Sometime last night (or more accurately in the early hours of the morning) my Server 2003 box decided it wasn't going to have a default gateway anymore. The problem first made itself known when we started getting "Mail Delayed" messages back from Exchange. On investigating the problem using Remote Desktop I found that even though a default gateway was set in the LAN properties, "ipconfig /all" and "route print" showed that the box wasn't honouring it. I then made the brilliant decision to disable and re-enable the LAN card.

D'OH! Remember, I was using Remote Desktop to do this! Luckily I had an EMS connection to the Server so I was able to re-enable the connection from there. I'm lucky that 2003 supports this, unlike 2000, else I would have to crawl around attaching cables to my headless server.
(Image lost due to Blog move)

Sunday, 20 March 2005

Exchange 2003 OWA displays FTP style directory

If this happens to you the simplest answer is to recreate the web access directories. You can't just delete them and restart the SA service as you did in Exchange 2000!


1. Backup the IIS metabase
2. Delete the Exchange virtual directories in IIS Manager
3. Delete the /AD2MB path using ADSUTIL.VBS
4. Restart Exchange 2003 SA
5. Restore permissions to virtual directories

Microsoft has it covered here.

Monday, 14 March 2005

JRNL_WRAP_ERROR

Windows 2000 domain with a single domain controller was suffering the following error message in NTFRS Log in event viewer. After advice from Microsoft we set the following registry entry:

HKLM\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
BurFlags REG_DWORD 0xD2

This forces a non-authorative restore for SysVol and allows the message to disappear - Setting it to 0xd4 would have forced an Authoratative restore.

Thursday, 3 March 2005

Thursday Evening

Left at 19:00 to arrive at Ipswich at 20:11 but arrived at 20:17. Not bad, only 6 minutes late. We've gone ober the 3 hour barrier - Now we have it at 3:03 for the week so far but there is still Friday to go.

Thursday Morning

Caught the 06:53 to arrive at 08:09. Not bad as we arrived at 08:10 - Just a minute late. So that's now 2:57 late for the week.

Wednesday, 2 March 2005

Wednesday evenings...

Caught the 19:00 (had some work to catch up with) expecting to get into Ipswich at 20:11 but we eventually rolled in at 20:42. Some 33 minutes late. That brings the total lateness up to 2:56 for the week so far.

Wednesdays....

 I planned to catch the 6:23 again this morning as I needed to do some work on the way in but due to my bloody printer deciding it wasn't going to squirt ink out of the inkjets I ended up on the 06:38 again.

Due to a "delayed preceding freight train" we didn't arrive until 08:13 instead of 07:57. That's another 16 minutes making the total for the week 2:21 wasted.
Wednesdays!!

Tuesday, 1 March 2005

Tuesdays

After the problems with travel yesterday I decided to catch the 06:23 (couldn't face the 05:53) only to find it was canceled! Had to catch the 06:38 which arrived a minute early at 07:56. Still I calculate I had to waste 14 minutes because of the cancelation.

I caught the 18:30 back again (due 19:38) but it didn't arrive until 19:49. The reason give for my wasted 11 minutes was that there was a suspect package on the earlier train (18:20) that had to be dealt with by police.

Mon Out 00:26
Mon In 01:14
Tue Out 00:14
Tue In 00:11

Total late (So far) 02:05

TUESDAYS!!!

Converted to CS v1.0

CSVerter (Build 50301) finally worked for me. I think it was a combination of the new build and me using SQL authentication rather than Windows integrated that did it. This time the DTS packages were created and the blog content migrated.

Cheers Robert!

Monday, 28 February 2005

I hate Mondays (sometimes/mostimes)....

Training in London this week so caught the 06:38 into Liverpool Street from Ipswich which is supposed to arrive at 07:59 but didn't arrive till 08:25, some 26 minutes late. Arrived back at Liverpool Street to catch the 18:00 back to Ipswich to arrive at 19:08 but because the rail situation was all stuffed up I had to catch the 18:30. This did not make it into Ipswich until 20:22 so I was 1:14 late.

One state that engineering work will continue till 12:00 tomorrow causing 2 of the four lines going into London to be closed until then. We're told this will lead to alterations to service but I can't find any details of these!

Looks like I'll be catching the 05:53 tomorrow, so if I go to bed (been in for 20 minutes) now, I should just about manage 7 hours sleep!


MONDAYS!!!!!

Thursday, 24 February 2005

Firefox Font Problem

Does anyone know why Firefox has started doing this?
(Image lost due to Blog move)

It's not just on the rendered pages because it's doing similar weird font things in it's own dialogue boxes:
(Image lost due to Blog move)

Monday, 21 February 2005

Four hours in the future?

I'm unsure as to why my blog is posting four hours into the future (it's now 22:41 on 20/2/05)!

Blog to move

This blog will shortly move to Community Server v1.0. I have it setup and just need a way to move the existing post over - I did find some scripts but there is supposed to be and easy to use migration tool being released in the next few weeks.

It will be homed at http://cs.thefoleyhouse.co.uk/blogs/karl/.

Take a look at the whole skeleton Community Server at http://cs.thefoleyhouse.co.uk/.

Suse 9.2 fails to resume from disk

The saga of getting my Suse 9.2 box to behave as well as my Suse 9.1 box pre upgrade continues.

Slight problem with suspend to disk. Well, rather, the resume from disk just wasn't working.

After some digging I found that the 'resume=/dev/hdc5' entry was missing from '/boot/grub/menu.lst.'

I think there may also have been a problem with my swap partition so i did the following to be safe:
  • Checked '/etc/fstab' to make sure the swap partition was listed (it was)
  • Used the 'swapoff' command to disable swap (don't think it was being used but just to be safe)
  • 'mkswap /dev/hdc5'
  • Used 'swapon -a -v' to activate swap
Boot and general performances seems better/quicker so I suspect it was a problem.

Suse 9.2 Bootsplash not working

I installed Suse 9.1 home from downloaded CDROM's , upgraded it to 9.1 professional via the Suse website and then upgraded it again to 9.2 Professional from the downloaded DVD.

The Bootsplash screen was not working. After a bit of digging I found that the file '/etc/sysconfig/bootsplash' contained the line 'Theme="SuSE-Home" but that the SuSE-Home theme (bootsplash-theme-SuSE-Home.rpm) was no longer installed.

I did have the SuSE Professional theme (bootsplash-theme-SuSE) installed though so I edited the line to read 'Theme="SuSE"' which matched the name in the '/etc/bootsplash/themes' directory.

I executed mkinitrd which attached the appropriate image to the initrd and everything is sweet now.

Sunday, 20 February 2005

SSID is case sensative in Linux!

Now, you may know this, but I just wasted two days trying to get my wireless working again. I had some problems and re-did the wireless configuration but whatever I did I couldn't get any traffic to register on the wireless interface. Turned out that I did not have the same case for the SSID in /etc/sysconfig/network/ifcfg-wlan0 that I did on the access point.

Note to self:
WIRELESS_ESSID='TheFoleyHouse' != WIRELESS_ESSID='thefoleyhouse'

Thursday, 17 February 2005

How to prevent Squid caching .asp pages

We need to access a (poorly behaved) website at work and it doesn't play nice with Squid. I've put the following in to try and force it not to cache .asp pages no matter what the cache settings are.

refresh_pattern \.asp$ 0 0% 0
refresh_pattern \.aspx$ 0 0% 0

Friday, 11 February 2005

Installing Mplayer on Suse 9.2

Just add Packmans source: Protocol: http Server: packman.iu-bremen.de Path: suse/9.2

Using MPlayer to RIP Realmedia files on Linux

Found an interesting article here which describes the command line sytax required: http://gentoo-wiki.com/HOWTO_Rip_Streams_With_MPlayer

Firefox showing Real Media content

I had some problems getting Firefox to use the RealPlayer plugins today so I just had to link them in:

# cd /opt/MozillaFirefox/lib/plugins
# ln -s /usr/local/RealPlayer/mozilla/* .

Capturing RM media files

I found a nifty little prog to capture Real Media streaming files today called Stream Down.
http://stream-down.cocsoft.com/

Red-carpet problems with Suse 9.2

I wanted to install the latest Evolution\Ximian connector for Exchange combination but I had quite a few problems with the red carpet daemon crashing on me. I verified it was crashing by using "sux -" to switch to root and then ran it in non-daemon mode "rcd -n". After reviewing the errors it seemed to have a problem so I looked at /var/log/rcd/rcd-messages:

...
Feb 11 15:39:55 [6811] Unable to download service info: IO error - Soup error: Connection terminated unexpectedly (7)
Crash!
rcd has crashed.
Attempting to write backtrace to /tmp/rcd-crash.23380
Error while mapping shared library sections:
...

I couldn't get it working again so I downloaded the latest red-carpet and red carpet daemon. They were hard to find but I found them here:
rcd-2.4.5-0.ximian.10.2.i586.rpm
red-carpet-2.4.4-0.ximian.10.1.i586.rpm

After some experimentation I was able to get it to start again by using the command line "rcd -n -m" so as not to load any modules. After this I managed to start it again normally using "/etc/init.d/rcd start".

Red-carpet problems with Suse 9.2

I wanted to install the latest Evolution\Ximian connector for Exchange combination but I had quite a few problems with the red carpet daemon crashing on me. I verified it was crashing by using "sux -" to switch to root and then ran it in non-daemon mode "rcd -n". After reviewing the errors it seemed to have a problem so I looked at /var/log/rcd/rcd-messages:

...
Feb 11 15:39:55 [6811] Unable to download service info: IO error - Soup error: Connection terminated unexpectedly (7)
Crash!
rcd has crashed.
Attempting to write backtrace to /tmp/rcd-crash.23380
Error while mapping shared library sections:
...

I couldn't get it working again so I downloaded the latest red-carpet and red carpet daemon. They were hard to find but I found them here:
rcd-2.4.5-0.ximian.10.2.i586.rpm
red-carpet-2.4.4-0.ximian.10.1.i586.rpm

After some experimentation I was able to get it to start again by using the command line "rcd -n -m" so as not to load any modules. After this I managed to start it again normally using "/etc/init.d/rcd start".

Evolution Upgrade Problems

Evolution caused me a small headache in my 9.1 to 9.2 update. I had a developer snapshot installed so the upgrade program didn't know how to install around it. I decided to simply remove the old version first and upgrade any libraries by choosing the "remove protection" option. I plan to reinstall the latest evolution version post upgrade.

Upgrade from Suse 9.1 to 9.2

Took a chance today to upgrade my Dell Inspiron 5100 laptop from Suse 9.1 to Suse 9.2 and it all went rather well. I had a few minor problems which I'll deal with separately.

Sunday, 6 February 2005

Thank you Miguel Jimenez!

Well, having found the term Captcha and having done a little digging you can see that each comment page now requires you to enter a validation code - This should stop all of the automated comment spam I've been getting and it was incredibly easy, taking just a few minutes to setup.

I owe you a beer Miguel!

Here's the great bit of code:
http://blogs.clearscreen.com/migs/archive/2005/02/01/905.aspx

Saturday, 5 February 2005

Comments still a problem

Still getting hit by lots of comment Spam.

Community Server RC2 was released last night so I'm going to put this on test.

When this is released it effectively becomes version 1.00 of Text and it has some anti-comment spam features. Theere has been some discussion of the same for Text 0.95 but I'm not yet able to recompile (I have got a copy of VS .Net so I may give it a go).

Here are the suggestions for changes and here is a set of updated SQL statements for 0.95 which apparently fix a few problems.

I've seen mention of something called "CAPTCHA" and also suggestions of using an event handler.

Comments

I'm going to try switching comments back on to see what happens.
Adam Kalsey seems to use a blacklist system of some type - Might be worth investigating.

Wednesday, 2 February 2005

Update to Exchange IMF out Now

IMF has been letting through a bit of spam recently but have no fear, a new version is here!

You can download it from the Microsoft download centre.

Sunday, 30 January 2005

How to turn off comments in .Text

For me the GUI doesn't allow it so I simply used DbaMgr2K to edit the .Text SQL tables directly. I changed the Flag field in table blog_Config from 63 to 47. The value 16 is the binary switch to allow comments on or off.

Commenting turned off

As I'm currently being swamped with feedback spam for "On-line Casinos", I've temporarily turned off commenting. You can leave any comments you wish here.

Comment Spam

Got my first blog comment spam today. Shame I subscribe to this way of thinking. ;-)

Thursday, 27 January 2005

How to change the default route in Cisco IOS

Type the following. Replace text with your own values:


telnet hostname
password

enable username
passwordconf t
ip route 0.0.0.0 0.0.0.0 gatewayip^Z
write mem
show ip route
exit

Thursday, 13 January 2005

Do not move the Exchange groups!

Two groups (Exchange Enterprise Servers and Exchange Domain Servers) are created during Exchange "setup /domainprep".
One group (Exchange Services) is created during the installation of the Exchange ADC.

Do not move these groups from thier default location (Users) otherwise additional setup operations will fail and, more worringly, the Exchange SA will not start.

More details can be found here:
http://support.microsoft.com/kb/260914

Free eMail certificates

You can obtain them from here:
http://www.thawte.com/

Controlling how often the RUS runs

Apart from the schedule that is available to control the RUS, you can see the interval that the RUS uses by looking at the msExchPollInterval attribute on the domain or enterprise RUS service:
(Image lost due to Blog move)

Searching Multiple Public Folders in Outlook

Outlook does not support searching of multiple public folders from the advanced find index. This apparently is by design as the folders will not necessarily be consistant on all servers at all times. There are a couple of tools you can achieve to do this however.

Sharepoint will allow you to create a searchable index of public folders.

Lookout can index selected public folders from the Outlook client.

There is an interesting discussion of this here.

Changing the Display name in Active Directory

By using ADSIEdit you can change the display specifiers used to construct the users display name. The only usable ones I have found for the ADUC dialogue box are:
<%givenName> First name
<%sn> Surname
<%initials> Initials

givenName, sn and initials are all attribute names taken from the schema. It may be possible to use other attributes if you create users other than with ADUC. Anyone know?

How to customise Exchange email addresses

If you have a recipient policy that generates non-unique email addresses in Exchange 2003 then the recipient update service will add numeric characters to make it unique.  For example if you have this as your email address:
%1g.%s@thefoleyhouse.co.uk

You'll get the following addresses:
k.foley@thefoleyhouse.co.uk
k.foley2@thefoleyhouse.co.uk
k.foley3@thefoleyhouse.co.uk

To control this you might want to take a look at KB article 285136:
http://support.microsoft.com/kb/285136

IMF Archive Manager

I knew this tool existed but lost track of it.  The tool allows you to examine mail that has been archived by the IMF filter that can be added to Exchange 2003.  Microsoft allow you to archive the mail but provide no easy tool to look at it.

Head on over here:
http://hellomate.typepad.com/exchange/2004/06/imf_archive_man.html