[There's a reason that Yoda is the unofficial mascot of SBS.  Size indeed matters not.] September 2005 - Posts - THE OFFICIAL BLOG OF THE SBS DIVA

September 2005 - Posts

You may receive a "Stop 0x00000020" error message on a computer that is running Windows Small Business Server 2003 or Windows Server 2003:
http://support.microsoft.com/?kbid=905539

This problem is known to occur on servers that are running Symantec pcAnywhere 11.5 with Symantec AntiVirus 8.x or with Symantec AntiVirus 9.0. An updated version of the Symantec Event Handler driver (Symevent.sys) causes this problem. The Symevent.sys driver is installed with pcAnywhere 11.5. The Symevent.sys driver causes the Symantec real-time protection drivers to generate the "Stop 0x00000020" error.

To resolve this problem, download and install the latest Symevent.sys driver.

My comment... what the heck are you doing running PCAnywhere on SBS when you have practically forty trilllion ways to connect to that box without using a third party program.  If your vendor demands that they have to have PCAnywhere... get a new vendor!

P.S.  Okay so forty trillion is an overstatement...but still...

Posted Thu, Sep 22 2005 17:40 by bradley | with no comments
Filed under:

Stealing this from the newsgroups from JJDavidson.....


If you've been getting errors from RWW/RDP recently, particularly "This portion of the Remote Web Workplace requires the Microsoft Remote Desktop ActiveX Control" or "An invalid server name was specified" you may have been hit by a false positive from an antispyware program, particularly Spybot S&D 1.4.  This affects the machine connecting to RDP, not the target machine.

 

Spybot set a registry entry to set the kill bit for the Microsoft RDP ActiveX control.  Although the latest Spybot updates no longer immunize against this control, it's apparently unable to undo the existing block, so you have to do it manually.  Some details are on the Spybot support forum here and here:

 

http://forums.net-integration.net/index.php?showtopic=32952

 

http://forums.net-integration.net/index.php?showtopic=32934

 

Disabling/uninstalling Spybot will NOT fix the problem!  Other antispyware programs may also have blocked RDP (AdAware has been mentioned), but the

following will fix any of them (at least temporarily).

 

To fix one machine, navigate to the following registry key and delete it:

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX

Compatibility\{7584C670-2274-4EFB-B00B-D6AABA6D3850}

 

To build a file to patch several machines, save the following as a .reg file.  Remove any unwanted line breaks (the file should be six lines long including comments).  Then merge it into the registry on machines attempting to connect to RDP.

 

REGEDIT4

; --------------------------------------------------------------------------

; The following code will remove the ActiveX Compatibility restriction on

; CLSID = {7584C670-2274-4EFB-B00B-D6AABA6D3850}

; Microsoft RDP Client Control (redist)

; --------------------------------------------------------------------------

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7584C670-2274-4EFB-B00B-D6AABA6D3850}]

Just a reminder in case it wasn't clear....

The patch that came down last week, 888619, says in the KB article that you don't need to reboot, but on our boxes, it clearly does need one.

And if you are on SBS 2003 with no Service pack, you need to reapply 843539 to get it back to the expected behavior [keep in mind that I've heard a few folks say they've seen a server or two that 'hasn't' needed this...so your results may vary...

So to recap....

  • Reboot
  • Reapply 843539 [if you are not on SBS 2003 sp1 and merely just have Exchange 2003 sp1]

Needing to put Domain\Username back into OWA and you didn't before?:
http://msmvps.com/bradley/archive/2005/09/19/66948.aspx

WSUS and MU offering a fix and issues with KB 888619:
http://msmvps.com/bradley/archive/2005/09/16/66706.aspx

Posted Thu, Sep 22 2005 12:47 by bradley | with no comments
Filed under:

So after the blog post the other day, people asked how do you map a drive letter from Sharepoint.

Easy... on a workstation give this a try.

Click on My computer, tools, map a drive, pick a drive letter and when the 'browse' box shows up, just put “wack wack” or \\companyweb in the browse box and voila..you get a tree structure of your Sharepoint. 

There's your drive letter.

Now I wack off autodisconnect so the drives don't fall off, but you could probably script this from a login script as well.

Just a heads up... blogging the next week will be a bit “unusual” to say the least.  First off on Saturday, Steve Foster and I are driving to San Franscio on Saturday to do a bit of sightseeing, then taking the train [yes THE TRAIN] from San Francisco to Seattle. 

Which means....

Blogging via train!!!

Then onto Seattle for the MVP summit!

oohh yeah... there just might be a road trip to Fry's in route you know.... hey.... gotta show Steve the geek tourist views you know!

Posted Wed, Sep 21 2005 19:15 by bradley | 1 comment(s)
Filed under:

Just a shout out for today's Incidents.org diary post.  I can always tell when Tom Liston is at the keyboard.

Love that man's posts.

Posted Wed, Sep 21 2005 17:51 by bradley | with no comments
Filed under:

So I have these attachments that I wanted to dump straight into Sharepoint..but they were email attachments in Outlook...so...I asked the gang and Javier said.....

Save it to Sharepoint just like you would save it from any other application.

Right-click on the attachment-> Save As-> type
http://companyweb (or https://whatever.company.com:444 if you are doing it externally) on the file name to open the sharepoint site and select the folder you want.

Of course, if you plan to do it more than 1 time-> Either add the folder to Network Places or create a drive letter for Sharepoint.

and then he said....

By the way... 

Since the day I learned from Chad that I could access

Sharepoint as if it was share or drive letter my VPN usage

has hit an all time low.

In fact, for the most part I'm not even VPN to clients anymore :-) -Javier
Cool!

From the mailbag today....

At work I have SBS running RAS on a 3 Ghz Xeon box w/ 2 GB of RAM.  It is connected to the internet via DSL.

 

When I VPN into RAS from home using the Windows XP VPN client (PPTP) over a cable internet connection and try to run an application or do anything else on the server it seems pretty slow.

 

When the connection is active I can go into the task manager on the server and look under the networking tab and it shows the connection as 28Mbps.  The same connection on the client end shows 100Mbps.  

 

Why is this?  Is a 28Mbps connection what I should expect?

 

Also, the connection on the server end shows active under task manager (but not under RAS) even when it is not active.  What's the deal?

For one thing, unless it's changed, the connection in the window is not indicative of the real speed.  It might be that the application doesn't like to be pulled across the VPN like that...what's the app first and foremost?  Some apps hate being over a VPN.

Next, I'll be honest with you ... I haven't VPN'd in eons... we RWW almost exclusively.  You might have to look into setting up a TS box or additional workstations for RWW.

Posted Wed, Sep 21 2005 12:30 by bradley | 2 comment(s)
Filed under:

 James Coates says....

"I salute you for keeping a Windows 98 computer running in the face of enormous pressures to upgrade to XP,"

And he gets PAID to write this?

And he's a technology writer?

Do you go inside the Licensing console and backup those CAL licenses?  What?  You don't?  You do realize that if you have to [heaven forbid] rebuild the server, that you will have to call up PSS/Licesnsing and reactivate the CALs.  But if you just take a quick sec to dump out that licensing file to a place on the server, back it up ... say stick it on YOUR server ...say in a Sharepoint database or something.... you can save yourself a lot of hassle.

Back it up.

So the backup failed last night and I remote in to look at the log file errors....

“Verify of "F:"
Backup set #3 on media #1
Backup description: "SBS Backup created on 9/19/2005 at 7:00 PM"
Verify started on 9/19/2005 at 10:30 PM.

Error: An inconsistency was encountered in the requested backup file.”

Okay... that's nice...mine telling me which file?

Steve Foster posted up in the SBS2k yahoogroups a patched backup script [bkprunner.exe] that excludes the verify command. [the file is in the Yahoo Files section] 

Hmmm.. maybe I might want to try that if I can't figure out what file it doesn't like?

Now the Backup troubleshooting page says

Backup fails, reporting "An inconsistency was encountered."

Cause:  You are backing up to a UNC path on the local computer that is currently being backed up.

Solution:  Use the Backup Configuration Wizard to change the destination of the backup to another location. Alternately, you can use the wizard to exclude the UNC path from the backup.

Merv talked about his backup resetting and including the drive of the backup as well... I wonder if that's what's happened to me? Hmm.... doesn't look like it.  Okay so maybe I'll wack off the backup verification.

Update - also in my log file was a 'bad block on device 2' which of course is the harddrive.  So I flipped that one out and the backup completed perfectly tonight.

Exchange Server 2003 General Discussions
Come join us this 1-hour open Q&A session about Exchange Server 2003. Experts from our Exchange Admin, Exchange Client, and Exchange Connector team in PSS are ready to answer any of your Exchange questions. Questions from setup, disaster recovery, public folder replication, mail flow, Outlook Web Access, or even interoperability with other system, you just name it and we will give you an answer!

Okay folks here's your chance to throw your nastiest Exchange questions at one of the best, Ray “THE MAN” Fong.  Given that Steve Foster heard at the PDC that us SBSers have more Exchange deployed, it's no wonder that a former SBSer is now an Exchanger.

Hey... ask him about the upcoming Service pack 2 that will let us go to 75 gigs of junk email!

October 19th, Noon pacific time... BE THERE

Add it to your calendar!

Posted Tue, Sep 20 2005 8:36 by bradley | with no comments
Filed under:

According to the folks at the Microsoft Professional Developer's Conference, a lot of the Exchange installs are SBS boxes... but there are times I feel like we need the Exchange team to get a bit more SBS love.  We're not quite sure what happened with the Exchange update but it appears the following is going on:

Last Thursday/Friday, we got offered up on Microsoft Update and WSUS, a hotfix [not a security fix] KB 888619.  We're seeing the following issues:

  • If you have SBS 2003 NO service pack 1 it appears you need to reapply KB 843539 even if you applied it already
  • If you have SBS 2003 with SP1, it appears you are fine [it's working for me]

I did have in my office after the reboot on Friday that my SQLAgent$SBSMONITORING didn't start back up again automagically thus I had to manually restart it this morning [thanks to my handy dandy 6 a.m. in my face email alerting me about the health of my server, thank you SBS dev team for that]

If you are seeing any other interactions/weirdness/full moon/sunspots ping.

Posted Mon, Sep 19 2005 17:16 by bradley | with no comments
Filed under:

Got 98's in your network?  You do?  The you are running with LanMan hashes inside the network.  These hash values can be VERY easily sniffed and the password 'cracked' if you have access to the network.

But... read that again....

IF you have access to the network.  And that's the key... IF you have access to the network.  Physical access is probably the highest risk and that's why your biggest risk is from insiders most days not outsiders.  Remember it's law number 3 of the laws of computer security.  If someone has physical access to your computer, it's not your computer anymore.

Yeah, hash values can be remotely grabbed and taken offsite, but the risk of that in SBSland is rare in how we set up our network...and even then, I would argue that in SBSland that's not our biggest fear.  I don't think we spend enough time looking at how we set up the inside as gooshy as we do.

Check out Sysinternals AccessEnum tool.  Run it in a test network.  What level of access and permissions are we giving folks?  Is it too much?

.... hmmmm... I just thought of something... Steve Foster has physical access to my home network right now... and my laptop......

....hmmmm.... I might be in big trouble.....

Posted Mon, Sep 19 2005 12:34 by bradley | with no comments
Filed under: ,

One interesting thing, in my quest to ensure that I won't be ragged on at the Summit for running as local admin on my tablet, I found that when I switched the account to restricted user... and later adjusted the wireless to not need WPA, the connection would only become stable if I logged in that account with admin rights, hook onto wireless and THEN flip back to restricted user.

Weird. 

It's like it needed to log in as admin with the necessary pieces it needed and then it would become stablized. 

Steve was showing the new PDC build of Vista [he's got his Ferr-whatever Acer set up for triple booting].

Some cool things ahead...

Posted Sun, Sep 18 2005 15:55 by bradley | with no comments
Filed under:
For the next 90 days I'll be checking out this web site....
Posted Sat, Sep 17 2005 14:14 by bradley | 1 comment(s)
Filed under:

Having a friend come over to stay and purposely opening an outside Wireless access point to make it easier for him [ala Hotel you know but without the $9.95 bill] as well as leaving my WPA one intact.  And as I'm typing up the instructions as to which access points are mine and which ones are not... it struck me funny.

Yes Steve, you can use the ones called “Heckno” and “Yeahright” as those are mine but the “Linksys” and the “2wire” are some neighbor somewhere.  Try not to use those if you can, dear.  It's also funny to fire up the Netstumbler as that can find APs that people have taken off the SSID but you can still see they are there.  SSID removal doesn't always add a layer of protection some would argue.. as they still can be sniffed and hacked.  Conversely sometimes they make it harder to attach to without the SSID.  So some would argue that it's no protection at all.

For now I'm giving the world the right to attach to “Heckno” because I purposely made it open.  I chose with WPA that “Yeahright” is not.  That's my line.

Pringles cans or no Pringles, one I've made the choice to open one up and keep the other closed.

Note to self.. before leaving for the summit... pack back up again the travel Wireless router [aka the Anne and Susan router] as that's what's broadcasting. 

Posted Sat, Sep 17 2005 12:00 by bradley | 1 comment(s)
Filed under:

Since a certain person won't blog this excellent post, I went and grabbed it from the Archives of the AD listserve.

Click and read.

The highlights....

  • The /p switch ...
  • Repair (/p) is destructive.
  • Aside: NEVER run repair on an AD database.
  • Defrag (how it works) ...
  • Space Usage ...
  • White Space ...
  • Miscellany

 

Posted Fri, Sep 16 2005 22:07 by bradley | with no comments
Filed under:

Got a ping today on how to get started consulting for SBS boxes.

  • You read this blog that's a good start
  • Go to www.mssmallbiz.com and check out the resources there
  • Sign up for smallbizit-subscribe@yahoogroups.com and check out the consulting agreements and sample contracts in the file download section
  • Do lunch and learns for professional groups...like CPAs.  Call up the local CPA society and offer an educational course on Networks or better yet on Microsoft Small Business Accounting 2006 and tell those CPAs to sign up for the MPAN program
  • Sign up for the Microsoft partners site as a mere registered partner, get the action pack and start learning

oh yeah ... one more thing.... www.sbsgroups.com there just happens to be a User group in New York Elijah... hope you can attend!

Posted Fri, Sep 16 2005 18:36 by bradley | with no comments
Filed under:

How many hours will you bang on an issue before you call for help?

An hour?  Two?  A day?

I mean do they assign a value to your time spent dealing with an issue?

What about you?  The IT Pro?  I've had this rant before, but sometimes it spills into buying products or services as well.  The idea that a consultant will not call for support and pay the fee, or will not buy a product that will make his or her life easier.

Don't you value your time?  Don't you value your expertise?  Why will you not look at the cost of a product and thing of the time savings you will have?

Think about that the next time you hesitate before spending money on something to make your life easier.

More Posts « Previous page - Next page »