THE OFFICIAL BLOG OF THE SBS DIVA

http://blogs.msdn.com/mssmallbiz/archive/2007/06/30/3634386.aspx

Downgrade rights.  Got a Line of business app that can't handle SQL 2005?  Or I should say ..that the vendor won't certify as working on SQL 2005 yet as from what little I've seen under the hood of SQL 2005 it doesn't appear that it does a major major change on the data.

Check out that blog post for how downgrade rights work on SBS.. you install one at a time obviously, but you don't have to rebuy R2. 

http://www.engadgetmobile.com/2007/06/30/iphones-sold-out-at-a-few-apple-stores-many-atandt-stores/

Alert the Highway Patrol....massive traffic jam is expected as Bay Area folks drive to Fresno. 

Fresno has iPhones in stock at our Apple store.  Apparently we're not as geeky as the Bay Area that are sold out.

http://www.facebook.com/networks/?nk=67108930 no wonder on the Facebook Fresno network someone has posted...

'i think it's funny that people take the time to come on to the fresno message board to make fun of fresno. goodness sakes, no wonder you think it sucks. sitting at home and staring at the computer in any city is a bore.'

 Getting a postcard via email? Don't click.  I actually had a real postcard from a family member the other day and didn't open it just in case... 

AVERT Labs - It's raining postcards 
http://www.avertlabs.com/research/blog/index.php/2007/06/29/w32nuwarmm-its-raining-postcards/


New wave of Variants continues - Subject line
variation 
http://msmvps.com/blogs/harrywaldron/archive/2007/06/30/more-new-storm-worm-variants-electronic-greeting-cards-may-be-unsafe.aspx

http://gparted.sourceforge.net/livecd.php  I used this the other day to expand the partition on the hard drive on a laptop before we bumped it to Vista..

Holz in the newsgroups had a great document on it....like he said DO A BACKUP FIRST..this is NOT supported and if you get in a pickle you are on your own.  HAVE A BACKUP FIRST 

Holz uses

http://linux.softpedia.com/get/System/Recovery/System-Rescue-CD-188.shtml
http://www.deepburner.com/?r=download

Gparted
The link below is to a document I wrote to help people planning a
migration and need to use gparted. It will help you to. My e-mailis on the
bottom of the doc, so let me know if yo need help. Please, please, please,
do not be an idiot, do a BACKUP first.
http://www.woodcontour.com/images/upg.pdf

Hey!  Wanna stamp your blog as a SBS Community blog AND advertise and point everyone to the OFFICIAL SBS blog all at the same time?

---copy from here---

<a href="http://blogs.technet.com/sbs/%22%3E%3Cimg src="http://www.sbslinks.com/images/sbsblogweb.jpg" alt="[This is a SBS Community blog you are reading. Are you subscribed to the Official SBS blog?]" title="This is a SBS Community Blog you are reading. Are you subscribed to the Official SBS blog?" width="130" height="130" border='0' />

---to here--

Put that code in your news section of community server or whatever blog engine you use!

And see how it's now in the right hand side of my blog?

Go ahead and stamp your blog and pass it along!

(edit:  Thanks to Vlad got rid of the border)

Did you catch this the other day on the mssmallbiz list?

The SA allows you to have virtuals under your Vista (lots of RAM here we come. )

One problem.. you can only do mondo ram on 64bit and my LOB apps don't run 64bit and the virtual OS I need is XP not another copy of Vista... now what? 

------------------------ 

Do you know the Microsoft Product Use Rights?



Take a look at the Windows Vista Enterprise SA Benefit page


http://www.microsoft.com/licensing/sa/benefits/vista.mspx
you will see:

New: Additional Software Assurance Licensing Rights to Leverage Virtual PC
Virtual PC is now available for free as a download to all Microsoft
customers. As an Enterprise customer, you now receive the rights to four
additional copies of the operating system so that you can leverage up to
four virtual machines in Virtual PC. This enables you to use the product
to its full potential to address application compatibility issues, run a
helpdesk, run a training class, and perform software application
testing. These additional operating system licensing rights are
exclusive to Software Assurance customers.
Note the part of: "These additional operating system licensing rights
are exclusive to Software Assurance customers." Without Software
Assurance, you do not get these operating system licensing rights. SBDA
includes Windows SA, so it does include these rights that you wouldn't
get without SA. How much would it cost to buy additional Windows
Operating System licenses to use in those Virtual machines without SA?

Want to know more about those virtual O/S rights included in the Windows
Vista Enterprise benefit? If you look in the Microsoft Product Use Rights
document

<
http://www.microsoftvolumelicensing.com/userights/PUR.aspx>
(the document that lists your usage rights for Volume License software)
under Windows Vista Enterprise and Ultimate on page 63, you will see:

For each license:

a) You may install and use additional copies of the software within
up to four virtual (or otherwise emulated) hardware systems on the
licensed device. You may not use more than one copy per system.
b) If you run all five permitted copies on the licensed device at the
same time, one copy must be used solely to:
* run the hardware virtualization software, and
* manage and service the virtual (or otherwise emulated)
hardware systems on that device.
c) You may install and use a second copy of the software on the
licensed device in place of one of the copies permitted for use within
virtual (or otherwise emulated) hardware systems above.
d) You may use any edition (Business, Enterprise or Ultimate) or a
prior version of the software in place of the licensed version for any
of the additional copies permitted above.

So, Virtual PC is free but those additional O/Ses
on those Virtual machines, would not be free if you do not have Windows
Software Assurance to get Windows Vista Enterprise rights. Factor those
cost savings into SBDA and that's a pretty significant potential cost
savings alone.

Plus, having the SA benefits included in SBDA
would entitle the customer to upgrade to Windows Vista Ultimate if they
chose to instead of Windows Vista Enterprise.

Thank you and have a wonderful day,
Eric Ligman
Senior Manager, Microsoft US Small Business
Community Engagement
Are you using our
Site<
https://partner.microsoft.com/us/smallbusinesschannel>, User
Group<
http://groups.yahoo.com/group/mssmallbiz>, and
Blog<
http://blogs.msdn.com/mssmallbiz/>?
Take advantage of money saving
promotions<
http://www.microsoftincentives.com> today!
This posting is provided "AS IS" with no warranties, and confers no
rights

Time will tell won't it?

So the other day I broke my event viewer in Vista...

 And I couldn't find a way to fix it and when I used my full version Vista media to try to do in inplace repair, the only option it gave me was to do a full, clean install wiping out my data... hmmmm no so good... so I got a copy of Vista Ultimate upgrade media (this is a tablet PC) to see if I could do a inplace repair.

Sure 'nuff, when I had upgrade media, it did what I needed it to do, repairing my existing install and fixing the event viewer.

When it rebooted, I did have a smidge of reactivation to go through, and until I rebooted it had "you are not genuine" on the screen...

And I had to go through the phone call activation as the wireless button mouse wouldn't turn on the internet while the machine was in activation mode... but the moral of this story is?

I think upgrade media is MORE flexible than full media.  Remember the trick of installing cleanly with upgrade media?  Install it without a product key, then install it again with it?

Truly the only way it appears I was able to repair my event viewer problem was to get upgrade media and use that, not the full version media.

Needless to say I'll be playing around a bit in vmwares to see if "fixing" Vista is always this way.

So is scripting "secret sauce" that only a few should know?  Or is it something that more of us need to understand and use more of?  
Is powershell something only for the "Joe's" of this world? 

Windows PowerShell: 
http://www.microsoft.com/windowsserver2003/technologies/management/powershell/default.mspx

And is this stuff something that we should share more of because certainly the bad guys are sharing knowledge and information quite effectively.

Take a look at this KB from Adobe: 

*msiexec /p Ac705PrP_efgj.msp REINSTALLMODE=omus REINSTALL=all 
REBOOT=REALLYSUPPRESS /qn*

Using the msiexec installing they are using the /p flag which is indicating the patch package (the AC705PrP_efgi.msp in this case)

http://helpnet.installshield.com/robo/projects/helplibdevstudio9/IHelpPatchApply.htm

"omus" is four different flags as shown below:

•
/p applies an update.
•
Hotfix_Name.msp is the name of the hotfix file and the location where you downloaded the file. 
•
REINSTALL=ALL reinstalls features that are already installed. Use this command together with REINSTALLMODE to indicate the type of reinstallation. REINSTALL uses all uppercase letters.
•
REINSTALLMODE=omus is used with REINSTALL to specify the kind of reinstallation. REINSTALLMODE uses all uppercase letters. The omus option indicates the following: 
•
o reinstalls a file if it is missing or if it is an older version.
•
m rewrites registry entries in the HKEY_LOCAL_MACHINE registry hive or in the HKEY_CLASSES_ROOT registry hive.
•
u rewrites registry entries in the HKEY_CURRENT_USER registry hive or in the HKEY_USERS registry hive.
•
s reinstalls all shortcuts and re-caches all icons.
•
/l turns on logging.
•
*vx indicates a wildcard character that logs all information by using verbose output. 
•
Logfile_Name.log is the name of the log file.

If you want to suppress the reboot from an unattended installation, use this command: 

msiexec /i <CDImagePath> /q REBOOT="ReallySuppress"

http://support.microsoft.com/kb/297478/en-us

See how those all work together to send a message to the computer to install the software?

So really..if all of this is "secret sauce" how come it's so googlable?

---------------------------

Install and remove Acrobat products using the command line (7.0 on 
Windows):
http://kb.adobe.com/selfservice/viewContent.do?externalId=330817&sliceId=1

The command line syntax is part of the Windows Installer and was not 
invented by Adobe. Microsoft Installer (MSI) technology is based on 
Microsoft Windows Installer technology.

To patch an already existing installation of Acrobat 7.0- 7.0.8:

*msiexec /p Ac705PrP_efgj.msp REINSTALLMODE=omus REINSTALL=all 
REBOOT=REALLYSUPPRESS /qn*

*msiexec /p Acro707.msp REINSTALLMODE=omus REINSTALL=all 
REBOOT=REALLYSUPPRESS /qn*

*msiexec /p Acro708.msp REINSTALLMODE=omus REINSTALL=all 
REBOOT=REALLYSUPPRESS /qn
*

For more information on Command Line Options for Msiexec.exe, see the 
following websites:

http://msdn2.microsoft.com/en-us/library/aa367988.aspx    

http://helpnet.installshield.com/robo/projects/helplibdevstudio9/IHelpCmdLineMSI.htm

www.microsoft.com/technet//prodtechnol/windowsserver2003/proddocs/standard/msiexec.asp

Hmmm..... ever since installing Sharepoint 3.0 I've been getting this...

EventID.Net:
http://www.eventid.net/display.asp?eventid=10016&eventno=4718&source=DCOM&phase=1

http://www.smallbizserver.net/Articles/tabid/266/PageID/74/ArticleID/68/articleType/ArticleView/Default.aspx Now while it's close to that.. it's a different CLSID.. so let's see which one is freaking out..

Just like in that post though, we go into the registry to search on that CSLID value

So now we know it's the IIS WAMREG admin service.

So we go into the component services and find that service.

So now that we found it, we right mouse click and go into properties 

And we go to the security tab and click on customize

Since it doesn't have network service, only administrator and system, we add the network service

In this case, NETWORK SERVICE needs to be added with Local Launch and Local Activation permissions.

So that now we have system, administrator and network service.  From there we click to add Local activation, save and reboot.

That should do the trick.

Best practices and known issues when you install Windows Server 2003 Service Pack 2 on a Windows Small Business Server 2003-based computer:
http://support.microsoft.com/kb/939421/en-us

Today's SBS blog moment is brought to you by Mark Stanfill:

The Official SBS Blog : New Best Practices for SP2 KB:
http://blogs.technet.com/sbs/archive/2007/06/30/new-best-practices-for-sp2-kb.aspx

http://www.cafepress.com/centroserver

As has the RTW of the Centro T-Shirts!

http://blogs.technet.com/kent_compton/archive/2007/06/29/windows-server-centro-community-technology-preview-ctp-has-rtmed.aspx

Another milestone for Windows Server code name "Centro" occurred this afternoon with the official signing off of the CTP (5241) build. The CTP builds on the foundation established in Beta 1 while moving into new areas such as enabling legacy Active Directory domain joins, including Windows Server 2008, etc.  If you're in the TAP or TechBeta you should be able to download it from connect.microsoft.com within a few hours.  Please test it, push it, break it and then file those bugs!  We looking forward to hearing from you. 

We're on the road to Beta 2...

So I sent an email to eagreements@msdirectservices.com as I didn't get an Acceptance email and my SBS/Office SA expire tomorrow and the new one kicks in and I don't see the acceptance email to place the new SA into the MVLS web site to get the active SA'd agreement up there.

So I send it... and the email bounces back... 

-------- Original Message --------

Hi. This is the qmail-send program at yahoo.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
eAgreements@microsoft.com:
205.248.106.30 does not like recipient.
Remote host said: 550 5.1.1 User unknown
Giving up on 205.248.106.30.
Okay so I don't think that's a spam bounce.... hmmmm 

Delivery status notifications in Exchange Server and in Small Business Server:
http://support.microsoft.com/default.aspx/kb/284204

Numeric Code: 5.1.1

Possible Cause:

Looks like mvlshelpa@msdirectservices.com works ...but not eagreement... weird...

P.S.  I tried msdirectservices and microsoft ...no go..

Hi. This is the qmail-send program at yahoo.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<eagreements@msdirectservices.com>:
84.17.190.209 does not like recipient.
Remote host said: 550 <eagreements@msdirectservices.com>: User unknown in relay recipient table
Giving up on 84.17.190.209.

--- Below this line is a copy of the message.

 Dear esteemed Brain Trust,

Any idea why I am getting this error?  Is this really a directory rights
issue?

Thanks ;-)
Jeff


Event Type: Error
Event Source: Userenv
Event ID: 1058
Date: 6/28/2007
Time: 2:37:38 PM
User: NT AUTHORITY\SYSTEM
Computer: ACAA1
Description:
Windows cannot access the file gpt.ini for GPO
CN={2D5F50A5-0D66-4856-9F36-6F8842CA6B99},CN=Policies,CN=System,DC=acaa,DC=local.
The file must be present at the location
<\\acaa.local\SysVol\acaa.local\Policies\{2D5F50A5-0D66-4856-9F36-6F8842CA6B99}\gpt.ini>. (Access is denied. ). Group Policy processing aborted.

AND

Event Type: Error
Event Source: Userenv
Event ID: 1030
Date: 6/28/2007
Time: 2:37:38 PM
User: NT AUTHORITY\SYSTEM
Computer: ACAA1
Description:
Windows cannot query for the list of Group Policy objects. Check the event
log for possible messages previously logged by the policy engine that
describes the reason for this.

Remember to check out eventid.net

EventID.Net:
http://www.eventid.net/display.asp?eventid=1058&eventno=1752&source=Userenv&phase=1

 Answer:

1. Was the issue related to specific user account and workstation or all of
your user accounts and workstations?

2. If the issue is only related to specific user account and workstation,
please refer to the following steps:
a. Please change User account log on to the workstation, did the issue
reproduce?
b. The issue could occur for the credential cach, please open User Accounts
in Control Panel, click the Advanced tab, click Manage Passwords, and then
remove all of the cached credentials by selecting the credentials and
clicking Remove.

3. I would like to double-confirm if you have installed the SBS 2003 SP1.
If not, So I suggest you apply SBS SP1. To do so:

Microsoft Windows Small Business Server 2003 Service Pack 1 (SP1)
http://www.microsoft.com/downloads/details.aspx?FamilyId=B6F8A4C0-B707-4161-ADEB-44F1B756119F&displaylang=en

Generally, this issue may occur due to the following problems:

## This issue may occur if SMB signing is enabled.
## DNS Server address is not configured correctly on the affected computer.
## TCP/IP NetBIOS Helper service, the Net Logon service, and the Remote
Procedure Call (RPC) service are stopped.
## Distributed File System (DFS) service is not started
## Permission Settings are not setup correctly on the Sysvol folder.
## Bypass traverse checking right is not enabled.
## Domain controllers are in a journal wrap status
## DFS cache is corrupted or polluted.

So if the issue still exists after you applied SP1, let's check the systems
based on the root causes I listed above.

To check the issue, I suggest that you firstly disable the SMB signing. For
detailed steps, please refer to:
839499 You cannot open file shares or Group Policy snap-ins when you
disable SMB
http://support.microsoft.com/?id=839499

To check the other settings, please refer to:
To check these settings, please refer to the steps in the following article:
887303 Applying Group Policy causes Userenv errors and events to occur on
your  
http://support.microsoft.com/?id=887303

Download details: Windows Easy Transfer Companion (Beta):
http://www.microsoft.com/downloads/details.aspx?familyid=39f724eb-4e37-4be0-adfc-786786e73e50&displaylang=en&tm

Wonder what the list of 100 programs includes?

http://msmvps.com/blogs/yoda/archive/2007/06/29/livin-in-texas.aspx

Don asked a question about Yoda and Yoda answered... the gang at www.ownwebnow.com are the ones who pretty much attend to his hardware needs.  They are the ones who did the changeout to the new server and ensured that NAS and drives were available to get the data back on the server as needed.  So for any hardware needs, they are a great remote staff that support Yoda.

The blog admins use a tool called magiciso http://www.magiciso.com/ to have a tool to allow them to remotely install software.

The biggest pain about this: http://msmvps.com/blogs/yoda/archive/2007/06/29/so-you-were-probably-wondering-where-i-was-for-the-last-day.aspx

Was the fact that I couldn't blog about this:

http://www.chrisrue.com/funcave/2007/06/the-unknown-mvp.html

Very kewl and welcome aboard Chris!

So you were probably wondering where I was for the last day? - Yoda's Blog:
http://msmvps.com/blogs/yoda/archive/2007/06/29/so-you-were-probably-wondering-where-i-was-for-the-last-day.aspx

Having a bit of surgery done....

First off... I'm nearly like I am in November before the elections when you just want the hype and the stuff over with.... Can everyone who wants an iPhone just go out and buy one silently and get over the hype?  It's like tulip mania or something.

And as far as not being able to connect to Exchange? 

iMAP folks.. http://sbs.seandaniel.com/2004/10/imaping-your-way-to-multiple-inboxes.html

Now granted there's limitations as Larry Seltzer talks about.. http://www.eweek.com/article2/0,1895,2150923,00.asp

But I thought this article was funny... http://www.electronista.com/articles/07/06/19/iphone.a.corporate.no.no/    "The article goes on to explain that while most company mail servers support IMAP (which the iPhone is readily able to access), many have the functionality turned off to eliminate vulnerabilities."

http://www.google.com/search?sourceid=navclient&ie=UTF-8&rls=GGLG,GGLG:2006-13,GGLG:en&q=imap+vulnerabilities

Folks, IE and Firefox have more vulnerabilities that I can see than IMAP at this point.  Granted you may want to set up SSL based IMAP to ensure the domain user name and password doesn't transfer across in clear text, and there's arguments that there may be issues where if you read the email and what not as Larry points out and certainly it's lack of management of the devices (no remote wipe, encryption, etc) means that it doesn't give us a lot of tools to limit it's impact (especially when during NPR's story on it this morning most folks are wanting to replace their ipod.  Ipod's inside a firm doing my doc redirection means my music and my massive downloads get moved over to that server.  Not the greatest story in the world.

But get ready for the questions that will come up...

Just please.... sell the dang thing so we can go back to normal?

Yoda will be blogging about his Disaster experience...but in the mean time check out...

Ready To Give Up:
http://www.readytogiveup.com/