[There's a reason that Yoda is the unofficial mascot of SBS.  Size indeed matters not.] June 2007 - Posts - THE OFFICIAL BLOG OF THE SBS DIVA

June 2007 - Posts

http://support.microsoft.com/default.aspx?scid=kb;en-us;938204


A possible cause for the no rebooting after patches? We've been tracking an issue where we'll tell a machine to reboot via the WU/MU (reboot now) button and it will start to reboot and just hang.. so the RDP session has dropped but it hasn't finished rebooting.  Annoying.  One possible cause that someone thought was screensaver related.. and I spotted this on the KB site.... and it too points to an interaction with screensavers and what not...

Keep you posted....



A computer that is running Windows XP or Windows Server 2003 stops
responding when the system tries to trigger a restart after an
automatic update

View products that this article applies to. <#appliesto>
Article ID : 938204
Last Review : June 26, 2007
Revision : 1.0


SYMPTOMS

Consider the following scenario:
• You have a computer that is running Microsoft Windows XP or Microsoft Windows Server 2003.
• The computer is a member of a domain.
• You enable the *Interactive logon: Do Not require CTRL+ALT+DEL* policy on the computer.
• An automatic update is performed on the system.
• A screen saver is running during the automatic update.

When the system tries to trigger a restart after the automatic update, the computer stops responding (hangs). Additionally, to restart the computer, you must exit the screen saver program. To do this, you must either move the mouse or press a key on the keyboard. ........ (more in the KB)

(duplicate post due to server hardware issue...stay tuned for blog post at Yoda's blog for details)

Posted Thu, Jun 28 2007 19:02 by bradley | 3 comment(s)
Filed under:

http://support.microsoft.com/default.aspx?scid=kb;en-us;818200
An attacker with physical access to a computer may be able to access files and other data
http://support.microsoft.com/default.aspx?scid=kb;en-us;938448
A Microsoft Windows Server 2003-based server may experience time-stamp counter drift if the server uses dual-core AMD Opteron processors or multiprocessor AMD Opteron processors

 (duplicate post due to server hardware issue...stay tuned for blog post at Yoda's blog for details)

Posted Thu, Jun 28 2007 19:01 by bradley | with no comments
Filed under:

http://www.microsoft.com/downloads/details.aspx?FamilyId=50A878A3-EC91-40FC-BA6F-BB5C9982AED8&displaylang=en

No longer just MU-able... now on the download site 

http://support.microsoft.com/?kbid=936594

You may experience network-related problems after you install Windows Server 2003 SP2 or the Scalable Networking Pack on a Windows Small Business Server 2003-based computer that has an advanced network adapter (is that list getting longer or is it my imagination?)

SYMPTOMS

After you install Microsoft Windows Server 2003 Service Pack 2 (SP2) or Microsoft Windows Server 2003 Scalable Networking Pack on a computer that is running Microsoft Windows Small Business Server 2003 (Windows SBS), you may experience many network-related symptoms.

These symptoms may include one or more of the following:
When you try to connect to the server by using a VPN connection, you receive the following error message:
Error 800: Unable to establish connection.
You cannot create a Remote Desktop Protocol (RDP) connection to the server.
You cannot connect to shares on the server from a computer on the local area network.
You cannot join a client computer to the domain.
You cannot connect to Microsoft Exchange Server from a computer that is running Microsoft Outlook.
You can only connect to Web sites that are hosted on the server or on the Internet by using a secure sockets layer (SSL) connection. In this scenario, you cannot connect to a Web site that does not use SSL encryption.
You experience slow network performance.
You cannot create an outgoing FTP connection from the server.
The DHCP Server service crashes.
Clients experience slow domain logons.
Network Address Translation (NAT) clients that are located behind Windows SBS 2003 experience intermittent connection failures.
You experience intermittent RPC communications failures.
Clients that are configured as SecureNat clients may be unable to connect to the Internet.
Some Outlook clients may be unable to connect to Exchange.
You cannot run the Configure E-mail and Internet Connection Wizard successfully.
Microsoft Internet Security and Acceleration (ISA) Server blocks RPC communications.
Clients cannot visit the http://companyweb Web site.

You cannot browse Internet Information Services (IIS) Virtual Directories. 

 (duplicate post due to server hardware issue...stay tuned for blog post at Yoda's blog for details)

Posted Thu, Jun 28 2007 19:00 by bradley | with no comments
Filed under:

http://thatsiebguy.com/wordpress/?p=49

What is it about the love of popconnector that someone has found a way to make it go over SSL?

Well...someone has done it....

remember...not supported and all that...

(duplicate post due to server hardware issue...stay tuned for blog post at Yoda's blog for details)

Posted Thu, Jun 28 2007 18:54 by bradley | 1 comment(s)
Filed under:

 To do this cool thing...  http://www.microsoft.com/technet/windowsserver/sharepoint/techinfo/gboverview.mspx

You'll need to download this:
http://www.microsoft.com/downloads/details.aspx?FamilyID=0daafc81-efff-4f5b-a28a-8265f1e99f5b&displaylang=en

And if you have WSUS 3.0 installed, you'll need to ensure you know about this:
http://blogs.technet.com/sbs/archive/2007/05/22/trouble-installing-sharepoint-3-0-after-wsus-3-0.aspx

Don't forget to call PSS at 1-800-936-4900, press 2 for IT pros for the free hotfix that you'll need to do before step three:
http://support.microsoft.com/kb/934790/en-us

So first download .NET 3.0 - http://go.microsoft.com/fwlink/?LinkId=77799

(Okay so first backup your file server, but that's a given)

Download Sharepoint 3.0 - http://go.microsoft.com/fwlink/?LinkId=77800

·      Step 1: Install Microsoft .NET Framework 3.0.

Ensure .net 3.0 hasn't stomped on the asp.net of the default web site (all default SBS web sites need to stay on 1.1), launch companyweb to ensure everything is still working 

Backup the server

 

·      Step 2: Install Windows SharePoint Services 3.0.

Weirdly I have to check to unblock the file to install it ...I think this is due to Windows 2003 sp2?

Remember to check the "Data Location tab (right after step 4 b) if you don't want that on the C: drive 

<<<< install Sharepoint hotfix>>

You'll want to "untick" that box if you have WSUS 3.0 installed and at this point install the Sharepoint hotfix

 

·      Step 3: Configure Windows SharePoint Services Products and Technologies.

 

At this point you'll launch the wizard, step two may take a little while, don't worry

·      Step 4: Create a new intranet site using Windows SharePoint Services 3.0.

It's very important to do this step by step here and check off each item

Ensure you read and do each step 

 

·      Step 5: Delete the Windows SharePoint Services 3.0 default Web site.

 

This step gets you back to where Companyweb works again

·              Step 6: Start the default Web site and the Windows SharePoint Services 2.0 http://companyweb Web site

One thing I think that it's forgotten in the steps is the "add user" step to add authenticated users or selected users to the new Sharepoint.

Oh yeah, and P.S.  In my opinion... if you have WSUS 3.0 on here AND this?  Make sure you have 4 gigs of ram....  I still have lots of room but Sharepoint embedded is not one to be stingy on RAM.

My last, unfinished task?

http://domain:28656/sites/GroupBoard/default.aspx

How to make that domain easier to get to.  That's sort of a sucky web address in my opinion.  I don't need/don't want external access over 443 ...but that's a sucky address nonetheless.

(duplicate post due to server hardware issue...stay tuned for blog post at Yoda's blog for details)

Posted Thu, Jun 28 2007 18:43 by bradley | 2 comment(s)
Filed under:

http://alpesh.nakars.com/blog/wssv3-application-template-installation/

A helpful blog post

http://www.microsoft.com/technet/windowsserver/sharepoint/wssapps/templates/descriptions.mspx

(just a rant..is it me or do the Sharepoint folks just way way too much into command line/scripts and what not.... if you want us to consume this stuff... how about making the documentation and consumption a tad bit easier?)

Remember if you want WSS 3.0 installed...

You'll need to download this:
http://www.microsoft.com/downloads/details.aspx?FamilyID=0daafc81-efff-4f5b-a28a-8265f1e99f5b&displaylang=en

And if you have WSUS 3.0 installed, you'll need to ensure you know about this:
http://blogs.technet.com/sbs/archive/2007/05/22/trouble-installing-sharepoint-3-0-after-wsus-3-0.aspx

 I copied all the Sharepoint templates to c:\sharepoint, then found the stsadm.exe file under this folder, C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\BIN set up the batch files (I had to delete and then replace the "quote") and then they ran just fine...

Well they did something...but they aren't showing up as templates...stay tuned...

(duplicate post due to server hardware issue...stay tuned for blog post at Yoda's blog for details)

Posted Thu, Jun 28 2007 18:40 by bradley | 3 comment(s)
Filed under:

So I went to install .net 3.0 and it wouldn't allow me to install it until I clicked on the "Unblock" button in the properties....is that new or is it just me?

Posted Tue, Jun 26 2007 18:55 by bradley | 2 comment(s)
Filed under:

http://www.jam-software.com/freeware/index.shtml

When I get below a certain threshold of a drive space my delete fingers get twitchy.... but I don't like to us the disk cleanup wizard, I like to run a disk view to see what's hogging the drive space.

I realized tonight I forgot and left behind Exchange 2003 sp1 and sp2 on a server...

The service packs have been installed but I totally left behind the downloaded service pack.  Delete those puppies...

After I did that I found that I had a lovely accumulation of log files...

While it's nice to keep log files for a while... I don't think I need the IIS log files back to November of 2004 do you? 

And given that most of the 443 traffic is coming in from a bunch of cell phones, the log files are pretty tame.  I'll have to set that to dump the log files. (This is an image from Scorpion Software's Firewall Dashboard

Yes, I think we'll delete those, shall we? 

Now for the patches... you know the trick on these don't you?

Go into add/remove... write down all the KB articles there and remove in the folders only those KB's you DON'T see in there.  I normally dump them off to a temp folder just in case.

Well...that's better... for now anyway...

Posted Tue, Jun 26 2007 18:06 by bradley | 1 comment(s)
Filed under:
http://blogs.technet.com/fareedmk/archive/2007/06/26/fraudulent-security-bulletin-e-mails.aspx

Microsoft bulletins are never this pretty...so don't be tricked...this isn't a real bulletin

They are ALWAYS plain and butt ugly....THIS is a real bulletin... the Security bulletin department obviously never hired a Marketing Director (wise move)

Posted Tue, Jun 26 2007 12:56 by bradley | with no comments
Filed under:

Quickbooks performance tuning document - check it out:

http://www.quickbooksgroup.com/webx?233@@.efa0c38/0!enclosure=.efa0c35

Posted Tue, Jun 26 2007 12:03 by bradley | with no comments
Filed under:

http://blogs.technet.com/edwalt/archive/2006/02/02/418665.aspx

Blonde moment of the evening...

Then register the following dlls and services (be sure you're still in the
windows\system32 directory at your command prompt):

regsvr32 ole32.dll
regsvr32 vss_ps.dll
vssvc /Register
regsvr32 /i swprv.dll
regsvr32 /i eventcls.dll
regsvr32 es.dll
regsvr32 stdprov.dll
regsvr32 vssui.dll
regsvr32 msxml.dll
regsvr32  msxml3.dll
regsvr32 msxml4.dll

Not doing that at the c:\windows\system32 prompt..and instead at the location I was at.... needless to say you get "no" VSS active writers if you don't do that in the proper windows\system32 directory.

So be aware of where you are at.....

Location IS important.

Posted Mon, Jun 25 2007 22:04 by bradley | with no comments
Filed under:

Error message when you try to upgrade to Windows Small Business Server 2003 R2: "Setup was interrupted because of either user intervention or an unexpected error":
http://support.microsoft.com/default.aspx?scid=kb;en-us;936915&sd=rss&spid=3208

Windows 2003 r2 is a different schema than SBS 2003 r2, ergo this is why this message is received.

Posted Mon, Jun 25 2007 19:00 by bradley | with no comments
Filed under:

Update Rollup 2 is a tested, cumulative set of updates for Microsoft Dynamics CRM Server 3.0 and Microsoft Dynamics CRM client for Outlook 3.0, including performance enhancements, that are packaged together for easy deployment.

Posted Mon, Jun 25 2007 18:23 by bradley | with no comments
Filed under:

"We have copies of our Server install media (Windows Server 2000/2003) and their license keys stored in an offsite location. "

"We have copies of our key application install media (tax, practice, Microsoft Office, etc.) and their license keys are stored at an offsite location. "

And as Mark Crall said in a recent backup webcast..with Shadow Protect image based backup, we don't need that requirement anymore.  The image is what is important.

http://itpna.com/Vision/2007/20070620DRPHelpingAccountingFirmsBuildTheArk.htm

Posted Mon, Jun 25 2007 12:49 by bradley | with no comments
Filed under:

Errata Security includes an interesting post titled "How to become a security guru" which discusses the the tendancy for "guru's" to seek perfect rather than "good enough" solutions to problems thereby alienating themselves from those they seek to influence.I've included an extract below:

Technical people fail because they always strive for the optimal solution to a problem, but as Voltaire says "perfect is the enemy of good enough". Your job as the guru isn't to steer to the organization toward the best solutions, but to steer them away from those that aren't good enough. Frankly this is because while you are often correct about what is "good enough", you are probably wrong about what is "best".

 

Posted Mon, Jun 25 2007 12:17 by bradley | with no comments
Filed under:

http://www.microsoft-watch.com/content/desktop_mobile/lessons_iphone_should_teach_microsoft.html?kc=MWRSS02129TX1K0000535

"The question: Should Microsoft play partner favorites? Absolutely. Not all partners are equally created. Some do better work, and preferential arrangements could encourage other partners to do even better work. Apple played favorites by giving AT&T the long-term iPhone exclusive contract. AT&T probably had to do many things Apple's way, to get that tight service-to-software-to hardware integration; AT&T's incentive was the iPhone exclusive. Microsoft would be rightly sensitive about exclusive contracts because of its US antitrust case. But the company doesn't have to be exclusive, just more selective. "

Define Partners, Joe.  As there are hardware provider partners and then there are consulting partners.  I'm not sure that Microsoft shouldn't be rightly sensitive about consulting partner relationships.  There's also the issue of beta testing.  When you have a brand spanking new 'something' there's less of a beta test need and thus easier to keep a lid on things.  The iPhone isn't an app that I'll need to run my line of business applications on for the most part.  Microsoft also sells software assurance that promises upgrades.  If I'm to hook my wagons to Software assuance, you must get enough assurances from Microsoft that they have a roadmap I want to hook my wagons to.  Some would argue that SA isn't wise period, but it is what it is.

But I agree on one thing.. Apple's marketing is agressive.  And something that Microsoft needs to look at.

Posted Mon, Jun 25 2007 12:04 by bradley | 1 comment(s)
Filed under:

Can't install Windows 2003 sp2? 

I am trying to install Windows Server 2003 SP on a Small Business Server.
The install go along for awhile but eventually fails.  A Service Pack 2
Setup Error dialog box says "Failed to install catalog files."  There is an
OK button and nothing else.  I can't find anything in Event Viewer to offer
an clues
.

Answer: 

This issue could be caused by Log file or database
corruption exists in the %Systemroot%\System32\Catroot2 folder. let's do
the following steps to troubleshoot this issue:

1. On the SBS server, open command prompt, type the following commands, and
then press ENTER after each line:

net stop cryptsvc
ren %systemroot%\System32\Catroot2 oldcatroot2
net start cryptsvc
exit

2. Browse to
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}

3. Create a temporary folder to backup some .cat files.

4. MOVE all KB*.cat and TMP*.cat  files to the folder you created in Step
3. DO NOT DELETE THEM!

5. Start the Installation of SP2 and try the issue again.

6. If the issue persists, please follow the article below on SBS server:

You cannot install some updates or programs
http://support.microsoft.com/kb/822798

UPDATE:  Follow the instructions on the SBS blog on this:
http://blogs.technet.com/sbs/archive/2007/06/22/sp2-may-fail-to-install-if-a-large-number-of-updates-are-installed.aspx

Manual Method

To resolve this issue and allow SP2 to install, either use the manual steps below, or, alternatively, use the batch file below:

 

  1. Make a full backup of your system.
  2. Click on Start, click on Administrative Tools, Click on Services.  Right-click on Cryptographic Services and choose "Stop".
  3. Open Explorer and browse to C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
  4. Create a temporary folder called "backup" under CatRoot
  5. Move all KB*.cat, Q*.* and TMP*.cat files to C:\WINDOWS\system32\CatRoot\backup.   DO NOT DELETE THEM!
  6. If you moved KB912354.CAT, copy it back to C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE} folder.  (This step is very important to prevent a potential error with SBS licensing).
  7. Rename the C:\WINDOWS\SYSTEM32\CATROOT2\ folder to CATROOT2.old. Create a blank folder named CATROOT2. 
    • NOTE: Make sure you rename CATROOT2 not CATROOT (without the 2).
    • Again, make sure rename this folder, do not delete it.
  8. Start Cryptographic Services from Services
  9. Start the install of SP2.
Posted Mon, Jun 25 2007 0:42 by bradley | with no comments
Filed under:

Jeff's blog post reminds me of a recent conversation I had with another consultant that they had met up with a potential client who felt that introducing a network introduced too much risk.  They felt safer without a network.  .... okayyyyyy.... so no backup of data, no logging of access... how is that more secure?  I've also had folks not want internet access because they feel it introduces too much risk.

But what's being missed here is the balance between the risk and the advantages.

Take a look at this cartoon.. http://www.gocomics.com/nonsequitur/2007/06/24/

There's a balance at play here isn't there?  Sometimes finding that balance is hard, but sometimes it's an issue of knowledge.  Do you find that firms want to know more about their employees?  Do they have an acceptable use policy in place to do this?

Posted Sun, Jun 24 2007 23:31 by bradley | 2 comment(s)
Filed under:

http://www.videobusiness.com/article/CA6454552.html

Saw an Xbox ad during Bon Jovi Unplugged on vh-1.  So at least one division is spending money on advertising... too bad Office and Vista don't seem to be.

Posted Sun, Jun 24 2007 20:13 by bradley | with no comments
Filed under:

http://www.hautesecure.com/

Posted Sun, Jun 24 2007 20:10 by bradley | 1 comment(s)
Filed under:
More Posts « Previous page - Next page »