One of the key "this will nail you EVERY migration you attempt" is the Journal Wrap.  And I've seen a lot of folks in the SBS world with a journal wrap error.

Fortunately it's an easy fix.  You literally read the KB article that it points to and voila, it fixes the journal wrap error.

This was an old one I had years ago on my old SBS 2k3 server.  I got in this condition because I didn't have a good UPS on the home server and Dad and PG&E shut down the circuit breaker on the house during Thanksgiving weekend in 2007.  I didn't fix the error until Christmas because on a single domain box, you won't notice it having issues.

Event Type: Error
Event Source: NtFrs
Event Category: None
Event ID: 13568
Date:  12/25/2007
Time:  2:43:19 PM
User:  N/A
Computer: KIKIBITZFINAL
Description:
The File Replication Service has detected that the replica set "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)" is in JRNL_WRAP_ERROR.
 
 Replica set name is    : "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
 Replica root path is   : "c:\windows\sysvol\domain"
 Replica root volume is : "\\.\C:"
 A Replica set hits JRNL_WRAP_ERROR when the record that it is trying to read from the NTFS USN journal is not found.  This can occur because of one of the following reasons.
 
 [1] Volume "\\.\C:" has been formatted.
 [2] The NTFS USN journal on volume "\\.\C:" has been deleted.
 [3] The NTFS USN journal on volume "\\.\C:" has been truncated. Chkdsk can truncate the journal if it finds corrupt entries at the end of the journal.
 [4] File Replication Service was not running on this computer for a long time.
 [5] File Replication Service could not keep up with the rate of Disk IO activity on "\\.\C:".
 Setting the "Enable Journal Wrap Automatic Restore" registry parameter to 1 will cause the following recovery steps to be taken to automatically recover from this error state.
 [1] At the first poll, which will occur in 5 minutes, this computer will be deleted from the replica set. If you do not want to wait 5 minutes, then run "net stop ntfrs" followed by "net start ntfrs" to restart the File Replication Service.
 [2] At the poll following the deletion this computer will be re-added to the replica set. The re-addition will trigger a full tree sync for the replica set.
 
WARNING: During the recovery process data in the replica tree may be unavailable. You should reset the registry parameter described above to 0 to prevent automatic recovery from making the data unexpectedly unavailable if this error condition occurs again.
 
To change this registry parameter, run regedit.
 
Click on Start, Run and type regedit.
 
Expand HKEY_LOCAL_MACHINE.
Click down the key path:
   "System\CurrentControlSet\Services\NtFrs\Parameters"
Double click on the value name
   "Enable Journal Wrap Automatic Restore"
and update the value.   [to 1]
 
If the value name is not present you may add it with the New->DWORD Value function under the Edit Menu item. Type the value name exactly as shown above.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Keep in mind that even if you have fixed it, it may still show up in the BPA report as it sees that old journal wrap event left over in your File replication log files.  The key thing is to review the File replication log and ensure that post registry you get indicators that the system has been fixed up.

Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13560
Date:  12/26/2007
Time:  12:34:03 AM
User:  N/A
Computer: KIKIBITZFINAL
Description:
The File Replication Service is deleting this computer from the replica set "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)" as an attempt to recover from the error state,
 Error status = FrsErrorSuccess
 At the next poll, which will occur in 5 minutes, this computer will be re-added to the replica set. The re-addition will trigger a full tree sync for the replica set.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13520
Date:  12/26/2007
Time:  12:39:39 AM
User:  N/A
Computer: KIKIBITZFINAL
Description:
The File Replication Service moved the preexisting files in c:\windows\sysvol\domain to c:\windows\sysvol\domain\NtFrs_PreExisting___See_EventLog.
 
The File Replication Service may delete the files in c:\windows\sysvol\domain\NtFrs_PreExisting___See_EventLog at any time. Files can be saved from deletion by copying them out of c:\windows\sysvol\domain\NtFrs_PreExisting___See_EventLog. Copying the files into c:\windows\sysvol\domain may lead to name conflicts if the files already exist on some other replicating partner.
 
In some cases, the File Replication Service may copy a file from c:\windows\sysvol\domain\NtFrs_PreExisting___See_EventLog into c:\windows\sysvol\domain instead of replicating the file from some other replicating partner.
 
Space can be recovered at any time by deleting the files in c:\windows\sysvol\domain\NtFrs_PreExisting___See_EventLog.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Information
Event Source: NtFrs
Event Category: None
Event ID: 13553
Date:  12/26/2007
Time:  12:39:40 AM
User:  N/A
Computer: KIKIBITZFINAL
Description:
The File Replication Service successfully added this computer to the following replica set:
    "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
 
Information related to this event is shown below:
Computer DNS name is "kikibitzfinal.Kikibitzrtm.local"
Replica set member name is "KIKIBITZFINAL"
Replica set root path is "c:\windows\sysvol\domain"
Replica staging directory path is "c:\windows\sysvol\staging\domain"
Replica working directory path is "c:\windows\ntfrs\jet"

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Using the BurFlags registry key to reinitialize File Replication Service replica sets:
http://support.microsoft.com/kb/290762

Complications from an SBS 2008 Migration :: Third Tier:
http://www.thirdtier.net/2009/11/complications-from-an-sbs-2008-migration/

And don't blow off what it says....

While choosing a branch office solution, you have to address various issues, such as security, data replication, minimal IT capabilities, hardware costs, unauthorized physical access, and unwanted changes to Active Directory.

The following bulleted list discusses the points above and highlights the solutions to address the concerns. (Source:MSL 89-389)

• Security

  • In case the security at the branch office is your major concern, you should use the  Server Core installation option of the Windows Server 2008 operating system and install , RODCs, Server Message Block (SMB) 2.0, and BitLocker Drive Encryption. Server core offers a reduced attack surface because of the limited number of services which are running on the box.

• Replication between sites

  • If you need to tightly control replication between sites due to WAN links, you should install RODCs.

• Minimal IT administration capabilities

  •  If you have minimal IT administration capabilities, you should have a Server Core installation and install RODCs to minimize administration requirements.

• Hardware costs

  • If you have to minimize hardware costs at each branch office, you should consider server virtualization.

• Unauthorized physical access to servers

  • If you have limited capabilities to control the physical access to servers at a branch office, you should use BitLocker Drive Encryption to protect the system against data theft.

•  Unwanted changes to Active Directory

  • If you want to prevent unwanted changes from being made to Active Directory, you should use RODCs to prevent any updates to Active Directory.

The preceding points were some consdierations from the field when choose Branch office solutions.

Jeff Loucks
Available Technology

  Subscribe in a reader 

Se você quer saber como desenvolver para multitouch em Windows 7, não pode perder o webcast que irei fazer no dia 3/12/2009, às 12:00.

Lá irei mostrar como desenvolver aplicações que usam o recurso do multitouch, usando .net Framework 3.5 e também mostrando como programar multitouch com o WPF4, que vem por aí. Ah, e se você não tem um hardware multitouch, não tem problema: eu irei mostrar como contornar isso, usando dois mouses.

A inscrição é gratuita e pode ser feita em https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032433821&EventCategory=4&culture=pt-BR&CountryCode=BR

Até lá

Bruno

One of the group policy tweakages I've done is to have it so that when someone connects via RWW that the desktop background they have on their office machines get's blanked out.  With Vista and Win7 and the nice (heavy graphical) wallpapers people have chosen slows down the remote web workplace screen.

So just go into Group policy

and enable the "Enforce Removal of Remote Desktop Wallpaper"

Spider webs. That is what I call most network diagrams I see. A diagram is worth a thousand words when it comes to understanding the layout of your network. There are a few skills which help you get full value out of diagramming and it is the intent of this post to highlight a few. Most involve clearing the cobwebs and bringing clarity through visual cues.

I am using a diagram that comes from an administrator for whom I have a lot of respect. He has taken on challenges and kept to a tight budget while advancing the use of technology to propel growth. He is a tremendous asset to his business and they know it. He however, is like a beautiful woman who does not know it. All the more valued for the fact that they do not act as though they are special.

When it comes to diagramming here is what he said to me while waiting for my diagram. "I'm interested in seeing your Visio drawing.  I might be better at them if I get to see a good example." I think there are a lot of administrators in this boat and therefore I choose this topics.

This diagram contains all of the information required to achieve the second diagram.

The second diagram is one I created and reuses the information from the first diagram and adds several techniques. It addes visual cues to highlight valuable bits of information.

Techniques:

Color Coding:

You will notice in the second diagram that colors are used in at least four ways

1. To differentiate internal and external networks as well as other network segments such as Public Internet
2. To differentiate network speeds such as Gigabit, 10/100

3. For emphasis in text. Notice internal IPs are color coded Blue and internal network segments show connections in blue

4. The External resources hosted at the Washington Main Branch are grouped in a red patterned box indicating they are external resources.

Groupings:

Notice in the second diagram all of the branch resources are grouped in a box with a title. This creates organization which helps the reader understand the physical location of resources. You will also notice that servers are grouped and aligned in the main branch.

Connectors:

• Connectors should not cross even though some times it is very difficult to avoid it.
• Connectors should reinforce groupings and use similar colors to reinforce important information such as location, speed, and security level.

Well those are a few helpful hints. I hope this is valuable to those who are out there creating diagrams. Documentation is the first sign of professionalism and the process brings clarity. I wouldn't worry if it is not perfect, it is the process of creating documentation which helps you understand and communicate better. Good luck and send me your examples!

 Jeff Loucks
Available Technology

  Subscribe in a reader 

• Announcing Microsoft Office 2010 Beta
• How to Find Exchange Server 2007 and Build Information
• Microsoft Exchange Server 2010 review
• How to REALLY make import / export mailboxes on Exchange 2010 work
• Exchange 2010: And then there is the long awaited cmdlet Add-MailboxFolderPermission
• How do I enable Exchange 2010 MWI with Call Manager 7.x?
• Upload picture in Outlook 2010 using the Exchange Management Shell (Exchange 2010)
• Exchange Server 2010: Database Availability Group
• 5 Tips to Protect Yourself From Spam Scams (That Don’t Quite Work)
• Send Emails Easily Using Powershell v2 Cmdlet Send-MailMessage…
• Error While Deleting The Default Mailbox Database In Exchange 2010…
• Behind the Music: Exchange 2010 Demo at TechEd Europe 2009
• Oh little Move-Mailbox -ConfigurationOnly switch, we hardly knew ye
• Exchange Backup and Restore - Streaming and Volume Shadow Service (VSS) Techniques
• Uncovering the new Exchange 2010 Volume Snapshot (VSS) Plug-in (Part 2)
• Exchange Admin's Holiday Gift Guide 2009
• How to Manage Groups that I already own in Exchange 2010?
• Transitioning Client Access to Exchange Server 2010
• Update Rollup 1 for Exchange Server 2007 Service Pack 2 has been released

Hola a todos a salido el sitio nuevo de Techcenter con informacion de Exchange 2010 . Espero que les sirva!.

Exchange Server TechCenter para la versión 2010, aqui les dejo el link.

Saludos.

Carlos Dinapoli

Fellow MVP Richard Siddaway has started a very interesting series of blog postings on using PowerShell and Access.  

How Autodisconnect Works in Windows NT and Windows 2000:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;138365
Mapped Drive Connection to Network Share May Be Lost:
http://support.microsoft.com/kb/297684
Mapped drive shows an X - Super User:
http://superuser.com/questions/42072/mapped-drive-shows-an-x

One of the visually annoying things in the WinNT stack is how mapped drives "fall off" the network with red X's but they don't really fall off.

So how can you get rid of this slight visual annoyance? 

A registry key I've stuck on all my servers that have mapped drives.

At the command prompt with the following command:  net config server /autodisconnect:-1

Or

HKEY_LOCAL_MACHINE under the subkey:

Last time we added the option of inputting the table and values to our function but we needed a way to discriminate between that and using a full SQL statement.  We can achieve this by dividing the parameters into parameter sets NOTE – This is a PowerShell v2 capability.

We add the [CmdletBinding()] parameter and on the sql,varaible we add a parameter set name of “sql”.  The table and values parameters are put into a parameter set of “value”.  The connection parameter is not explicitly placed into either parameter set which means it is in both!

We can then check the ParameterSetName property and create the $sql variable if required. The function can be used as follows

Import-Module accessfunctions
$db = Open-AccessDatabase -name test03.mdb -path c:\test

Add-AccessRecord -sql 'insert into test1 values("James","Jones","18/04/1981")' -connection $db

Add-AccessRecord -connection $db -table test1 -values '"Alex","Green","17/05/1981"'

In these two examples we have restricted ourselves to one or the other of the parameter sets.  if we try to mix parameters across the parameter sets

PS> Add-AccessRecord -sql 'insert into test1 values("Rab","Burns","08/06/1981")' -connection $db -table test1
Add-AccessRecord : Parameter set cannot be resolved using the specified named parameters.
At line:1 char:17
+ Add-AccessRecord <<<<  -sql 'insert into test1 values("Rab","Burns","08/06/1981")' -connection $db -table test1
    + CategoryInfo          : InvalidArgument: (:) [Add-AccessRecord], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Add-AccessRecord

we get an error message.

We now have a function that allows us to work in the most efficient way at a particular moment.  Next we’ll see how we can feed the values from a csv file.

When I am trying to connect to my SQL Server 2008 box using SQL Server Configuration Manager today, the following error dialog pops up…

Cannot connect to WMI provider. You do not have permission or the server is unreachable. Note that you can only manage SQL Server 2005 and later servers with SQL Server Configuration Manager. Invalid class [0x80041010]

I have never seen this before!… while the following line saves me.

>> Open an elevated Command Prompt, and type the following…

mofcomp.exe "C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqlmgmproviderxpsp2up.mof"

===== For more information =====

~ SQL Server 2005 WMI Provider Error

http://blogs.msdn.com/echarran/archive/2006/01/03/509061.aspx

~ April SQLExpress CTP Installation fails with error 29535 (WMI not configured properly)

http://connect.microsoft.com/SQLServer/feedback/ViewFeedback.aspx?FeedbackID=124587

La estructura del registro de Windows es muy parecida a la estructura del sistema de archivos:

En el editor del registro (ya charlaremos sobre el), se muestra en el árbol de la izquierda, panel de llaves, la jerarquía del registro. Aquí cada carpeta es una llave del registro. A la derecha, panel de valores, observamos los valores de las llaves. El explorador de Windows nos muestra también la jerarquía de carpetas y los valores en dos paneles.

Llaves

Las llaves son similares a las carpetas ya que tienen las mismas reglas de nombrado. Podemos anidar una o más llaves dentro de otra llave, mientras sus nombres sean únicos dentro de cada llave. El nombre está limitado a 512 caracteres ANSI o 256 Unicode y podemos usar cualquier carácter ASCII que no sea la barra invertida \, el asterisco *, y la interrogación ?. Windows se reserva todos los nombres que comienzan con un periodo para su propio uso.

Las similitudes entre el registro y el sistema siguen con las rutas. La ruta C:\Windows\System32\notepad.exe se refiere al archivo Notepad.exe en la unidad C, carpeta Windows, subcarpeta System32. La ruta HKLM\System\CurrentControlSet\Control\CurrentUser se refiere al valor CurrentUser de la llave raíz HKLM, que se encuentra en la subllave Control de la subllave de SYSTEM llamada CurrentControlSet. Notación de nombre cualificado con el que frecuentemente nos referiremos a una llave y todas sus subllaves como una RAMA.

Como punto a tener en cuenta me referiré a las llaves enlazadas. Windows almacena perfiles de hardware en la RAMA HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\, cada perfil es una subllave xxxx, donde xxxx es un número incremental que comienza por 0000. La subllave Current es un enlace a toda llave que actualmente se encuentre en los perfiles de hardware, y la llave Raíz HKCC es un enlace a Current.

Valores

Cada llave contiene uno o más valores. El nombre de un valor es parecido al nombre de un archivo. El tipo de un valor es similar a la extensión de un archivo, que es lo que indica su tipo. Los datos del valor es parecido al contenido actual del archivo. Si pulsamos en una llave del registro en el panel de llaves del editor, el panel de valores nos mostrará los pertenecientes a dicha llave. En el panel de valores observamos tres columnas, correspondientes a tres partes de un valor:

• Nombre. Todo valor tiene un nombre. Con las restricciones ya comentadas. Dentro de cada llave ese nombre será único, pudiendo usar el mismo nombre en distintas llaves.
• Tipo. Cada tipo de valor determina el tipo de dato que puede contener. REG_DWORD un número double-word, REG_SZ una cadena, etc…
• Datos. Cada valor puede estar vacio, nulo o puede contener datos. Los datos se limitan a 32767 bytes, aunque el límite práctico son 2KB. Los datos se corresponden con su tipo, exceptuando los valores binarios que pueden contener cadenas, doble-words, o cualquier otro.

Cada llave contiene al menos un valor, el valor predeterminado. Casi siempre una cadena, pero algunos programas lo cambian por otros tipos. En muchos casos el valor predeterminado es NULL y el editor nos indica 'valor no establecido'.

Tipos

• REG_BINARY
• Datos binarios, se muestran en hexadecimal y se introducen datos binarios en hexadecimal.
• REG_DWORD
• Valores doble-word de 32 bits. Muchos son banderas booleanas (si o no). Valores de tiempo en milisegundos. Números de 32-bits, firmados o no (hay unos rangos). Los valores se ven en decimal o hexadecimal.
• REG_DWORD_BIG_ENDIAN
• Orden de los bytes Big_Endian
• REG_DWORD_LITTLE_ENDIAN
• Orden de los bytes Little-Endian
• REG_EXPAND_SZ
• Texto de longitud variable. Puede incluir variables de entorno que se expandirán luego por el programa antes de su uso.
• REG_FULL_RESOURCE_DESCRIPTOR
• Lista de recursos para un dispositivo o controlador de dispositivo. Importante para el Pinchar y Listo P&P.
• REG_LINK
• Enlace. No los podemos crear nosotros.
• REG_MULTI_SZ
• Valores binarios que contienen listas de cadenas. El editor muestra una cadena por cada línea y nos permite editarlas. Un carácter nulo 0x00 separa cada cadena y dos nulos el final de la lista.
• REG_ONE
• Sin tipo definido
• REG_QWORD
• Quadruple-word (64 bits).
• REG_QWORD_BIG_ENDIAN
• Quadruple-word (64 bits). Como Big_Endian.
• REG_QWORD_LITTLE_ENDIAN
• Quadruple-word (64 bits). Como Little-Endian.
• REG_RESOURCE_LIST
• Lista de los valores de REG_FULL_RESOURCE_DESCRIPTOR. El editor nos deja verlos pero no editarlos.
• REG_RESOURCE_REQUERIMENTS_LIST
• Lista de recursos que un dispositivo necesita. No podemos editarlo.
• REG_SZ
• Texto de longitud fija. Es el más común, otro valor REG_DWORD. La cadena termina con un carácter nulo y los programas no expanden las variables de entorno contenidas en valores RG_SZ.

De todos los valores del registro, el valor binario es el menos sencillo. Cuando una aplicación lee un valor binario desde el registro, descifrar su contenido le corresponde a ese programa. Esto significa que las aplicaciones pueden almacenar datos en valores binarios usando sus propias estructuras de datos, que no significan nada para nosotros u otros programas. También, las aplicaciones, frecuentemente, almacenan datos REG_DWORD y REG_SZ en REG_BYNARY, lo que dificulta su búsqueda y descifrado.

Ahora se complica, el registro en la actualidad almacena todos los valores como valores binarios. Las API del registro identifican cada tipo de valor mediante un número, al que los programadores se refieren como constante, y que se tiende a denominar como el número de tipo.

Having promised a 24hr turn around

No original disks.. surprise surprise

Finger marks all over the screen.. again

How do stores get away with selling underpowered junk?

Slow?? It doesn’t even boot !!!!

Oh cool.. the ‘you may have been scammed’ graphic

Ha ha.. soopadoopavirusXPkilla. That will be fun to remove

No disks, no obvious back up device. Why do I have to look for interminable masses of family pics?

If I was to split the charge for the job into an hourly rate, tea pickers in the 19th century were getting more than I am..

Grrrrrrrrrrr..

24 hours later

OK.. all done. Your operating system is no longer ‘illegal’. By the way, who installed it before?

Yes, all of your pictures are safe and sound. Have you thought about copying them to a CD/DVD? You should..

No, its ok. I always stay up into the early hours of the morning.

You should be good to go for at least a year, I have installed good products to keep your computer safe.

oO please please please be good to go for another year Oo

A computer worm that China warned Internet users against is an updated version of the Panda Burning Incense virus, which infected millions of PCs in the country three years ago, according to McAfee.

The original Panda worm, also known as Fujacks, caused widespread damage at a time when public knowledge about online security was low, and led to the country's first arrests for virus writing in 2007. The new worm variant, one of many that have appeared since late 2006, adds a malicious component meant to make infection harder to detect, said Vu Nguyen, a McAfee Labs researcher.

"It has gotten more complex with the addition of a rootkit," said Nguyen. "It definitely makes it more challenging for users to clean up and even to know that their systems have been compromised." A rootkit burrows into a system to try to hide the existence of malware.

http://news.techworld.com/security/3207541/china-warns-of-mass-internet-virus/

A Toshiba employee in Japan has been arrested for selling copy limit breaking software, letting buyers copy digital TV programmes on Japanese recording and playback products as much as they liked.

The copy limit software is called Dubbing10 and lets digital media device users copy a recorded digital TV programme up to ten times. It was introduced in July 2008, after criticism that the previously available single copy facility was far too limited.

Sony added Dubbing10 as firmware updates for its Japanese territory Blu-ray and DVD recorders in 2008, as well as to certain Vaio desktop and notebook computers. Sharp and Panasonic also added the Dubbing10 software to certain of their products.

A Japanese paper reported that the Toshiba worker, Tetsuya Masumura, was arrested on Wednesday in the Ehime Prefecture in northwestern Shikoku, the smallest of the four main islands of Japan.

http://www.theregister.co.uk/2009/11/27/dubbing10_break_sw/

HITBSecConf2010 Amsterdam opens in July

The organizers of the Hack In The Box security conferences in Malaysia are planning their first European show for Amsterdam next July.

Hack In The Box (HITB) held its first security conference, or hacker convention, in Kuala Lumpur in 2003, one of the first major shows of its kind in Asia. HITB organizers added a show in the Middle East in Dubai, United Arab Emirates in 2007. The two shows run yearly and draw high profile security industry people every year.

Next year, HITB will host its first show in Amsterdam from July 5 to 8, according to Dhillon Andrew Kannabhiran, the head of HITB. The Amsterdam show, HITBSecConf2010 - Amsterdam, will follow a similar schedule to the other HITB exhibitions. There will be two days of training sessions and two days of the conference, complete with Web hacking competitions.

Hacking competitions feature in every HITB show and the winners used to receive cash awards from sponsors. But at HITB Malaysia this year, there was no prize money on offer due to lack of sponsorship of the event yet enough teams registered to fill the competition ticket.

http://www.networkworld.com/news/2009/112709-hack-in-the-box-heading.html

Trend Micro threat analysts were alerted to the discovery of another ZBOT spam campaign. The emails bear subjects such as &"your photos" and "some jerk has posted your photos." They inform the recipients that someone has posted their photos without their permission on a site and has sent the link to their friends. The recipient is intended to beleive that the "sender" is acting as a "good samaritan," emailing the one who supposedly posted the said pictures.The URL, of course, points to a website that distributes a malware detected by Trend Micro as TSPY_ZBOT.CJA.

When executed TSPY_ZBOT.CJA connects to several websites to download another malicious file detected as TROJ_DROPR.KB. The spyware also has rootkit capabilities that enable it to hide its processes. ZBOT/ZeuS is one of the most notorious botnets with regard to identity, financial, and information theft.

http://blog.trendmicro.com/another-zbot-spam-run/

In another blog entry, Trend Micro is advising people to Don't Give Spammers a Reason to Be Thankful

Thanksgiving kicks off the holiday season in the United States, the top spam-sending country in the world. The holiday season ushers sales and big discounts for users. Unfortunately, however, this also means that spammers will be rushing to offer consumers bogus promos and discounts. Seems even cybercriminals have something to be thankful for, too.

Trend Micro analysts received Thanksgiving-related spam samples. The spammed messages offered users who log in to their sites US$500 worth of "grocery vouchers." The sites were hosted on different domains that, upon further analysis, have already been blacklisted though they have only recently been created.

Users who are tricked into clicking any of the URLs in the spammed messages landed on sites where they are asked to give out personal information like email addresses, complete names, addresses, and phone numbers, which, as you may already know, may be used for other malicious activities later on or sold in underground forums.

http://blog.trendmicro.com/don’t-give-spammers-a-reason-to-be-thankful/

We already have all the functionality we need to achieve this.

Import-Module accessfunctions
$db = Open-AccessDatabase -name test03.mdb -path c:\test
Get-AccessData -sql "select * from test1" -connection $db | Export-Csv -Path c:\test\test1.csv –NoTypeInformation

Open the csv file in Excel and the data is available.  If you open the csv file in notepad be aware that the fields are padded and you need to scroll to the right to see all the data.

We could add the export functionality into our Get-AccessData function but if we stick with the PowerShell composability concepts we want to keep the functions small and focussed.  If you want to change the function – feel free – just add a switch for csv output and a parameter for the csv path. Then use another if statement to control writing to the csv.

Este sábado 28 de noviembre, la comunidad ALT.NET Hispano organiza una nueva VAN (Reunión virtual). Esta vez el horario (tomen nota) será 19:00 GMT/UTC (4 de la tarde por aquí en Buenos Aires, Argentina). El tema será el uso de Mocks, en nuestras pruebas automatizadas. La presentación del tema estará a cargo del bueno de Hadi Hariri (que pueden seguir en Twitter en @hhariri). Hadi vive en España, se presenta en su sitio:

http://hadihariri.com

de esta manera:

I'm a software developer and work as Tech Lead for iMeta Technologies. I also give talks and presentations. I love to travel and luckily get to do so when speaking at conferences. My main passions are Software Architecture, Web and TCP/IP development. I live in Málaga, with my wife Katya and my two wonderful sons, Maxim and Sasha. I run the local .NET User group for Málaga and the province. If you live in Málaga or are visiting, drop me a line.

Pueden leer sobre sus conferencias e intereses en:
http://hadihariri.com/blogengine/page/Conferences.aspx
http://hadihariri.com/blogengine/archive.aspx

El enlace a usar es http://snipr.com/virtualaltnet. La información sobre las VAN que vienen, están en la página del Calendario de ALT.NET Hispano. Ahí leo más detalles sobre esta reunión de mañana sábado:

La comunidad ALT.NET Hispano (http://altnethispano.org) realizará un evento virtual con el tema "Mocking" (e "Inyección de Dependencias"), a cargo de Hadi Hariri. Fecha: Sábado 28 de Noviembre a las 19:00 hrs. Hora Internacional (GMT/UTC), con una duración aproximada de 2 horas.

Lugar: Para atender la reunión deben usar el enlace: http://snipr.com/virtualaltnet el cual les demandará el uso del programa Microsoft Office Live Meeting 2007 Client. En esta ocasión la desconferencia estará a cargo de Hadi Hariri, Visual C# MVP, quien es consultor y desarrollador ante todo, así como apasionado de la arquitectura de software y el desarrollo de aplicaciones web. Es ponente habitual en conferencias sobre .NET y Win32, y ha escrito numerosas publicaciones.

Descripción: En esta charla primero repasaremos la inyección de dependencias e Inversión de Control y profundizaremos en los frameworks de Mocks. Veremos cómo funcionan, éstos últimos, así como también cómo sacarle el máximo de partida a ellos para hacer tests sostenibles. Examinaremos las diferencias entre Mocks y Stubs así como diferencias entre pruebas de estado e interacción.

Algunas páginas a revisar:

Inversion of Control Containers and the Dependency Injection pattern

Mocks can be your friend, or your worst nightmare

Mocks Aren't Stubs

Rhino Mocks

Moq

TypeMock

NMock

Pueden plantear sus comentarios e inquietudes sobre el tema de la reunión en: http://groups.google.com/group/altnet-hispano/t/57766b68494fe859 Para mayor información sobre cómo atender la reunión consulten: http://tinyurl.com/van-hispano Pueden vincular el Google Calendar al suyo (http://screenr.com/nr7), o bien descargar el iCal de este evento en particular: http://altnet-hispano.pbworks.com/f/VAN20091128.ics

Si no conocen qué es una reunión VAN, pueden consultar VAN meetings. Para ver cómo se desarrolla una VAN de ALT.NET Hispano, y qué software necesitan para asistir, ver Descripcion-de-Reuniones-VAN. Pueden ver el historial de anteriores reuniones VAN (visiten las que dieron, por ejemplo, sobre NHibernate, WPF y demás) (yo participé en VAN sobre Scrum y en otra sobre generación de código). También pueden suscribirse para proponer nuevos temas, y colaborar con la comunidad. Si no pueden asistir a ésta VAN, seguramente quedará publicada más adelante, con video incluido.

Con respecto a Mocks, y librerías de mocking, he dejado enlaces en:

http://delicious.com/ajlopez/mocks
http://delicious.com/ajlopez/rhino
http://delicious.com/ajlopez/moq

Nos leemos!

Angel “Java” Lopez
http://www.ajlopez.com
http://twitter.com/ajlopez

Everybody knows that if you are going to create a meaningful document in Word, you use Styles. Excel has styles as well, but how many of us use these built-in styles, or add to them with our own custom styles?

I have been building a styles utility recently, so I have delved deeply into this functionality. Clearly, one of the principal aims of such a utility would be the ability to edit styles. Being a rational coder, I don’t want to re-invent the wheel, so I decided to use the built-in styles editor. This is easily called using dialogs

Application.Dialogs(xlDialogApplyStyle).Show

From here, the style can be tailored to your needs, a new style can be added, or a style can be deleted. This dialog defaults to the Normal style, but you can pre-load the style by passing it as an argument

Application .(xlDialogApplyStyle).Show “myParticularStyle”

So far so good. This all looks ideal.

Unfortunately, things are never that simple. The following is a code snippet that should create a new style called NFx1Dec and open the styles edit dialog for that style.

Const StyleName As String = "NFx1Dec"

    On Error Resume Next
    ActiveWorkbook.Styles(StyleName).Delete
    On Error GoTo 0

    Activecell.Style = "Normal"
    ActiveWorkbook.Styles.Add StyleName, Activecell
    Application.Dialogs(xlDialogApplyStyle).Show ActiveWorkbook.Styles(StyleName)

If you call this dialog from VBA as shown above, select your style to work with, and then click the Modify button, you are presented with a series of tabs to adjust the particular style properties. From here, select the Patterns tab and you see a colour palette, a pattern dropdown, and a sample preview box.

So, you want to change the fill colour. Simple, just select a colour from the colour palette. Of course, it is not simple, otherwise I wouldn’t be writing this. Select the colour, and nothing happens. You do not see that colour in the Sample box (as you would if you were modifying this style in Excel), and when you exit, that style does not have that fill colour.

You can force it by selecting the pattern option to say solid, but you don’t have to do this in Excel, so you shouldn’t have to just because it is being invoked from VBA. You can also force it by selecting your colour, then select No Colour, then select you desired colour again (what!).

I tried various things to try and force the pattern to be solid before invoking the tab, such as

    ActiveWorkbook.Styles(StyleName).Interior.Pattern = xlSolid
    ActiveWorkbook.Styles(StyleName).Interior.PatternColorIndex = xlAutomatic

but no joy. So, a  real failing on using what is a useful function of Excel from within VBA.

I was discussing this with Jan Karel Pieterse, a Dutch Excel MVP. Jan Karel also has an interest in styles; he has a page about using styles on his website http://www.jkp-ads.com/Articles/styles00.asp. Jan Karel came up with the following workaround

Const StyleName As String = "NFx1Dec"
Dim CB As CommandBar
Dim sMenuKeys As String
Dim sMenuCap As String
    
    Set CB = Application.CommandBars("Worksheet Menu Bar")
    sMenuCap = CB.FindControl(Id:=30006, recursive:=True).Caption
    sMenuKeys = "%" & Mid(sMenuCap, InStr(sMenuCap, "&") + 1, 1)
    sMenuCap = CB.FindControl(Id:=254, recursive:=True).Caption
    sMenuKeys = sMenuKeys & Mid(sMenuCap, InStr(sMenuCap, "&") + 1, 1)
   
    On Error Resume Next
    ActiveWorkbook.Styles(StyleName).Delete
    On Error GoTo 0

    Activecell.Style = "Normal"
    ActiveWorkbook.Styles.Add StyleName, Activecell
    SendKeys sMenuKeys & ActiveWorkbook.Styles(StyleName)

Although this uses the dreaded SendKeys, it does seem to work. As a stand-alone procedure, it does work, but when embedded in an application, it had some serious problems.

… to be continued