Andy – Page 15 – Absoblogginlutely!

Enabling powershell to run scripts with registry permissions.

By Andy on Wednesday, March 24, 2010

As part of my powershell work I obviously need to run powershell scripts. I tried to run one last night and got the usual message about scripts needing to be signed. I had previously changed the settings on my XP machine, but this was obviously the first time I had run a script on my Windows7 machine.

Running the usual “set-executionpolicy remotesigned” I got the following error message “Execution Policy Change. The execution policy helps protect you from scripts that you do not trust. Changing the execution policy might expose you to the security risks described in the about_Execution_Policies help topic. Do you want to change the execution policy?”

Answering Yes to the prompt I then got the following error message – “Set-ExecutionPolicy : Access to the registry key ‘HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell’ is denied”. Sure enough I don’t have permission to this registry key.

I checked with our admin to ensure this wasn’t set in group policy before I started fiddling around. Found out that there is another setting that is user specific that can be set with “Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy RemoteSigned”

After doing this I was then able to run scripts, and more importantly my profile script runs. Seeing as though this is my workstation I don’t really care about anyone else’s powershell scripts on my machine 😉

However, if you want to set it for all users, then set the Scope Parameter to be LocalMachine

To set it domain wide, you need to download the PowerShell group policy templates from Microsoft and follow the instructions to set up a policy.

When Genuine Advantage fails to work….

By Andy on Sunday, March 21, 2010

I’ve had two issues with Genuine Advantage since Thursday – both issues not currently resolved. The first was a server that was restored from a ShadowProtect backup to a virtual machine on ESXI. This is to try and sort out an issue on the original server without causing any more damage to the original server. The restored server boots up fine and allows me to enter my username and password. Immediately after logging in, it then detects it needs to be activated and gives me the option to activate or cancel. If I select Yes to activate with Microsoft it should then jump into the routine of providing a set of numbers and a phone number to call Microsoft (or via the internet). Instead, this server just logs me off. Very frustrating and not useful at all.

Initially the problem was made worse due to the fact that the initial restoration meant that a normal boot insisted AD was corrupt and to go into safe mode to repair but safe mode had the same problem with Windows Activation. After a re-restore I’m not getting the AD corrupt problem but I am getting the Windows Activation issue. On a side note, it is essential that if you restore a server with shadowprotect that has a C,D and E drive with the NTDS files stored on the E drive, then you need to restore C, then D, then E. If you restore just C and E and specify the drives are C and E, when the machine reboots the E drive will become D and your AD will corrupt itself.

So as you can see I’ve had a troubling week at work doing some restores! The good news is I know how to recover from the above problem but not when Genuine Advantage gets in the way!

The other issue was with a friends Vista machine that had the hard drive fail. I suspect the MBR got corrupted as there was initially no operating system found and my initial repair worked when I told the machine to run diagnostics and fix them and about 5 seconds later the machine was booting. However on the next reboot the system failed again. He then used the HP recovery CD to restore Vista to the machine and then after login Windows (and Security Essentials) was complaining that the copy of Windows was not genuine. However going to the Validate Windows page, the webpage shows that the pc passes with no problems found (although the computer disagrees still). Running the MGADiag tool however returns Validation Status: Invalid License, Validation Code: 50. From the support forums – “Your copy of Windows 7 is using an OEM SLP key. This type of key only comes win Windows that come pre-installed in a computer built by a large manufacturer. When an OEM SLP key is in uses, Windows looks to the Bios on the computer’s motherboard for a OEM Bios Flag. An OEM Bios Flag is information found only in the bios of computers built by a large manufacturer that come with Windows pre-installed. An OEM Bios Flag is specific to the Manufacturer and the version of Windows it’s good for. So, If Windows is using an OEM SLP key and the Proper OEM Bios Flag is present in the computer’s Bios, Windows will self-activate”. Of course this is all well and good until the computer does not self activate…..

I’ll update on the both of these issues when I get time to work on the machines and solve the problems.

Internet Explorer

IE9 already?

By Andy on Tuesday, March 16, 2010

Microsoft have released a technical preview of IE9 along with a demo site to show off the new features. We’re still persuading users to upgrade some of their machines to ie8 although I did get the approval from the last site that had major issues forcing them to stay on ie7.

Interesting that the preview requires Windows7 – I wonder if Windows7 will be needed for the final release version?

Symantec Work

e000e020 with BackupExec backup job missed last night.

By Andy on Tuesday, March 16, 2010

If you have the misfortune to have BackupExec at your client sites, you may have noticed your backups failed last night with “e000e020 – The job was scheduled to run, but the availability window closed before the job could start. There may not have been any destination devices available during the window, or the job may have been submitted to run when the window was closed”

Apparently this is due to Daylight Savings Time – the solution is to rerun the job or wait and see if it runs tonight – Thanks for a really helpful solution Symantec.

Wordpress

When changing password on Twitter – update your plugins too

By Andy on Sunday, March 14, 2010

A while back I changed my twitter password – not realising how many other applications I would need to change…The first thing I had to do was go and change my tweetdeck installations which wasn’t too bad. However, this did mean changing it on three different machines.

This morning I posted a new blog post on IRL and realised that the post hadn’t made it to @helsbyhome on twitter. Checking in I realised I had to change my twitter plugins within wordpress too. These plugins haven’t been working for a couple of months now – oops!

For those of you are are interested, I’m using twitme and twitter updater with Tinyurl – any suggestions on alternatives or what do you use?

Exchange / Outlook Microsoft Office

Office 2010 almost here…

By Andy on Saturday, March 13, 2010

I’m running the Office2010 beta at home (mainly for Outlook and OneNote2010) and would highly recommend it when it is finally released. If you are running Exchange2010 then there are even more reasons why you should be running Outlook2010. (Note that a lot of the extra features such as mailtips and access to the archive mailbox are already available with the outlook web ~~access~~ app). If you purchase and activate Office 2007 between now and Sept 30 2010, you will be able to upgrade to 2010 via a free download. You will need a LiveID, the receipt and to register your purchase. More details available at the Office2010 Technology guarantee website.

Gmail

Gmail now has the ability to refresh pop mail.

By Andy on Tuesday, March 9, 2010

At long last, there is now a 1 click option to retrieve pop3 mail into gmail without having to go into the accounts tab and then refreshing every account. To turn it on, go to the labs and near the bottom is the Refresh Pop Accounts. See the official announcement for more details.

Domain Names Microsoft

Windows7 keygen site now owned by Microsoft.

By Andy on Sunday, March 7, 2010

I had an interesting google alert come through the other day that found some of my content posted at a website – www.windows7keygen.com. (safe to visit.) Ensuring I had noscript switched on, I checked the site out to find that it was just scraping blogs and posting them as content on the website. I sent the host an email to request that they stopped including my site and added a todo to check back in a weeks time.

I was surprised to find a week later (5 days ago) that the site redirects to a bing search for windows7keygen. I checked whois for windows7keygen.com and found that the domain is now owned by Microsoft – along with another 29,000 domains and it looks like 22,000 of them are hosted on the same server. The domain registrar of Niobe Telekom is also unusual – I suspect that is due to the original owners registration.

I find it rather amusing that Microsoft now have control over the domain but I’m not sure how they managed to get control of it – I’m assuming a windows7 trademark threat? I would have thought that they’d have redirected it to Get Windows7 though.

Exchange / Outlook Microsoft Training Work

Exchange2010 training from Microsoft

By Andy on Wednesday, February 24, 2010

It’s a busy week at the office this week as I’m at a 3 day event on Exchange2010 training as part of Microsoft’s Ignite sessions. You do need to be a Microsoft Partner to register for the Exchange 2010 training (if there are any further events going on – I’m not sure) but if you are going to be using or supporting Exchange2010 then I highly recommend it. So far it seems to be very similar to the Exchange admin training courses you would normally attend, but at a fraction of the cost. It’s a level 300 course so pretty technical – by about 4pm on the first day my mind was starting to get a bit confused – there was a lot of theory today and you certainly need to have some familiarity with previous versions of exchange.

The neat thing was that we’ve just recently moved to Exchange2010 in-house, so I was able to check some of the features that I didn’t already know about on our live client (outlook or outlook web app) as we progressed through the training.

We’re using Windows2008 machines running Hyper-V with 8gb of memory which means some creative juggling of memory and sometimes the machines are slow, but it really is the only way to do the training. Some points we have 4 machines running – this would have been almost impossible before virtualization was around to reduce the hardware requirements for enterprise lab environments. This course is also the first one I’ve been to that has some users in the local office and some using gotomeeting to attend the training over the internet. So far I think the arrangement has worked well for the internet users although I feel sorry for the person in Washington who has to start work at 6am due to the time zones. I was surprised that they were not using LiveMeeting to host the training (as this is a Microsoft event) but apparently the screenupdates were not been fast enough for the remote users.

I’ll be posting a few links on my twitter account – helsbyhome, and my absoblogginlutely delicious account as the course progresses. Mostly these are links for extra tools, utilities or downloads to assist in the management and implementation of Exchange2010.

Exchange / Outlook Office

Multiple calendar management in Outlook2010 – copying appointments

By Andy on Saturday, February 20, 2010

I’m using the Outlook2010 beta at home and loving it. The interface is nice and clean and there are several nice features that are new to the program. One of the things that I discovered this morning was that copying an appointment from one calendar to another automatically selects the same date and time on the destination calendar as the original calendar. This obviously makes sense as if you were going to copy an appointment from a colleagues calendar, or a shared internet calendar to your own calendar, it is likely that you want the same times. All you have to do is drag the appointment over to anywhere on the new calendar and the appointment is automatically copied across. In outlook2007 the copy functionality is still there, but you have to get the right date and time as you copy the appointment – more flexibility but more time and care is needed when placing the appointment.

See the screenshot below for some details. (You’ll probably need to click on it to see the full details.