Work – Page 7 – Absoblogginlutely!

Fixed – Adobe Reader not opening in ie – turning off Open in browser.

By Andy on Saturday, November 13, 2010

Using Adobe Reader 9.04 on a Windows 2008r2 Remote Desktop server, I was finding that a lot of websites would fail to run when a pdf file was opened in the browser. Going to Edit/Preferences/Internet and unchecking the “Open pdf in browser” fixed the problem. The next problem was making this site wide and for every user on the terminal server.
Using procmon I was able to check the registry changes that occurred when this box was checked (although this does not help when the av software is constantly scanning the registry and files). By creating HKCU\ Software\ Adobe\ Acrobat Reader\ 9.0\ Original\ bBrowserIntegration as a dword and setting the value to 0, this option was checked for everyone. I did notice that the server initially checks HKLM for the same value, but in testing I found that adding this value under HKLM did not make the user interface change. I know Adobe checks other settings in the registry so I’m not sure if it was checking other locations to see if HKLM should also be set, but in that case, why check the HKLM value too?
Using the Group Policy Preferences I was able to create a new setting and now Adobe Reader works for everyone on the server.

Of course, once you know this key it’s easy to find lots of google articles mentioning bBrowserIntegration but I couldn’t find anything when I initially researched this problem. One solution that might make it easier is to download a Adobe Reader Group Policy template which you can then import (computer / Administrative Templates/ Right click and browse) to apply this and other settings. Note that I found the EULA supression did not work for me with Adobe Reader 9.04 on W2k8R2

Windows 2008 windows7 Work

Fixed – Printers missing in Windows 2008 r2 (and Windows 7)

By Andy on Friday, November 5, 2010

As part of a client migration this week I had to install a whole load of new printers on a new Windows 2008r2 server. In particular, one copier printer had about 7 different printers setup pointing to the same device – this was to allow the user to select which tray they wanted to print to without having to change the printer settings each time.
By the time I got to my fifth printer I noticed that the devices window was only showing two printers. When I selected the details view in explorer it was only showing printer1 and printer4, pressing F5 to refresh the screen would only show printer2 and printer3. This was really disconcerting as I kept getting interrupted in what I was doing so it was hard to work out which printers had already been setup when they did not appear in the user interface. However they did appear in the list of printers when I went to print something from notepad.
Puzzled, I did some searching and eventually came across Network Steve’s post about bringing back printers in Windows 7. Following his instructions and creating a new Key under hklm \Software \Microsoft \Windows \CurrentVersion\ Explorer \ControlPanel \NameSpace called {2227a280-3aea-1069-a2de-08002b30309d} a new icon appeared in control panel called printers and I can now see all of the printers so Thanks Steve!
Incidentally, these printers were set up and shared on a print server and then accessed on a locked down terminal server. I haven’t been able to work out how to get the list of printers to show up for a locked down user within control panel. The printer icon is not a normal .cpl file so I can’t include that in the list of available icons in control panel for users to use. This is not a critical function but helps when testing and troubleshooting printer issues for users in the future.

Networking Wireless Work

Fixed – unable to connect to vpn with Verizon wireless cards

By Andy on Wednesday, October 13, 2010

After about 3 weeks and many calls with Verizon technical support we finally got to the bottom of being unable to connect via a VPN on USB Verizon wireless cards (an older PCMCIA card was still working fine).

It turns out that the IP Code was set to general – which is normally placed on residential air cards to restrict ip traffic. The tech removed this “feature” and we confirmed vpn worked again.

So, if you are having this problem, contact Verizon Technical support and ask them to remove General IP code from the phone. If the Tier1 support person doesn’t know what you are talking about, request they instant message level 3 support who will know what you are talking about.

Good luck and I hope this prevents 3 weeks of VPN failure for other people.

Thanks to Eric for persevering and finally getting an answer

Vista Windows 2008 windows7 Work

Howto enable Group Policy event logging in Windows2008

By Andy on Wednesday, October 13, 2010

There are many websites on the internet that talk about the previous method of enabling group policy logging by adding the UserEnvDebugLevel registry entry as per Microsoft kb article 221833. Unfortunately this does not work in Windows2008 and the kb article does not link to another article that does work.

However I found out that this was changed (in Vista I think) to a different registry entry and a new log file is created. Create a new Dword value called GpSvcDebugLevel under HKLM\Software\Microsoft\Windows NT\Current Version\Diagnostics and set the value to 100002 (in hex). This will then create a file called gpsvclog.log in the %windir%\debug directory.

It looks like the preferred method of debugging the logs is to read the events that are stored in Eventvwr under Applications and Services Logs\ Microsoft\ Windows\ GroupPolicy\ Operational

Email Work

Blat crashes when an email is sent – fixed.

By Andy on Tuesday, September 28, 2010

I had an issue with blat yesterday with a new script I was working on. Every time I sent an email, it would crash and I would get “A Win32 command line eMail tool has stopped working.” As this was also running on a Windows2008 server this was also affecting the reliability index on the server – one of the things we check as part of our checkups.
I spent a good while trying to work out what was wrong, typed out the command to send mail and it worked – so I knew the issue was not blat itself. After calling over a colleague to help, demonstrating the (reproducible) problem of pasting the script line and crashing blat I asked what was wrong. The two of us still took a couple of minutes before he realised I had mistyped the server name used to send the mail. Instead of domain.com.s6a1.psmtp.com I had entered domain.com.s6a1.pmstp.com
Sure enough – if the mail server hostname can not be resolved by blat – it will crash. I was also able to reproduce this on my Windows7 machine at home too.

A simple fix but difficult to find after looking at code for a long time – getting someone else to look at your code often does wonders.

Exchange / Outlook exchange2007 Hosting Microsoft Work

Cost for bulk uploading to Microsoft’s Exchange Hosted Archive

By Andy on Wednesday, July 14, 2010

As part of our investigations into hosting mail online using Microsoft Exchange Hosted services I have spent several hours on the phone with several companies to obtain prices and quotes. A couple of companies are out of the running as they didn’t bother to return my calls and although Microsoft were helpful, they just did not get it.
One of their offerings is email archiving. Every email sent and received, both internally and internally is copied to the archive service which is then searchable for ediscovery or just in case you can’t find that one email you know you received way back when. The only downside with this is the old email currently sitting on the exchange server that would not be searchable. However according to the Buy Microsoft Exchange hosted Services, “”You may bring historical data into the archive for a one-time charge, which is priced per GB”
As you can purchase the standard archive service from Microsoft and the same page contains prices for this service, it makes sense that Microsoft would be able to provide costs for this data import. About 2 hours on the phone later I realised that Microsoft unfortunately do not have a clue and nobody was able to give me a straight answer or even a ballpark figure. I was bounced around to several departments until eventually someone said that this service is purchased through the reseller channel. This doesn’t really make sense as the BPOS service itself can basically be purchased direct so why not the data import?
Our reseller is Ingram Micro, but their price list is only available to people with an account – useless for a tech like me who is trying to get some data together. However, CDW came to the rescue and this service is available by purchasing the “Microsoft Exchange Hosted Archive Historical Data Load at a cost of $60 per user (not per GB as in the original Microsoft documentation). The part number is 74P-00053. If you have an Enterprise Select agreement the part number is 74P-0059 but the price is still the same.

I’m not sure why Microsoft can’t give this price in the original web page and say to contact your normal reseller for more information.
Once the order has been placed there are more hoops to go through to get the data sent to Microsoft. The data can apparently be ftp’d to Microsoft – I’m hoping this is actually secure ftp – but as most users are going to have many Mb’s or Gb’s of data the normal scenario is to put the data onto a USB drive. I was pleased and also surprised to see they support Truecrypt. For more details of the process, continue to read the rest of the entry.

AntiVirus Trend Work

Preventing Trend Micro from scanning server after the umpteenth time of installation.

By Andy on Wednesday, June 2, 2010

When you have a problem with Trend and have to keep reinstalling it on the server, it gets extremely frustrating waiting for the agent to do a prescan and then fail to complete the install due to “unable to install the client/server security agent.Contact Trend Micro support. Error copying FlowControl.dll”

The problem of flowcontrol.dll can be fixed by deleting the trend micro\Client Security Agent folder after you have uninstalled the software. If you get a problem deleting perficrcperfmonmgr.dll then unregister it with regsvr32 /u perficrcperfmonmgr.dll Wait a few seconds and then rename the Client Security Agent folder to .old. Repeat the installation and the software should install with no problems. (Note that you may have to reboot if the Security Agent service fails to stop)

To prevent the server from rescanning for virus’s (which after all it has been doing in the past and will take a long time on a server), edit the autopcc.ini that can be found in the \\server\ofcscan\autopcc.cfg folder. Change NoPreScan to 1 instead of 0 and then run the autopcc.exe install program.

For what it’s worth, we are looking at using Trend due to some of the features such as the Remote Manager capabilities and the fact that they do seem to listen to their users and resellers. I had a good training session with one of their Technical managers a week ago which was really great. unfortunately the install that sparked this blog post has caused me no end of problems and Symantec would be a much more efficient install in this case.

Exams Microsoft SBS Windows 2008 Work

Small Business Specialist certification upgraded to 2008

By Andy on Sunday, April 25, 2010

I finally got around to taking 70-653 on Friday and passing it. It was an interesting experience as I had to take a survey before the exam that asked questions about my experience with the product and what I thought were my strengths and weaknesses. If I didn’t know the exams were downloaded overnight, it would make me very suspicious – if I answered that I didn’t know remote access very well, would I get lots of questions on vpn configuration or would Microsoft be kind and avoid that area? Although I passed it would have been nice to also get a comparison with my answers from the survey and my final test results. Funnily enough my weakest area was user management – I’m pretty sure that is because I’m so used to doing things in AD and I know to do things with the wizard but I don’t pay attention to EXACTLY what the wizard is called.
Now that I’ve passed I’ve got another Technical Specialist under my belt and this should also upgrade my SBSC to 2008 status (although the SBSC doesn’t appear on Microsoft transcripts as this certification is “awarded to companies rather than individuals” (which I think is a big mistake on Microsoft’s part))

.Net Bugs Hotfixes Microsoft Patches Windows 2003 Work

The installation failed with: This patch package could not be opened – Fixed.

By Andy on Monday, March 29, 2010

I have been trying to install the KB958481 patch for Microsoft Dot Net Framework 2 for many hours. Each time the installation would fail with “The installation failed with: This patch package could not be opened. Verify that the patch package exists and that you can access it, or contact the application vendor to verify that this is a valid Windows Installer Patch Package.”

Of course the patch file exists (I am installing it after all) and the patch file came from Microsoft so I would hope it’s valid. Most of the suggestions seemed to resolve around removing the dotnet framework and reinstalling. All of which I had done in a variety of ways. First by uninstalling the software through add/remove programs and then through Aaron Stebner’s dotnet cleanup tool – neither of which solved the problem.

Eventually I stumbled across a tech posting (made after my initial problem started) in the Microsoft forums (first and second posting that mentioned installing the Microsoft Installer 4.5 redistributable component. After an initial reboot before installing, a reboot after installing, installing the .net patch and another reboot afterwards I was up and running and able to install the other .net patches too.

Symantec Work

e000e020 with BackupExec backup job missed last night.

By Andy on Tuesday, March 16, 2010

If you have the misfortune to have BackupExec at your client sites, you may have noticed your backups failed last night with “e000e020 – The job was scheduled to run, but the availability window closed before the job could start. There may not have been any destination devices available during the window, or the job may have been submitted to run when the window was closed”

Apparently this is due to Daylight Savings Time – the solution is to rerun the job or wait and see if it runs tonight – Thanks for a really helpful solution Symantec.