Absoblogginlutely!

Exchange 2007 services fail to start on DC (SBS server)

By Andy on Wednesday, February 23, 2011

I’ve had an issue with a new SBS2008 server, running Exchange service pack3 rollup 2 where the information store service does not start after a reboot, especially annoying after the server is rebooting with a scheduled maintenance task. Apparently this issue was fixed in service pack 1, roll up 5 but I’m still getting it 2 service packs and 2 rollups later.

Microsoft have a “fast publish” knowledge base article 940845 and the first solution is to start the services manually – really helpful! Thankfully there are other solutions that involve changing the dependencies of the services to ensure Exchange does not try to start before AD has finished.

One word of warning – using the Microsoft KB to determine the latest service pack or rollup for Exchange 2007 returns Service Pack 3, rollup 1 from http://support.microsoft.com/kb/937052. However Rollup 2 has been available since Dec 14th 2010. I’ve put a note on the original kb article but the better way to determine the latest rollup is probably to search for Exchange 2007 service pack 3 rollup

Update Knowledge base 940845 now has a fixit file you can download that will change the dependencies for you along with instructions on how to fix it manually. The article no longer has references to this issue being fixed in previous rollups – probably because this was obviously not the case.

Microsoft SBS Training Work

Quickly download the SBS 2011 training from Microsoft.

By Andy on Sunday, February 13, 2011

There are several short videos available from Microsoft that cover the new features in SBS2011, but unfortunately Microsoft decided to make you download each one individually. However if you right click and download this
List of SBS 2011 Training videos file, you can use wget to download all of the files in a batch file.
Assuming you have wget installed on your machine and it is in the path (if not then why not? It is incredibly useful for downloading files from a command line – Get it from Sourceforge’s wget page), just run with the following in a command prompt window.

for /F %i in (sbstraining.txt) do wget %i

You should end up with 38 files totalling 241MB.
Update: See comments for assistance in downloading a copy of wget without needing all the extra gnu stuff

Security

Fixed – Warning, an attempt to check your OpenID Provider login status returned an invalid SSL certificate error

By Andy on Wednesday, January 26, 2011

Using firefox on my main computer at home this morning I started to get a message stating “openid provider login status returned an invalid ssl certificate” and it took me a couple of minutes to work out how to fix this.

About 2 years ago, I installed the Verisign Labs PIP seatbelt extension for firefox. This enables me to sign in with an OpenID account and not have to pass my real credentials across the internet all the time. This works great for securely signing into my WordPress account without passing my credentials in cleartext when I am at a conference etc. However, Verisigns certificate expired a couple of days ago and they replaced it with a new one.

Unfortunately it seems that the seatbelt extension knows about the old certificate but does not trust the new one.

The solution is quick and easy, but not obvious from the error message. However thanks to Doug at TakeALeft from back in 2009, you just need to update the seatbelt extension.

In firefox go to Tools, Addons and scroll down until you get to the Seatbelt extension. Select Options and then click on the OpenID Providers tab.

Note that in my screenshot above, I have already updated mine, but select the Provider and then click Update.

You will then be prompted with “Your Primary OpenID provider has published a new configuration file. Say OK to this message.

OK your way out of all the dialog boxes and the error message is no more.

Linux Work

Comparing two text files and removing duplicates from one

By Andy on Tuesday, January 25, 2011

I had a requirement to compare two files today and remove the entries from the larger list that matched the entries in the smaller list – think a poor man’s mailing list management.
Thanks to the post at StackOverflow, I was able to very quickly remove the entries with the following.
grep -Fiv -f potentialduplicates.txt %lt; fulllist.txt > noduplicates.txt

The flags are as follows –
-F no regexps (fast)
-i case-insensitive
-v invert results
-f get patterns from file

This worked really well and the end user was pleased. I did convert all the entries into all lower case first in excel using =lowercase(a1) and dragging down the list. Copying the new list to a text file meant I had some clean lists to process.
Unfortunately I didn’t have a copy of grep on my Windows7 machine, so I just uploaded it to a linux server to do the processing – quicker than obtaining grep.
As it turns out, I could have used findstr which comes with Windows. The same output can be obtained with
findstr /g:potentialduplicates.txt fulllist.txt >noduplicates.txt

Bugs Exchange / Outlook Patches

Fixed – Archive options missing in Outlook 2007 and send/receive issues

By Andy on Thursday, December 30, 2010

We had a weird issue this morning where the Archive options were missing in Outlook 2007. This is apparently a known issue with the kb2412171 December 14, 2010 outlook update which allegedly improves stability. It is hard to see how removing functionality, breaking send and receive and reducing performance when you switch folders comes under the category of improving stability and increasing performance.
Thankfully the solution is simple, just remove 2412171 from add/remove programs and everything should go back to normal.
Further details on the patch are also available which includes the known issues when installing 2412171.
Needless to say, we have unapproved this patch on our WSUS servers.

Uncategorized

How to get mobi files into the Android Kindle app

By Andy on Saturday, December 4, 2010

I got a free .mobi file today and it took a couple of minutes to get the file working in the Kindle app on the android. First of all, download the mobi file to the android. By default it will save it in the download file on the SD card. Then using your application of choice, move the file to the kindle directory. If you have the kindle application running, you will need to kill it and then relaunch it so that the kindle app restarts and realizes the file has been loaded.
I use the OI File Manager app for moving files on the android, and Advanced Task Killer to kill applications when required. The other android apps I use can be seen at my Absoblogginlutely appbrain page

Group Policy Windows 2008 Work

Fixed – Adobe Reader not opening in ie – turning off Open in browser.

By Andy on Saturday, November 13, 2010

Using Adobe Reader 9.04 on a Windows 2008r2 Remote Desktop server, I was finding that a lot of websites would fail to run when a pdf file was opened in the browser. Going to Edit/Preferences/Internet and unchecking the “Open pdf in browser” fixed the problem. The next problem was making this site wide and for every user on the terminal server.
Using procmon I was able to check the registry changes that occurred when this box was checked (although this does not help when the av software is constantly scanning the registry and files). By creating HKCU\ Software\ Adobe\ Acrobat Reader\ 9.0\ Original\ bBrowserIntegration as a dword and setting the value to 0, this option was checked for everyone. I did notice that the server initially checks HKLM for the same value, but in testing I found that adding this value under HKLM did not make the user interface change. I know Adobe checks other settings in the registry so I’m not sure if it was checking other locations to see if HKLM should also be set, but in that case, why check the HKLM value too?
Using the Group Policy Preferences I was able to create a new setting and now Adobe Reader works for everyone on the server.

Of course, once you know this key it’s easy to find lots of google articles mentioning bBrowserIntegration but I couldn’t find anything when I initially researched this problem. One solution that might make it easier is to download a Adobe Reader Group Policy template which you can then import (computer / Administrative Templates/ Right click and browse) to apply this and other settings. Note that I found the EULA supression did not work for me with Adobe Reader 9.04 on W2k8R2

Windows 2008 windows7 Work

Fixed – Printers missing in Windows 2008 r2 (and Windows 7)

By Andy on Friday, November 5, 2010

As part of a client migration this week I had to install a whole load of new printers on a new Windows 2008r2 server. In particular, one copier printer had about 7 different printers setup pointing to the same device – this was to allow the user to select which tray they wanted to print to without having to change the printer settings each time.
By the time I got to my fifth printer I noticed that the devices window was only showing two printers. When I selected the details view in explorer it was only showing printer1 and printer4, pressing F5 to refresh the screen would only show printer2 and printer3. This was really disconcerting as I kept getting interrupted in what I was doing so it was hard to work out which printers had already been setup when they did not appear in the user interface. However they did appear in the list of printers when I went to print something from notepad.
Puzzled, I did some searching and eventually came across Network Steve’s post about bringing back printers in Windows 7. Following his instructions and creating a new Key under hklm \Software \Microsoft \Windows \CurrentVersion\ Explorer \ControlPanel \NameSpace called {2227a280-3aea-1069-a2de-08002b30309d} a new icon appeared in control panel called printers and I can now see all of the printers so Thanks Steve!
Incidentally, these printers were set up and shared on a print server and then accessed on a locked down terminal server. I haven’t been able to work out how to get the list of printers to show up for a locked down user within control panel. The printer icon is not a normal .cpl file so I can’t include that in the list of available icons in control panel for users to use. This is not a critical function but helps when testing and troubleshooting printer issues for users in the future.

DNS Microsoft windows7 Wireless

Fixed – wifi not resolving dns on laptop with Windows7

By Andy on Wednesday, November 3, 2010

I had a strange case the other day at work when all of a sudden my laptop would fail to resolve dns queries for my wireless connection only – my wired card was not affected. Changing dns entries to another server did not fix the issue. Eventually I tried disabling the Microsoft Virtual Wifi Miniport Adapter (from device manager) and immediately I was able to resolve dns again. Once I discovered this fix I remembered something similar with this adapter. Looking back through my previous notes we had an issue with Shrewsoft’s vpn software – with the Microsoft Virtual Wifi Miniport Adapter enabled we were unable to get a vpn session working to a Cisco client.
So far, disabling this adapter does not seem to have caused any issues – apparently it’s purpose is to allow you to connect to more than one wireless connection at the same time – an unlikely requirement in most business situations.

Networking Wireless Work

Fixed – unable to connect to vpn with Verizon wireless cards

By Andy on Wednesday, October 13, 2010

After about 3 weeks and many calls with Verizon technical support we finally got to the bottom of being unable to connect via a VPN on USB Verizon wireless cards (an older PCMCIA card was still working fine).

It turns out that the IP Code was set to general – which is normally placed on residential air cards to restrict ip traffic. The tech removed this “feature” and we confirmed vpn worked again.

So, if you are having this problem, contact Verizon Technical support and ask them to remove General IP code from the phone. If the Tier1 support person doesn’t know what you are talking about, request they instant message level 3 support who will know what you are talking about.

Good luck and I hope this prevents 3 weeks of VPN failure for other people.

Thanks to Eric for persevering and finally getting an answer