09 December 2006
02 December 2006
i finally still use vmware on vista.
I created a VM (XP) with the smallest hard drive possible and with 4M of Ram.
When i start it, my hard drive goes mad during 5 minutes (laptop).
Then the vm start, i stop it.
Then i can use vmware as on an XP host, everything works fine.
26 November 2006
-Before firing the setup, put it in Windows XP SP2 compability mode, this avoid a blue screen during driver install.
-If you have UPS or a notebook, you can turn on disk cache performance, which isn't checked by default (even on notebook!).
Mostly, vmwks is VERY slow when you fire the FIRST VM. Then, after 5 minutes of blackout (vista host is frozen), everything goes back to life as normal. Anyway how many VM you start/shut, the cost is on the first only. Until you reboot ! Life to Hibernate mode :)
Another clue: The more the First VM you power on has, the longer will be the frozen time...
Just need to fire the first VM with the least ram possible. You can then shut it, put back the good amount and go ahead..
many websites says to install IIS7 on vista to get the Virtual server 2005 web admin site working.
What they don't say is that you can't install VS2005 before IIS7 (without taking the web site component).
If so, you MUST first remove the whole Virtual Server 2005 R2, correct or not IIS7, then install VS again.
You must also enable basic authentication both on the web site AND virtual folder.
I tried 5 or more times to make Vmware Workstation 5.5.3 or even the Vmplayer working on my Vista RTM US.
I always take a blue screen on the host caused by vmx64.sys or something like this.
I give it up until an official version supporting Vista.
I could not manage to install the Virtual Center client either.
The simple remote console is working anyway.
25 November 2006
just to say i am on Vista RTM + office 2007 since they came out on MSDN.
-bye ActiveSync, life to "Mobile device center"
-Checkpoint VPN isn't working right now
-alchool 120% make bluescren, hard to get it away
-Drivecrypt plus pack doesn't work
-Bitlocker is only working on the system volume, and need a TPM module.
Much faster than XP
Much more stable
Windows Mobility Center
04 November 2006
20 October 2006
Our snmp services was carshing after starting.
The guilty is Arcserve, which register Extension in the snmp service.
Everything went fine after removing the arcserve extension in:
24 September 2006
I just went the hard way with my new laptop.. I wanted to see how it handle games ! I just put the Need For Speed Most Wanted DVD and fire the setup.
When i launch the game, it does nothing...hugh.. I upgraded to 1.3 of NFS, already have the latest drivers & firmware...
Anyway, i just bought "Just cause". Guess what ? It refuses to launch, saying my video card doesn't do pixel shader 1.1 or vertex shader 1.1.
After looking at the 7400's spec, it does the job.
As you may know, official nvidia or ati driver don't work on laptop, you normally must install the manufacturer one.
Thanks to Internet, guys modify the official drivers to work on laptop.
For ATI, look for DHmodtool3
For Nvidia, go to http://www.laptopvideo2go.com/index.php?drivers
Now both games works great. A Dell customer advocate contacted me for another problem (weird noise), i sent him a mail about this issue.
17 September 2006
16 September 2006
Everything look fine, the windows installer is stepping forward...until it rollback while it needed only 3 seconds to finish..
MSDE2000A need the server service started to be able to install itself.
I found this information in a chm from Application analyzer for Lotus.
15 September 2006
everything goes fine except when generating the report:
Microsoft Application Analyzer 2006 for Lotus Domino
Error showing the report - Error in File C:\Program Files\Microsoft Application Analyzer 2006 for Lotus Domino\ReportFiles\ExecutiveMainReport.rpt:
Invalid table number.
I have looked on the net without result... anyone knows what's going wrong ?
I installed a clean station : XP + SP2 + Last update + MSDE2000A + last DotNet.
10 September 2006
06 September 2006
One subject I am working at the moment is: How to monitor NLB Cluster ? How to automatically remove any member still alive but with the application clustered down ?
I have two applications about to be NLB cluster:
-ISA 2004 as reverse proxy
ISA 2004 enterprise can work in NLB integrated mode: If ISA is in bad mood, it remove itself from NLB. NLB is not aware of ISA, but ISA is aware of NLB. That's better than nothing !
Old fashion way was to use cluster sentinel, that came with the Windows 2000 resource kit.
The actual way would be to monitor through MOM, which have packages for both IIS and NLB, and can trigger action on event.
My vmware is burning, i will try out MOM 2005 :)
05 September 2006
we had an issue in our citrix environnment:
-All new users didn't have their default printer mapped, and could not set one. They have roaming profile but they forced to use local profile for performance.
-Another main trouble : their registry was missing critical key:
We are using Citrix policies and a lot of GPO to tail down the environnement (no client drive, no desktop, windows task locked, windows keyboard shortcut disabled, no to everything...).
We finally found out: The "default user" profile was still in the original Documents and settings, while all users profiles were stored on another folder. Moving the "Default User" to the same directory made everything back !
I know, it sound obvious this way, but reality is different...
04 September 2006
03 September 2006
Before starting : I am not spealing about My Documents 's redirection.
Redirection folder may seems a great solution to US. Logon/logoff is fast, but data remains on the server, which means protected.
As we have been using redirection of both Application data, desktop and start menu, i would like to explain the downside which made us going back to standard roaming profile.
We encountered 4 main troubles:
1/When the file server is not available, users feel it immediately:
consequence:all files on the desktop disappear
consequence:softwares using it don't work anymore. Quick Launch icons disappear
consequence:all shortcuts disappear
2/A lot of software use relative path, which doesn't work with application data
With redirection folder, the local profile doesn't have an application folder. Many software, once in the user profile, issue a nice "cd ..\Application data", which fails.
3/Even clustered, when doing a failover, users feel it
Same consequences as 1/. They have to issue a refresh to get the desktop back
4/ redirection & Internet Explorer maintenance issue
Having both IE maintenance (proxy settings) and redirection was an issue. Even if splitted into 2 GPO. We had to apply an hotfix for Windows XP SP1 and SP2.
For now, we just have roaming profile and My documents redirection + offline.
Hope it helps,
01 September 2006
For those that are installing MS NLB, do not think about a private network !
To the contrary of MSCS cluster, you mustn't have a cross over or isolated network:
31 August 2006
If like us, you have a cluster as printer server, you have noticed that you can't dump printer info from wmi. This is referenced at Microsoft.
Else, you can dump them if they are published in Active Directory.
The following script works great on a W2K3 AD (with a W2K3 cluster):
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.CommandText = "Select printerName, serverName from " _
& " 'LDAP://DC=mydomain,DC=com' where objectClass='printQueue'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 30
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute
Do Until objRecordSet.EOF
Wscript.Echo "Printer Name: " & objRecordSet.Fields("printerName").Value
Wscript.Echo "Server Name: " & objRecordSet.Fields("serverName").Value
For those who want to send mail direclty from a vbscript, but without any third damn thing, here is a great function:
Set objEmail = CreateObject("CDO.Message")
objEmail.From = firstname.lastname@example.org
objEmail.To = "email@example.com"
objEmail.Subject = "this is my subject"
objEmail.Textbody = "this is my body"
("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "mail.mydomain.com"
("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
Set objEmail = Nothing
tested on XP, 2000, 2003, without Outlook installed, and without any access to internet
30 August 2006
here is what you would put in a script to force immediate WSUS checkup by client:
net stop wuauserv
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v LastWaitTimeout /f
REG DELETE "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v DetectionStartTime /f
Reg Delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /f
net start wuauserv
A more lightweight command:
29 August 2006
The grace mode is 90 Days. So you may not notice that you are in the grace mode...until the next 91 Days!.
TS Server may auto locate the license server, but you can set it manually; see KB 239107.
The big road:
Add the following value:
Data type: REG_SZ
Data value: ServerName
To make a workstation working again immediately, you can reset it's token. Upon the next connection, the station will generate a new token that will be in grace mode for 90 days.
The key to delete:
If you are on a per user mode, TSE doesn't count users. So it's just a declarative status.
I just answered to a request on a mailing list. It looks simple to add a folder to the inbox, but I needed some time before getting it right..
On Error Resume Next
set olApp = CreateObject("Outlook.Application")
set inbox = olApp.GetNamespace("MAPI").getDefaultFolder(6)
set temp5 = inbox.folders.add("Added by vbscript",6)
6 is for the inbox
I am a bit perplexed today..
When doing a chkdsk in read-only on our cluster filer, no error.
Now If i do a "check of error" through O&O, it complain that the FileSystem is damaged...
I contacted O&O support,it's not possible to get more details about which error it find. It just complain.
I Contacted PSS to ask about hidden read-only option, but they don't seems to have.
O&O Support says they do a deeper check.
Well, i fired up O&O without error checking, that should not be serious error since chkdsk find nothing.
I wouldn't notice much normally, except we just had a big issue with security descriptor last week, which we noticed thanks to O&O error checking !
Life is too bad!
27 August 2006
We worked this saturday to resolve our security descriptor issue.
What we did:
-Backup via backup software
-Snapshot on the san (two better than one!)
-We tagged the cluster partition to dirty with fsutil
-Moved the group to the other cluster node
-Since the disk is dirty, the other node fired up chkdsk in correct mode
-Then we started the MS CorrectSD tool... Well, they do not support it...And it didn't work for us. The tool reported many errors (Skipping SD, fails to change SD).
We stoppped it before the end, since the filed known to be corrected were weird. We could open them (i mean we had access), but the security tab was completely empty (even no system).
We decided to use the FilesMapping text files created by correctSD to restore impacted folders. 80% of the problems where in a single root folder (the roaming profile one).
Guess what ? restoring with the backup software didn't correct the security tab..We decided to remove all impacted folder and then restore. That Worked !
To conclude, interesting things:
-While chkdsk reported Security descriptors errors, it didn't change anything (read only). Our backup software could correctly save the data with the associated good Security descriptors.
Only After the chkdsk in correct mode, all SD were broken.
-We fired up a chkdsk in read only after all, the bug is gone.
Maybe we didn't use correctly the correctSD tool. At least, this tool is great, it read a chkdsk dump file which contains only FilesID (numbers), and then it give you the mapping between the numbers and the file name and path. So you know which files are in troubles.
Thanks to the urgent flag, i got it 5 days after the order :)
Guess what ? the XPS M1210 is really great! I have never seen wmare running this fast on a laptop ! going from standby to resume is instant !
This laptop seems to have the Intel VT capacity. My vmware doesn't seem put the
monitor_control.vt32 = "TRUE" .
I will try to set it manually..
and now the downsides:
-The webcam doesn't record video in resolution higher than 640x480 (photos works in 1,3M)
-I hear a noisy sound while on the AC. I will open a call to dell about it.
23 August 2006
In some instances, I've seen a partition in which Windows reported the partition as severely fragmented. The partition only contained the Exchange database and no other files. So the question is, do we and can we perform a Windows file level defrag?
This answer is directly from Microsoft PSS.
"Based on your inquiry, I understand that you need to know if it is recommended to do a disk level defrag on an Exchange server. If I have misunderstood your concerns, please let me know.
According to your question, I'd like to point out that you can perform a disk level defrag on an Exchange server. However, if the disk holds only Exchange Server databases, it is not necessary to do disk-defragment because Exchange can do it internally. You may want to defrag the disk in order to improve the performance, but you may not see the result that you expected. Exchange uses and releases pages inside the database directly regardless the disk fragmentation. Exchange defragment is a file level defrag. Exchange online defragment will rearrange the data but not release the fragmentation space. Exchange offline defragment will rearrange the data and then release the free space. Therefore, the Exchange offline defragment is recommended. Anyway, you can do a disk level defrag after Exchange defragment if you want to do."
Microsoft Professional Technical Support
Useless to defrag on the File System point of View.
1/Stop the bleeding: new version of ntfs.sys
2/Launch MS internal Tool: CorrectSD. It will dump all impacted files and their security descriptor.
3/backup file system
4/Fire up a chkdsk /F. All impacted files will have their Security Descriptor reset to default.
5/Launch the CorrectSD Tool in modify. It will put back the good Security Descriptor.
The Bug should appear with 4 Millions files on the FS or MFT bigger than 4GB.
We have the bug with 1,5 Millions's files. This may come from a high activity on the FS (defrag during working hours, as we did with O&O).
We have planned these actions on saturday, i will keep you in touch.
ps: CorrectSD is an internal tool from MS. Ask me by mail if you would like it.
18 August 2006
I run a chkdsk in read only to find out these errors.
Here is an extract of the output:
Replacing invalid security id with default security id for file 1396371.
Replacing invalid security id with default security id for file 1396372.
Replacing invalid security id with default security id for file 1429033.
Replacing invalid security id with default security id for file 1598662.
Fixing mirror copy of the security descriptors data stream.
Security descriptor verification completed.
Windows found problems with the file system.
Run CHKDSK with the /F (fix) option to correct these.
I decided to open a pss call. It's not yet resolved, but we are on this track:
The Chkdsk.exe utility incorrectly identifies and resets security descriptors in Windows Server 2003
It is possible that chkdsk is reporting false errors. I just send the msrpt cab to pss (see the previous post).
I keep you in touch
You may receive a "The application or DLL C:\Windows\System32\win32k.sys is not a valid Windows image" error in MPSReport on a computer that is running Windows Server 2003 or Windows 2000
The application or DLL C:\Windows\System32\win32k.sys is not a valid Windows image. Please check this against your installation diskette.
That's not your server end of life (using msrpt often means already in troubles), it's a bug from the MSRPT himself !!
For the full details, go to :
17 August 2006
No trouble so far on our production system.
08 August 2006
exmerge won't migrate the permissions on the calendar & co. Even if you keep the SID.
Let that bad friend(exmerge) for a new one : setperm !
That great tool will allow you to set permission on calendar, contact, inbox...
The readme say things, but it worked for me with this config:
-Windows XP last update
-Office 2003 last update with CDO
Just register the dll, and use an accound that have full access to all mailboxes (not domain admins!!!).
If you have an error about a bad picture, that's because your account isn't admin of the workstation.
The only bad side is the outlook security alert (Twice per box) asking you to allow setperm to play with him :)
You may think you are out of hell...just ask your users about their filtering rules...
download setperm here: http://www.amset.info/downloads/Setperm.zip
04 August 2006
02 August 2006
This plugin allow instant search in the outlook client in all folders, attachement included !
the old version is here:
the last version is here:
I personnaly use the old one on Outlook 2003
WSUS wasn't working anymore.
My research lead me to the following KB(913441): http://support.microsoft.com/default.aspx?scid=kb;en-us;913441
The source of our problem came from IIS (which explain why WSUS stopped working on the server too).
I contacted MS to get the fix, it worked great on our server.
Contact me if you need the patch
This is documented on a MS KB 231208: http://support.microsoft.com/kb/281308/en-us
You will need to set the DisableStrictNameChecking.
FYI, i tested it on a Windows 2003 cluster (file server) with success
When you want to set the peak hours, you may be blocked on a 12 hours based schedule but without the AM/PM choice. Every other hour format is on a 24H based!
Yes, it block on the AM part.
On the regional setting, choose AM and PM on the hour tab.
AM and PM will display nowhere, except on the peak hours setting !
29 July 2006
-Create a new VM with 16G of disk (yes, no choice!)
-When it comes to format in the installer, stroke SHIFT + F10:
select disk 0
create partition primary
Click on the vmware reset to immediately reboot
On the bios, stroke "ESC" ; choose cdrom
then you can install without matter!
18 July 2006
I finally renamed our AD Domain yesterday !
Here are the sticky steps:
For SQL, I asked the PSS : you need to go trough the SQL Setup, see:http://support.microsoft.com/default.aspx?scid=kb;EN-US;319016
Then you need to recreate ALL AD Users in SQL.
For the filer/printer cluster, i followed:http://support.microsoft.com/kb/269196/
For Exchange, i followed the same KB but only after issuing thexdr-fixup.
SMS 2003 Was removed and installed again after (we exported ourcollections/ query as MOF file)
WSUS didn't have any issue, we didn't removed it.
Norton passed trough without any trouble, server and client stillcommunicate well.
Citrix is a bad one, needed to create again all users, and we didn'tchange the farm name (same as domain); if you do so, you have torecreate all publish.
For the NT Service, i used a vbscript to find all of them, the samefor scheduled tasks.
About the scheduled tasks, when you change the first, all are updated!
So everything was fine, except one mistake from me : I issued the/clean too fast, workstation weren't migrated yet.. Too bad..We had tobrought them out & in the domain.
Hope this will help others in the same case,
The best tools editor for Windows is now owned by Microsoft !!!!!!
25 June 2006
It can comes from many things, but here are the clues I know:
-Try on different computers with different users.
-When you get this error, go to control panel/courrier/ then remove the outlook profile before trying again.
-The other source of this problem is the GAL itself.
The RUS set up Exchange users's properties in AD. One of them is very important, showInAddressBook.
If this is a new user, try to force a rebuild of the RUS and offline addressbook and check eventlog for errors.
If the RUS or offline book is concerned, you can reset the Exchange system folder (take care!), KB 822444
From Microsoft KB:
How the Recipient Update Service Populates Address Lists
Troubleshooting the Recipient Update Service in Exchange Server 2003 and Exchange 2000 Server
Troubleshooting Check Name errors
The downside is that all icoming mail on Exchange are tagged with @NOTEDOMAIN at the end.
The MS KB 255160 indicate that it's recommanded to set the Exchange as smtp inbound gateway.
I tried it, but then i got all mail to Lotus users kept for 10 minutes in the exchange queue. They stay in the deferred delivery queue without any reason.
I will update this post when resolved
-I turned again the Exchange as the inbound smtp gateway. It works ! I changed many things, so i don't really know the guilty parameter.
The Exchange is now also the SMTP outbound for the Lotus Notes. @SMTP@Exchange mail were tagged since, but i applied the MS KB 251955. The suffix is gone, and mail flows work much better!
I figured out the source of the problem: The System Attendant Must have a Lotus Notes proxy address.
To check if the System Attendant got a Lotus proxy address, fire up adsiedit.msc,
then go to:
Configuration / Services /Microsoft Exchange / Your Org name / Administrative groups / Your administrative group / Servers / Your Server with lotus conn / Microsoft System Attendant
On the properties page, go to proxyaddress, then edit and you should have something like:
NOTES:Microsoft System Attendant/First Administrative Group/
I didn't have, so i added it manually and it worked out !
Microsoft KB about this issue: Click here
24 June 2006
Certification Authority SSL Product Supported Versions
CyberTrust SureServer Certificate 2003 and 5.0
Entrust.net Standard SSL Certificate 2003 and 5.0
Entrust.net Enhanced SSL Certificate 2003 and 5.0
Entrust.net Premium SSL Certificate 2003 and 5.0
Geotrust Power Server ID 2003 and 5.0
GlobalSign ServerSign SSL Certificate 2003 and 5.0
GoDaddy Turbo SSL 5.0 w/ MSFP only
GoDaddy High Assurance SSL 5.0 w/ MSFP only
Thawte SSL Web Server Certificates 2003 and 5.0
Thawte SSL 123 Certificates 2003 and 5.0
Verisign Secure Site SSL 2003 and 5.0
Verisign Secure Site Professional 2003 and 5.0
It sounded great, some issues corrected !
I updated my connector successfully :)
It was great until i tried to migrate a mailbox trough the MS Wizard. I got NSD from Lotus Notes, saying Notes crashed!!! It Started to dump the mailbox but crashed after a thousand...
After a debugging sessions, the troubles came from this new connector, i reverted to the old one.
If someone got the issue and have a solution or workaround, send me an email!
The last version can be downloaded here
I will try to give here the tracks i went trough to migrate correctly.
To start with, i am going to list the big steps i did:
-Upgrade the AD & Forest to native 2003
-Install the first exchange node (cluster).
-Upgrade to Exchange 2003 native mode.
-Install another exchange temporary server, which will host the Microsoft Lotus Notes connector.
-I followed the great Guide from Microsoft to get the exchange connector working with Lotus:
Again the big steps are:
-Create a dedicated account to the MS connector and a foreign domain on Domino
-setting up the connector (which server, Notes Domain, which users to sync...)
-Install a server tasks on the Domino server (small exec from MS)
The MS Connector only migrate the Mails & calendar info, no archive and no contact!!!
I created an exchange user to test the communication between Exchange & Notes.
Our main problem is to keep the Lotus account, since we are doing a smooth migration. But the mail & co must go to the exchange mailbox when the user is migrated.
To migrate a Notes users, i do:
-Create the Exchange Mailbox
-Set up a permanent forward on the Notes account to firstname.lastname@Exchange
-Turn off the sync of user account in others directory
-I use the MS Wizard to migrate the mails & agenda.
-I rename the Notes account to _exchXX. The Notes users only see the exchange account to send mail to the users. But the users remain members of Notes groups, no acl to do again :)
The users reads mail & agenda on outlook, and can open Lotus to see the mails & agenda before the migration, use lotus applications or work on base documents.
The remaining problems concerns the archives & contacts.
about the contacts:
-We created a special view in notes, which allow to correctly export the Notes contacts to CSV and then import to Outlook. The downside ? It's manual and the groups aren't migrated.
about the archives:
I couldn't find a free issue for the archives. I think we could replace the Notes mailbox by the archive one and launch the MS Wizard, but i didn't try it yet.
We just bought the Quest Migration suite, which can migrate mail,agenda, contact and archives. It's not cheap (11€/users).