22 December 2007

VmWare: Suppress all host speaker beep from VM

Still getting beeeep even with the sound card disconnected from your VM ? This is getting seriously on your nerves ? Just take this pill :)

Add mks.noBeep = true

On Vista:
C:\Users\XXXXX\AppData\Roaming\VMware\preferences.ini

On XP:
%USERPROFILE%\Application Data\VMware\preferences.ini

Enjoy now silent VM :)

21 October 2007

HP All-in-one driver update - issue fix

For those that have an HP all-in-one 6310 and Windows Vista, there is an update from P to prevent uninstall of the driver Here

This is a follow up of my previous post:
http://lordoftheping.blogspot.com/2007/05/hp-officejet-all-in-one-6310-and-vista.html

19 October 2007

I am going to TechED in Barcelone!

I subscription is definitely OK! I am going to TechED !! YeAh !!

13 October 2007

11 October 2007

Ask admin why they are logging on

I went on an interesting question over newsgroups.. Someone posted "how to request why admin are logging on?"
He wanted something like when rebooting a 2003 server. While you can't do this through GPO, i wrote a little vbscript to make this.
It open a messag box, popping the question. Then i add an application event with username and comments or a message indicating he refused to explain.

Here is the script:
'==========================================================================
'
'
' NAME: <>
'
' AUTHOR: Mathieu CHATEAU, gollum123@free.fr
' DATE : 11/10/2007
'
' COMMENT:
'
'==========================================================================
option explicit
Dim msg, objshell,UserName
Const EVENT_SUCCESS = 0
Set objShell = Wscript.CreateObject("Wscript.Shell")
UserName = objShell.ExpandEnvironmentStrings("%username%")

msg = InputBox("Why are you logging?")
if msg = "" then
msg="refused to say why"
end if

objShell.LogEvent EVENT_SUCCESS, UserName & " logged on because:" & msg
Set objShell = Nothing

07 October 2007

Freeware: Microsoft Active Directory Topology Diagrammer

The Microsoft Active Directory Topology Diagrammer reads an Active Directory configuration using ActiveX Data Objects (ADO), and then automatically generates a Visio diagram of your Active Directory and /or your Exchange 200x Server topology. The diagramms include domains, sites, servers, administrative groups, routing groups and connectors and can be changed manually in Visio if needed.

Download

03 October 2007

Freeware: RoyalTS


If you need to connect to many server through Remote Desktop, this tool is for you!
http://code4ward.net/CS2/Default.aspx

PS:thanks to Thierry DEMAN for pointing me to this great freeware

30 September 2007

French version of my blog

For those french speaking people, i have also opened a parallel blog in french:
http://www.lotp.fr

Up to now, it mainly contains same post in french, but that will change ;)

29 September 2007

Excel 2007 fails math test

Yesterday evening we were alerted to an issue in Excel 2007 (and Excel Services 2007) involving calculation of numbers around 65,535. The first example that we heard about was =77.1*850, but it became clear from our testing as well as additional reports that this was just one instance where Excel 2007 would return a value of 100,000 instead of 65,535

http://blogs.msdn.com/excel/

Download Office 2003 Service pack 3

Office 2003 Service Pack 3 is out !
http://www.microsoft.com/downloads/details.aspx?displaylang=fr&FamilyID=e25b7049-3e13-433b-b9d2-5e3c1132f206

Great freeware to digg security eventlog: NTLast

This freeware digg eventlog and sum all bad tries with user account and machine name from where the logon failed
http://www.foundstone.com/us/resources/proddesc/ntlast.htm

27 September 2007

Politique de mots de passe. Encore une fois.

This article is a translated version of a blog post from Steve Riley. You can read the original version here.

Cet article est une traduction d'un post de Steve Riley, dont vous pouvez lire la version originale ici.

Récemment dans les newsgroups (news:microsoft.public.security, pour être précis), la gestion des mots de passe et leurs paramètres par défaut est ressortie. L’auteur s’est plaint sur un certain nombre de choses : que Microsoft n’active pas le verrouillage de compte par défaut, que nous n’avons pas de mécanisme natif pour désactiver automatiquement les comptes inutilisés, que l’expiration par défaut au bout de 42 jours est troublante. Voici ma réponse ; j’imagine quelle fera un billet très utile en même temps.

 

Verrouillage de comptes

Le verrouillage de comptes est une faible substitution par rapport aux bons mots de passe – et s’avère être une des plus chère fonctionnalités de sécurité. Imaginons maintenant la menace. Quelle menace essayons-nous de réduire ? La découverte de mots de passe. Comment rendre la découverte de mots passe inutilisable par un pirate ? Deux possibilités : le verrouillage de comptes ou alors un mot de passe de qualité, c'est-à-dire long.

Considérons le premier choix, le verrouillage de comptes. Le coût typique dans une entreprise pour réinitialiser un compte est de 55€ par appel à la hotline. Dans une entreprise de taille moyenne ou importante, cela peut devenir un coût récurrent très important. Dans pratiquement tous les cas, l’appel vient des utilisateurs qui ont eux même verrouillé leur compte (peut être un peu trop d’alcool dans l’avion?), et n’est pas dû à un pirate essayant de découvrir leur mot de passe. Ce verrouillage crée un autre dangereux problème : il offre la possibilité de faire du déni de service sur des comptes voir sur le domaine entier ! Même avec l’utilisation d’un verrouillage temporaire, de 15 minutes par exemple, un attaquant peut écrire un script qui fait des essais toutes les 15 minutes et 2 secondes. En conséquence, contrairement à ce qui est attendu, l’activation de cette fonction peut avoir un impact très néfaste sur le bon fonctionnement.

Le verrouillage de comptes est prévu pour les personnes qui en ont absolument besoin. Mais je n’arrive pas à imaginer aucun cas où cela soit avéré. A la place, créons une politique qui demande des mots de passe simples, d’au moins 15 caractères. Oubliez les règles de complexité qui obligent les utilisateurs à écrire leur mot de passe sur un papier. Une simple « passphrase » (une courte phrase) est facile à se rappeler, rapide à taper, et de loin plus solide que n’importe quel mot de passe complexe mais court. Une courte phrase va résister aux attaques de mots de passe, y compris celles basées sur des « rainbow tables ». Et vous pouvez même utiliser une méthode afin de vous souvenir d’une phrase unique par site si vous le souhaitez :

  • webmail: "mon chien et moi avons du courrier"
  • courses: "mon chien et moi avons acheté des choses"
  • bureau: "mon chien et moi sommes au travail"

C’est la raison pour laquelle nous désactivons par défaut le verrouillage de comptes. Il y a de bien meilleur -- et moins cher -- moyens de réduire la menace.

 

Désactiver les comptes inutilisés

Vous avez raison, il n’y a pas de méthode native pour automatiquement désactiver les comptes inutilisés. Plusieurs produits tiers peuvent fournir cette fonctionnalité. Je pense que certains sont gratuits, peut être même un simple script. J’ai lancé une recherche sur « automatiquement désactiver les comptes inutilisés » et j’ai vu quelques liens prometteurs. Cette fonction, particulière, appartient néanmoins au processus des Ressources Humaines. Un certain nombre de clients avec qui j’ai parlé incluent la création/désactivation/suppression de comptes dans leur processus RH. Quand un nouvel utilisateur est embauché, son compte est crée, quand il part, son compte est désactivé, puis supprimé quelque temps après. C’est le système des Ressources Humaines qui s’en charge, et non les administrateurs du domaine ou de l’entreprise. J’ai écris davantage sur ce sujet dans "When you say goodbye to an employee." 

 

Expiration des mots de passe

L’expiration des mots de passe est un paramètre important pour tout le monde. Cela réduit deux menaces : les collaborateurs qui partagent leur mot de passe, et les pirates qui les découvrent. Parce que nous éliminons la deuxième menace à travers des mots de passe longs et simples comme décris plus haut, nous n’avons plus qu’une seule menace : le partage de mots de passes. Votre estimation de cette menace dans votre environnement vous guidera dans le choix de la durée d’expiration qui vous convient le mieux. 42 jours est une durée par défaut raisonnable ; notre propre réseau a une valeur de 70 jours. Mon expérience avec la plupart des clients montre que le partage de mot de passe n’est pas un problème. Je pense qu’une valeur de 120 jours est raisonnable pour ceux qui rendent obligatoires les mots de passe longs et simples.

Windows commence à vous notifier 14 jours avant l’expiration du mot de passe. Vous pouvez changer ce délai à travers les politiques de groupes. J’ai été récemment dans une situation similaire. Le mois dernier, mon mot de passe du domaine a expiré pendant que j’étais en Australie pour les TechEd. J’ai pu continuer à m’authentifier sur mon portable avec mon compte en cache, mais je ne pouvais plus utiliser Outlook Web Access ou RPC+http. Je me suis donc connecté sur un ordinateur Terminal Serveur que nous avons sur Internet, authentifié dessus, et j’ai changé mon mot de passe.

24 September 2007

Default Limit to Number of Workstations a User Can Join to the Domain

By default, users can only add 10 workstations to the domain before loosing their delegation

If you may need to increase this:

http://support.microsoft.com/kb/243327/en-us

 

The guilty attribute is ms-DS-MachineAccountQuota

20 September 2007

vbscript to change printer server

Hello,

many people asked on newsgroup how to migrate from a printer server to another, without manual intervention off course.

1/Migrate drivers and declared printer with print migrator from Microsoft:

http://www.microsoft.com/downloads/details.aspx?FamilyID=9b9f2925-cbc9-44da-b2c9-ffdbc46b0b17&displaylang=en

2/

Use the following simple vbscript. Jut replace MYNEWPRINTERSERVER with the new print server name.

You may call it with cscript to not send popup, or remove wscript.echo to not warn user.

The best way is during logon script

The new print server must be already online and ready, as it removes the current printer and map again on the new print server

You can download here:

http://gollum123.free.fr/printermigrator.vbs

here is the code source:

----------------------------------------------

On Error Resume Next
Function GetDefaultPrinter()
sRegVal = "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Device"
sDefault = ""
On Error Resume Next
sDefault = objShell.RegRead(sRegVal)
sDefault = Left(sDefault ,InStr(sDefault, ",") - 1)
On Error Goto 0
GetDefaultPrinter = sDefault
End Function

Set objNetwork = CreateObject ("Wscript.Network")
Set objShell = CreateObject ("WScript.Shell")
Set objFSO = CreateObject ("Scripting.FileSystemObject")

LogonServer = objShell.ExpandEnvironmentStrings("%logonserver%")
UserName = objShell.ExpandEnvironmentStrings("%username%")

strComputer = "."
PrintServer = "MYNEWPRINTERSERVER"
PrintServer = LCase (PrintServer)

Err.Clear
Set objWMIService = GetObject("winmgmts:" & _
"{impersonationLevel=Impersonate}!\\" & strComputer & "\root\cimv2")

If Err.Number Then
wscript.echo ("Error : " & Err.Number & ": " & Err.Description & VbCrLf)
Err.Clear

Else
ImpDefault = GetDefaultPrinter
Set colInstalledPrinters = objWMIService.ExecQuery _
("SELECT * FROM Win32_Printer")
For Each objPrinter in colInstalledPrinters
PrinterArray = Split (objPrinter.Name , "\")

If (LCase(objPrinter.ServerName) <> "") and (LCase(objPrinter.ServerName) <> "\\" & PrintServer) then

objNetwork.AddWindowsPrinterConnection "\\" & PrintServer & "\" & PrinterArray(3)
If Err.Number Then
wscript.echo ("Error : " & Err.Number & ": " & Err.Description & VbCrLf)
Err.Clear
End If

If ImpDefault = objPrinter.Name then
objNetwork.SetDefaultPrinter ("\\" & PrintServer & "\" & PrinterArray(3))
End If

objNetwork.RemovePrinterConnection objPrinter.Name
End If
Next
End If

-------------------

18 September 2007

Office 2003 GPO reference settings excel

As for Operating System, you can have the great Excel file that contains all settings that can be set from GPO on office 2003.

Download the Office 2003 Service Pack 3 Administrative Template (ADM), OPAs, and Explain Text Update:

http://www.microsoft.com/downloads/details.aspx?FamilyID=BA8BC720-EDC2-479B-B115-5ABB70B3F490&displaylang=en

It contains Office 2003 Group Policies.xls

How to remotely enable Remote Desktop

If you need to enable the remote desktop, you can set fDenyTSConnections to 0

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server

The same job can be done through GPO with "Allow users to connect remotely using Terminal Services"

http://technet2.microsoft.com/windowsserver/en/library/608fb22b-5138-4f4b-873d-4aa8fc23cd641033.mspx?mfr=true

13 September 2007

Active Directory elementary best practices

hello folks,

many guys come to Microsoft newsgroups with AD related problems.

Many of them could be avoided by following these advices:

  • never get more than 5 minutes clock offset between any computer in the domain (and the one you are going to put in the domain)
  • Always have your domain members (servers and workstations)using you DC's DNS
  • DC should point to themselves as DNS, not your ISP
  • Operation Master FSMO role can't be on a Global Catalog, except if you have only one DC or if all DC are Global Catalog

Hope it helps,

06 September 2007

Sysinternal tools update

Process Explorer has been updated, it mainly adds compatibility with Windows Vista.

http://www.microsoft.com/technet/sysinternals/utilities/processexplorer.mspx

30 August 2007

The way back machine

http://www.archive.org/web/web.php

A great site that keeps track of websites from years passed...
Microsoft Web site 10 years ago ?
http://web.archive.org/web/*/http://www.microsoft.com

25 August 2007

Windows Server 2008 Component Posters

You can freely download the Windows Server 2008 Component Posters:
http://www.microsoft.com/downloads/details.aspx?FamilyID=c2b9e44e-0bbd-47cb-bc09-b3d48be7f867&DisplayLang=en

they were originally printed in the July 2007 issue of TechNet Magazine

24 August 2007

DFS and FQDN Referrals

On the Microsoft Newsgroups, someone asked for using FQDN (Full Qualified Domain Name) with DFS-R Referrals.

While first of all that doesn't sound accurate, you must set the key as DFS:

How to configure DFS to use fully qualified domain names in referrals
http://support.microsoft.com/kb/244380/en-us

You must set this key before creating the DFS.

Schema Changes Reference for Exchange 2007

Schema Changes Reference for Exchange 2007
http://msdn2.microsoft.com/en-us/library/aa581540.aspx

Shared drive still displays after cluster move group

After moving cluster resources on a 2003 cluster, the passive node still get drive letter displayed in the explorer. This is a difference with Windows 2000:

Managing Disk Ownership in a Windows Server 2003 Cluster
http://support.microsoft.com/kb/818878/en-us

18 August 2007

DHCP lease longer than expected

if you use Microsoft DHCP, you may have seen that lease last longer than expected. Between 4 & 5 hours more.
This comes from the grace period, which last 4 hours by default. If your dhcp is quite full or having people moving around, you may reduce this grace period:

HKLM\System\CurrentControlSet\Services\
DHCPServer\Parameters\LeaseExtension

Value Type: DWORD
Value Data: time in minutes

So that explain the 4 hours. But why 5 ? Because the dhcp cleanup only occurs every 60 minutes by default, except if dhcp lease are starving. You can make it more aggressive:

HKLM\System\CurrentControlSet\Services\
DHCPServer\Parameters\DatabaseCleanupInterval


Hope you will find it useful!

16 August 2007

SCOM 2007: NLB Management Pack

Monitors Microsoft Network Load Balancing clusters. Detects, sends, alerts, and automatically responds to critical events.

http://www.microsoft.com/downloads/details.aspx?familyid=78d8c93a-bae6-4c5d-90af-b0bf2ce12998&displaylang=en&tm

09 August 2007

Windows Vista: 2 updates that boost the beast

An update is available that improves the performance and reliability of Windows Vista
http://support.microsoft.com/?scid=kb%3Ben-us%3B938979&x=24&y=15

An update is available that improves the compatibility and reliability of Windows Vista
http://support.microsoft.com/?scid=kb%3Ben-us%3B938194&x=9&y=15

08 August 2007

07 August 2007

Wirelesstime - Freeware for smartphone/pocketpc

If you want to minimize battery usage at night, you may be interested by this tool:
http://www.lepocketpc.com/index.php?option=com_content&task=view&id=738&Itemid=6

It allow to turn off or on bluetooth, gsm radio, wifi at specified time.So it will turn off at night, and on when you wake up !

need a hotfix from Microsoft ? don't call, fill a form!

instead of calling Microsoft to get a Hotfix, you can fill an online form:
https://support.microsoft.com/contactus2/emailcontact.aspx?scid=sw;en;1410&WS=hotfix

source:http://msmvps.com/blogs/erikr/archive/2007/08/07/hotfix-request-web-submission-form.aspx

01 August 2007

Windows Desktop Search On XP with office 2007

If you install Office 2007 AFTER Windows Desktop Search, it won't index Outlook Mail.
You need to install again WDS, it works immediately after !

29 July 2007

Greg The Architect

Some great fun !
http://www.gregthearchitect.com/index.html

ISA 2006 Array & windows 2003 service pack 2

We had an issue between isa 2006 and the Windows 2003 service pack 2.
We firstly installed isa and then the SP2. It worked out. The Array was working with nlb, AD replicating between the two nodes.

We then built another time, but firstly the SP2 and then ISA 2006...Nothing working after installing isa...no Active Directory communication, even with the famous any/any allow.
Disabling the RSS changed nothing. It was complaining about syn packet missing (which is wrong).
We finaly built it again, after trying to remove the service pack2.

27 July 2007

Vista: resource memory desktop heap ? raise it !

When you open a large amount of windows / software, you may become short in desktop heap...

HKLM\SYSTEM\currentcontrolSet\control\Session Manager\SubSystems
Open the windows Key.
change the 2nd number of SharedSection, from 3072 to 4096 or even 8192

Reboot!

Resource:
original post:http://blogs.zdnet.com/Bott/?p=269

22 July 2007

QuickTime crashing on Vista

UPDATE: I found out, this came from ACE Mega codec Pack. Removing it make quicktime player and itunes Works immediatley... This is the second time i got trouble due to the ACE Mega codec Pack. The last time it was Windows DVD Movie Maker that was crashing !

---------------------------
Microsoft Visual C++ Runtime Library
---------------------------
Buffer overrun detected!

Program: C:\Program Files\QuickTime\QuickTimePlayer.exe

A buffer overrun has been detected which has corrupted the program's
internal state. The program cannot safely continue execution and must
now be terminated.

This is the latest version of the Quicktime Player :'(
Consequence: Itunes 7.3.1 crashing too

21 July 2007

Cool plugin for Firefox

GetJetableMail:
http://extensions.geckozone.org/GetJetableMail/

Magic Password:
https://addons.mozilla.org/fr/firefox/addon/874

Microsoft FTP site: PSS tools great resources

for those that never tried:
ftp://ftp.microsoft.com/PSS/Tools/

Best free Microsoft Tools !
Anonymous login accepted

Windows Mail bug

UPDATE: That comes from the newsgroup rating feature. Just turn it off.


I am trying to send a newsgroup message, but i got this window, looping forever:



Clicking OK make is still appears... I could save the message and close Windows Mail, but this windows need to be killed.

19 July 2007

Hide me this security tab i shoudn't see...

As you may know, Two security tabs are hidden from the ESM...

How to enable the Security tab for the organization object in Exchange 2000 and in Exchange 2003

http://support.microsoft.com/default.aspx?scid=kb;EN-US;264733

in short:
HKEY_CURRENT_USER\Software\Microsoft\Exchange\EXAdmin
Value Name: ShowSecurityPage
Data Type: REG_DWORD
Radix: Binary
Value: 1

Restart the ESM

New tool from Joeware: unjoin

http://www.joeware.net/freetools/tools/unjoin/index.htm

extract:
It will unjoin a machine from a domain and not even start to ask the domain for permission or even tell it it did so, zip, out of the domain, have a nice day. You will find that this will likely be faster than NETDOM for any unjoin ops. It allows you to specify connection creds and will also allow you to specify a reboot. Of course it has a built in safety in that you have to specify -forreal to get it to do the real work or otherwise it will just tell you the current join status of the machine in question (i.e. in a workgroup named xxxx or in a domain named yyyy).

17 July 2007

Windows Home Server is finaly RTM'ed

http://www.microsoft.com/windows/products/winfamily/windowshomeserver/default.mspx

MPSReports: New tool from Microsoft to collect information

http://www.microsoft.com/downloads/details.aspx?FamilyID=00ad0eac-720f-4441-9ef6-ea9f657b5c2f&DisplayLang=en

The MPS Reporting utility PFE version is utilized to gather detailed system status and configuration information. The data collected will assist with fault isolation and general health-checks. The PFE version of MPS_REPORTS gathers a wide range of diagnostic information from Windows and limited information for server applications installed such as SQL or Exchange.The MPS Reporting Tool is self-extracting and will run on Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003 x86. Windows Server 2003 x64 (AMD64), and Windows Server 2003 for Itanium.This reporting utility DOES NOT make any registry changes to the operating system and is entirely a batch command utility. There are files extracted during run-time as the utility is running. The reports gathered are compressed into a ".cab" file and then deleted. The compressed .cab file is normally 2-5 MB depending on the system configuration and is therefore easy to transfer in case the data is needed for analysis.

16 July 2007

Update: I created a vmware VSD Stencils

I created a VSD that is a compiled of many icons found....
enjoy!
http://gollum123.free.fr/vmware.VSD

Exchange: Make a shared contact folder available Offline

If you need a shared contact folder available offline:
-Add the folder to your favorite in Outlook
-Change your exchange account to get all public folders favorites available offline

PowerShell: getting all Active Directory computers running a particular service

$strCategory = "computer"
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.Filter = ("(objectCategory=$strCategory)")
$colProplist = "name"
foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}
$colResults = $objSearcher.FindAll()
foreach ($objResult in $colResults)
{
$temp=[System.ServiceProcess.ServiceController]::GetServices($objComputer.name)
where{$_.name -eq 'Dhcp'}
If($temp.status -eq "Running")
{
Write-host $objComputer.name
}
}

I am "People Ready" !

For those that speak french, i got interviewed for Microsoft advertisement, "People Ready" :)
It's about our deployment of Windows Mobile smartphones...
http://gollum123.free.fr/people_ready.pdf

15 July 2007

PowerShell: Playing with the env value

Simple question: do the same as cd %TEMP% in a cmd...

well, you have many ways in PowerShell to make the work. First, we can have a look at the TEMP variable:

PS C:\Users\gollum> get-item ENV:\TEMP

Name Value

---- -----
TEMP C:\Users\gollum\AppData\Local\Temp

After playing around a while, i found the correct way to do it:
PS C:\Users\gollum>
PS C:\Users\gollum> cd $env:TEMP
PS C:\Users\gollum\AppData\Local\Temp>

Here is an extract from what i tried without any success:
cd (get-item ENV:\TEMP select-object -property value)
cd < get-item ENV:\TEMP select-object -property value




Free MS addon to remove hidden data on office document

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=144e54ed-d43e-42ca-bc7b-5446d34e5360

ith this add-in you can permanently remove hidden and collaboration data, such as change tracking and comments, from Word 2003/XP, Excel 2003/XP, and PowerPoint 2003/XP files. When you distribute an Office document electronically, the document might contain information that you do not want to share publicly, such as information you’ve designated as “hidden” or information that allows you to collaborate on writing and editing the document with others. The Remove Hidden Data add-in is a tool that you can use to remove personal or hidden data that might not be immediately apparent when you view the document in your Microsoft Office application. You can run the Remove Hidden Data add-in on individual files from within your Office XP or Office 2003 application. Or, you can run Remove Hidden Data on multiple files at once from the command line. In either case, to run the tool you must have the application installed in which the document was created.

Office 2007 issue when opening files

When i try to open a word or Power point, after 10 seconds i got:
However, if I try to open it few seconds after, it works...anyway how big is the file...
Desactivating my antivirus (NOD32) changes nothing..
As you can find on some forums, i made again the file extension association (by the way, it's hidden in <> through the control panel)..no way...

Repairing office 2007 didn't do the trick
Any clue folks ?

14 July 2007

SCOM 2007 issue with VmWare ESX VM ?

hello,

I am getting what could be an issue with VmWare ESX Windows VM. After discovering the VM and installing the agent, i got an alert:

----------------------------
The process started at 4:23:08 PM failed to create System.PropertyBagData.
Errors found in output: E:\SCOM2007\Health Service State\Monitoring Host
Temporary Files 2\678\GetOpsMgrDBPercentFreeSpace.vbs(63, 2) Microsoft VBScript
runtime error: Type mismatch: 'CDbl' Command executed:
"C:\WINDOWS\system32\cscript.exe" /nologo "GetOpsMgrDBPercentFreeSpace.vbs"
XXXXXXXX OperationsManager Working Directory: E:\SCOM2007\Health Service
State\Monitoring Host Temporary Files 2\678\ One or more workflows were affected
by this. Workflow name: Microsoft.SystemCenter.OpsMgrDBPercentFreeSpaceMonitor
Instance name: XXXXXXXXXX Instance ID:
{85E3BAF5-9229-2BB9-E50D-F3BE40378AF7} Management group: YYYYYYYY

----------------------------

Any clue on that ? I will digg it any way!

great training video for SCOM 2007

http://weblog.stranger.nl/system_center_operations_manager_2007_training_videos

Notebook Hardware Control (NHC) Freeware

http://www.pbus-167.com/

Working on my Windows Vista, Dell XPS M1210

Iphone interface on WM5 for Free

Some guys have been making a hard work to get a very similar interface as the iphone on WM5.


A video here: http://www.youtube.com/watch?v=ohJ7eevds-k

download here: http://forum.xda-developers.com/showthread.php?t=302739


screenshots:

it works on my HP 6915, but i got lifts up to now (240x240)

13 July 2007

Hyper Terminal gone in Vista

Hyper Terminal is gone on Windows Vista..
http://windowshelp.microsoft.com/Windows/en-US/Help/e864444f-44d5-4206-a848-dcd6972594931033.mspx

Safari on Windows

No, it's not a joke !
Apple is going to deliver safari on Windows...Easier to test web site with safari browser !http://www.apple.com/safari/

12 July 2007

Sysinternal new tool : ADExplorer


Active Directory Explorer (AD Explorer) is an advanced Active Directory (AD) viewer and editor. You can use AD Explorer to easily navigate an AD database, define favorite locations, view object properties and attributes without having to open dialog boxes, edit permissions, view an object's schema, and execute sophisticated searches that you can save and re-execute.
AD Explorer also includes the ability to save snapshots of an AD database for off-line viewing and comparisons. When you load a saved snapshot, you can navigate and explorer it as you would a live database. If you have two snapshots of an AD database you can use AD Explorer's comparison functionality to see what objects, attributes and security permissions changed between them.

Outlook refusing to delete mail rules

If you have broken Outlook mail rules that you can't remove from the outlook rules UI, you can remove all of them (bad AND good!):

Outlook.exe /cleanrules



Take care, it will remove ALL rules, not just broken ones

08 July 2007

Changes in Functionality from Windows Server 2003 with SP1 to Windows Server 2008

http://www.microsoft.com/downloads/details.aspx?familyid=173e6e9b-4d3e-4fd4-a2cf-73684fa46b60&displaylang=en&tm
This document describes new features and technologies, which were not available in Windows Server 2003 with Service Pack 1 (SP1), that will help to increase the security of computers running Windows Server 2008, increase productivity, and reduce administrative overhead. These topics apply to the next release of Windows Server 2008, based on the functionality expected to be included in the Beta releases in 2007. They do not describe all of the changes that are included in Windows Server 2008. Instead, they highlight changes that will potentially have the greatest impact on your use of Windows Server 2008 and provide references to additional information.

Download: Windows Server 2008 Beta 3 Technical Overviews

http://www.microsoft.com/downloads/details.aspx?familyid=46DC26D6-AF47-43F0-B3DE-521831FE09D6&displaylang=en

These technical overviews provide IT Professionals with information about how a Windows Server 2008 technology works.

Download: Windows Server 2008 Beta 3 Step-by-Step Guides

http://www.microsoft.com/downloads/details.aspx?familyid=518D870C-FA3E-4F6A-97F5-ACAF31DE6DCE&displaylang=en#filelist

you will find:
  • Creating and Deploying Active Directory Rights Management Services Templates Step-by-Step Guide.doc
  • Deploying Active Directory Rights Management Services in an Extranet Step-by-Step Guide.doc
  • Deploying Active Directory Rights Management Services with Microsoft Office SharePoint Server 2007 Step-By-Step Guide.doc
  • Server Core Installation Option of Windows Server Longhorn Step-By-Step Guide.doc
  • Step-by-Step Guide for Configuring a Two-Node File Server Failover Cluster in Windows Server Longhorn.doc
  • Step-by-Step Guide for Configuring a Two-Node Print Server Failover Cluster in Windows Server Longhorn.doc
  • Using Identity Federation with Active Directory Rights Management Services Step-by-Step Guide.docWhat's New in Failover Clusters.doc
  • What's New in Terminal Services for Microsoft Windows Server Code Name Longhorn.doc
  • Windows Server Active Directory Rights Management Services Step-by-Step Guide.doc
  • Windows Server Code Name Longhorn Beta 3 Active Directory Certificate Services Step-By-Step Guide.doc
  • Windows Server Longhorn Beta 3 Release TS Gateway Server Step-By-Step Setup Guide.doc
  • Windows Server Longhorn Beta 3 Release TS Licensing Step-By-Step Setup Guide.doc
  • Windows Server Longhorn Beta 3 Terminal Services RemoteApp Step-By-Step Guide.doc
  • Windows Server Longhorn Beta 3 Windows Deployment Services Step-by-Step Guide.doc

download: Windows Server 2008 Security Guide

http://www.microsoft.com/downloads/details.aspx?familyid=FB8B981F-227C-4AF6-A44B-B115696A80AC&displaylang=en

The Windows Server 2008 Security Guide helps organizations efficiently create, deploy, and maintain a secure environment for a variety of servers running Windows Server 2008, the next major release of Windows Server.

Exchange Server 2003 Performance Tools

http://technet.microsoft.com/en-us/library/aa996076.aspx

  • Exchange Stress and Performance (ESP)
  • Jetstress
  • Load Simulator (LoadSim)

SQL Server 2005 Best Practices Analyzer (July 2007)

http://www.microsoft.com/downloads/details.aspx?FamilyId=DA0531E4-E94C-4991-82FA-F0E3FBD05E63&displaylang=en

The SQL Server 2005 Best Practices Analyzer (BPA) gathers data from Microsoft Windows and SQL Server configuration settings. BPA uses a predefined list of SQL Server 2005 recommendations and best practices to determine if there are potential issues in the database environment.This download is the July 2007 release of SQL Server 2005 Best Practices Analyzer.

30 June 2007

Wanna want your exchange 2007 32 bits for more than 120 Days ? No you won't

Wanna want your exchange 2007 32 bits for more than 120 Days ? No you won't...
I got my Exchange 2007 (32 bits) out of evaluation period..Ok but i do have a valid serial.
  1. No way to find how to enter the serial from the exchange console..Any way, this console doesn't have the full set of functionnality...
  2. I tried from powershell...It refuses it ! standard or enterprise, it refuses both...
  3. I found from microsoft website that you CAN'T license the 32 bits version... damned!
I agree that Microsoft doesn't support the 32 bits version, but 120 days is short..

24 June 2007

Happy birthday, my blog!

hello,
you got it, one year ago i opened this blog... ! :)
145 messages (one every 2,5 days on average)
>4850 visitors (13/day on average)

I hope you like it !

23 June 2007

HP prove bullet proof server - real test video

they make their server explose and count the time needed to make the disaster recovery!

20 June 2007

Free Citrix tool: stress Printer Driver

With a free citrix account, you can download it here:
http://support.citrix.com/kb/entry.jspa?externalID=CTX109374&searchID=45234516

Many driver problems in the Terminal Services environment revolve around poor multi-threaded performance, which in turn can cause Print Spooler instability. Problematic multi-threaded performance is usually exposed when multiple users connect to a Terminal Server simultaneously using the same print driver. Symptoms include the failure to autocreate client printers, increased thread count of the Printer Spooler and/or Citrix Print Manager services, and possibly the unresponsiveness and/or unexpected termination of these services (crashes).
This tool can be used to simulate multiple sessions autocreating printers using the same print driver.
It can also be used to compare the following among various drivers:
• CPU load incurred while creating a printer using a particular driver
• Time required to successfully create a printer using a particular driver

16 June 2007

Firefox crashing when opening many favorite at once

I got firefox crashing every time i try to open all favorites (60) of one folder. I tested desactivating firefox extension. Session Manager version 0.5.3.4 is the guilty one.
Damned !

14 June 2007

detecting SSL version accepted by Web server

If you want to detect SSL version accepted by web server, you can use the free OpenSSL.
For the Windows version:
http://www.slproweb.com/download/Win32OpenSSL_Light-0_9_8e.exe

Then the syntax is:
openssl s_client -connect www.google.fr:443


By default, it will use the best crypto. You can restrict to only SSL V2:
openssl s_client -connect www.google.fr:443 -ssl2

Or SSLV3:
openssl s_client -connect www.google.fr:443 -ssl3


One interesting thing is the cypher accepted by the other peer:

---
Ciphers common between both SSL endpoints:
RC4-MD5 EXP-RC4-MD5 RC2-CBC-MD5
EXP-RC2-CBC-MD5 DES-CBC-MD5 DES-CBC3-MD5
---
SSL handshake has read 1004 bytes and written 239 bytes
---
New, SSLv2, Cipher is DES-CBC3-MD5
Server public key is 1024 bit
Compression: NONE




07 June 2007

Vista : Windows Movie / DVD Maker

I had Windows Movie Maker and Windows DVD Maker crashing every time i tried to import a movie, even a true wmv one.
The eventlog entry about is:

Faulting application DVDMaker.exe, version 6.0.6000.16386, time stamp 0x4549b5b0, faulting module iac25_32.ax, version 2.0.5.53, time stamp 0x3dd40ee6, exception code 0xc0000005, fault offset 0x00003548, process id 0x249c, application start time 0x01c7a87b3c004190.

This was an incompatibility issue with ACE Mega Codec Pack. After removing it, both DVD Maker and Movie Maker are working great.

05 June 2007

wget.exe with proxy

For those that whish to use wget on windows (wget.exe) but need to specify a proxy, here is the howto:

set http_proxy=http://myproxy:8080
wget --proxy=on http://my-url.com/....

27 May 2007

HP officejet all-in-one 6310 and Vista issue



I am having issues with the Officejet 6310 and Vista. When i install the driver, everything is good and working. But when i switch the computer in sleep mode and then turn in back online, Windows tell me something got wrong and host process was closed. Here is the eventlog:




The only way i know to put it working again (reboot change nothing, printer disappear from the printel panel), is to uninstall and install again the huge driver (160M). When i try to uninstall, the setup behave poorly:


My officejet is connected through my lan, it may behave better through USB.


Update:
  • I sent a mail to HP support. They ask me to stop hibernate. That's not even a workaround
  • I installed an update for this printer which normaly wouldn't help. Except my troubles seems to be gone !



I switched to Firefox !

Yes, i switched to Firefox! I needed many add-on to get the same level of functionnality as Avant Browser. This last is great, but lack of update and has bug on Vista.
Here is the list of Module I use:
-ColorfulTabs
-DOM inspector
-FasterFox
-Firebug
-HTML Validator
-IE View
-MinimizeToTray
-PDF Download
-Session Manager
-SwitchProxy Tool
-Tab Mix plus
-TalkBack
-User Agent Switcher
-VideoDownloader
-Web Developer
-AS Numbers (BGP)
-ADblock Plus

For people using avant browser, here is how to get the same extra functionnality on FireFox:

-URL Alias: Create a Firefox Favorite, and then edit to add keywords. Then you can just type the keyword to convert to the full url.

-Search engine: I went to http://www.searchplugins.net/ to create my custom search:
-mskb: give it a KB number, you directly got the KB page (not a search result)
-eventID: give it an event ID, you get the result page from eventid.net

24 May 2007

AD account Distinguishedname (full name) escaped with a "\"

I just ran into a strange thing, having an account with a distinguished name looking like : CN=LLAMOSI\, Faust, OU=XXXX,DC=mydomain,dc=local:






The mistake come from the full name which has a ",". Only the Display name may have it.

You cannot edit the distinguished name attribute with adsiedit.msc, because it is owned by "SYSTEM".


Thanks to Brandon Aiken for hitting the coma on the ActiveDir mailing list



20 May 2007

Vista & old game : good story

While some current game will not run correctly on Vista, old may just run perfectly :)
That's my case with Unreal Tournament 2003, which is 4 years old !
have fun

Security Enhancements in Windows Vista

This article includes information about security enhancements in Windows Vista and how Microsoft used the Security Development Lifecycle to increase the security of the Windows operating system.

http://www.microsoft.com/downloads/details.aspx?FamilyId=6FB28358-68D9-43E9-B574-6A0D377BBA34&displaylang=en

16 May 2007

Microsoft Exchange Server 2007 Help

The Exchange Server 2007 Help can help you in the day-to-day administration of Exchange. Use this information to guide you through Exchange Server 2007 features, tasks, and administration procedures.

http://www.microsoft.com/downloads/details.aspx?FamilyID=555f5974-9258-475a-b150-0399b133fede&DisplayLang=en

13 May 2007

Longhorn will be Windows Server 2008

now it's official, The final name for the new Windows Server will be Windows server 2008 !

the logo:

12 May 2007

Bartpe: customizing the boot screen message

To get a more custom bartpe cd, you can change the boot message. Just add this to one plugin inf file:
[SetValue]
"txtsetup.sif", "SetupData", "loaderprompt", """V 1.1 Mathieu CHATEAU..."""

BartPE: including recursive folder of a plugin

If you want to include a bunch of folders and files inside a bartpe plugin, you can use this in your inf plugin's file:
[SourceDisksFolders]
files\MyFolder=Keytomyfolder

Free online/remote backup 2G: Mozy

hello,

i am just starting using a great free service to make secondary backup of my laptop:
https://mozy.com/?code=7FKB47

They offer 2GB. I am currently uploading at 700Kb/s which is great for my adsl.
Both access from the web of the client.
Working on my Vista

11 May 2007

svchost / WSUS / eating 100% CPU

the WSUS client V2.0 may eat all cpu for quite a lot of time, from process explorer this is what you can see for svchost:


The bug comes from msi.dll and when you have Office updates. The WSUS V3 is out and should correct this

10 May 2007

02 May 2007

Free Text editor : notepad2


I just found this free tool on a blog: notepad2:

http://www.flos-freeware.ch/notepad2.html

28 April 2007

Microsoft Application Verifier

Application Verifier is a runtime verification tool for unmanaged code that assists in quickly finding subtle programming errors that can be extremely difficult to identify with normal application testing. Application Verifier is designed specifically to detect and help debug memory corruptions and critical security vulnerabilities. It makes it easier to create reliable applications by monitoring an application's interaction with the Windows operating system, profiling its use of objects, the registry, the file system, and Win32 APIs (including heaps, handles, locks, and more). It also includes checks to predict how well the application will perform under Least-privileged User Account operation, compatibility tests to be used in logoing, and print tests to verify your usage of the print subsystem.Running Application Verifier is easy; simply turn on the tool then run your project and go through your normal testing scenarios with a debugger attached. When your tests are completed, view the Application Verifier logs for any errors that may have been detected.

http://www.microsoft.com/downloads/details.aspx?FamilyID=bd02c19c-1250-433c-8c1b-2619bd93b3a2&DisplayLang=en

Windows User State Migration Tool (USMT) Version 3.0.1

Brief Description
Microsoft® Windows® User State Migration Tool (USMT) version 3.0.1 migrates user files and settings during deployments of Microsoft Windows XP and Windows Vista™. USMT captures files and settings from the source computer and then migrates them to a new Windows installation.
On This Page
http://www.microsoft.com/downloads/details.aspx?familyid=799AB28C-691B-4B36-B7AD-6C604BE4C595&mg_id=10118&displaylang=en

24 April 2007

Microsoft DLL Help Database

If you want to know which MS product installed a dll:

http://support.microsoft.com/dllhelp/

21 April 2007

BartPE: nu2menu missing menu

you MUST have all XML tag in CAPS... i had a bad "menu" in lowercase... this one work but it will break all the later one

13 April 2007

BartPE: inject Perc4 or Perc 5 driver inside a windows

if you want to inject a Perc 5 or Perc 4 driver inside a windows (the real one, not bartpe), i added these features to the famous VMSCSI plugin for BartPE:
http://gollum123.free.fr/fixvmscsi/

Useful to restore a server on another hardware:
-boot with bartpe
-restore with ghost or another tool
-inject the Perc5 or Perc4 driver in the windows you restored with ghost
-reboot, it's working out!

If you are restoring from another hardware (a good reason to inject different driver !), you may need to do a fixmbr : mbrfix /drive 0 fixmbr /yes

BartPE: adding LSI Dell PERC 5 driver with Windows XP Source

If you need to build a bartpe with a Windows XP source, but on a server with a Perc 5 (5/E, 5/i,...) SAS Raid server (PowerEdge 1950 / 2950), the Dell driver won't work. The CD will stop booting saying perc_sas.sys is missing.

The solution is to use the LSI logic driver that meet this chipset.
I put it here:
http://gollum123.free.fr/LSI_XP_perc5/

BartPE: diskpart nightmare

You may get "Diskpart could not complete the operation..."
this appears when using Windows 2003 SP1 or Windows XP SP2 as source.
This is due to changes to the Dcom

If using Windows XP SP2, in the plugin folder create a folder, for example "Dispart_XPSP2", and put this file inside:
http://gollum123.free.fr/diskpart_XP/diskpart.inf
be sure to have the enable set to 1

If using Windows 2003 SP1, in the plugin folder create a folder, for example "Dispart_W2K3", and put this file inside:
http://gollum123.free.fr/diskpart_W2K3/diskpartition.inf
be sure to have the enable set to 1

10 April 2007

removing Lotus connector for exchange: bad trip

When you go through the add/remove programs on the exchange server to remove the calendar and connector notes for Exchange, It may fail saying the path cannot be found.
Using Filemon, i understood that it remembers the path the installation was made from, and need it. I needed to put it back at the same place the setup used to install.
It then uninstalled cleanly and removed the connectors

Exchange 2003 : not removing Mailbox store

I was keeping this error message when trying to remove a Mailbox Store: cannot remove the mailbox store because it's contain mailboxes...

One account was assigned to this mailbox store but not appearing in the mailbox store because it never received an email.

I found it searching mailbox assigned to this mailbox store through AD

17 March 2007

ntp sync from nokia to windows 2003

on the windows server:
HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer
set AnnounceFlags to 0x04 to get a valid stratum
set Enabled to 1

Restart the Windows Time Service


On the nokia IPSO:
set the ntp version to v3 for the windows time server.
Allow the ntp-udp traffic from the nokia to the time server on checkpoint
sniff the traffic: tcpdump -i ethXXXX -x port 123

Windows Time server reference:
http://technet2.microsoft.com/WindowsServer/en/library/b43a025f-cce2-4c82-b3ea-3b95d482db3a1033.mspx?mfr=true

How to turn on debug logging in the Windows Time Service
http://support.microsoft.com/kb/816043/en-us

New exchange addon version

Some Exchange tools have been updated:

Microsoft Exchange Server Management Pack Configuration Wizard
http://www.microsoft.com/downloads/details.aspx?familyid=21e5a788-5993-40a9-bd35-b14d414e3e16&displaylang=en&tm

Microsoft Exchange Server Management Pack for MOM 2005
http://www.microsoft.com/downloads/details.aspx?familyid=efdea5c6-6835-47cb-af4f-43f3a3e30279&displaylang=en&tm

Exchange Server Stress and Performance Tool (64 bit)
http://www.microsoft.com/downloads/details.aspx?familyid=b9e200d5-18b9-4734-b9d9-9e6efc48bcb6&displaylang=en&tm

Exchange Server Stress and Performance Tool (32 bit)
http://www.microsoft.com/downloads/details.aspx?familyid=7f944850-945f-4e60-b6d6-cf7341d7f9c3&displaylang=en&tm

10 March 2007

Vmware Workstation 6 / intel VT / Vista 32 / 64 bits guest = bad trip

I tried to get a 64 Bits guest on my laptop:
Host: Vista 32 RTM / Intel Core 2 duo 2Ghz with intel VT enabled

Vmware 6 Beta is saying that my cpu is not supporting long mode...:
You have configured this virtual machine as a 64-bit guest operating system. However, this host's CPU is not capable of running 64-bit virtual machines or this virtual machine has 64-bit support disabled.For more detailed information, see http://www.vmware.com/info?id=152

too Bad !

Windows Help program (WinHlp32.exe) for Windows Vista

WinHlp32.exe is required to display 32-bit Help files that have the ".hlp" file name extension. To view .hlp files on Windows Vista, you need to install this application.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=6ebcfad9-d3f5-4365-8070-334cd175d4bb

08 March 2007

Critical Update for SQL Server 2005 Service Pack 2 (KB:933508)

The initial release of SQL Server 2005 Service Pack 2 (SP2) contained an issue that caused maintenance plan cleanup tasks to remove data before the specified cleanup interval. Install this update to correct the interpretation of existing cleanup task intervals, and to avoid this issue in new cleanup tasks. After you install this item, you may have to restart your computer.

http://www.microsoft.com/downloads/details.aspx?familyid=e2c358a1-ecc4-4c49-8f65-daa6b7800eec&displaylang=en&tm

06 March 2007

huge addon tool for Windows vista search


start++ is huge addon for Windows Vista:



Itunes 7 on Vista

A new version of itunes is available.
It's still not written to be compatible with vista, but it's much better working.
I got no more crash or loosing the communication with my ipod :)

Microsoft Internet Security and Acceleration (ISA) Server Best Practices Analyzer Tool

The Microsoft Internet Security and Acceleration (ISA) Server Best Practices Analyzer Tool is designed for administrators who want to determine the overall health of their ISA Server computers and to diagnose current problems. The tool scans the configuration settings of the local ISA Server computer and reports issues that do not conform to the recommended best practices.
http://www.microsoft.com/downloads/details.aspx?FamilyID=D22EC2B9-4CD3-4BB6-91EC-0829E5F84063&displaylang=en

Microsoft Exchange Server 2007 Transport Server Role Architecture Diagrams

http://www.microsoft.com/downloads/details.aspx?FamilyID=612f811d-2953-4c08-945e-833c17150083&DisplayLang=en

Microsoft Office Visio Stencil Containing Shapes for Microsoft Exchange Server 2007

This download contains a Microsoft Office Visio stencil with shapes for Microsoft Exchange Server 2007.
http://www.microsoft.com/downloads/details.aspx?FamilyID=45f7ea49-ceb2-4b04-8d46-2b0ae5e10694&DisplayLang=en

Introduction to the Exchange Management Shell

This download contains an introduction to key Exchange Management Shell features.
http://www.microsoft.com/downloads/details.aspx?FamilyID=1dc0f61b-d30f-44a2-882e-12ddd4ee09d2&DisplayLang=en

Microsoft Exchange Server 2007 Help

This download contains a standalone version of Microsoft Exchange Server 2007 Help.http://www.microsoft.com/downloads/details.aspx?FamilyID=555f5974-9258-475a-b150-0399b133fede&DisplayLang=en

04 March 2007

Upgrading Host network driver on Vista - Vmware 6 doesn't like

I just upgraded the network driver (broadcom) on my laptop under Vista RTM.
The Vmware Bridge where still there, but no VM could access network through the Bridge.
To solve this issue, what i did:
-Remove the Vmware Bridge procotol on the network card
-Reboot (marked for deletion)
-Install again theVmware Bridge protocol
-Reboot
-working :)

I needed some times, since i also upgraded the wmare tools inside the VM and i was trying to use the secureclient inside the VM (i didn't remember that i upgraded the network driver yesterday in the first place)

03 March 2007

Visual Basic 2005 Express Edition SP1

http://www.microsoft.com/downloads/details.aspx?familyid=7B0B0339-613A-46E6-AB4D-080D4D4A8C4E&displaylang=fr


Visual Basic 2005 Express Edition SP1 - VS80sp1-KB926747-X86-INTL.exe
Visual C++ 2005 Express Edition SP1 - VS80sp1-KB926748-X86-INTL.exe
Visual C# Express Edition SP1 - VS80sp1-KB926749-X86-INTL.exe
Visual J# Express Edition SP1 - VS80sp1-KB926750-X86-ENU.exe
Visual Web Dev Express Edition SP1 - VS80sp1-KB926751-X86-INTL.exe

Hard drive benchmark tool

http://www.hdtune.com/

-FreeWare
-Works on Vista (run as administrator)

02 March 2007

Roaming profile, XP SP2, admin not allowed

For those that wouldn't know, domain admins access is prohibited by default on roaming profile.
XP SP2 make exclusive access.
Two gpo machine can help:
-Do not check for user ownership of Roaming Profile Folders
-Add the Administrators security group to roaming user profiles

25 February 2007

slow network file copy from Vista to earlier Windows

When you copy large files to or from earlier operating systems, the copy operation may be slower than expected on some Windows Vista-based computers

http://support.microsoft.com/default.aspx?scid=kb;en-us;932170

Group Policy Settings Reference Windows Vista

This spreadsheet lists the policy settings for computer and user configurations included in the administrative template files (admx/adml) delivered with Windows Vista (RTM build 6000):

http://www.microsoft.com/downloads/details.aspx?FamilyID=41dc179b-3328-4350-ade1-c0d9289f09ef&DisplayLang=en

Superfetch slow down performance

On my laptop, superfetch (Vista RTM - last updates) make my laptop slow down a lot.

Superfetch analyze and things many files needed to be superfetched but this is not true.
It try to preload VMDK (VmWare) files, and files accessed frequently by emule.. :'(

Impact of many I/O on notebook's hard drive is huge. Because then on next boot superfetch wants to read all this files to preload them. Even with the QOS, on a 5400 tr/mn this has much impact.

Any clue on how to exclude folders or files type from being superfetched ?

24 February 2007

Microsoft Network Monitor 3

Network Monitor 3.0 is a protocol analyzer. It allows you to capture network traffic, view and analyze it. This version is a complete overhaul of the previous Network Monitor 2.x version.

http://www.microsoft.com/downloads/details.aspx?FamilyID=aa8be06d-4a6a-4b69-b861-2043b665cb53&DisplayLang=en

22 February 2007

Top 10 of my favorite tools

-VmWare Workstation
-avant browser
-GPMC
-Free Download Manager
-One Note 2007
-Drive Crypt Plus Pack (DCCP)
-SecureCRT
-O&O Defrag
...
:)

Fibre Channel Information Tool (fcinfo)

Works on Microsoft Windows Server 2003 and Microsoft Windows 2000 systemsTool for discovery of SAN resources and configuration information on your Fibre Channel SAN
http://www.microsoft.com/downloads/details.aspx?familyid=73d7b879-55b2-4629-8734-b0698096d3b1&displaylang=en&tm

Windows Desktop Search 3.01

a new version is out:
-support For UNC
-ADM for GPO
-more stable
-faster

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=738fc2de-49b9-4e69-9227-2206277ab7c9

Windows Vista Hardware Assessment 1.0

The Windows Vista Hardware Assessment solution accelerator is an inventory, assessment, and reporting tool that will find and determine if computers on a network are ready to run the Windows Vista operating system.
http://www.microsoft.com/downloads/details.aspx?FamilyId=67240B76-3148-4E49-943D-4D9EA7F77730&displaylang=en

18 February 2007

install of LCS 2005 on multiple server

I just installed LCS 2005 on a VM and SQL 2005 on another VM.

The pool's creation can't be created on the LCS itself. It will failed on the wscript part.

I have done this part on the SQL Server itself instead.

Works well :)

17 February 2007

DCPP: upgrading from 3.8 to 3.9

to upgrade:
-decrypt all volumes
-deinstall version 3.8
-install version 3.9

I successfully decrypted one volume, but on the system one i got:
---------------------------
Extra compatibility info
Failed on Call Device Driver 2 DISK_INFO
OK
---------------------------

any clue ? seems to me a bit "dangerous" to deinstall before decrypting all volume.

ps: i am on Vista RTM

Microsoft Best Practices Analyzer for Windows SharePoint Services 3.0 and the 2007 Microsoft Office System

Microsoft Best Practices Analyzer for Windows SharePoint Services 3.0 and the 2007 Microsoft Office System:
http://www.microsoft.com/downloads/details.aspx?familyid=cb944b27-9d6b-4a1f-b3e1-778efda07df8&displaylang=en&tm

How to calculate your token size

TokenSize = 1200 + 40d + 8s This formula uses the following values:

d: The number of domain local groups a user is a member of plus the number of universal groups outside the user's account domain plus the number of groups represented in security ID (SID) history.

s: The number of security global groups that a user is a member of plus the number of universal groups in a user's account domain.

1200: The estimated value for ticket overhead. This value can vary depending on factors such as DNS domain name length, client name, and other factors.

extracted from:
http://support.microsoft.com/kb/327825/en-us

Troubleshooting Group Policy

gp_troubleshooting.doc:
http://www.microsoft.com/downloads/details.aspx?FamilyId=B24BF2D5-0D7A-4FC5-A14D-E91D211C21B2&displaylang=en

MBSA 2.1 Beta is out

the main new feature is the compatbility with Windows Vista:

homepage:
http://www.microsoft.com/technet/security/tools/mbsa2_1/default.mspx

download:
http://www.microsoft.com/downloads/details.aspx?FamilyId=F32921AF-9DBE-4DCE-889E-ECF997EB18E9&displaylang=en

16 February 2007

Exchange 2007: bye bye IIS SMTP

I am just firing up exchange 2007 32 bits on my VM.
It request IIS but refuses the smtp one (used to be installed with previous Exchange version) !
good news !

12 February 2007

tool to identify Intel CPU

Intel release a free tool to identify their CPU.
It works with Bootable CD or directly from Windows:
http://downloadfinder.intel.com/scripts-df-external/Product_Filter.aspx?ProductID=1881

11 February 2007

Windows 2003 / ASP .NET 2.0 / Sharepoint 2007

i am trying to install Office Sharepoint 2007 into a VM.
I ran in the following error:
---------------------------Setup Errors---------------------------
Setup is unable to proceed due to the following error(s):This product requires ASP.NET v2.0 to be set to 'Allow' in the list of Internet Information Services (IIS) Web Server Extensions. If it is not available in the list, re-install ASP.NET v2.0.Correct the issue(s) listed above and re-run setup.
---------------------------OK ---------------------------

It's right, ASP .NET 2.0 is not in the web extension list ! :'(
I tried adding it manually..no way.
I installed .NET 2.0 over the existing one. Works !

Damned IIS that doesn't like to get installed after .NET


10 February 2007

tool to debug http proxy request

I found a free tool to debug http session even through proxy: Fiddlertool

http://www.fiddlertool.com/fiddler/

Techdays 2007: The Devil in Prada by MS Exchange 2007

That's fun:
http://soapbox.msn.com/video.aspx?vid=cd6a9313-9d06-4b38-9914-71189e6664de

Vmware workstation: failed to open (The file is too large).

I just bought an external usb hard drive (Seagate 160GB Dancer) to put my vmdk files on it.
As it was already formated, i didn't check it out...damned!
After copying 46GB of vmdk, i wanted to give it a try..:
Vmware is giving me a nice : failed to open (The file is too large).

After searching on the web for this message without success, i watched the log:
failed to open (32776): Underlying file system does not support that big files.

Damned, i am on FAT32 even on a 146GB drive..
How to waste hours in copying!

07 February 2007

GFI Faxmaker & network card

We are having an issue with GFI Faxmaker.
We have two network Card:
-Eicon PRI Access (20 channels)
-Eicon BRI Access (ISDN / 2 Channels)

This two cards can't be both on the same server, or only the BRI works.
Deactivating the card doesn't workaround the problem..

We already had a problem with GFI trying to autocreate the SMTP connector. We had to uninstall the GFI Fax maker component on our Exchange cluster and then create the smtp connector by hand

Are we collecting all the GFI bug's?

VmWare Workstation 6 Beta on vista as host

Just to say it's better than a beta from my experience :)
It's a bit slower than usual due to the debug option but stable and working !
No more memory leak!

Dell M1210 & video projector

I couldn't investigate further, but Vista became crazy after plugging a video projector on my laptop...
The screen rotated 90° counterwize ! No way to put it back with the video projector plugged in...
So strange ! My nvidia driver is the previous - last one.

Drivecrypt 3.8 & Vista: I love it

just to say Drivecrypt 3.8 is working great on my Laptop with Windows Vista RTM :)

MS TechDays 2007/PARIS: I have been there !

I went two half day to the TechDays 2007 :)
I subscribed to:
-Deploying IPSEC
-Tools and methods for security
-Quest Tools to manage SQL (Longhorn A-Z was full)
-Deploying Exchange 2007 at Microsoft

that's cool !
And now waiting for the webcasts :)

04 February 2007

Microsoft Windows Mobile Device Center Driver for Windows Vista final

Microsoft Windows Mobile Device Center Driver for Windows Vista final is out !
Also available in French/ francais ! :)

http://www.microsoft.com/downloads/details.aspx?displaylang=fr&FamilyID=83d513ea-9df9-4920-af33-3a0e2e4e7beb

28 January 2007

Acrobat Reader & Vista issue

if you have issue with opening PDF in vista, especially through Internet explorer,
there is a new version of Acrobat Reader, version 8.

27 January 2007

putting workstation in quarantine area: the easy way

I just answered a guy on activedir that would like to block all new workstation by default. The goal is to prevent users from playing with workstation until they are secured by GPO / antivirus / inventory tools...

The way i propose is globally:
-redirect all new workstation joining the domain to a new ou (let's say quarantine). This can be done direclty with windows 2003 AD thanks to redircomp.exe

-On the quarantine OU, create a new gpo that will only allow encrypted traffic communication.
As only these stations will be set up to encrypt traffic, they won't be able to communicate with servers and others stations.

The tricks are:
-If using dhcp, allow unencrypted trafic with the dhcp servers or the workstation won't get dhcp address (and won't be able to communicate with AD and so to catch the change of OU later)
-Allow unencrypted communication with DC so to be able to catch GPO change to stop ipsec traffic.

If a workstation doesn't stop using ipsec or doesn't catche the GPO change:
-stop the windows ipsec service
-issue a gpupdate /force
-reboot

The only way for users is to be administrator and to stop the ipsec service manually. This can be enforced by GPO (and more if specifying a small GPO/ipsec refresh interval time)

hope it will help you !

VmWare Workstation and Vista as host

I am using VmWare Workstation 6.0 beta on my Vista RTM (host guest).

Working greats !
No more issue with disk freezing the OS for a while.

26 January 2007

Searching vmware Visio stencil for free ?

Update: (ALL in one VSD File)
http://gollum123.free.fr/vmware.VSD

Enjoy!


have a look at this great site (but seems broken)
http://www.vmguru.com/files/10/visio/default.aspx
Thanks to them !

25 January 2007

considering username rename ?

If you are considering renaming users Samaccountname, you should at least care about:
  • Outlook will prompt for the location of OST and maybe PST if in the profile
  • ActiveSync on Windows mobile will need to be set up with the new username
  • If using roaming profile, you will need to rename all users folders (so you need access to them which is by default prohibited with XP SP2)
  • If redirecting My Documents, you will need to rename all folders to match.
  • Update logon script if network mapping is based on the username
  • You may clean up all profile on all station or at least rename them.
You should use Admodify which will do all the job on the AD side.

You should always test amont a significant numbers of users first to check against application troubles after renaming accounts. Applications like Vmware VirtualCenter always display the last used username.

12 January 2007

GFI Faxmaker 12 + Exchange 2003 cluster

hello all,

For those that will install GFI Faxmaker 12 on an Exchange 2003 Cluster:
DO NOT INSTALL THE COMPONENT PART ON THE EXCHANGES NODE CLUSTER.

The smtp connector won't be created and then creating it manualy will NOT WORK.
You will have to remove the gfi component and then create the whole smtp connector by hand.