Archive for the ‘microsoft’ Category

« Older Entries
Newer Entries »

Over Zealous Registry Editing…….Damn !

Wednesday, April 21st, 2010

The company where I work produces a web site. In order to make sure it looks ok on as many browsers as possible, we have to keep a few machines around with older OS and broswers versions installed.

Last week, the machine used to test IE6 (now dead and unsupported by Microsoft, but unfortunately while it’s use has stedily been declining since January 2010, there are still over 8% of people using it, so we have to test to make sure it will look right) got infected with the XP Malware 2010 virus.

The virus itself has been well written with a very sincere and genuine looking application interface (see here for pictures etc.). Normally for most computer viri I simply remove their entries from the /Software/Microsoft/Windows/Current Version/Run registry section, delete the binaries and reboot.

But this one went a little further (some do unfortunately). It actually modifies the registry entries that deal with how windows launches .exe binaries. It essentially modified the default open shell open entry to launch itself, with the program you wanted to open as an argument. So if you tried to run notepad.exe, AV.EXE would get launched instead, but AV.EXE would know to run notepad.exe after itself.

I followed to instructions on the site, but not to the letter. I was in a rush and sort of deleted the .exe entries completely. Result, I could no longer launch apps that ended in .exe :o(

I didn’t fancy trying to manually put the correct entried back in, so I had a quick search on google for ‘XP .exe file association’ and found this page.

The whole site is pretty cool with a lot of utils, tips and fixes. Admittedley it seems to all be for XP, but I’m sure some of it could be of use for later Windows versions, or at least provide a starting point.

Doug Knox, I thank you for saving me from having to rebuild an old XP system (hours alone in just trying to find the OS istall disks !!)

;o)

Genuine looking interface :o(

Tags: , , ,
Posted in microsoft, security, xp | No Comments »

WDS Deploying Windows 7…….The Wrong Way…….

Friday, April 16th, 2010

The 2nd Microsoft UK Techday I attended was on the subject of deploying Windows 7 within the organisation using WDS. This was the one I had really been waiting for as:

a) I’m pretty sure the way I am using WDS to deploy Vista is wrong, even though it works

b) Chris Jackson was presenting

Bit of history. One of the earlier tasks when I joined my current job was to replace the mix of XP and Vista desktops that were in use. I installed WDS and set about trying to figure out all the bells and whistles, but there are so many of them.

There is a ton of doc to read through, and walk through scenarios, but they are somewhat basic in that they only deal with creating and distributing a single image/buld to the desktop.

Here’s my problem, I have a mix of HP and Dell desktops. I also have different software requirements for different groups of people. Everyone needs Windows Vista and Office 2007. Devs need Visual Studio. Designers need the Adobe CS suite. I could not work out how to use a single boot and install image to achieve this.

So, I created multiple install images. Essentially, I setup each PC exactly as I wanted it for the desktop, then sysprep’d it with an answer file and capture it to an image. Then for each install image, I created a corresponding boot image and edit the startnet.cmd to wipe and prepare the disk, and then use imagex to apply the correct install image file to the machine.

So I have a ‘HP7900-install.wim’ and a ‘HP7900-boot.wim’. I also have a ‘HP7800-install.wim’ and a ‘HP7800-boot.wim’. Adding each xxx-boot.wim file to WDS lists it as an option on the PXE WDS boot menu, and when you select either boot image, the ‘startnet.cmd’ batch file will use imagex to apply the corresponding xxx-install.wim file.

I am fairly certain this is not how WDS was supposed to be used ?! There are currently x8 boot and x8 install images sitting on my WDS server.

The Windows 7 deployment demo at the UK Techday event unfrotunately has not cleared this up for me any further. The demo simply showed how to use a stock boot.wim and install.wim with an answer file to remove the prompts that occur during install. This much I had already figured out, what I hoped to discover was how to create a relationship between a boot.wim file and an install.wim file so I did not have to edit the startnet.cmd file each time.

I’ve just downloaded the WAIK 2010 and MDT 2010 applications and am going to install them and take a look at the new and improved documentation and scenarios and see if the answers lay within.

Anything I find out I will of course post here.

One thing I do already know is that if you are using a x64 bit version of Windows (7 or Vista) you have to install the x64 bit version of the WAIK. The x64 bit version cannot work on x86 (32bit) images !??? However, the x86 (32bit) version of WAIK can work on both formats. So when creating your build administration workstation, I would use x86 versions to ensure maximum flexibility.

Tags: , ,
Posted in imaging, microsoft, wds, windows 7 | No Comments »

Sharepoint 2010, Now We’re Getting Somewhere…….

Tuesday, April 13th, 2010

So today I went along to one of the Microsoft UK Techdays (I missed Mondays presentation on Virtulisation due to illness). Todays subject was Office 2010 and Sharepoint 2010, and I have to say that I am now starting to see the case for Sharepoint in the organisation.

The day was a large helping of death by PowerPoint (I’m sorry, but even using PowerPoint 2010 with it’s lovely new slide transitions is still death by PowerPoint which ever way you turn it) and after an extended period of being talked at I felt my concentration wavering a little. Some points did make it through though.

One was that SharePoint 2010 now supports true cross-platform, cross-browser fidelity. It was seamless, the guy opened MS Office 2010 docs inside FireFox, Opera, Chrome and Safari, and they looked *identical*. The inline rich web editor was also the same experience across the board, no so much as a pixel out of place.

Even more impressive was that using the inline rich web editors, you could collaborate in real time on the same document without even having the Office application installed. True thin client web app and no more cumbersome checking-in/checking-out.

The demo showed Microsoft making a real effort to adhere to open standards for file and data formats to make this cross browser experience possible. Proprietary activex controls have all but been abandoned which hopefully mitigates that particular attack surface vector for the future.

Speaking of which, there was an interesting slide showing statistics that attacks against the operating system were on the decline against a rise in attacks being made against applications. To help protect against this new wave of attacks Microsoft now scans all legacy Office files being opened and compares them against a know signatures database, if they don’t match you are warned and the file is opened in a sandboxed safe mode in the background and an alert is shown to make the user aware. Sweet.

But my favourite part of the entire day was the explicit mention that IE6 was no longer supported for SharePoint and it’s associated web apps :oD

The only barrier I can now see to deploying SharePoint is that it’s still a very large product with a not insignificant pre-requisite list, both in terms of hardware and software.

You’re going to need a server up to running the latest version of Windows, along with enough RAM to make it happy. The cost of the license for Windows, the cost of the SharePoint server application. Then more hardware to run the SQL server backend (with another Windows license plus an SQL license of some flavour).

I’m not sure of the total cost to deploy SharePoint today (no pricing details as of yet for the RTM versions) but I’m pretty certain this is out of reach of most smaller companies, especially when you consider that my current workplace does the whole thing on an old Dell 2850 with 8GB RAM running Ubuntu linux, MySQL and MediaWiki server, all for free.

Really looking forward to tomorrow, Chris Jackson of the SWAT team is presenting a section of the ‘Deploying Windows 7′ day. Maybe I’ll find out how to automate that 5% of my current desktop deployment process that still eludes me ? Here’s hoping ;oD

Tags: , ,
Posted in microsoft, office 2010, sharepoint 2010 | No Comments »

SVG in IE9, Saving The World From Giant Otters…….

Thursday, March 25th, 2010

Read an update today on the IEBlog site about the initial support for Scalable Vector Graphics (SVG) in Internet Explorer 9.

Some pretty cool stuff, like being able to define SVG inline in HTML5, but the example they gave did make me LOL, they have used it to create SVG circle to highlight…..giant otters !

Admittedly, given the power and flexibility this offers, their choice of exmaple could have been anything, but still…..priceless :o)

I suspect I’m going to find this all rather useful when it becomes official and mainstream, as it’s a pain when trying to highlight stuff in documentation at work written in html. Now I can include an image of a screenshot and use inline SVG to draw shapes around bits I need to draw attention to, as opposed to my normal efforts which look much like below :o/

Tags: , ,
Posted in ie9, microsoft | No Comments »

IIS7 HRESULT: 0×80070057 (E_INVALIDARG))…….

Wednesday, March 24th, 2010

I don’t write code. Well compileable code anyway. Now scripting, I’m ya man, but anything that does stuff ‘behind the scenes’ is frankly a little bit beyond me.

So I was filled with doom when one of our web developers was getting an error every time she tried to load her dev copy of the site into her browser. IIS7 simply gave the very detailed but unhelpful message


HRESULT: 0×80070057 (E_INVALIDARG))

Along with a pretty error page and some bits of XML. Googling that error code led me to this site which thankfully explained what was going on, and more importantly, how to fix.

Seems that when you build/compile a .NET site, it takes copies of the binaries from your solution and copies them to a temporary folder. The site is then hosted from the files in this temporary location.

Should your system crash mid-build/compile (she was using Vista, of course it crashed !) then the file(s) copying at the time may not quite be up to scratch (i.e. corrupted).

For x64 bit systems the path in question is

C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files

For x86 bit systems the path is

C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files

Inside the ‘Temporary ASP.NET Files’ folder will be many sub folders. You can spend time trying isolate the exact subfolder containing the knacked files, but I just deleted all the sub folders and then rebuilt the web solution again and ‘Presto’ a working site

The site owner Dan Abdinnor credits his friend Patrick Fitzsimmons for working all this out. I don’t know who you guys are, but thanks, you possibly saved me from hours of diagnostic tools and head scratching on this one !

Posted in IIS, vista | 2 Comments »

Microsoft IT Curriculum Path

Friday, March 19th, 2010

Just found this skills learning map while on Microsoft’s website for a book to assist me in studying for the Windows 7 exam 70-680.

Nice concept, it certainly breaks down the steps involved in getting into IT (from a Microsoft point on view anyway).

Unfortunately, most of the people I know would fail before they have even hit the first fork in the trail, ‘Digitaly Aware Individual’. Given how much we have come to depend and trust in computers and technology, I sometimes find it a bit alarming how little some people know about how PC and their software work.

Modern systems are admittedly much more reliable than the ones of a decade ago, but when I first started out with PC’s and software, everyone knew about backups. These days I ask people about how they are safe guarding all their data that is ‘irreplaceable’ and they shrug their shoulders and look confused and mutter ‘it’s stored on the computer somewhere’.

I possibly am a little extreme about this sort of thing. I know exactly where my data is, and I have backups of my backups (well, certainly optical disc burns of the really irreplaceable stuff, photos of events past, my library of system administration scripts that I so painstaking have amassed over the years, archived email conversations that I like to look back on from time to time). But, given that anyone you ask will tell you their data is essential to their plives and completly irreplaceable, you would think they would invest a little time into researching how best to make sure it does not all end in tears later down the line.

Anyone can drive a car, the act of driving is not the hard part. The lessons and the reading, the written exam, the highway code and the actual driving test itself merely allow you to drive the car (simple) without posing a danger to yourself or to others (the more difficult part).

In the same way you are not allowed to drive a car without first passsing a test, maybe there should perhaps a mandatory training course that you must attend before being allowed to purchase a PC that covers the basics enough so that you can pull away from the curb without loosing your entire baby picture libarary and wedding day mpeg collection and winding up a teary eyed wreck at your local branch of PC World.

Tags:
Posted in IT, microsoft | No Comments »

Microsoft UK TechDays……yipee !!

Friday, February 26th, 2010

I just signed up for a couple of the Microsoft UK tech.days events being held in London during April.

Am really hoping to get to see Chris Jackson live as I have only previously seen him online on Channel 9 and on the 2008 TechEd recordings (2nd page, first row, far right video). He really seems to know his stuff and have a sense of humour and presentation charisma.

Is quite a big deal for me as I don’t think I will ever work in the sort of company who send their staff out to the big official MS TechEd events held globally (at least I haven’t been sent to any so far, and never having been to one, have not been able to ask the attendees what sort of company they are working for that send them to MS Tech events).

In fact, I think the last formal IT training I was sent on was over 10 years ago when I was sent on a course to learn Exchange server 5.5 administration.

Admittedly I seem to have done ok without any training, getting by using books, online examples and demos and so on. But some systems (ones from Microsoft in particular) are getting so large and so complex with so many features and capabilities built right into them that I wonder if I am doing some things inefficiently or even incorrectly.

Take desktop deployment. My current employer are using Windows Vista. One of the earlier tasks I did (after the massive mail migration I wrote about on here previously) was to replace the mix of XP and Vista will a few standardised builds of Vista using WDS. The learning process was pretty steep, and very confusing.

I could not get the answer files to work correctly for unattended installs, I gave up on trying to figure the Microsoft Deployment Toolkit (MDT). In the end I simply installed a box *eaxctly* how I wanted it to be, and then sysprep’d it with an answer file. I then used ImageX to capture the system to a .WIM file and this is what I used to deploy to new systems. Even though it works pretty well (the only bits I could not automate were the machine naming, joining the domain and Windows activation) I am still not sure I am doing it the way Microsoft intended.

Now in 2010, the office here are looking to replace Vista with Windows 7 (not just to be fashionable you understand, but there do seem to be too many issues with Vista for our liking). I downloaded with Windows Automated Installer Kit (WAIK) for Windows 7 to have a look, and it bigger and even more complex that the one for Vista was.

So I have high hopes that some bright Microsoft chappie (maybe even Chris Jackson himself) will take to the stage and say “here’s how you do it” and show me the bits I’m missing, and the bits I’m doing wrong. I am taking my laptop and will be furiously trying to record everything they say and do :oO

p.s. If you work for a company that sends you to tech events (not just the MS ones) please let me know who you are and what you do, cause I really wanna go to them too :o/

http://www.microsoft.com/uk/techdays/dayitp.aspx

Tags: ,
Posted in microsoft, windows, windows 7 | No Comments »

IIS7 AppPool user account causes HTTP 503 error

Tuesday, February 9th, 2010

I don’t profess to be any kind of IIS expert, in fact, I would say I’m more of an Apache man myself. I just find it easier dealing with flat text file for application configs, frankly while I’m sure there are benefits to having the IIS config all sorted in metadata and stuff, I just find it confusing and overwhelming, gimme httpd.conf any day.

While trying to configure an IIS7 AppPool to use a not evelvated logon to run as, I recieved a HTTP 503 error and the following was logged in Appilcation area of the event viewer.

The identity of application pool user.www.somedomain.com is invalid. The user name or password that is specified for the identity may be incorrect, or the user may not have batch logon rights. If the identity is not corrected, the application pool will be disabled when the application pool receives its first request. If batch logon rights are causing the problem, the identity in the IIS configuration store must be changed after rights have been granted before Windows Process Activation Service (WAS) can retry the logon. If the identity remains invalid after the first request for the application pool is processed, the application pool will be disabled. The data field contains the error number.

Quite a few possibilities mentioned there, so I started with the first one, incorrect user. I deleted the user logon, recreated it, set the password and then re-configured the IIS AppPool to use the newly created account. But still the page gave me a 503 error.

So I looked at the new possibility, ‘Batch Logon Rights’. Comparing the local security policy MMC for the server I was having trouble with and one that was working ok I found that the group ‘IIS_IUSRS’ had been granted the ‘Logon As Batch’ right on the standalone server, but not on the server that was part of a domain ?!

Local Security Policy MMC

As the domained server was controlled by group policies I could not just add the group directly to the permission, I had to create a group policy to grant ‘IIS_IUSRS’ the ‘Logon As Batch’ right and the run a ‘gpupdate /force’ on the domain server.

Restarting IIS and testing the site again showed everything now working correctly. It seems that the ‘IUSR_USRS’ group gets granted the ‘Logon As Batch’ right automatically on standalone servers, but not ones that are part of a domain, you have to grant the rights by adding them via a group policy.

Posted in IIS | 1 Comment »

Odd Windows DNS Issue…….

Thursday, January 21st, 2010

Hmmmm, something is up with DNS at work. Randomly (anything from a week to 2 months) it seems to stop resolving .co.uk for some domains (especially www.bbc.co.uk) ? Nothing recorded in the eventlog for the times while it is behaving like this. Restarting DNS server fixes the problem for a while until it breaks again.

I recently patched server 2008 to SP2 as I found some issues that were fixed in that SP (like incomplete zone transfers which broke some stuff a while back).

But the service pack does not seem to have fixed this random sulking occuring in DNS.

For now I have enabled DNS debugging to a file on the system and restarted DNS, now I will need to patiently wait for it to act up again so I can have a peek and see if anything looks amiss.

I can find nothing solid on google either. If I ever get to the bottom of it I’ll re-post here, but in the mean time if anyone has any ideas let me know as I am stumped.

Tags: ,
Posted in dns, microsoft, windows | No Comments »

Reluctant MCSE……

Saturday, January 16th, 2010

Yep…..guess it probably about time to get my Microsoft certifications in order. My current ones are either :

a) Valid but horribly out of date
b) Lapsed completely

Well, the last MS exam I sat was back when NT4 was considered all the range !

So I’ll be procuring a box set of the core essentials books from MS press and spending a lot more nights at home.

Would also be cool to find a study group based in London (if such a thing exists, a quick skim of the first few pages of Google yielded nothing).

Will probably post progress and notes here as I go along (in the hope that it could help others).

Tags: , ,
Posted in mcse, microsoft | No Comments »

« Older Entries
Newer Entries »