Thursday, December 23, 2010

GPMC error on Vista or above.

When clicking the settings tab on a policy I got this:

An error occurred while generating report:
Unable to cast object of type 'System.String' to type 'Microsoft.GroupPolicy.Reporting.Extensions.Registry.RegistryValue'.

\Administrative Templates\Network\Network Connections\Windows Firewall\Domain Profile\Windows Firewall: Allow Logging from Disabled to Not Configured the problem went away.


Hotfix available now: "Unable to cast object of type 'System.String' to type 'Microsoft.Group.Policy.Reporting.Extensions.Registry.RegistryValue'." error message when you try to generate a report for a GPO in Windows Server 2008 R2 or in Windows 76

Wednesday, December 8, 2010

WTF Microsoft

Wrote a powershell script today and ProductVersion isn't returning the correct value.  If I right click the file and do properties then it displays the correct version.

.Net 3.5 issues installing updates

I've run into a plethora of .net update 3.5.1 installation issues. Here's what I've done to resolve it.  My example was for x32 not x64 but I suspect the process is the same

1.  Download Microsoft .NET Framework 3.5 and .NET Framework 3.5 Service Pack 1

2.  Re-install by running a repair

3.  Install the following updates in order:

Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86

Microsoft .NET Framework 3.0 Service Pack 2 Update for Windows Server 2003 and Windows XP x86 (KB976570)

Microsoft .NET Framework 3.5 SP1 Update for Windows Server 2003 and Windows XP x86 (KB982168)

Microsoft .NET Framework 3.5 SP1 and .NET Framework 2.0 SP2 Update for Windows Server 2003 and Windows XP x86 (KB982524)

Monday, November 22, 2010

Slow rdp logons to terminal servers

Disable RSoP logging

the source of the logon delays was the large size of the WMI repository located on the servers at c:\windows\system32\wbem\repository\objects.DATA. When policies are applied by the user during logon, the system must read and write to the repository. When it is very large (we observed some servers with an objects.DATA file at 1.6GB in size), the Windows Management Instrumentation (WMI) service may block transactions for a period of time. By disabling the dependency on the Group Policy engine on this repository, the users no longer experienced delays during user log on.

Sharepoint 2010 update tracing service in Health Analyser

Make sure you have registered the account with Sharepoint first then run this powershell script.

$farm = Get-SPFarm
$tracingService = $farm.Services | where {$_.Name -eq "SPTraceV4"}
$managedAccount = Get-SPManagedAccount "\SPtrace"
$tracingService.ProcessIdentity.CurrentIdentityType = "SpecificUser"
$tracingService.ProcessIdentity.ManagedAccount = $managedAccount

Friday, November 12, 2010

MSExchangeIS 9519 0x972: Public Folders Container Deleted, or Missing Required Attributes

So I migrated exchange 2003 to exchange 2010 and the public folder hierarchy got borked. The Microsoft engineer gave this article to me to help get it rebuilt. It shows up when you have a public folder issue and the hierarchy doesn't move correctly.

MSExchangeIS 9519 0x972: Public Folders Container Deleted, or Missing Required Attributes

Thursday, October 28, 2010

Thursday, October 21, 2010

Windows Hotfixes of note

Article ID: 2388142 - Last Review: October 14, 2010 - Revision: 2.0
A computer that is running Windows 7 or Windows Server 2008 R2 intermittently cannot use a shared network printer to print

Article ID: 2273487 - Last Review: October 14, 2010 - Revision: 3.0
Error message when you shadow a remote desktop service session in Windows Server 2008 R2 or in Windows 7: "Because of a protocol error, this session will be disconnected. Please try connecting to the remote computer again."

Article ID: 2175609 - Last Review: October 14, 2010 - Revision: 2.0
You may encounter unexpected behavior when you use multiple IPv4 addresses on a computer that is running Windows 7 or Windows Server 2008 R2

Article ID: 2410477 - Last Review: October 13, 2010 - Revision: 3.1
A computer that is running Windows 7 or Windows Server 2008 R2 stops responding when you put the computer in sleep mode (S3) or resume the computer from the S3 mode

Article ID: 2280117 - Last Review: August 12, 2010 - Revision: 1.0
Error message when you create some snapshots on a computer that is running a 64-bit version of Windows Vista or of Windows Server 2008 and then try to restart the computer: “STOP: 0x0000006B”

Article ID: 2281477 - Last Review: August 12, 2010 - Revision: 1.0
There is about a 20- to 30-second delay in Windows Server 2008 or in Windows Vista when you open a network drive, and its target folder is a DFS share

Article ID: 982931 - Last Review: August 12, 2010 - Revision: 2.0
Some IP addresses on the network adapter are lost after you restart a computer that is running Windows Server 2008 or Windows Vista if several IP addresses are configured

Tuesday, October 19, 2010

Friday, October 15, 2010

Exchange 2007 servicecontrol.ps1 bug

You run ServiceControl.ps1 AfterPatch or ServiceControl.ps1 and get the error below. Microsoft made a mistake !

It's a bug in the script...

add a line at line 900:

$activity = 'BeforePatch'

add a line at line 958:


----------- snippet of error --------------
Write-Progress : Cannot bind argument to parameter 'Activity' because it is nul
At D:\Program Files\Microsoft\Exchange Server\bin\ServiceControl.ps1:1017 char:
+ write-Progress -Activity <<<< $activity -Id 0 -Status 'Completed' -Completed
+ CategoryInfo : InvalidData: (:) [Write-Progress], ParameterBind
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,M

Wednesday, October 6, 2010

dsquery user inactive switch

I discovered something interesting today. say you wanted to get a list of disabled, inactive users for 12 weeks. You'd do this :

dsquery user ou=disabledAccounts,dc=somedomain,dc=local -inactive 12 -limit 2000 –disabled

The catch is this, if the account has never been logged into it won't ever be returned. So how would you get around this?

Use the -filter switch and do an ldap query

dsquery * ou=disabledAccounts,dc=somedomain,dc=local -filter "(&(objectCategory=Person)(objectClass=User)(LastLogon=0) (UserAccountControl:1.2.840.113556.1.4.803:=2"))" -limit 2000
viola, you have the list.

Note: What the heck is UserAccountControl? It’s not the vista/win7 UAC but actually a bitwise value in AD that determines what state the account is in. 2 = disabled.

Thursday, September 23, 2010

WDS (RIS) Doesn't offer x64 boot images.

Shameless C+P

Deploying and Managing the Windows Deployment Services Update on Windows Server 2003. You can download the documentation at .

Architecture Detection
Each network booting computer should set DHCP option 93 to indicate the client’s architecture. This enables a PXE server to know at boot time the exact architecture of the client from the first network boot packet. On many x64-based computers, the architecture value is either not set (missing) or is not set to the expected value. (Generally, this means that the architecture is specified as x86-based when the computer is x64-based). The client system architecture values are:

0 = IA x86 PC

1 = NEC/PC98

2 = IA64 PC

3 = DEC Alpha

4 = ArcX86

5 = Intel Lean Client

6 = X64

To work around client architecture reporting problems, you can enable an architecture detection feature on your Windows Deployment Services server. When enabled, the client is sent a NBP ( before downloading the normal boot program for the client’s architecture (for example, or PXEboot.n12). performs an architecture detection test on the client processor and then reports the value back to the server using unused options in a specially formulated DHCP packet. Upon receiving the value sent by, the server knows the client’s true architecture and can send it the correct NBP, based on the policy priorities.

For architecture detection to work reliably, it must handle both of the previous cases. Unfortunately, handling the second case means that the architecture detection process will happen on every x86-based computer in the environment (presumably, x86-based computers are reporting themselves as x86-based computers in the network boot packets).

The architecture detection process is off by default because it:

•Adds time to boot.

•Increases network traffic.

•Increases load on the server.

You can enable architecture detection by running WDSUTIL /Set-Server /ArchitectureDiscovery:Yes.

This command controls the following registry key value:


•Name: DisableArchDisc


•Value: 0 or not present means the architecture discovery is enabled

1 means architecture discovery is disabled (default)

Note that if a client is detected as being x64-based capable (by reporting itself as such in the initial PXE request packet or through the architecture detection process) and a valid x64-based boot image does not exist on the server, the client will fail to boot. Generally, the error message will be Failed to restart TFTP. TFTP download failed. This issue occurs because the NBPs for x64-based clients must be extracted from a Windows PE 2.0 x64-based boot image. If such an image has not been added to the server, the client will not have a valid NBP to download and will fail to network boot. To resolve this issue, you can do one of the following:

•adjust the default NBP for x64-based clients using the Boot properties page of the Windows Deployment Server in the MMC to point to an x86-based boot program (for example, boot\x86\

•upload a valid Windows PE x64-based boot image (assuming you wish to deploy x64-based operating system images to the client).

Friday, August 6, 2010

Post-Graduate AD Studies - Ask the Directory Services Team - Site Home - TechNet Blogs

Post-Graduate AD Studies - Ask the Directory Services Team - Site Home - TechNet Blogs

Post-Graduate AD Studies

NedPyle 27 Jul 2010 3:54 PM 4
Hello world. I was out of the office late last week so there was no mail sack; Jonathan pretended like he was going to do one but he lied. He’ll try to claim that things got “busy” and there were “customers” who wanted “their issues fixed” or some other nonsense, but we all know it was due to him daydreaming about bubble baths.

Too weird?

Anyway, what with the hiring we’re doing now, a month ago I promised you some further reading around how you can amp up your Active Directory skills. Rather than burying it in another mail sack, I figured I’d lay it all out here in one spot. If you feel like you need to fill in the cracks on your directory service knowledge, here’s what we force feed our new hires:

Core Technology Reading

If you read nothing else, read these core pieces. While they are Win2003/XP specific, that’s still at least 75% of the business install base and highly relevant. For the most part things don’t change that much architecturally between versions either (ignoring GP and User Profiles). They give you the fundamentals to build on later.

Active Directory Collection
Active Directory Replication Model
Active Directory Replication Topology
DNS Technical Reference
Group Policy
Interactive Logon
Kerberos Authentication Technical Reference
Public Key Infrastructure (PKI)
TCP/IP Technical Reference
User Profiles

Post Graduate Technology Reading

Then we get to the more advanced subjects, the specific features added in later models, and the things that will take you into rarefied air. Much of this is Windows Server 2008 and later too, so if you haven’t started rolling out our later OS this will get you ready. If you can get through these, you’re ready to run AD in the environments with 100,000+ computers. And as I always tell people, if you know how something works, you can troubleshoot any kind of problem – even if the issue has never seen seen before.

Active Directory Domain Services in the Perimeter Network
Active Directory and Active Directory Domain Services Port Requirements
Active Directory Schema
ADMT Guide: Migrating and Restructuring Active Directory Domains
AD DS Design Guide
CA Certificates
Certificate Services
Core Group Policy Technical Reference
Designing a Group Policy Infrastructure
DFS Replication: Frequently Asked Questions (FAQ)
Distributed File System (DFS)
DNS Support for Active Directory
Domain and Forest Trusts Technical Reference
File Replication Service FRS
Global Catalog Technical Reference
Group Policy Components
Group Policy Management Console
Group Policy Object Editor
Logon and Authentication Technologies
Managed Service Accounts
Managing Roaming User Data Deployment Guide
Operations Masters Technical Reference
Read-Only Domain Controller Planning and Deployment Guide
Running Domain Controllers in Hyper-V
Security Auditing
Security Compliance Manager
Security Identifiers Technical Reference
Security Descriptors and Access Control Lists Technical Reference
Security Principals Technical Reference
Staging Group Policy Deployments
SYSVOL Replication Migration Guide: FRS to DFS Replication
User Account Control Technical Reference
What's New in Active Directory Domain Services in Win2008
What's New in Active Directory Domain Services in Win2008 R2
Windows Smart Card Technical Reference
Windows Time Service Technical Reference
WINS Technical Reference

Lab Materials

You can use these free trial editions below in order to do live repros of all this, and repros are highly suggested. Especially with the use of Netmon 3.4 to see how things look on the wire and learn how we troubleshoot here – with network captures. Running these in Hyper-V, in Virtualbox, etc. will also make the materials more understandable.

As an alternative, for a few hundred bucks you can get the amazingly packed TechNet or MSDN subscriptions that provide you with copies of so much MS software it’s ridiculous; way better than using trialware. Check those out here:

Thanks to the Blue Devil Demon* who reminded me to do this. :-)

Ned “nutty professor” Pyle

* Apologies to Coach K and the ghost of Ray Meyer. I've been away from Chicago too long, it seems. Maybe I really am no longer a 'damyankee', as my wife puts it?

Friday, July 30, 2010

Slow performance when you use a mapped drive to copy files to a remote server from a Windows Server 2003-based computer

Slow performance when you use a mapped drive to copy files to a remote server from a Windows Server 2003-based computer: "Slow performance when you use a mapped drive to copy files to a remote server from a Windows Server 2003-based computer"

Also this can help too YMMV

1. Open an elevated command prompt and press Enter:

netsh int ip set global taskoffload=disabled

2. Disable and re-enable the network interface.

3. Run the following command in an elevated command prompt to confirm the command above is successful:

netsh int ip show offload

Tuesday, July 27, 2010

The User Profile Service service failed the Logon

Receiving the error at login or via rdp:
The User Profile Service service failed the Logon
User Profile Cannot Be Loaded

More info:

Warning User Profile General Event ID 1509

Windows cannot copy file C:\Users\Default\AppData\Local\Microsoft\Exchange Server\V14\CmdletSqmData3700_100.sqm to location C:\Users\TEMP\AppData\Local\Microsoft\Exchange Server\V14\CmdletSqmData3700_100.sqm. This error may be caused by network problems or insufficient security rights.

DETAIL - Access is denied.


change the security permissions on the file to inherit and remove the pre-existing permissions.

Tuesday, July 20, 2010

Time Zone unrecognized after running WMIC command - Ask the Performance Team - Site Home - TechNet Blogs

Time Zone unrecognized after running WMIC command

Like Tony the Tiger says, grrrrreeaaaatttt!!! It wouldn't be so great if I had found this BEFORE i ran this command on oh I don't know 50 servers...

Monday, July 19, 2010

Carrabba's Copycat Original Recipes - Recipe Swap




Carrabba's Copycat/Original Recipes - Recipe Swap

Problem Steps Recorder!!!


This is freaking cool!

wevtutil, my new favorite toy

the other day I linked on wevtutil. once you get used to using it.. . the thing rocks!

One other thing, I cheat hardcore with this tool. If you use the event log to build your query then copy the filter string to the command line you're golden and have less heartburn.

For example, I want to create a query to pull out capi2 errors with an event id of 513 out of the application log, and I only want the previous 24 hours.

so how do you do it. . . . .Times up. here's the easy way:

Open the event log click on the application log and in the right pane select filter current log

Select from the logged drop down box : last 24 hours
In event sources: select CAPI2
Type the event number 513 in teh all event ids field

Wait!!! no!!! don't click okay!

Click the xml tab, notice anything interesting?
--------------- snippet
*[System[Provider[@Name='Microsoft-Windows-CAPI2'] and TimeCreated[timediff(@SystemTime) <= 86400000]]]

Looking good right? Nope we got to change one piece, < this needs to be changed to < the less than sign. So now we take this wonderfully formated text and add it to our wevtutil command wevtutil qe Application /q:"*[System[Provider[@Name='Microsoft-Windows-CAPI2'] and (Level=1 ) and (EventID=513) and TimeCreated[timediff(@SystemTime) <= 86400000]]]" /c:1 /f:text /rd:True

You'll notice that I added some switches too, like /c:1. What I was looking for was if it happened at all in the past 24 hours show me only one. I was using it to trigger an alert to have an engineer look into the issue.

also /rd:true = Reverse direction aka newest first.

Friday, July 16, 2010

If I tweeted...

I left my robe and wizard hat at the frigging cleaners so I can't read minds.

Stupid is as stupid does

I'd love to bitch about some stupid people right now. I really can't because I think it'd make me stupid too.

Wednesday, July 14, 2010

WEvtUtil Scripting - Windows Security Logging and Other Esoterica - Site Home - MSDN Blogs

WEvtUtil Scripting

Using WEVTUTIL to Manage Event Logs

Windows 2008 Server System Writer is Missing

Error CAPI2 513 Application LOG

Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Access is denied.


Run this:
cd /d c:\windows\system32
icacls %windir%\winsxs\filemaps\* > C:\acls.txt

IF this fails then run:
Takeown /f %windir%\winsxs\filemaps /a
icacls %windir%\winsxs\filemaps /grant "NT AUTHORITY\SYSTEM:(RX)"
icacls %windir%\winsxs\filemaps /grant "NT Service\trustedinstaller:(F)"
icacls %windir%\winsxs\filemaps /grant "BUILTIN\Users:(RX)"
icacls %windir%\winsxs\filemaps /grant "Administratoren:(RX)"
Takeown /f %windir%\winsxs\filemaps\* /a
icacls %windir%\winsxs\filemaps\*.* /grant "NT AUTHORITY\SYSTEM:(RX)"
icacls %windir%\winsxs\filemaps\*.* /grant "NT Service\trustedinstaller:(F)"
icacls %windir%\winsxs\filemaps\*.* /grant "BUILTIN\Users:(RX)"
icacls %windir%\winsxs\filemaps\*.* /grant "Administrators:(RX)"
Takeown /f %windir%\winsxs\temp\PendingRenames /a
icacls %windir%\winsxs\temp\PendingRenames /grant "Administrators:(RX)"
icacls %windir%\winsxs\temp\PendingRenames /grant "NT AUTHORITY\SYSTEM:(RX)"
icacls %windir%\winsxs\temp\PendingRenames /grant "NT Service\trustedinstaller:(F)"
icacls %windir%\winsxs\temp\PendingRenames /grant "BUILTIN\Users:(RX)"
Takeown /f %windir%\winsxs\temp\PendingRenames\*.* /a
icacls %windir%\winsxs\temp\PendingRenames\*.* /grant "Administrators:(RX)"
icacls %windir%\winsxs\temp\PendingRenames\*.* /grant "NT AUTHORITY\SYSTEM:(RX)"
icacls %windir%\winsxs\temp\PendingRenames\*.* /grant "NT Service\trustedinstaller:(F)"
icacls %windir%\winsxs\temp\PendingRenames\*.* /grant "BUILTIN\Users:(RX)"

Monday, July 12, 2010

How to troubleshoot LDAP over SSL connection problems

How to troubleshoot LDAP over SSL connection problems

How to create a Central Store for Group Policy Administrative Templates in Window Vista

How to create a Central Store for Group Policy Administrative Templates in Window Vista

These articles describes how to use the new .admx and .adml files to create and to administer registry-based policy settings in Windows Vista. This article also explains how the Central Store is used to store and to replicate Windows Vista policy files in a domain environment.

Sunday, July 4, 2010

Tuesday, June 29, 2010

Stupid Drivers, move over

Yet another rank to idiots who get a license but shouldn't have.

Move the heck over. On interstates you should never be in the left lane except to pass.

And for the love of the road, don't frigging speed-up when I try to pass you on the right. Cause your idiocy or ego seemingly won't survive me passing you.

oh and my wife says, arf arf arf. That's censored for your protection.

La Quinta Inn

This hotel was near Duke university. The card key didn't work. Then when that was fixed, It was nice to walk into someone else's room at 11 PM. Thankfully the lights were off, the tv on, and habitants in bed covered. Funny, that happened to someone else at this very same hotel based on the reviews. All in all it was a good stay they bumped us up to a suite to make it right. I wish it was for a couple days though.

Aloft Hotels

Well, this hotel near baltimore, actually next to Arundel Mills Mall, sucks. Our room stank of mold, the pump room caught fire, and no housekeeping. The staff was pleasant with us but not with each other. Will not go back there.

Thursday, June 24, 2010

Auditpol in all it's glory


you can retrieve lists of categories and subcategories with these commands, respectively:
auditpol /list /category
auditpol /list /subcategory:*

Also be aware read the bottom note of this tip.

Fine Tune Your Security Audit Policies

How to use Group Policy to configure detailed security auditing settings for Windows Vista-based and Windows Server 2008-based computers in a Windows Server 2008 domain, in a Windows Server 2003 domain, or in a Windows 2000 domain.

How to use Group Policy to configure detailed security auditing settings for Windows Vista-based and Windows Server 2008-based computers in a Windows Server 2008 domain, in a Windows Server 2003 domain, or in a Windows 2000 domain.: "How to use Group Policy to configure detailed security auditing settings for Windows Vista-based and Windows Server 2008-based computers in a Windows Server 2008 domain, in a Windows Server 2003 domain, or in a Windows 2000 domain."

Exchange 2007 SP3 - Not your average service pack

Microsoft Releases Exchange 2007 SP3
· By Kurt Mackie

· 06/22/2010

Microsoft this week released Exchange Server 2007 Service Pack 3, which lets IT pros run the mail server on Windows Server 2008 R2.

The new service pack was released on Sunday, but was announced yesterday, and can be downloadedhere. Microsoft took time to deliver this service pack because it entailed making a lot of coding changes to Exchange 2007, the company explained late last year. Microsoft promised back then that it would deliver SP3 in the second half of this year, so this release came early.

The arrival of the service pack means that organizations don't have to move off Exchange Server 2007 if they have migrated to Windows Server 2008 R2 already. Exchange 2010 is currently available, having been released as a final product in November, but some organizations may not be ready to make that move. For example, Exchange 2010 uses a different method of archiving and storing e-mails from its predecessors that may require infrastructure changes.

However, the release notes for SP3 suggest that IT pros won't have a simple upgrade process. SP3 will cause Active Directory schema changes, so Microsoft's release notes suggest preparing Active Directory and domains prior to installing this service pack.

SP3 is cumulative, meaning that it contains update rollups through the fourth release. Consequently, it allows users to upgrade from earlier service packs (such as SP1). However, Microsoft says that users must first "uninstall all Interim Updates before you install Exchange 2007 SP3."

Removing SP3 appears to be less simple than installing it. The only way to uninstall SP3 is to remove Exchange Server 2007 entirely and reinstall an earlier version, according to Microsoft's release notes.

SP3 will work on Windows Server 2008, but not if the OS was previously upgraded. Microsoft offers just one approach: "To deploy Exchange 2007 SP3 on an Windows Server 2008-based computer, you must first install Windows Server 2008 on a computer that does not have Exchange installed, and then install Exchange 2007 SP3."

Exchange Server 2007 SP3 supports both 32-bit and 64-bit machines. However, a Microsoft blog notes that "only the 64 bit is supported in Production environment[s]."

A few new features are available with SP3. Highlights include the ability to install Exchange Management Tools on Windows 7 computers, as well as an improved search and password reset capabilities.

Aggregated Link List

This is a compiled link list for those folks who desire it. I did this for the awesome folks in a class I took. Thanks to Noah, Alan and Jarrod for their contributions

CACE Technologies - AirPcap
Create a passive network tap for your home network « :wq
w32tm info
configuring windows time service
HOWTO: Leverage Group Policies with WMI Filters
Windows Time Service and Resulting Internet Communication in Windows Server 2008
Command-line reference A-Z: Scripting; Management Services
Windows Server 2008 Tips
TechNet Virtual Labs: Windows Server 2008 Knowledge Base Alerts
Step-by-Step Guide to Bulk Import and Export to Active Directory
Windows Server 2008 and Windows Server 2008 R2
Memory Management - Understanding Pool Resources
Microsoft Enterprise Networking Team
Ask the Directory Services Team
SANS: Computer Security Training, Network Security Research, InfoSec Resources
Free Windows Management Software Tools by Quest Software
Active Directory Topology Diagrammer ADTD
Step-by-Step Guide to Understanding the Group Policy Feature Set
Technical Reference for Windows Server 2008
Free Ebook: Mastering SQL Server 2005 Profiler
Customizing Windows Security Templates
Troubleshooting Group Policy Client-Side Extension Behavior
Information about new Group Policy preferences in Windows Server 2008
Splunk | IT Search for Log Management, Operations, Security and Compliance: "Business Needs Real-time IT"
Nagios - The Industry Standard in IT Infrastructure Monitoring
Groundwork Monitor Community Edition | Download Groundwork Monitor Community Edition software for free at
Creating a DNS Infrastructure Design
Error message when you try to access a server locally by using its FQDN or its CNAME alias after you install Windows Server 2003 Service Pack 1: Access denied" or No network provider accepted the given network path
Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
DNS Stub Zones in Windows Server 2003
Troubleshooting File Replication Service
Understanding SRV Records
Understanding DNS SRV records and SIP
How to verify that SRV DNS records have been created for a domain controller
Service Connection Points (SCPs) and ADAM/AD LDS
Understanding aging and scavenging: Domain Name System(DNS)

CACE Technologies - AirPcap

CACE Technologies - AirPcap

Create a passive network tap for your home network « :wq

Create a passive network tap for your home network « :wq

Monday, June 21, 2010

SuperSocket Info: Bind failed on TCP port 1433

I didnt' try the below but I went through the network connection utility and just re-applied the settings (also removed named pipes but test this first). I'm guessing that this rebuild the stack for sql as well

snip ------
reference here

I recently began getting this error when SQL Server 2000 starts up. I
tried all the suggestions I could find (e.g., Q293107) but none worked.
I did finally figure this out and wanted to share the solution.

It turns out my winsock2 had been corrupted (by Juniper VPN software, I
believe), resulting in SQL Server attempting to bind twice to the same
socket. From the command line (on my windows XP SP2 machine), I ran
the following:

netsh winsock reset

This fixed the problem! See this article on Microsoft for more info:
Q811259. Hope this saves other people time. ----

Thursday, June 17, 2010


UA Buglight identifies admin-permissions issues ("LUA bugs") in desktop applications


Wednesday, June 16, 2010

Wednesday, June 9, 2010


Programmically delete profiles on windows

Windows 2008 Profile Service Issues

"The User Profile Service (ProfSvc) crashes in Windows Server 2008 or Windows Vista SP1 systems when the service loads or unloads user profiles that contain compressed files or folders"

Monday, June 7, 2010

Another VSS patch

A parallel backup operation may fail when the operation is performed by Volume Shadow Copy Service (VSS)

Friday, June 4, 2010

GAHHHHH , DELL is driving me insane....

How hard is it to give me the right quote? I ask for a 15.4 wuxga screen (1920X1200) for a latitude e6500. Why are you sending me a quote for a xga (1400x800). How freaking difficult is that???

A little history, these below the bar folks can't seem to do anything right. It took 4 returns and photos to get them to send the right part for a DRAC. I also ordered drives for a server, (okay this one is partially my fault) they didn't come with sleds. Even though they knew in the email we were adding them to an existing array config...

even the other engineers are getting fed up with them. Give them a dell part number and they send the wrong memory. give the the memory specs and ask them to correct the order, they ship the same memory...

Thursday, June 3, 2010

VSS tracing

This has VSSTRACE in it for debugging vss issues.

Windows 7 SDK .net 3.51

All you didn't know about vsstrace :)


Monday, May 24, 2010

Remember the good old days?

Sure most of us start out as helpdesk engineers. I believe its the easiest way to root out complete tools that are only around to collect a check and have no life desires... Which had me reminiscing about the good old days.

I remember when I had to tell users that it was the right mouse button otherwise secretly known as the right-click. Nowadays people have gotten passed that, but a new level of DFUs have emerged. Now it's explaining which backslash to use, forgive me I never knew there were two backslashes? I always thought there were two distinctly different slashes One (shhh don't tell anyone) is the backslash, you know the one above the enter key and has been there for YEARS. Then there is it's lonesome relative the forward slash (it's that one below the question mark)...

When did all the sudden did people decide this was gonna be the next big thing in dumb user etiquette.

Yoda does Helpdesk?

actual ticket resolution comments:

Call user, Problem fix

So is there a problem or not?

Went up and checked the PCs they were running a little slow while I was there. She assured me that it was fast compared to earlier. Called XXX and he checked the Citrix servers etc... and all was good. He will check again in the morning and get with network group if need be.

Just hit the server

Oh, I just got a chuckle out of this today.

an Actual ticket entry, I wonder how many times they needed to hit the server.

User hit server 02 3 times and then I did an application refresh and had her try again, hit server 03, still unable to print. She said that everytime I killed her session, she was getting an error/warning message about invalid statement handled, and then it goes away, she has not seen that before.

Aaah My Ears

Gotta love the man, he cusses so damn much that he can make sailors blush. Oh wait he is a sailor... Guess he makes other sailors blush :)

All seriousness, he's a good guy and a staple in keeping me somewhat sane.

Sunday, May 23, 2010

Insanity in home or I live my wife

Any one with kids knows how they way on your perfect state of mind (LOL yea, right) but I think my wife has lost it. I love her and always will, even after the peek-a-boo with towels, shirts and baby clothes, and the tickle getcha getcha getchas. She treats me better than I deserve sometimes. I'm very good at open mouth, insert foot and chew.

Cleanup your mess!

Random connectivity issues... Man can DNS can be a pain, shouldn't it be the first thing you check? takes 5 to 10 mins, looking for some stale gc, ns, or invalid DC locater records. Think that might cause some interesting authentication problems? Mmmm, I think so... and it all boiled down to a failed SBS migration that nobody mentioned till it I started asking did blah blah...

Not to mention a corrupted gpo and the security permissions associated with it.

Thursday, May 20, 2010

gotta be a better way...

So I'm starting to learn powershell by the seat of my pants and my trusty friend google. All I was trying to go was get the file versions to verify a hotfix was installed.

Doing it this way I had to do some replace string in the results of fullnames. without it, it parsed out looking like {@fullname=\\blah\C$\windows\system32} causing the fileversion to fail.

Got a better idea, post it and let me know...

$a = Get-childitem -path "\\SomServer\C$\windows\system32" -recurse -include "Afd.sys","Dns.exe","Dnsperf.dll","Dnsperf.h","Dnsperf.ini","Mswsock.dll","Tcpip.sys","Tcpip6.sys","W03a3409.dll"|Select-Object fullname
$a=$a|ForEach-Object {$_ -replace "FullName=","" }
$a=$a|ForEach-Object {$_ -replace "@{",""}
$a=$a|ForEach-Object {$_ -replace "}",""}
$a|ForEach-Object{[System.Diagnostics.FileVersionInfo]::GetVersionInfo($_)|Select-Object FileName,ProductVersion}

DumbAss Admins

You know I've been in IT since 98, I've had my dumbass moments, we all have had them. Just admit the frigging mistake so we can work on the solution. You're supposed to be better than those DFUs that we support.

Why is it...

When you're a more senior engineer and someone asks for advise. You give it to them and then they ask a less senior engineer and goes with his solution of installing an older buggy version so he doesn't have to speak with the client on upgrading a piece of software???

Oh yea, the upgrade was $180 and fixes a ton of bugs... Now I'm going back to the client to tell him, yeah you see this 180$ upgrade would have prevented the problem that I just fixed and billed you $185 and the $180 upgrade, plus the previous engineer's time.

Yea, that makes me feel so warm and fuzzy...

My First Friggin Post

Yea, so what. I've got a bad attitude today and decided to start adminontherag. Hell I dunno if i'll keep up with it, but it'll be a great place to vent with no cares in the world.