Monday, April 21, 2008

Microsoft Certificate Services setup failed, Windows cannot

Symptom:

When you try to install (or re-install) the Microsoft Certificate Service you encounter the following error message and cannot continue. You did re-run the installation.

An error was detected while configuring Certificate Services.
The Certificate Services Setup Wizard will need to rerun to complete the
configuration.

Certificate Services setup failed with the following error: Windows cannot
find the network path. Verify that the network path is correct and the
destination computer is not busy or turned off. If Windows still cannot
find the network path, contact your network administrator. 0x80070033
(WIN32: 51)

The Cause:

The most likely cause of this is that File and Print Sharing got disabled. In my case, when I changed the host name, it got disabled.

Fix

Just enable the File and Print Sharing from the network control panel for ALL ACTIVE network connections and then try again.



Sunday, April 20, 2008

Gmail Does Not Load, Stay in Continuous Loading Loop

Symptom

This happens from time to time on my MacBook Pro and Firefox. Interestingly, when this happens I switch to Safari and Safari works fine.

What happens is that when accessing the Gmail, the screen shows "Loading...." and briefly flash the part of the page then goes back to "Loading..." again and this continues ad infinitum.

Cause

I don't know the exact cause of this. Apparently there is some issue with a corrupted cookie that may be causing this issue. One thing the corruption could occur is that I am using the Mac Mail via IMAP to download messages at home. Because Mac Mail allows sorting by the sender, I can weed out old news and newsletters quicker. I know, I know I have not completely subscribed to the Gmail paradigm (but it is a free country too!).

Anyhow, I think when I do these deletions on Mac Mail, things may go out of sync and that's when the problem seems to start.

Fix

You can try different URLs to access Gmail and this has fixed my situation. In my case if I just use https:// this will usually fix the problem, but then I will need to use https://

If you really need to fix this, you will have to remove Gmail related cookies. I don't know which is what so I usually remove all Google issued cookies. That will also fix it completely.

https://mail.google.com/mail/
or
http://mail.google.com/mail/?ui=1
or
http://mail.google.com/mail/h/

Time Wasted:

Took about 10 minutes to find and try the solution.

I typed in this search term into Google "Gmail problem FireFox loop" and no Google help message came up, instead this forum gave me the answer.

http://www.emaildiscussions.com/showthread.php?t=52131

Friday, April 18, 2008

CISCO ASA 5510, 5505 Creating A VPN Passthrough

Situation

You have installed the CISCO ASA in your organization, configured the NAT so that all of your own computers are protected behind the NAT and Firewall but now some users want to use a VPN to connect to some network outside. For example, a visiting or partner employee may want to connect back to their corporate office via an IPSEC VPN.

The VPN login seems to work, but nothing gets connected.

Why Does This Not Work On Out of The Box Usually?

Because of Network Address Translation, the VPN IP addresses gets translated through the firewall.

Possible Solution

The CISCO support web site has a very comprehensive information on this. The URL to the support article is this.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008045a2d2.shtml

This article also shows you how to configure this situation using the ASDM User Interface. But I know you don't want to read that so in summary here is what you would do:
  • Click Configuration on the Top Toolbar
  • On the side tool bar is "Security Policy"
  • Add the Following Access Rules (Access Rules Tab)
  • Add and/or Activate esp protocol in IP from the outside to the inside interface, Source is outside and destination is inside.
  • Add and/or Activate isakmp UDP protocol, source outside, destination the inside interface
  • Add and/or Activate UDP port 4500 traffic from source outside, destination the inside interface
Status

We've implemented this in April 08, it is June now and has been working very well in our environment. We've tried the "regular" CISCO VPN client connecting to the outside as well as CheckPoint ScruRemote VPN clients with it.

Monday, April 14, 2008

Microsoft IIS FTP Server Does Not Work with Passive FTP

Symptom:


Typical User Complaints:
  • I can log into an FTP site, but I cannot list the directory. It hangs.
  • My FTP hangs
  • FTP works from the office but FTP does not work from my home
  • Typical of a Microsoft Windows product, FTP does not work (not entirely true)
  • Microsoft Windows Server 2003 does not support Passive FTP (not true)


You have set up an IIS server on the Internet on Microsoft Windows 2003 R2 server. Everything appears to be going normally. You can FTP to "yourself" from within the same server, so you know FTP is working. Now you find out that people cannot see the directory when they connect to the FTP server. They can log in and connect but connection breaks as soon as the user tries to get a directory listing or try to send a file.

The Cause:

Your IIS Server, by default, does not support Passive FTP, and whoever trying to access your FTP server is opening the FTP server behind their own firewall and Network Address Translation (NAT). That's 99% of the case from Cable Modem and DSL users.

The Fix:

You will need to do two things.

Using wscript, you need to configure the IIS Metabase so that IIS allows the use of ports for Passive FTP, then restart the IIS.

Using anther batch script, you will need to add EACH port number in the Windows firewall exceptions list.

This site seems to give you the complete information on the whole issue and how to fix it step by step.

http://velikan.net/iis-passive-ftp/

Thursday, April 03, 2008

Commentary: The Future is in Voice Recognition + Search

I am hereby putting this in writing, so that I can say in a few years to people "I told you so!" sort of things. I have been saying this for the past 2 years or so and each time I said this to my other geek colleagues, they almost always laugh.

When I was a kid in Japan and when I visited my grandfather's place. There was this telephone without any dial at all. To make a phone call he would pick up the receiver, then there is a crank on the right of the phone which he turns a few times. An operator answers. He will tell the operator, to "Give me Maeda-san." and the operator knows who this is, where this person is, and connects. Even more, if this Maeda-san was not at home, the operator will try again and when he is back at home, connected, the operator will call back my grandfather and connects.

Sounds awfully antiquated, classic or whatever you would say because what you would do today is to go to your computer, start Outlook, type in Maeda, and find the name of the person, then find one of the phone numbers, call the guy, he isn't there, leave a message etc. And we call that high tech modern age stuff.

What, however will happen next is actually we will all go back to what my grandfather had in the first place. Except that it is wireless of course.

Most of us will have cell phones with basically nothing but a green and red button. It will fit almost in any pocket.

What you will do with it?

You command it with voice only and the computer intelligence behind it will do all of the reset of the work. It is connected with a complex search engine with a voice recognition software both on the phone and also on the remote phone switch too.

So just say that I have said to the phone, "Order Pizza" Here is what happens in the background.

- The location service on the phone would know if I am at home or office. If I have ordered a pizza before both from my office or home at different outfits, it will basically know which pizza place I am talking about. It will perhaps ask me "Call Harbor Pizza?" if I am calling from my home in Half Moon Bay, or "Call Brick Oven Pizza?" If I am in the office. Of course, I can be in totally different city in that case the search engine linking would suggest other places near by.

- Of course it is 7 PM and line is all busy but no problem, like a human operator would do, it would try calling on your behalf and then connects you up when the line is open.

- Let's say that I was in the different city and ordered a pizza. I would want to go and pick up the pizza. I would say to the phone. "Gide me to the pizza place." Of course the historical information would know that which pizza place it was, and with the GPS phone and voice navigation, there is no problem phone doing the navigation. The user still has not touched any dial at all!

I think we will all be having a phone that do this. And you know your search engine provider is scanning all your emails and everything you store in remotely hosted applications. It can have a lot of context as to what you are asking about.

Sure enough, bits and pieces of the technology is already out there. I use VoiceCommand on my Pocket PC all the time, and I speak to the robot at United Airlines too. I think that the integration of these stuff will make a phone with dials obsolete in a few years.