ActiveDirectory Recovery Note

Since the time of Windows NT, I really disliked the Domain Controller architecture in Microsoft network. The part that I really did not like about it is that it basically required two dedicated machines to handle this, and we are not supposed to install anything else on it, for example SQL server (you can, and I strongly advise you against doing this. Some day you run into trouble and it will cost you several times over the cost of the hardware you thought you saved.) In addition they had the idea of Primary and Backup domain controllers with the notion of the backup controller a bit dubious since if you lost the primary, you probably lost the ability to get back the primary easily.

When Windows 2000 came out I was a bit excited to be told about the fact that the AD does not have the notion of the Primary and Backup. But soon enough that was not true, and in fact it got even more complicated.

This was now 2008, in my small office, I had a brilliant idea of hosting two AD servers on virtual machines since we don't really maintain any more than a few user names and such. Well, however, we've just lost one of the controllers during a VM migration completely, so I had to basically create another one from the remaining "backup" controllers.

This has caused a several hours of "wasted time," since I really don't want delve into this AD stuff. So if this happens again here is the note to myself. Things like a backup fail-over should be basically instantaneous and I expect there ought to be one-button thingy for basically an idiotic (by choice) user by me, but this not being like that does protect lot of jobs in the industry I would guess.

• It seems to work better if you'd install the DNS first before adding the domain controller role.
• Download the Windows Support Tool from the MS web site. This has two important tools . One is called NETDIAG and another is DCDIAG. These are command line tools and if you run them without any argument they will tell you in more gory details about what's wrong with your DNS and Domain Controller settings. Basically they run a series of tests and they will return either pass or fail. The idea is to fix things so that they will all Pass. For each Fail, type in the error message into Google (not Live Search) and you will find the answer article on how to fix things on Microsoft web site. (Message to MS - Please improve the search on your own product related information.) I would fix the DNS first.
  
• Next tool you will need to use is NTDSUTIL program. You use this tool to basically transfer some of the critical roles that your lost domain controller had. The terminology you need to use to search is "Seize [blah blah] role" And you basically issue the Seize command to this tool. There are about 4 or 5 roles that you need to Seize, and one additional tricky thing is the "Infrastructure" role. This apparently should not be seized by the primary, so run the same tool on the secondary server and have it seize the "Infrastructure" role.
  

I think these would provide enough hints for you to get out of the lost PDC situation.

How To Nissan Key Fob Battery Replacement. 2005 Model year. Key-less system. What Battery To Buy

Symptom:

Want to replace a battery in Nissan Key Fob.

Battery:

The battery is CR2025, pretty standard. It is $15.00 at car dealership.

Replacement:

Pull the metal key out and there is a notch in the middle. With a small flat screw driver head apply a small pressure and then pull up the cover from the screw drive end while the pressure is being applied. It opens up quite easily.

Comment:

Sorry nothing to do with the regular IT article, but I just need to jot down the battery model if we need to do it again.

Mac QuickTime and QuickTime Web Plug-In Repair Note

This document is in the progress.

I am presently having QuickTime plug-in not playing certain type of video formats. It launches the QuickTime player from the browser both in Safari and Firefox but it does not play the actual movie. Presently below are the notes I am taking for what to do to fix the issue.

Check The Location of The QuickTime Plug-In

Plug-ins are located under /Library/Internet Plug-Ins There is the same directory under ~/Library/Internet Plug-Ins as well. On a fresh out of the box Macs neither locations contain anything. 

Check the QuickTime CODEC Installations

Extra and third party CODECS ones are usually installed at /Library/QuickTime

Popular CODECS and CODEC Utiity download sites:

• Apple QT component list: http://3ivx.com/download/macos.html
  
• 3ivx:  http://3ivx.com/download/macos.html
• Perian.Org http://www.perian.org (Especially popular with people having problem with playing the AVI)

Repair The Disk Permissions, Re-Install QuickTime

Some internet posts suggest that we need to preform the disk permission repair, reboot, re-install (the latest version of) QuickTime and re-repair the permission and reboot. To do the repair type in "Disk Utility" in Spotlight query filed (the magnifying glass stuff on top right of the Finder) then run the Disk Utility. 

There is a Fast Aid tab and in there you will find "Repair Disk Permissions" button. 

It takes about 3-4 minuets to run on a relatively new Mac (without much software installed) in my lab. 

Mobile Me iDisk Does Not Mount on Windows XP

Symptom:

I know I can use Map Network Drive feature on the Windows to mount iDisk using the Mobile Me credential, however when I type in my user name and password, it does not accept and it won't mount (map) my MobileMe iDisk volume (this is also true basically for most other WebDAV mounts.)

Solution:

You must explicitly click "Connect using a different user name." in the dialog box. There is some but a distinct difference between doing this first. Without doing this, you will still be asked for user name and password but that won't work even if you provide the correct user name and password of your Mobile Me account.

Note:

Mobile Me and iDisk is a great tool for me because I use Mac at home and XP at work and I often need to bring documenting work back and forth home and office. With remote desktop capabilities rampantly available, I no longer carry my laptop around. I just drag and drop files and continue to work at all locations.

QuickTime Plug-In Playback Jittery At Times

Symptom:

You have a page with a QuickTime plug-in using JavaScript with the AUTOPLAY and LOOP parameter set to TRUE and you are trying to view QuickTime movie embedded in the web browser on Safari (or any other browser). At times the movie plays back very jittery, but if you manually press the stop button and play button on the embedded QuickTime player, the jitteryness goes away completely (in my case we are sending AVI movies to it.)

You know there is nothing wrong with the movie file that was on the server because if you save the movie locally from the plug-in or make a copy of the file directly from the server and play it back it plays back normally.

Root Cause:

It appears that this problem occurs in the following manner:

• The web server starts to send part of the movie
• The QuickTime Plug-In starts to play any playable part
• But the play head catches up with the download
• The playing become jittery after that even even in the subsequent looping of the movie clip

Workaround Fix

In our case, we are not sending sound so we activated another QuickTime Plug-In parameter PLAYEVERYFRAME to TRUE. This may not completely fix your problem, however, at least by giving this a try, and the movie would play smoothly after it downloads all the frames then you know you have the exact problem as I had.

Comment

It appears that the reason this happens is that the plug-in will auto-adjust the play-back skip rate to preserve the audio playback sampling rate. Another way to try this is to set AUTOPLAY to off and try to play at different wait time (from almost no buffering to buffered full) and see you can duplicate this on your specific situation. This problem was worst when running on the Mac Safari on my MacBook Pro 17-in and lest on Microsoft Windows IE 7 under Windows XP. Also when the web server and video generation was on a very fast server this did not occur, but on a slower server this occurred more frequently.

Reference

Look in the latest Apple QuickTime Plug-In documentation (Google for) QTScripting_HTML.pdf for more information.

Time Took To Fix This

It took about 6 hours of time in front of the computer, visits to my customer site at night to qualify what is going on.

Windows SharePoint Services 3.0 Enabling Anonymous Access

The Problem:

You are trying to enable the anonymous access to your Microsoft SharePoint Services 3.0 site. You cannot figure out how.

Fix:

The Microsoft document (Enable anonymous access) on this is not clear on this. The document assumes that your system or sharepoint administrator has already done additional footwork, and describes the last few steps within the Site Actions part of the Sharepoint. 

There is (seems to be) a few more steps that needs to be done.

1. Terminal service or console access your web server's OS as an administrator.
2. First, IIS itself should allow anonymous access. This is done through the IIS administration feature (typically accessed from "My Computer->Manage").
   
3. Open the proprty of the SharePoint IIS web, select the Directory Security tab, then press the Edit button for the "Enable anonymous access" to allow the IIS to access. 
4. When that is done, you need to go to the SharePoint Cnetral Administration web site. The easiest way to get there is from the IIS Manager then right click over the SharePoint Administrator web and select Browse.
5. When the Central Administration page opens, select the Application Management tab.
6. Look for "Authentication Providers" item, then you will find the Anonymous access enable check box on that page. Save it.
7. Now log into your SharePoint page and then select Site Actions -> Site Settings and then select the Advanced Permissions. These steps are as described in the above mentioned Microsoft article, but you should now see Enable Anonymous permissions under the Settings menu bar.

Time Took To Find This Answer:

I spent about an hour trying to find this answer. The fact that anonymous enable is more or less "hidden" under "Authentication Providers" was a bit trickily for me. The reason I need to do this is that in my company the top page is accessible to anyone in the company whereas the individual department or other "site" will be secured.

Reparing Windows 2003 Installation, No Repair Prompt

Symptom:

You followed the Microsoft KB article http://support.microsoft.com/kb/325375 and tried to get the "repair" option, but you do not seem to see it.

Fix:

In my case, I had a USB drive connected to the server, which came up as the "C:" drive. It appears that the drive letter must match the original installation. You may also want to try restarting the CD after removing any attached storage outside of the C: drive.

AT&T Tilt, 8525, iPhone and 3G

My contract was up on AT&T, so that means I could upgrade my 8525 to something newer. I really thought hard about getting the iPhone 3G, but soon I have started to read about its poor 3G performance.

Incidentally, the 8525 had basically the identical problems as the iPhone users are complaining about. I have written about this before on this blog. But to summarize;

• Often the phone does not ring at all. I get the voicemail notification though so I know someone called just a minute ago.
• Anytime there was a 3G to GSM switch, it dropped a call and won't connect until I either reboot or bring the phone off-line and back online.
• Even in a very strong signal area (by the freeway in Redwood City), 3G did not connect up at all.

I thought that this was due to the poor implementation of 3G network by AT&T. But my co-worker who has a Samsung 3G phone in the same office worked all along. So there was a bit of doubt about that.

Also I've read about some problems with iPhone that I would be missing. I email a lot from the phone, and I do need a keyboard for that. I also cut and paste a lot while composing a message. For example, copying a page or URL out of a web browser (for which I use Opera Mobile with its much better JavaScript support.)

Then voice dialing. This I cannot go. It is a safety issue for myself and drivers and people around me.

So, it was really really hard to miss this opportunity to not to get the iPhone 3G. I am an avid Apple fan, but I really cannot buy into a phone that does not work as a phone like 8525 I had, but I did like a lot about 8525 and I decided to place my bet on the new AT&T Tilt.

Turns out that this is the best cell phone I've ever had.

• Now the calls never drops all the way from my home in Half Moon Bay area to Redwood City! I thought that dropping of the call was due to the ruralness of our area, but I was wrong. It was the phone.
• It now rings in my office and also at home without restarting.
• The GPS works with Google Maps
• I can tether it with my Macbook Pro and get on the Internet. No more hotel and Starbucks WiFi fees!
• The SIM card can be swapped without replacing the battery. This can be useful if I go out of country a lot and use the rental SIMs.
  

So here is some knit picking stuff:

• I wish that the display tilt up all the way vertically. If it does I can leave the phone on my dash and see the Google Maps easily while driving.
• I miss the function buttons that were on top. Now they moved all the buttons and clustered them really close together at the bottom of the phone. I often hit a wrong button to end the call etc.
• So far I could not activate the Voice Command with Jawbone

Definitely not as cool looking as the iPhone, but it is extremely practical and for business and communications use, this is so far the best phone I've used. And for music, I carry a separate iPod Nano. The battery lasts much longer that way.

Mac Parallels Disk Image Bloat, Error Compressing

I occasionally use Pararelles on my Mac. For example, to update my Windows Mobile Phone etc., that can only done on Windows. I have found out though that the disk image gets significantly bigger over time. There is an option to squeeze the disk, but that option did not run when I tried. I looked around on the net for the answer. I am jotting this down here so that I won't forget.

Snipped from this source: http://forum.parallels.com/showthread.php?t=138121.

Open Parallels and start windows 

2. go to the Actions menu and click on Create Snapshot
3. In the snapshot window just click the OK Button

4. Shut down windows using the shutdown feature in windows
5. Turn off Parallels 

6. Go to Applications/Parallels and open Parallels Image Tool 
7. Click Continue on the Introduction Page 
8. Click Choose on the source image page. 
9. Select your HDD 
10. Click Continue

11. Select Manage disk Properties in the action screen, Click continue 
12. In the Operations screen put a checkmark in the Merge snapshots item only. And click the Start button. 
13. A warning Message will drop down, Click Yes 
14. The Image tool will start to process your HDD this can take a long time be patient 
15. When The process completes click finish 

Next boot the VM:
It is normal for this to take a little longer than usual.

Finally Run Disc Compressor:

18. Go to Actions on the toolbar and select Run Parallels Copressor...... 
19. A dropdown menu will appear with a message on it click ok 
20. A countdown will begin, allow it to start automatically 
21. The Compressor will start the first set of operations this can take some time. 
22. After the first operations have completed Click on the restart button 
23. After the restart the next set of operations will start again this will take some time to complete. When the compression is completed the compacting of the disk will begin automatically. This can take hours to complete. Do not interrupt it, suspend your Mac or put it into sleep mode during this process. 
24. When Compacting is completed click on the OK button. 
25. Click Finish on the Compressor Window. 

Clean Up
26. Go to the Macintosh HD/Users/”your user name”/documents/parallels/”your virtual machine”/ and delete the Snapshots folder and the Snapshots.xml

VS 2005: Connection String Modifications in Class Libraries

Scenario:

An excellent practice in coding is to centralize and conseal data access code so that you do not have to reset configuration or in our case the "connection string" all over the places. You've probably experiencd that if you created a DataSet in the same project as all your main forms, connection string is in the Application's Settings file. And upon the form inialization, you can just change the connection string property then you are all set for the rest of the code.

What happens though if you placed the DataSet in a separate library. In this case you don't see the connection string any more in your Application's config file or Settings.

My Solution:

There are many different ways of doing this, from creating a factory class to overriding some config class objects that returns the correct (dynamically changed) connection string.

My solution is quite minimum compared to those but it does work and it does not require a lot of lines of code.

If you have created a Class Library on its own project then there is a namespace that is assigned to that project. If you create a DataSet in this project then it will create a local settings directory.

I usually have a database locally and so when I am developing I set my SQL hostname by default to (local) and when I go in production I just need to repoint the host name. The following code then will replace that with another hostname.

The property setting values are singletons (at least they seem to be) so if you run this once early on in your program execution, all the TableAdapters that use the connection string will take the new value from it.


namespace MyClassLib{
public class DBConnections
{
static public void SetDBHost(string hostName)
{
string cs =
Properties.Settings.Default.ConnectionString1;
cs = cs.Replace("(local)", hostName);
Properties.Settings.Default["ConnectionString"] = s; }
}
}

VS 2005: DataSet Designer Gives Unable To Find Connection Error

Symptom/ Situation:

You are using Microsoft Visual Studio 2005, and you have moved a DataSet (.xsd file set) from one location to another in your project on your Visual Studio 2005 and you get this kind of an error any time you want to add or modify a query in the Table Adapter, and you cannot add, delete, edit or modify the query that was previously defined.

Unable to find connection 'db1ConnectionString (MySettings)1' for object 'MySettings'. The connection string could not be found in application settings, or the data provider associated with the connection string could not be loaded. "

Possible Fix:

I had this issue and found out how to fix this in my case. Your case may vary.

• In the DataSet Designer mode click over the heading of the TableAdapter part and reveal its property.
• In the properties panel (usually on your right) you will see +Connection.
• Press the + icon
• Click the Value part of the connection and a pull-down menu will appear. (Re)select the proper connection string
• Now you should be able to modify the queries

Mac Tiger Does Not Autheticate When Connecting To WIndows 2003

Symptom:

When trying to access a file share (SMB share) from a Mac OS 10.4 (Tiger) to Windows 2003 Server which is in a Windows domain, you get a login screen, but it always fails on authentication.

Cause:

The "Microsoft network server: Digitally sign communications (always)" is Enabled in the Security Options of Local Policies of Security Settings in the Default Domain Controller Security Settings.

Fix:

This applies to Tiger which is running an older version of Samba software. A new version of it will not have this issue, and I have not checked that with Leopard.

Note that this may violate your general local security policy and may expose your windows server with additional security issues.

1. From the Start Menu, open Administrative Tools
2. Select Domain Controller Security Policy
3. In the Default Domain Controller Security Settings applet navigate through Security Settings, Local Policies, Security Options
4. Scroll down the list and find "Microsoft network server: Digitally sign communications (always)
5. Disable it.
6. From the command line tool type in "gpupdate" to load the change into the OS.

Time Took To Research and Fix This

About year and half.

ATT 8525 Phone Connectivity Instable

Symptom:

I have been using ATT (Cingular, HTC) 8525 for sometime, but whenever it switches to and from 3G to GSM (EDGE) networks there have always been all sorts of problems like a call dropping, cannot connect re-establish data connections etc. It also seems to get worse from either other networks, towers or a situation where there is an GSM only tower near-by and 3G tower at a receivable distance.

Fix:

I have disabled 3G from the phone and it operates much more stable. There is a registry hack you can do to show the bandwidth selector.

To enable the bandwidth selector tab in the Phone setup page.

[\HKLM\Software\OEM\PhoneSetting\]
"ShowUMTSBandPage"=dword:00000001

And this disables it.

[\HKLM\Software\OEM\PhoneSetting\]
"ShowUMTSBandPage"=dword:00000000

There is a freeware called MobileRegistryEditor that you can install it on your desktop and you can "remotely" alter the registry keys via a USB connection.

As with any registry hack, I cannot be responsible if you screw up your phone permanently.

Windows DNS: nslookup works but ping does not work

Symptom:

You are hosting your own DNS on Windows Server 2003 or likewise. Occasionally (especially after rebooting the DNS server), hostmame lookup does not occur, for example, ping or http request to your local host(s) from a web browser.

Boodoo Answer:

I do not know why or what is happening with this and I don't have time to figure out really what's gogin on but what helps are two things,

From a command line, try typing in "ipconfig /flushdns"

If that does not work you can try the following;

• Allow Dynamic updates on your Primary DNS nodes from the DNS configuration applet.
• Create reverse lookup zones.

Windows Dev: Add, Remove, Edit DataGridView

Problem:

This is very symptomatic of people like me who started out in .Net Framework 1.0's DataGrid class. When first encountering the new paradigm in .Net Framework 2.0 we still wonder why it they still made it so hard to work with the underlying DataTable or DataSet, and it must be a common knowledge that no site will tell you what to do a simple Insert, Update and Deletes.

For example, to find out which row was selected in the corresponding row of the DataTable. You probably even tried to hide a key column as the column number 0, and dismayed to find out that as soon as it is hidden the DataGridView won't even return the hidden field (though on the web control that technique does work).

Fix:

They actually did simplified it, but you do need to RTFM. You will find out that spending about an hour trying to understand the BindingSource class and utilizing it will significantly reduce or completely remove that grid and data sync problem headache.

Basically all you need to do is to drag the instance of BindingSource to the designer pane. Then using the DataSource property of the DataGridView, assign the newly created BindingSource.

Then in the BindingSource, assign the actual DataSet with the right table member and now they go magically in sync. For example, if you do an Insert and Update in the underlying DataSet's DataTable, it will automatically reflect the change in the grid. In other words, the DataGridView will automatically follow what you do with the underlying DataSet. I think finally that's significantly more convenient. Note that you should not invoke the Insert function of the TableAdapter class and hoping to the DataGridView to update. That do not go through the underlying DataSet, instead it directly fires the Insert SQL without going through any datasets.

Windows Dev: Storing and Changing SQL Connection String from Configuration File

When writing a .NET application with SQL database, we always need to store a configuration string somewhere. This can be done in many ways. I happened to like the Application Configuration capability that started to appear in Visual Studio 2005 with .NET Framework 2.0

This is a very typical thing we do, but at least in .NET Framework 2.0 there still is not an easy solution for this, and using the App.config approach, you will soon realize that you run into two problems (I am not going into the security aspects of it.)

1. You could store the entire connection string as the Application level configuration parameter in app.config but if you do that then you cannot change and save the string from anything in the applications section.
2. But you have to change the instance of that string in order to easily propagate the connection string to all TableAdapters

Well, it turns out that there is simple and easy way of doing this. You can modify the memory instance of the application connection string using the array indexer with the name rather than calling as a member of the property. If you can successfully make the change in the connection string in the constructor of your application in the following manner, the changed configuration string will propagate to all of the TableAdapters.

public Form1()
{
InitializeComponent();
string s = Properties.Settings.Default.MyConnectionString;
s = s.Replace("(local)", "192.168.0.100"); // This can come from another user configuration string.
Properties.Settings.Default["MyConnectionString"] = s;
}

Microsoft Certificate Services setup failed, Windows cannot

Symptom:

When you try to install (or re-install) the Microsoft Certificate Service you encounter the following error message and cannot continue. You did re-run the installation.

An error was detected while configuring Certificate Services.
The Certificate Services Setup Wizard will need to rerun to complete the
configuration.

Certificate Services setup failed with the following error: Windows cannot
find the network path. Verify that the network path is correct and the
destination computer is not busy or turned off. If Windows still cannot
find the network path, contact your network administrator. 0x80070033
(WIN32: 51)

The Cause:

The most likely cause of this is that File and Print Sharing got disabled. In my case, when I changed the host name, it got disabled.

Fix

Just enable the File and Print Sharing from the network control panel for ALL ACTIVE network connections and then try again.

Gmail Does Not Load, Stay in Continuous Loading Loop

Symptom

This happens from time to time on my MacBook Pro and Firefox. Interestingly, when this happens I switch to Safari and Safari works fine.

What happens is that when accessing the Gmail, the screen shows "Loading...." and briefly flash the part of the page then goes back to "Loading..." again and this continues ad infinitum.

Cause

I don't know the exact cause of this. Apparently there is some issue with a corrupted cookie that may be causing this issue. One thing the corruption could occur is that I am using the Mac Mail via IMAP to download messages at home. Because Mac Mail allows sorting by the sender, I can weed out old news and newsletters quicker. I know, I know I have not completely subscribed to the Gmail paradigm (but it is a free country too!).

Anyhow, I think when I do these deletions on Mac Mail, things may go out of sync and that's when the problem seems to start.

Fix

You can try different URLs to access Gmail and this has fixed my situation. In my case if I just use https:// this will usually fix the problem, but then I will need to use https://

If you really need to fix this, you will have to remove Gmail related cookies. I don't know which is what so I usually remove all Google issued cookies. That will also fix it completely.

https://mail.google.com/mail/
or
http://mail.google.com/mail/?ui=1
or
http://mail.google.com/mail/h/

Time Wasted:

Took about 10 minutes to find and try the solution.

I typed in this search term into Google "Gmail problem FireFox loop" and no Google help message came up, instead this forum gave me the answer.

http://www.emaildiscussions.com/showthread.php?t=52131

CISCO ASA 5510, 5505 Creating A VPN Passthrough

Situation

You have installed the CISCO ASA in your organization, configured the NAT so that all of your own computers are protected behind the NAT and Firewall but now some users want to use a VPN to connect to some network outside. For example, a visiting or partner employee may want to connect back to their corporate office via an IPSEC VPN.

The VPN login seems to work, but nothing gets connected.

Why Does This Not Work On Out of The Box Usually?

Because of Network Address Translation, the VPN IP addresses gets translated through the firewall.

Possible Solution

The CISCO support web site has a very comprehensive information on this. The URL to the support article is this.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008045a2d2.shtml

This article also shows you how to configure this situation using the ASDM User Interface. But I know you don't want to read that so in summary here is what you would do:

• Click Configuration on the Top Toolbar
• On the side tool bar is "Security Policy"
• Add the Following Access Rules (Access Rules Tab)
• Add and/or Activate esp protocol in IP from the outside to the inside interface, Source is outside and destination is inside.
• Add and/or Activate isakmp UDP protocol, source outside, destination the inside interface
• Add and/or Activate UDP port 4500 traffic from source outside, destination the inside interface

Status

We've implemented this in April 08, it is June now and has been working very well in our environment. We've tried the "regular" CISCO VPN client connecting to the outside as well as CheckPoint ScruRemote VPN clients with it.

Microsoft IIS FTP Server Does Not Work with Passive FTP

Symptom:


Typical User Complaints:

• I can log into an FTP site, but I cannot list the directory. It hangs.
• My FTP hangs
• FTP works from the office but FTP does not work from my home
• Typical of a Microsoft Windows product, FTP does not work (not entirely true)
• Microsoft Windows Server 2003 does not support Passive FTP (not true)

You have set up an IIS server on the Internet on Microsoft Windows 2003 R2 server. Everything appears to be going normally. You can FTP to "yourself" from within the same server, so you know FTP is working. Now you find out that people cannot see the directory when they connect to the FTP server. They can log in and connect but connection breaks as soon as the user tries to get a directory listing or try to send a file.

The Cause:

Your IIS Server, by default, does not support Passive FTP, and whoever trying to access your FTP server is opening the FTP server behind their own firewall and Network Address Translation (NAT). That's 99% of the case from Cable Modem and DSL users.

The Fix:

You will need to do two things.

Using wscript, you need to configure the IIS Metabase so that IIS allows the use of ports for Passive FTP, then restart the IIS.

Using anther batch script, you will need to add EACH port number in the Windows firewall exceptions list.

This site seems to give you the complete information on the whole issue and how to fix it step by step.

http://velikan.net/iis-passive-ftp/

Commentary: The Future is in Voice Recognition + Search

I am hereby putting this in writing, so that I can say in a few years to people "I told you so!" sort of things. I have been saying this for the past 2 years or so and each time I said this to my other geek colleagues, they almost always laugh.

When I was a kid in Japan and when I visited my grandfather's place. There was this telephone without any dial at all. To make a phone call he would pick up the receiver, then there is a crank on the right of the phone which he turns a few times. An operator answers. He will tell the operator, to "Give me Maeda-san." and the operator knows who this is, where this person is, and connects. Even more, if this Maeda-san was not at home, the operator will try again and when he is back at home, connected, the operator will call back my grandfather and connects.

Sounds awfully antiquated, classic or whatever you would say because what you would do today is to go to your computer, start Outlook, type in Maeda, and find the name of the person, then find one of the phone numbers, call the guy, he isn't there, leave a message etc. And we call that high tech modern age stuff.

What, however will happen next is actually we will all go back to what my grandfather had in the first place. Except that it is wireless of course.

Most of us will have cell phones with basically nothing but a green and red button. It will fit almost in any pocket.

What you will do with it?

You command it with voice only and the computer intelligence behind it will do all of the reset of the work. It is connected with a complex search engine with a voice recognition software both on the phone and also on the remote phone switch too.

So just say that I have said to the phone, "Order Pizza" Here is what happens in the background.

- The location service on the phone would know if I am at home or office. If I have ordered a pizza before both from my office or home at different outfits, it will basically know which pizza place I am talking about. It will perhaps ask me "Call Harbor Pizza?" if I am calling from my home in Half Moon Bay, or "Call Brick Oven Pizza?" If I am in the office. Of course, I can be in totally different city in that case the search engine linking would suggest other places near by.

- Of course it is 7 PM and line is all busy but no problem, like a human operator would do, it would try calling on your behalf and then connects you up when the line is open.

- Let's say that I was in the different city and ordered a pizza. I would want to go and pick up the pizza. I would say to the phone. "Gide me to the pizza place." Of course the historical information would know that which pizza place it was, and with the GPS phone and voice navigation, there is no problem phone doing the navigation. The user still has not touched any dial at all!

I think we will all be having a phone that do this. And you know your search engine provider is scanning all your emails and everything you store in remotely hosted applications. It can have a lot of context as to what you are asking about.

Sure enough, bits and pieces of the technology is already out there. I use VoiceCommand on my Pocket PC all the time, and I speak to the robot at United Airlines too. I think that the integration of these stuff will make a phone with dials obsolete in a few years.

OpenOffice.Org - Can't See Graphics or Pictures

Symptom:

When you open an OpenOffice.org Writer document, the graphics are disabled, all graphics are showing the [X] mark and you cannot find where to turn this back on. This is likely to have happened accidentally (Can't blame you, that's how that happened to me, and don't know how this has happened either.... Makes my mother-in-law feel better for even a seasoned software engineer can be flabbergasted with things like this at times!)

Solution:

1. Go to Tools menu. Select "Options..."
2. In the left panel of the Options dialog box, you should find a + sign on the left of OpenOffice.org Write/Web item. Click the + (if may already been open)
3. Select View
4. Find the Display section.
5. Chcek the item Graphics and objects

Note that there is likely a bug in OO 2.3.1, since once you turn the graphics mode on, you cannot turn it off even if you un-check the box.

Time Wasted To Find This Solution

I was looking for this option all over the menus and other places and Googling "Graphics mode on OpenOffice" would not find any article. It took approximately 30-40 minutes to finally found where this check box was hidden.

VS 2005 ASP.NET GridView Give "Failed to enable constraints. One or more rows contain values violating non-null, unique,.." Error

Note: There is a later post on this: http://devnote.stokemaster.com/search?q=enable+constraints Please read that first.

Symptom:

You created a web page with a GridView using a DataSet designer. You had a simple or a bit more complex joins in the table. Then one day, it stops working with an exception of:

"Failed to enable constraints. One or more rows contain values violating non-null, unique..." error.

You do know the target schema changed so you tried to re-configure the query but you still get the same error after re-compiling the dataset and associated DataAdapter.


My Root Cause:

This has happened in my case where the database schema changed drastically. After investigating the automatically generated code the failure occurs when filling the DataTable.

It also happend again much later when someone has changed the Field Size of a column too.

This meant that the the Query worked OK, but the DataTable did not get the necessary schema change.

What Fixed It:

Unfortunately I had to get rid of the entire DataAdapter associated with the query, rebuild the DataSet and then re-bind (re-cofnigure) the ObjectDataSource that binds to the GridView. The key here is that just configuring the query in the DataSet is not good enough, because the associated DataTable does not get the change of the schema and it will exception when the returned row set gets filled in.

Time Wasted:

I was at it for about two hours.

Microsoft SQL 2005 Mirroring with No Domain (Hint Only)

Problem

Micorosft SQL 2005 provides database mirroring with automated fail-over (if you are using a witness server). This is really a great feature and I use it quite a bit at work. But sometimes we don't have a domain controller.

Can we do Mirroring without a domain controller?

Solution (Hint):

Yes you can! You can use the Certificates authentication. This is described in the MSDN article entitled.

How to: Allow Database Mirroring to Use Certificates for Outbound Connections (Transact-SQL)

at this URL http://msdn2.microsoft.com/en-us/library/ms186384.aspx

You can also find this information on SQL Books Online (BOL) on your SQL Server Management Studio at the local URL of ms-help://MS.SQLCC.v9/MS.SQLSVR.v9.en/udb9/html/49239d02-964e-47c0-9b7f-2b539151ee1b.htm (To type in this URL, bring up the Index part of the help manual browser where you will see the URL field.)

We were able to get this configuration up and running, but there were two things that we ran into that stumbled us a bit.

• Initially the clocks of two machines were quite a bit off. This causes a havoc with certificates.
• Even though we did not have to rely on the Domain Controller, we still had to add the Fully Qualified Domain Name (FQDN) of the servers in our DNS server.
  

VoiceMail Attachment Does Not Play on Windows Mobile/Smartphone

Symptom:

You have a voice mail system that can send out .WAV files as email attachments. The attachments play properly on Windows and Mac desktop computers (such as Windows Media Player), but if you try to play it with Windows Mobile or Windows Smartphone editions, you get "Invalid Format" error and the sound does not play.

Issue:

It is very likely that your voice mail system encodes the WAV file requiring a special CODEC. For example, I have a SpeakEasy VoIP service and this service (and great many of other VoiceMail system vendors) encode the WAV file using IMA ADPCM format (i.e., not all the WAV files are coded the same, the most basic one is the PCM, that will and do play on Windows mobile devices out of the box.)

Fix:

Install a third party sound player that can decode and play WAV files in IMA ADPCM format.
One such that I have found so far is PocketPlayer (30 day demo, approximately $20.00 purchase) and it worked fine with the SpeakEasy voice mail attachments. http://conduits.com/download_cabs.asp?product=Pocket+Player+3.51

So far I have not found any specifics from Microsoft web site about how you could provide a CODEC plug-in, in its Media Player. In fact Microsoft does not distribute Windows Media Player for Pocket PCs. That's left up to the device manufacturer. This probably has something to do with giving the manufacturer the ability to cripple some of the features they don't want for their users to have.

ActiveSync 4.5 Support Code 85020006 and 80072f7d

Symptom:

I just updated (in January 2008) my AT&T HTC 8525 phone's Windows Mobile 6 OS. Since then I was not able to sync with my host PC.

I get two errors:

Issue 1: Support Code:85020006
Issue 2: Support Code:80072f7d

Fixes:

Note that this involves registry changes so be careful with it.

Issue 1 can be fixed by;

• Open ActiveSync
• Choose File->Connection Settings...
• Change "This computer is connected to" to The Internet

After you fix above issue, try the Sync and you may get the second error.

The second one is nastier and requires a registry hacking on your Windows XP PC (i.e., not the phone). I suggest that you save current registry settings before you do this.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services]
"AllowLSP"=dword:00000000

This site has the registry file that you can double click and modify.

http://www.pocketpcfaq.com/faqs/activesync/LSPvalue.reg

This disables the Layered Service Provider (LSP) that use the Windows TCP/IP stack. But by doing this, you are going to forfeit the support rights from Microsoft.

After doing above two things, all the issues were resolved for me.

Time Saved:

This can save you at least 1 hour of hunting. These are not described in Microsoft web sites clearly.

DotNetNuke No Image on Newsletter Issue Fix Found

This is the issue that has been bugging me for a few years, but finally there is a working solution.

Symptom:

So you go to the Newsletter module, incorporate an image or two in the newsletter using the "image" tool that comes with the default editor (FTB Editor). Much to dismay, the images do not show up in email.

Cause:

DotNetNuke had this nasty URL rewrite stuff built into it that if an URL is local to the installed directory of DotNetNuke, it will strip the root URL. This will work for contents that are within the site, but in email it won't work.

Fix:

I have discovered this on DNN 4.8.0, but I think somewhere around DNN 4.5 or later this change was made. Unfortunately if you are using a much older version of DNN, there is not much hope except for working this around with domain remapping technique, also provided in this article.

Steps:

1. Go to the Newsletters Module, just as if you are writing a new newsltter
2. Under the bottom of the editor panel, you should see "Show Custom Editor Options." Click that.
3. A configuration dialog box will pop up. If it does not, check your pop-up blocker and try again.
   
4. Under the Settings Type, select Module
5. Click the + for "Other editor options"
6. Check mark the"Full image path" option.
7. Scroll down and select the pull down menu for Apply Custom settings to "Module" then click the Apply link.
   

Workaround for Older DNN Sites

The URL rewrite stuff does not apply to the URLs that do not match what's in the Portal Alias, so what I used to do was to map another domain on top of the existing domain and then I would go into the HTML and change the root domain for all included image URL before sending out the email. For example, for my site StokeMaster.com, I also mapped StokeMaters.com. I would cut the HTML code after editing the newsletter to a text editor on a local machine, do a global replace of StokeMaster.com with StokeMasters.com and re-paste back then send out email. A major extra work, but it does work.

ASP.NET 2 Pop-Up Calendar Field Alternate

Problem:

This is a very common thing we all do. Ask the user to enter a date or a range of dates into a web form. The best way to ensure the format is to use the calendar control that comes with the ASP.NET framework. But these calendar controls are so huge that you'd only want to bring in to the page only when it is needed. There are many solutions offered on various web sites about how this is done.

The problem in most of the solution, at least for me, is that you need to understand or deal with JavaScript to open another window, pass some parameters to it, pass back more parameters and then finally to fill out the main form.

Many of us do not do web programming day in and day out and rather not have to deal with JavaScript (for that matter avoid any programming languages that start with a letter "J"). While he JS technique is definitely more elegant, we can hit the middle ground.

Solution:

One alternate solution that I came up with to take advantage of MultiView control. It is actually quite neat that you can basically create "layers" of panels that they call a View and expose any panel at your will. So for example in my case, I display a grid list of all previous surf stuff orders from past 30 days. When I need to ask for the date range, I have two calendar controls on another view asking for the first and last days, and I will bring that "forward." As soon as the second calendar control (for the last day) is clicked, I can trap the event for the Selected Date Changed, collect the new pair of dates from the controls, bring the view with the data grid again.

It is quite easy to do, just set whichever the view you would like to show in the MultiView control, and I did not touch a line of HTTP source code to do this.

Time Took To Figure Out

Once I've realized this possibility, it took me just about 30 min to confirm that this will work for me.

ASP.NET GridView Prevent Automatic Binding Upon Page Startup

Problem:

I have set up the ObjectDataSource from the Table Adapter using the Visual Studio 2005 in Design Mode. Now the page comes up fine, but I now want to add some query parameter filed, and do not want to show the grid right when the page comes up.

Fix:

There may be many ways of fixing it, but so far this technique is working well for me.

1. Go to the ObjectDataSource's property and switch to the Events view (the lightening bolt icon on top).
   
2. Double click in Selecting event so that the VS will create an event handler.
3. Go to the event handler.

private bool quiversGridEnabled = false;


protected void ObjectDataSourceQuives_Selecting(object sender,
ObjectDataSourceSelectingEventArgs e)
{
if (quiversEnabled == false) e.Cancel = true;
}

At another point in the code, for example, when the button to query a new quiver is pressed then I would set quiversGridEnabled to true, then subsequent calls to Bind() to the Gridview will show the data based on the query.

Time To Find The Solution:

It took about an hour to find out how I'd do this. If there are better and cleaner ways of doing it, be sure to comment on this entry.

SQL 2005 Find Out Who Are Connected

Problem:

I want to provide a list of currently connected SQL clients on my asp.net based web page, like the version of Activity Monitor that comes in the SQL Management Studio.

Solution:

The information are in the following queriable objects. For me, sp_who is good enough as I just need to list who are connected in my application monitor web app.

• exec sp_who
• exec sp_who2
• select * from master..sysprocesses

and finally this is supposed to give you the same list as what you see in the Activity Monitor (I did not try).

DECLARE @CMD VARCHAR(8000) DECLARE @ID int
SET @ID = @@SPID SET @CMD = '
EXEC sp_MSset_current_activity ' + CAST(@id as varchar) + '
SELECT * FROM ##lockinfo' + CAST(@id as varchar) + '
SELECT * FROM ##procinfo' + CAST(@id as varchar)
EXEC (@CMD)

Time Saved:

This information is either too obvious to DBAs or such that query to Google or Live does not provide an immediate answer. Took me about 30 min to finally found out. The keyword to search is "Activity Monitor"

SQL 2005 Mirroring Witness Connection Does Not Estalbish on one node

Symptom

When you've added an Witness Server to the mix, and you start to get the following error message in the Application Log. You are running all of the service under a specific domain user and everything runs but this. The Database Mirroring Monitor shows that Witness Connection is OFF (red X) on only one server.

Event Type: Information
Event Source: MSSQL$XYZ
Event Category: (4)
Event ID: 28048
Date: 11/27/2007
Time: 6:13:38 PM
User: N/A
Computer: SQLServer2
Description:

Database Mirroring login attempt by user 'mydomain\sqlservice.' failed with error: 'Connection handshake failed. The login 'mydomain\sqlservice' does not have CONNECT permission on the endpoint. State 84.'. [CLIENT: 10.1.2.3]

Cause

Root cause is really unknown. Probably a bad sequence of installing and configuring database mirroring. But the immediate cause that can be fixed is that the computer node which you have seen the event log is not granting the Connect permission on the Mirroring endpoint object in the securables for the log in account mentioned.

Fix

This is an issue of the Witness Server unable to establish a connection to the Principal or Mirror Server (whichever is broken). I was able to fix this by;

1. Start the Microsoft SQL Server Management Studio
2. Connect to the database server that has an issue.
3. Go to the Security folder
4. Add the login name that is indicated in the Event Log. In my example MYDOMAIN\sqlservice
5. Select the account you've just added and open its property (i.e., right click it)
6. Select Securables
7. Press Add...
8. Select (leave it selected as) Specific Objects...
9. Perss OK
10. Under Select Objects dialog box press Object Types...
11. Check Endpoints
12. Press Browse...
13. Add [Mirroring] object.
14. Once back in the main property window, check mark Grant

That has fixed it!

Total hours to figure this stuff: 2 hours.

IIS 6 - "Page Cannot Be Found" When Running .NET Pages

Problem

I have downloaded an ASP.NET application, made sure that the directory property is correct, set the Web Application, the documents contain .aspx and application settings are pointing to correct version of .NET framework.

When I point to the page in the application directory, for example "Default.aspx", the browser comes back and says "Page cannot be found" Even though if you put in index.html file there with some simple test HTML in it, it works.

I have tried to re-install .NET framework...

I have even tried to run C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe /i


Cause

In Windows Server 2003, ASP.NET may be turned off by default, even if you have done bunch of other stuff that I have tried.

Solution

Go back to your computer management and open the Internet Information Service node. You will find one last folder in there that is called Web Service Extensions. You will likely to see that ASP.NET v.2.0.50727 (or whatever the latest version) is in Prohibited state.

As soon as you Allow this, then your pages will run without a problem.

This solution also fixes the problem of ASP.NET tab not appearing in the IIS Web Site properties.

Time took: About 3 hours to find this issue. Whey don't they come up by default!

SQL Server Database Mirroing Cannot Establish A Witness

Problem:

I spent about two days on this issue. I could establish a Principal and Mirror pair with the SQL Server 2005, but when an Witness server was added in the mix, the witness could not establish.

I have gotten errors like "Cannot find the server at mirror.xyz.com" and "Alter Database Failed..."

Answer:

You should go through the article on MSDN http://msdn2.microsoft.com/en-us/library/ms189127.aspx to make sure that you did not botch up any other stuff.

The key to this are the following,

• The mirroring operation is very very sensitive to DNS, if there is anything wrong with it, it won't work.
  
• The fact that you can "talk" to the mirror and the principal using all aliases is not a sufficient test. Go to each machine (e.g., the mirror and the witness) involved and make sure that all full and DNS alias names can be resolvable to the (identical) IP address and that you can ping the servers with ALL of the known names. If this does not work then you should "hard wire" all the names and addresses in the local machine's C:\Windows\System32\Drivers\Etc\Hosts file.

What Made This Difficult:

In my specific sitaution, there were couple of DNS aliases for all of the servers, and the host name appeared in all different variety of names while confugiring the mirror. As it turns out that having various names is not actually an issue, but the DNS configuration on the TCP/IP control panel was all slightly different causing one server for not being able to find the server name.

Total Time Saved:

You will save at least one day or more of your time by debugging the DNS first.

.NET DateTime Objects Does Not Compare Correctly

Environment: C#

Symptom:

You have parsed a date time string and made a DateTime object, then you wanted to compare that with current time using DateTime.Now, but it does not work.

DateTime t1 = DateTime.Parse("27 October 2007 10:27");

if (t1 > DateTime.Now) { /* do something */ }

Cause:

The parsed DatTime object has the Kind attribute set to UNKNOWN while DateTime.Now is set to LOCAL. Comparison between the two will not work as expected.

Fix:

There may be other ways of doing this, but here is the one that made my code to work.

DateTime t1 = DateTime.Parse("27 October 2007 10:27");
t1 = DateTime.SpecifyKind(t1, DateTimeKind.Local);
if (t1 > DateTime.Now) { /* do something */ }


Time Wasted:

Took me about 2 hours to figure out what is exactly going on and how to fix it.

Unable to Load DLL Error

Symptom:

You built an application using Visual Stuido 2005, you also have a Platform Invoke code so that your managed code can call unmanaged code stored in your platform invoke DLL, and in order to test it on another machine, you copy the bin/debug folder there. The test machine does not have the Visual Studio 2005.

As soon as you run the program, and when your code calls the platform invoke code the following error message occurs,

Unable to load DLL 'Some.DLL': This application has failed to start because the application configuration is incorrect. Reinstalling the application may fix this problem. (Exception from HRESULT: 0x800736B1)

Possible Cause and Fix:

This article is still being completed. But here is what I have figured out so far:

Apparently, when you build a code that includes a platform invokaction code (i.e., calling a C++ library), there is a run-time (CRT) code to be included, and if you are doing this on a debug code then there are some very complex issues.

There is one person on the web that solved this issue by using the release build. I am going to try that approach.

If that's not what you want, here is a detailed information about this.

http://www.codeproject.com/cpp/vcredists_x86.asp#Troubleshooting

(This article will be updated further as I find the final solution.)

CISCO ASA and Getting Mac/Windows L2TP To Work

Symptom:

You used the VPN Wizard in CISCO ASA's ASDM to create an L2TP configuration, but it does not work.

You look at the ASA Log and it says something to the effect that no acceptable SAs.

What Fixed:

Know that the Mac and PC will connect through the DefaultRAGroup therefore if you are doing a pre-shared key, it must be set right there. If you are not going through Phase 1, check that first.

If you are going through the Pase 1 then you are likely that the TRANSPORT mode of IPSec is not included in your Dynamic IPSec policy.

Check the following,

crypto dynamic-map Extranet_dyn_map 20 set transform-set TRANS_ESP_3DES_SHA ESP-AES-256-MD5 ESP-3DES-SHA

Finally if you are using the user account with the ASA itself, then the user password must be encrypted using nt-encrypted keyword. I would just telnet to the ASA and type that in. I am not sure if you are using both the CISCO client and L2TP, both ASA native mode of encryption and the nt encryption are allowed, so I have created a second user name for the purpose of logging on via L2TP.

username bozo password xyzzy nt-encrypted

Total Time To Figure Out This Issue

Approximately 4 hours.

Microsoft IIS SMTP Server Does Not Relay or Send Emails

Symptom:

You've installed the SMTP server (Default SMTP Virtual Server) as a part of the IIS on Microsoft Windows Server 2003, but nothing get relayed.

What Fixed:

The no hosts, including the local ones are by default not being relayed out of the box. You need to go to Default SMTP Virtual Server Properties, go in the Access tab and Press the Relay... button.

You should grant the relay permission to the server or all the IP addresses in your local network.

Total research fix time: About 30 minutes.

CISCO ASA Error construct_ipsec_delete(): No SPI to identify Phase 2 SA!

 This article is the most popular article on this blog as of July 2012.

Another one of those very cryptic CISCO log message. I guess these messages deserve to be cryptic, since my IOS code has a lot of "crypto" all over the place ;-)

Symptom:

When configuring for Site-to-Site VPN network, the IKE negotiation (Phase 1) works but Phase 2 results in a message like

• construct_ipsec_delete(): No SPI to identify Phase 2 SA!

What Fixed It:

It appears that this occurs when there is a significant mismatch in the VPN Tunnel IPSec configuration parameters. IPSec is also know as Phase 2. If you have come this far in your connection then Phase 1, or the IKE step is complete so do not go down the pass of "fixing" the Phase 1, for example, Shared Key mismatch. You are OK there, and focus on fixing this Phase 2 issue.

If you are using like me the ASDM, this information is in VPN->IPSec->IPSec Rules section.

• Be sure that the Network Address and Netmasks of End Points are properly set on both ends. For your end this is found at IPSec->IPSecRules->Traffic Selection. You could also be using Static NAT, so check to make sure that the NAT tables are correct. This is especially important if you are NATTing to external routable addresses to avoid non-routable IP address conflicts (this is a very very advanced topic and I don't even know what I am talking about so if this does not make sense, you do have to go to a CISCO professional for help. I am just a surfer with this job dropped on my lap.)
• Speaking of the NAT, you are likely that you have NATTed your inside address pool to a set of private addresses you have. If that is the case, then you DO have to make a NAT exception. The VPN wiz does that, but if you add another host in the same tunnel then you cannot use the Wiz any more so you'd forget this. Simply look in the NAT on the left control navigation bar and follow other examples in there that are working. I almost always forget this and scratch my heads for about an hour before I realize I have forgotten it (and even blogged about it!) If Phase 1 and 2 go OK but there still is no connection, then check the NAT table. Since there are a lot of people like me, they have forgotten the NAT exception too on their end. Be sure to ask them too.
• Be sure that PFS (Perfect Forwarding Secrecy) mode are matched on both ends. This is at the bottom of the Tunnel Policy (Crypto Map) - Basic panel.
• Also be sure that the traffic rules and netmasks match between two servers identically. If other side is going for 255.255.255.255 on individual IP address than you have do that on your end as well.You cannot use a wider mask on one end even the range includes the address you are accessing. The traffic access lists from both ends must match exactly.
• Now would also be a good time to download a TFTP client (may of them are out there), and backup your config on your local disk. Keep that config in Goodle Drive or somewhere with a descriptive file name (like ASA-5505-120605-AddedBostonOffice.txt) out in the cloud so that you won't lose it.
  

CISCO ASA 5510, 5505 VPN Removing peer from peer table failed, no match! Error

Symptom

When you try to connect CISCO VPN client you get this error in the log and it will not connect.

4 Sep 13 2007 11:05:12 713903 Group = DefaultRAGroup, IP = xxx.xxx.xxx.xxx, Error: Unable to remove PeerTblEntry

3 Sep 13 2007 11:05:12 713902 Group = DefaultRAGroup, IP = xxx.xxx.xxx.xxx, Removing peer from peer table failed, no match!

Possible Cause

This error message is misleading and leads you to beleive there is something really wrong about your configuration.

But it could simply mean that there is a mismatch, miss-spelling or missing entry the Group ID that is configured on the CISCO VPN client and the Group ID on the Tunnel Group setting.

I guess that the ASA is picking up the default group policy as it is not finding the correct one.

Solution

Check under the tunnel group in your running configuration.

tunnel-group type ipsec-ra

Go to the CISCO VPN client, go to the Authentication tab and the Name field must match what you used in

Windows .NET Service Program Does Not Fire Timer

Scenario:

• You started to write a Windows Service using C# and Visual Studio 2005.
• You dragged a Timer object into the service component's design surface.
• You wrote a Timer handler object.
• Timer never fires.

Solutions:

The fact that VS 2005 allows you to drag the timer (or other objects) is very misleanding. It actually never works because timer event will never be fired. In theory they (Visual Studio) should not allow you to do that. (I swear it worked in 2003 but that's the past.)

There are numerous postings, messages and such all over the places on this. It took me half a day to figure this out.

But the reason why the timer event does not fire is because under the Service execution model, it does have a "message pump" executing like in windows desktop apps.

The only way that I know it works is to use System.Threading object, launch a thread and then you block the thread by N milliseconds using the sleep function within the thread to achive the same result.

If you want an example of this, I can elaborate here. Just write a comment.

Windows .NET Programmatically Configure Network Interface with C#

Problem: I want to write a C# program that will configure IP address(es).

Why this is useful?

You may have one server and a backup server (say a web server) and you would want to write a program to automatically move the second IP address of an interface from the master to the backup server.

Solutions:

This article on Code Project gives seems to be right on http://www.codeproject.com/cs/system/cstcpipwmi.asp

Also helpful is to look at MSDN on the Network Adapter Configuration win32 class page.

http://msdn2.microsoft.com/en-us/library/aa394217.aspx

You would access each of the item in this Win32 class by named array index into the
ManagementObjectCollection object using the member name exactly spelled out.

e.g., string description = objeMO["Description"];

MacOS: Automatically Mounting Network Drive on Mac With or Without Automator

Ever since I put my LaCie ED Mini Network Attached Storage (NAS) on the network, I had to manually mount the ED Mini every time I rebooted the computer. This was very inconvenient, as you go to the Finder and everytime you re-connect you need to type in the password. I have been searching the way to do this easier and finally figured this one out.

One word of caution. Anything you do, password string will be included.

The easiest way to do this, but not secure as password is out in clear text is to do this,

Go to Connect To Server on Finder and punch in your NAS's IP address. In my example I am using 192.168.1.10, it will obviously be different at your home. Suppose your user name is many and password of zyzzx and my Apple file share is called ED_mini then the syntax is,

afp://manny:zyzzx@192.168.1.10/ED_mini

May be a bit more secure way to do this is to use Automator and then create an Application and include the following Apple Script.

on run {input, parameters}

mount volume "afp://manny:zyzzx@192.168.1.10/ED_mini"

return input
end run

1. Open the automator
2. Select the Automator from the Library menu
3. Drag Run Apple Script to the workspace on the right.
4. You will see the spot to(* Your script goes here *) repalce that with the connection script of mount volume "afp://manny:zyzzx@192.168.1.10/ED_mini"
5. Test the script and save as an Application. Close automator.

Fix: LaCie ED Mini Web Interface Stops Working

Symptom:

After running the LaCie ED Mini and try to access the Web Admin interface, you might get the following message.

/www/cgi-bin/public/sharelist: line 219: cannot create temp file for here document: No space left on device
 
© Copyright LaCie 2004   
/www/cgi-bin/public/sharelist: line 246: cannot create temp file for here document: No space left on device

This is due to the log file getting too big.

First clear the log.

http://192.168.0.xxx/cgi-bin/admin/log?do=clearlog

You do need to remember what was your admin password is. This is by default admin.

Above will give the same error, but the log will clear and second time you access LaCie, it will work.

Don't call LaCie for support. They will give you a firmware, in that case, you will lose all the files on your device.

The fact that this is happening to you mean that the system may be logging a lot of errors. Start checking the log and eliminate root cause.

SQL Server 2005 Cannot Uninstall due to IIsMimeMap

Today I was trying to remove and reinstall an SQL Server 2005 installation from one of my servers. This resulted in the following error

The setup failed to read IIsMimeMap table. The error code is -2147024893

I did some search on the net and this MSDN Post had the answer.

The main cause of this is that there is some interaction with the IIS with the Reporting Service in the SQL server 2005 installation.

It is actually easy to work around this issue.

• Go to the service control panel.
• Find IIS Administrator
• Disable the service and stop it.
• Uninstall the SQL 2005 (by now the only remenant is the uninstalled Reporting service).

That will work.

How to Clear Voicemail Message Waiting Icon on Cingular/ATT

It is really annoying when there actually is no message on the voice mail but the message waiting indicator continue to be on.

This usually is not a problem for those who get a lot of messages, but I hardly get a voice mail message (goes to say I am really so good at managing people, or I am really unpopular... who cares! Well, actually I get most of my messaging via email.)

But if this ever happens remember;

Don't call "Cingular and now AT&T!" to have this fixed. I tried Actually they cannot or will not reset this from their end.

But there is an easy 2-minute solution to this. Just leave a message on your cell phone yourself from another phone and listen to it from the cell phone. That will make it go away.

XCOPY incompatible with NTFS Mount Points

Well it is bizarre and the final answer may be elsewhere, and it may even be specific to our iSCSI SAN configuration etc.

But you might run into the same situation as I have.

We wanted to copy the entire directory and files underneath it from one place in a file system (say a network share) to under a mount point directory (say C:\lotsofiles) in hosted by an iSCSI SAN, and to do so, I used XCOPY commands.

What happens next, when you do this is that XCOPY ignores the mount point and happily copy files to the drive. We saw the C: drive's space directly. As soon as XCOPY starts to run, it will cause some error and ISCSI volumes are no longer bound!

This issue does not occur, for example if you drag and drop files using the Explorer, use COPY command or do a deep copy using cp.exe in the UnxUtils package. So I know it is very specific to XCOPY

SQL Server 2005 Management Studio Slow to Come Up

You may have run into the situation in which the SQL Server Management Studio is extremely slow to come up on some (but not all) servers on your network.

David Tan posted a very great message on the MSDN Forum about this. But essentially the cause of this is that the Management Studio is trying to access the (digital) Certificate Revocation List crl.microsoft.com at Microsoft at start up, and if the server happens to be behind a firewall or no-Internet then it has to wait for the timeout.

If this server must sit behind the firewall without any chance to get out to the Internet (like inside the hospital network, or a QA test lab) then the one way to work around this is to configure the firewall so that it will immediately reject the connection when it sees the URL to crl.microsoft.com

UPDATE: (6/19/2010): More direct answer by Microsoft on this: http://support.microsoft.com/kb/555686 is to essentially to turn off the Online MSDN Books feature and also to turn off CRL Lookup from the Internet Explorer altogether.

Here is a cheap cheat if we have a web server in the same local network (only do this if your system always has no hope of getting out to the Internet, and you already made an enemy with your IT department).

Under your system32 directory there is drivers\etc directory. Edit the hosts file in there so that crl.microsoft.com points to a running web server.

SharePoint Server 3.0 Gives Error 500 After Changing Domain Password

I have a SharePoint 3.0 server.

Today I changed the domain user password.

I am logging in from a WORKGROUP (i.e., non domain) computer.

Then it gives error 500 and does not proceed to give me a login prompt to supply the new password! Now there is no way to log in.

Ironically, if I test this with Firefox 2.0 I can get the login prompt!

So here is the fix.

It is breaking because your IE is sending an incorrect credentials to SharePoint 3.0, and the reason is because the server is (most likely) in your Internet and the IE, knowing the trusted site, it sends out incorrect credentials. When this happens though, it is crashing the SharePoint 3.0.

To get around this issue, change the Security level of the SharePoint 3.0 server to the default Internet level, then the login prompt should show up.

Java Technology? Why people still bother with it?

Another frustrating part of day with figuring out why Java app does not work on my computer at work.

Please do know that I use Mac most of the time for my own use so this is not really me just talking from the Windows standpoint.

But my Java experience has been nothing but trouble, and there has hardly been any time when a Java technology based stuff worked well. I really feel that the technology is flawed, and wish it had not but here are some examples.

A year or a bit more ago, I was involved in a deployment of a time card system for a company I used to work for. The UI part of this application was implemented in Java. While it is not entirely the Java's fault, this specific deployment was based on an older Java platform, and it only ran on a specific version of the Java implementation. If you happened to install any different (i.e., later) version of it, that time card application stopped to work. A significant my own time was wasted to go through bunch of users who has compromised the Java version by "mistakenly" installing newer Java. It seemed to me that the Java lacked any backward-compatibility architecture, for example, running different versions side-by-side.

Later on in another company we bought an advanced firewall appliance and it came with a Java based "friendly" GUI software. I was excited to know that "Great, I can use this both on my Mac and PC." So I load this on my Mac and it says, "This program only run best on Windows." In fact it actually runs on Mac, but it does not work very well at all. They were not kidding.

But then what occurs to these people who develop this kind of tool to write something on Java but then make it only runs on Windows? In my opinion, I don't think it is really the developer's fault. The supporting Java platform should have been designed so that it would work on all latest Java supported platforms. I think that Java failed us again.

Today, I was playing with a remote management (i.e., remote screen) capability on a certain Windows server we bought. I was testing this on Windows. And what happens? The entire Java environment freezes up.

I am hoping that there will either be a significant improvement in Java, or hope someone would come up with the cross-platform environment that works on just about any.

The about the only thing that comes close to it seems to be the Flash. I cannot ever recall I had ANY time that a You Tube video did not play on all sorts of browsers both on my Mac and Windows. It seems to deal with visioning issues and such and it never gets in my way like Java does.

Calling Unmanaged C++ from C#. DLL Won't Register?

I just wasted about 2-3 hours of my time because my assumption was wrong, and as it turns out that this problem is fairly common, but nobody cannot quite explain it.

I had to write a DLL so that you can call it from C#. There still are some things that is easier done in C++, especially when it comes to dealing with the drivers and I/O directly. Or you simply have someone else's DLL or Win32 DLL etc. you need to call from your C# (VB.NET).

The Problem,

You think you should add the DLL as a Reference in the same manner as other C# assemblies. So you do that then the system complains

A reference to "C\blah\blah\blah\younameit.DLL" could not be accessible. Please make sure that the file is accessible, a valid assemply or COM component.

The Bad Assumption

I thought that I add the reference to any DLLs that I access in my C# project.

The Correct Way

It is not necessary to reference the DLL. That reference is made in your Plaforom Invoke code. If this had not made sense, you should read up on System.Runtime.InteropServices

System.Net.Mail.SmtpClient How To Send User Name and Password?

In my line of stuff I do, I often need to send automated email messages from both my web and desktop (or service) applications.

On .NET 2.0 framework there is now a new namespace called System.Net.Mail, so we should all take advantage of it. So I started to work on it. One problem; most of SMTP servers we deal with require some type of credentials.

If you look at the MSDN docs for the SMTP class, the MSDN's description and example of how to do this is really poor in the document. I would say that 99% of the time, we just want to send a user name and password along with the SMTP traffic, and do not need to rely on default user credentials in the CredentialsCache. It took me a bit of efforts to find how to do this, but it is actually simple. Make sure to include the following namespaces first.

The following example also shows how I am using the Properties object to pull the Application configuration file information. Since SMTP config is something that needs change from time to time, it is best to store the information in a configuration file. The only sticky issue is of course, the password saved in plain text, but in my case it is a closed application so this isn't an issue for me, and even if that leaks, it is not an immediate threat.

using System.Net.Mail;
using System.Net;
using System.Security.Principal;


private void SendEmail(string subject, string body)
{
string smtpServer = Properties.Settings.Default.SMTPServerBlankIfDontWantEmail;
if ((smtpServer == null) (smtpServer == "")) return;
try
{
MailMessage msg = new MailMessage();
msg.To.Add(new MailAddress (Properties.Settings.Default.EmailTo));
msg.From =(new MailAddress(Properties.Settings.Default.EmailFrom));
msg.Body = body;
SmtpClient c = new SmtpClient(Properties.Settings.Default.SMTPServerBlankIfDontWantEmail,
Properties.Settings.Default.SMTPPort);
string token = "mmonitor";

c.Credentials = new NetworkCredential
(Properties.Settings.Default.SMTPUserName,
Properties.Settings.Default.SMTPPassword);

// c.SendAsync(msg, token); // Don't hang the rest of the stuff is SMTP hangs.
c.Send(msg);
this.toolStripStatusLabel2.Text = "Sent email";
}
catch (System.Exception ex)
{
this.toolStripStatusLabel2.Text = ex.Message;
}
}

SQLExpress Logs Too Many "Starting up Database" Message

I wrote an application that uses SQLExpress to save some data transfer information. It puts an entry every several minutes. When I checked the Application Log, I got tons of message that said "Starting up Database " which is Event ID: 17137.

I researched this and the reason why the SQL Express does this is to conserve resource by making database "Auto Close" by default. In my case, I constantly use this database and also a remote application status display pulls the data to report the progress, it would not make much sense for the database to close so quickly.

The way to turn the message off is to disable "Auto Close"mode, and where you do that is in the Database's property (use SQL Server Management Express). You will find the Options node and the Auto Close is pretty much at the top of the list of options you can turn "false".

Running SQL 2000-5 on A Domain Controller - No!

We all want to save money. We would rather not have to have many computers in our offices. Buying a server is one thing but cost of the ownership to keep and maintain the box is yet anotehr.

At any rate, this question comes up fairly often because of that: "Can you run a SQL Server 2005 on a Domain Controller". The Microsoft's answer is basically NO but do it at your own risk (link).

The issues stem from basically how the SQL Service starts up in what security role.

Some key points of the reasons why they are against are;

• You cannot promote (dcpromo) or demote the domain controller's role after SQL runs. This basically means that you need to set up the DC and its role first before slapping on the SQL.
• SQL service must run on a domain acount and not on a local machine's system account or Network account.

SQL Server 2005 Express Remote Connection Setup on Workgroup XP

Here are some of the steps needed for me to get connected from a remote workstation to an instanse of SQL Express on another XP computer. These stpes also applies when you are connecting to the databse using the ODBC SQL driver.

1. Firewall - To eliminate the possibility of a firewall getting in the way, first test everything without it. Then enable. GO to the bottom of this post and there will be additional info on how to make an exception to the firewall for SQL Express.
2. If using SQL Authentication, this is not enabled. Download the SQL Server Management Express then right click on the server and enable Mixed mode authentication. Otherwise you get a "security error"
3. It is best if the server is registered under DNS or ActiveDirectory, but if that is not the case then runt the SQL Server Configuration Manager and activate the SQL Server Browser. You need to Enable this service.
4. KEY TO THE BIG BIG MISTERY: The default SQL Express installation REQUIRES that the SQLBROWSER be enabled on the Windows Firewall (not just allowing Port 1433 if you came from out-of-the-box isntall with SQL 2000). The standard location for this is at C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe Make sure to set an Application Exception in the Windows Firewall even if you are accessing it locally!
5. Also while you are at it, make sure that TCP/IP protocols are all enabled as below.

This was taken from Microsoft Web Site http://download.microsoft.com/download/f/1/0/f10c4f60-630e-4153-bd53-c3010e4c513b/ReadmeSQLEXP2005.htm

To enable TCP/IP:From the Start menu, choose All Programs, point to Microsoft SQL Server 2005, point to Configuration Tools, and then click SQL Server Configuration Manager. Optionally, you can open Computer Manager by right-clicking My Computer and choosing Manage.

In Computer Management, expand Services and Applications, expand SQL Server Configuration Manager.Expand SQL Server 2005 Network Configuration, and then click Protocols for InstanceName.In the list of protocols, right-click the protocol you want to enable, and then click Enable.

The icon for the protocol will change to show that the protocol is enabled.To enable the firewall:Click Start, click Control Panel, and then click Network Connections.From the navigation bar on the left, click Change Windows Firewall settings.On the Exceptions tab, in the Programs and Services box, you will probably see that SQL Server is listed, but not selected as an exception. If you select the check box, Windows will open the 1433 port to let in TCP requests.

Alternatively, if you do not see SQL Server listed, do the following:Click Add Program.Click Browse.Navigate to drive:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\BINNAdd the file sqlservr.exe to the list of exceptions.

If using SQL Authentication, this is not enabled. Download the SQL Server Management Express then right click on the server and enable Mixed mode authentication. Otherwise you get a "security error"

It is best if the server is registered under DNS or ActiveDirectory, but if that is not the case then runt the SQL Server Configuration Manager and activate the SQL Server Browser. You need to Enable this service.

Also while you are at it, make sure that TCP/IP protocols are all enabled.

WinOBJ - Lists Device Driver and OS Stuff

I used WinOBJ to look at some detailed information about hte device drivers installed on my XP machine, specifically I had to look up if a medicum changer was installed and under what device name it is installed so that I can issue a changer device IOCTRL.