HP ILO 100 KVM Invalid username/password Error

Symptom

You have an HP DL Series server such as DL150. You did purchase and installed the KVM license key, it did work for some time but now whenever you connect you get

"Invalid username/password. You have been disconnected"

Cause


Something has gone wild in the ILO Flash memory.


Fix

ssh as an admin into the ILO interface. For most cases you should use putty program which is free and downloadable.

Then type in the following commands:

show map1 license

(just to play it safe and copy and paste this into a suitable text file on your computer)

reset map1 license

Session will then hang.

Log back into the web utility and the KVM feature should now work.

Originally Appeared on: http://forums13.itrc.hp.com/service/forums/questionanswer.do?admit=109447627+1275318554605+28353475&threadId=1404325

IMAP Problem with iPhone or iPOD for Google App

Symptom:

You are hosting your domain with Google App and allowing people to get emails via IMAP.

You get a complaint from a user stating that:

• They can read their email on the web
• They cannot suddenly access their email on iPhones even though IMAP and POP are enabled in their profile.
• May get "Cannot Connect Using SSL" message.

Possible Root Cause:

• Google has disabled IMAP (and POP) access probably due to some security issues such as repeated IMAP access with incorrect password.
• If this is the cause you won't be able to access your Google App email via IMAP or POP either, but most iPhone users don't realize this is happening since they may never use IMAP or POP clients on their home computers.

Fix:

• Try doing "reset Captcha" and this should re-enable IMAP or POP thereby allow the access from iPhone or iPod Touch

To do this, use the following url by replacing with your own domain.

https://www.google.com/a/yourdomain.com/UnlockCaptcha

Communicating with Busy People

Symptom:

You email someone or leave a message and the person blows you off often.

Solution:

I have been on both sides of the fence, more recently on the busy person's side. As a software developer you do need to communicate with people, and often engineering types neglect the understanding of the aspect of psychology and emotions involved in human communications. Dealing with busy people, especially communicating with them effectively, requires some "soft" understanding skills of human behavior. So here I am sharing some of the things that I discovered that is working for me.

Here I am talking about truly busy people. If you ask most people in work situations, most people say they are busy but they are actually not that busy. In fact, most people who say that they are busy tend to be not busy and really busy people are too busy to mention that they are busy. Get it? It takes years of personal training to be truly busy, on demand from people and on a mission to improve whatever you are doing! It requires both focusing and time management skills. But I digress, I will write more about that later on.

Now consider this typical scenario:

• You send out a email to someone, say your manager asking a question. You have written 70 to 100 lines explaining everything she needs to know in a great detail so that she does not have to ask for more information.
• You feel that you have done everything right and wrote a courteous and detailed message. You also feel that you have chosen email as a courtesy as you know the person is really busy.
• You get no response, not even an acknowledgement. Now you feel that she is a jerk.

Sounds familiar, right?

Now consider you are at the other end of the fence receiving this lengthy email message just a time you are ready to go to another 2-hour customer meeting.

From the recipient side the following thing comes to mind:

• "Gosh, another lengthy email from a colleague. I need to read it and understand what I need to do."
• First reaction, "Oh shit, another work to do on my list of things to do."
• But then she feels; "I know he is a hard worker and he means well, I don't want hurt his feeling."
• So, she decides: "I will respond to him when the meeting is over." (fat chance!)

And as she get out of that meeting, and try to hit a restroom on the way to another meeting, 2-3 people stop her on the way and asks. "I need to see you..." "Where is...." By the time she ends the second meeting, another 5 email messages are also waiting in her in-box some of them are from a potential customer that she needs to give the top priority to. By the end of the day, she has totally forgotten about your email she got in the morning. It has scrolled off the visible part of her Outlook or Gmail window. (Side Note: I used to have a co-worker who would ambush me at the bathroom exit. Her cube was on the way from my cube to the bathroom. As I went she senses, wait for 3 minutes and then stands by the door to get a hold of me. This worked for her, she got a lot of my attention, and she had a courtesy for not catching me on the other direction, that would made me mad!)

Now you know the both sides of the equation. There is a few things to note.

• You have actually succeeded in reaching out to her by sending an email just before she went into a long meeting. Actually this timing plays a role in an effective communication.
• You did not know but you also acted like a jerk for sending a lengthy message, leaving her to interpret the email.
  
• You did not know what she thought about you when she opened the email. She actually did appreciate the work you put in, but then she felt like "how can I make this person more independent."
  
• You did not even know that she did not want to hurt your feelings. (This is actually very important psychology that you need to swallow.)
• You have made a request to her and that you have added extra work for her to do, one of them is to interpret this lengthy email.
• She is probably more motivated to this customer meeting than your email.
• She knows you so she is implicitly permitted to blow you off but not the customer. Not correct way of thinking but that's how it works.

Finally Some Tips:

Now that I have laid out the background, giving the tips is actually quite easy.

• Write shorter messages and more often (but not too often). These days "chat" style of emailing is quite acceptable. My emails messages are usually not longer than 140 characters in length and for more info, I create a shared document and put a URL to it. I find it a bit of challenge in cramming in all the info in that space.
  
• Earlier part of the message, especially the Subject line of email is the most important part of the message.
• Do not compose a message that give a lot of work or interpretation on the recipient's part. As much as possible write a message saying exactly one thing she needs to do.
• Yes, one thing at at time! Never ever put more than one request in a message. Send a separate message at the right timing for the second stuff.
• If the action will benefit ultimately in her reputation or pay include that info too. It is mostly all about the motivation that drive people to do things.
  
• To this effect, I often use "Call For Action" keywords in the Subject line. In fact many of my email messages are complete message crammed in the subject line like: "Sarah: Sign the Check for ACME today." "Mike: Let's do Lunch Today at 12:00?" This way the recipient knows email is TO them and know exactly what to do. The message is right in front of email list and no need to open it, and action is right in the subject too. The message stands out clearly and talking to the person what needs to be done. To study Call For Action style communications, I recommend you read Google AdWords advise. Yes, basically you want a one click action and response from your recipient out of 100s of competing emails in her box!
• If it involves emotional discussions or expressions (for example, you are angry or concerned), do not write email. Call and leave a voicemail message. Voice can convey your emotions.
• Know that most other people may not manage their email box or voicemail box as well as you do. Emails are lost, buried or simply not looked at.

Some Tips on Motivation

I used to get mad when my boss sent me a request and I responded I got an instant response from the boss but he blew off most of my messages I sent earlier, and that comes down to the part of understanding the motivation.

When someone send you a message, the person is motivated, and motivated about the subject matter at the time.

This is actually a big opportunity to get a time slot from the person who send you the message. But remember that you are dealing with a busy person so the person's motivation changes very quickly and moves on to something else in a few minutes.

One strategy that works is this. When you get an email message, do not respond to that topic, but write another (short) message about what you want the other person to do (most). What this does is that the recipient in now in a motivated state to communicate with you and you can ride on that bandwidth. Don't do that too much but it often works. You also get pretty much one chance to do this.

In Summary

• Busy people are exactly that, they do not have time, so don't expect to get more time out of them.
• Busy people think the best way to deal with some things are to just leave them undone and not responding since by a response this will cause more work and responsibility to them.
• Emotions, Behaviors, and Motivations play a key role in the dynamics of human communications. This is where your the courtesy protocol that your parent taught you breaks down leaving you feeling like an neglected idiot. Of course you are not.
  
• Always communicate in short and exactly down to the point method of messaging often including "call for action" style messages. Do not write any more than 2 paragraphs. If there is more information, attach it as a file or point to a URL to your own blog or file download page... whatever technology you got.
  
• With emotional topics, use voicemail or better yet, talk directly to the person.
• People have been doing their people thing for at least 20, 30 or 40 years. Fat chance their behavior changes over-night. The best way to get through to people is to understand individual's motivation to me.
• Sometimes it does simply not work. In that case consider abandoning, move to another department, another customer, or another job.
• Finally, swallow the fact that neglecting is not personal, but people are simply just stretched to the max and do not have time. It is even be thought of as a friendly gesture not to hurt your feelings and an indication of trust that you won't get mad (or at least you won't express it immediately.)
  

JavaScript Note: Towards Building Client-Only App

I am working on a project now where I hope to utilize JavaScript to perform some math calculation in place. Since the project will involve rather complex computation I want to avoid a round-trip to/from a server each time a user changes a value in a table cell. It would be nice the results are computed right in the browser.

I am actually new to JavaScript and up to this point I did pretty much everything on the server side, mainly using ASP.NET That's great but now AJAX and real-time (looking) page updates are quite a norm. So I am going to jot down some of the stuff that I need to pick up on this page so that I can refer them back.

Example of How JavaScript Form Can Compute and Display Standard Deviations

My first stop was to figure out how to use JavaScript to compute a standard deviation on a form page. This site contains the equation and a very straight-forward form that does that computation. My app will have significantly more complex equations but basically the idea is the same.

http://www.cs.miami.edu/~burt/learning/Math119/js-ComputeStdDev.html

After looking at this page, I have found out one drawback. All the results are displayed in the text input fields. That's OK but on an industrial-strength type app, you don't want confuse users what's input and what the output, so I need to directly output the result into some text in the page. So how would I do that....?

How To Dynamically Generate Contents or Alter The Page Content To Display Results

This is done through W3C DOM Level 1 Core built into a browser (for example Mozilla). This is described at this page with a lot of examples:

https://developer.mozilla.org/en/Using_the_W3C_DOM_Level_1_Core

OK, so I Now Know How To Dynamically Alter The Page, How Can I "Push" Parameters to Functions or some Raw Data

This is where JavaScript should be able to access a remote Data via Web Service or XML... That'e next on my list of things to research.

Nortel Business Secure Router 222 and CISCO ASA 5500 Series VPN Connection

Symptom:

You would like to connect Nortel Small Business Router 222 to CISCO ASA 5505 or 5510 type device. You were probably not successful for a while (at least for me).

What Worked For Me:

• The major issue for me was to find what types of SA negotiation parameters to choose for the Phase 1. Pretty much this works only with 3DES-SHA1 combo for me. I tried others and won't work.
• Phase 2 appears to have not much problem whatever you choose.
• Also it seems that if you set the IKE->Policies : key lifetime to 86400 on the Nortel side they do not like.

Nortel Side:

• Go to the VPN menu on the left
• Edit or Create a new VPN Entry
• Connection Type: Branch Office
• Check Active
• NAT Transversal enabled
• Key management: IKE
• Negotiation Mode: mAIN
• Encapsulation Mode: Tunnel
• Authentication: Pre-Shared Key
• Local ID Type: IP
• Content: The Outside IP address of the Nortel
• Peer ID Type: IP
• Content: The Peer VPN Access point address of CISCO ASA
• My IP Address: The Outside IP address of the Nortel
• Secure Gatway Address: The Peer VPN Access point address of CISCO ASA
• ESP (Selected)
• Go to Advanced Menu
• Enable Replay Detection: Yes
• Phase 1
• Multiple Proposal: Not Checked
• Negotiation Mode: Main
• Encryption Algorithm: 3DES (most important, do not choose anything else)
• Authentication Algorithm: SHA1 (most important, do not choose anything else)
• SA Life Time (seconeds): 24000 (do not choose 86400)
• Key Group DH1 (but make sure that IKE Policies on the CISCO end has this combo)
• Phase 2
• Multiple Proposal: Not Checked
• Active Protocol: ESP
• Encryption Algorithm: ASE 256 (but can be 3DES)
• Authentication Algorithm: SHA1
• SA Life Time (Seconds): 24000 (do not use 86400)
• Encapsulation: Tunnel
• Perfect Forwarding Security: None (very important)

On the CISCO Side (ASDM)

• Go to Configuration
• Open IKE->Policies node and be sure that 3des-sha DH group 1 pre-share authentication is in there. Lifetime(secs) can be left to 86400
• Now use the VPN Wizard to complete the rest.

Snow Leopard Break Fix List

Symptom:

After upgrading Snow Leopard I have started to experience many things that were broken. This lists the issues and fixes if I learn about them.

The List:

• Development environment (gcc, make etc): Requires a re-installation of Xcode that came with the Leopard CD.
• /usr/include/stdarg.h:4:25 Error when building something: Apprently needs OS 10.4 SDK installed and many stuff have to use gcc-4.0 to build. While updating Xcode, be sure to add that optional 10.4! Once you do that do

export CC=/usr/bin/gcc-4.0

In addition removing -arch pcc from the build line and leaving only -arch i386 may get your to build what you want.

• macports: Get the Snow Leopard version from MacPorts web site.
• HP Printer Driver: See my previous post. If you HAD an HP printer then you may need to completely clean the driver software from your Mac.
• CISCO VPN Client 4.9.01: Re-installing will reactive the program.

Snow Leopard and HP LaserJet 3020 Print Pauses After Upgrade

Symptom:

After upgrading to Snow Leopard we were unable to print any longer using our HP LaserJet 3020 (All in One). The Event Log in the Printer Queue said:

/usr/libexec/cups/backend/usb failed"

When we opened the Terminal and type in a command

/usr/libexec/cups/backend/usb

We saw the following error message:

"Unable to load class driver "/Library/Printers/hp/hpio/HPIOPrinterClassDriver.plugin": No such file or directory"

We Tried To Fix with the Following But Nothing Worked:

• Got the latest 6.0.1 Driver for HP is at http://support.apple.com/downloads/#macosx106
• Check: http://localhost:631/ which is the local CUPS driver admin page.

Solution:

First, from the System Preferences (i.e., control panel) "Printers and Faxes" remove the malfunctioning printer queue for the LaserJet.

Next, Completely Cleanup Driver by doing the following. Please note that this requires a system administration privilege and so I am not going to explain how that is done. If you do not know how to do a "sudo" then you should not do this. Please ask for an assistance from any Unix or Mac OS X knowledgeable person. I suggest that you use Time Machine to get at least one backup of current operating environment.

rm -rf /Library/Application Support/hp folder
rm -rf /Library/Frameworks/HPDeviceModel.framework
rm -rf /Library/Frameworks/HPPml.framework
rm -rf /Library/Frameworks/HPServicesInterface.framework
rm -rf /Library/Frameworks/HPSmartPrint.framework
rm -rf /Library/LaunchAgents/com.hp.launchurlagent.plist
rm -rf /Library/Printers/hp folder
rm -rf /Library/Printers/PPDs/Contents/Resources/hp*.gz
rm -rf /System/Library/Extensions/hp_io_printerclassdriver_enabler.kext

This have completely cleaned up all the HP printer data.

Reboot the system.

Go back to the Printer and Faxes control panel and this time the System will load the latest printer driver from the Internet after you add the printer queue for the Laser Jet, and you should be all set to go.

ERROR: Cannot use the special principal 'sa'. Microsoft SQL Server, Error: 15405

As of May 2012 This is The Most Popular Post For People To Come To This Blog.
People must be having this issue all over the world!

Symptom:

You tried to create or alter a table column (or likewise attributes in a table) with Microsoft SQL Server Management Studio and get the following error.

ERROR: Cannot use the special principal 'sa'. Microsoft SQL Server, Error: 15405

You can get into the SQL server with 'sa' in Mixed Mode authentication. You have even given the sa permissions to all of the databases.

Root Cause:

The database ownership is still not correct when you restored or re-attached database. This happens for example, if you restore a database using an integrated authentication account.


Try This Fix:

Open the SQL Query windows in the Microsoft SQL Server Management Studio, and try something that resemble below by changing. TheNameOfYourDatabase to the database you are using. Do this with every database that you have that you need the 'sa' access. This will change the owner of the database to the account you designate.

use TheNameOfYourDatabase
exec sp_changedbowner 'sa', 'true'

System.Data.ConstraintException: Failed to enable constraints. One or more rows contain values violating non-null, unique, or foreign-key constraints.

I occasionally have a problem when trying to use TableAdapter

System.Data.ConstraintException: Failed to enable constraints. One or more rows contain values violating non-null, unique, or foreign-key constraints.

In my case this happened because we did not include any of the primary keys in table joins.

My Solution:

You may want to try this using your DataSet Designer.

1. Open the dataset designer
2. Go to the TableAdapter in question
3. Find where the primary key is set
4. Right click over and select Primary Key menu
5. Change the key to something else that make more sense

Simple Way to Encrpt and Decrypt Short Text in Python

Some Basic Way of Encrypting and Decrypting Text in Python

I was looking for some basic code in Python to encrypt and decrypt short text, for example, to store SQL passwords and such in configuration file or embed them within in scripts. So far I have not found a Python native way of doing this easily (most likely I am missing something and you ought to let me know). Also there are also some commercial libraries like CHILCAT that can do this using asymmetric stuff like AES and such, but I just want to hid obvious from plain public view (i.e., the local IT security people who'd scan all directories for passwords for holes) to prevent some robotic file scanners to collect such info.

I found the following code on the internet, but when I ran it under Python 2.6.2 it gave me a lot of errors, mainly due to the SHA library deprecated and moved into haslib. I made the corrections so here it is.

# Author: Paul Rubin, Fort GNOX Cryptography, .
# Algorithmic advice from David Wagner, Richard Parker, Bryan
# Olson, and Paul Crowley on sci.crypt is gratefully acknowledged.

# Copyright 2002,2003 by Paul Rubin
# Copying license: same as Python 2.3 license
# Modified 19 July 2009 by Manabu Tokunaga for Python 2.6.2

# Please include this revision number in any bug reports: $Revision: 1.2 $.

from string import join
from array import array
#import sha
import hashlib
from time import time

class CryptError(Exception): pass
def _hash(str): return hashlib.sha224(str).digest()

_ivlen = 16
_maclen = 8
_state = _hash(`time()`)
# Author: Paul Rubin, Fort GNOX Cryptography, .
# Algorithmic advice from David Wagner, Richard Parker, Bryan
# Olson, and Paul Crowley on sci.crypt is gratefully acknowledged.

# Copyright 2002,2003 by Paul Rubin
# Copying license: same as Python 2.3 license
# Modified 19 July 2009 by Manabu Tokunaga for Python 2.6.2

# Please include this revision number in any bug reports: $Revision: 1.2 $.

from string import join
from array import array
#import sha
import hashlib
from time import time

class CryptError(Exception): pass
def _hash(str): return hashlib.sha224(str).digest()

_ivlen = 16
_maclen = 8
_state = _hash(`time()`)

try:
import os
_pid = `os.getpid()`
except ImportError, AttributeError:
_pid = ''

def _expand_key(key, clen):
blocks = (clen+19)/20
xkey=[]
seed=key
for i in xrange(blocks):
seed=hashlib.sha224(key+seed).digest()
xkey.append(seed)
j = join(xkey,'')
return array ('L', j)

def p3_encrypt(plain,key):
global _state
H = _hash

# change _state BEFORE using it to compute nonce, in case there's
# a thread switch between computing the nonce and folding it into
# the state. This way if two threads compute a nonce from the
# same data, they won't both get the same nonce. (There's still
# a small danger of a duplicate nonce--see below).
_state = 'X'+_state

# Attempt to make nlist unique for each call, so we can get a
# unique nonce. It might be good to include a process ID or
# something, but I don't know if that's portable between OS's.
# Since is based partly on both the key and plaintext, in the
# worst case (encrypting the same plaintext with the same key in
# two separate Python instances at the same time), you might get
# identical ciphertexts for the identical plaintexts, which would
# be a security failure in some applications. Be careful.
nlist = [`time()`, _pid, _state, `len(plain)`,plain, key]
nonce = H(join(nlist,','))[:_ivlen]
_state = H('update2'+_state+nonce)
k_enc, k_auth = H('enc'+key+nonce), H('auth'+key+nonce)
n=len(plain) # cipher size not counting IV

stream = array('L', plain+'0000'[n&3:]) # pad to fill 32-bit words
xkey = _expand_key(k_enc, n+4)
for i in xrange(len(stream)):
stream[i] = stream[i] ^ xkey[i]
ct = nonce + stream.tostring()[:n]
auth = _hmac(ct, k_auth)
return ct + auth[:_maclen]

def p3_decrypt(cipher,key):
H = _hash
n=len(cipher)-_ivlen-_maclen # length of ciphertext
if n < 0:
raise CryptError, "invalid ciphertext"
nonce,stream,auth = \
cipher[:_ivlen], cipher[_ivlen:-_maclen]+'0000'[n&3:],cipher[-_maclen:]
k_enc, k_auth = H('enc'+key+nonce), H('auth'+key+nonce)
vauth = _hmac (cipher[:-_maclen], k_auth)[:_maclen]
if auth != vauth:
raise CryptError, "invalid key or ciphertext"

stream = array('L', stream)
xkey = _expand_key (k_enc, n+4)
for i in xrange (len(stream)):
stream[i] = stream[i] ^ xkey[i]
plain = stream.tostring()[:n]
return plain

# RFC 2104 HMAC message authentication code
# This implementation is faster than Python 2.2's hmac.py, and also works in
# old Python versions (at least as old as 1.5.2).
from string import translate
def _hmac_setup():
global _ipad, _opad, _itrans, _otrans
_itrans = array('B',[0]*256)
_otrans = array('B',[0]*256)
for i in xrange(256):
_itrans[i] = i ^ 0x36
_otrans[i] = i ^ 0x5c
_itrans = _itrans.tostring()
_otrans = _otrans.tostring()

_ipad = '\x36'*64
_opad = '\x5c'*64

def _hmac(msg, key):
if len(key)>64:
key=sha.new(key).digest()
ki = (translate(key,_itrans)+_ipad)[:64] # inner
ko = (translate(key,_otrans)+_opad)[:64] # outer
return hashlib.sha224(ko+hashlib.sha224(ki+msg).digest()).digest()

#
# benchmark and unit test
#

def _time_p3(n=1000,len=20):
plain="a"*len
t=time()
for i in xrange(n):
p3_encrypt(plain,"abcdefgh")
dt=time()-t
print "plain p3:", n,len,dt,"sec =",n*len/dt,"bytes/sec"

def _speed():
_time_p3(len=5)
_time_p3()
_time_p3(len=200)
_time_p3(len=2000,n=100)

def _test():
e=p3_encrypt
d=p3_decrypt

plain="test plaintext"
key = "test key"
c1 = e(plain,key)
c2 = e(plain,key)
assert c1!=c2
assert d(c2,key)==plain
assert d(c1,key)==plain
c3 = c2[:20]+chr(1+ord(c2[20]))+c2[21:] # change one ciphertext character

try:
print d(c3,key) # should throw exception
print "auth verification failure"
except CryptError:
pass

try:
print d(c2,'wrong key') # should throw exception
print "test failure"
except CryptError:
pass

_hmac_setup()
_test()
#_speed() # uncomment to run speed test

try:
import os
_pid = `os.getpid()`
except ImportError, AttributeError:
_pid = ''

def _expand_key(key, clen):
blocks = (clen+19)/20
xkey=[]
seed=key
for i in xrange(blocks):
seed=hashlib.sha224(key+seed).digest()
xkey.append(seed)
j = join(xkey,'')
return array ('L', j)

def p3_encrypt(plain,key):
global _state
H = _hash

# change _state BEFORE using it to compute nonce, in case there's
# a thread switch between computing the nonce and folding it into
# the state. This way if two threads compute a nonce from the
# same data, they won't both get the same nonce. (There's still
# a small danger of a duplicate nonce--see below).
_state = 'X'+_state

# Attempt to make nlist unique for each call, so we can get a
# unique nonce. It might be good to include a process ID or
# something, but I don't know if that's portable between OS's.
# Since is based partly on both the key and plaintext, in the
# worst case (encrypting the same plaintext with the same key in
# two separate Python instances at the same time), you might get
# identical ciphertexts for the identical plaintexts, which would
# be a security failure in some applications. Be careful.
nlist = [`time()`, _pid, _state, `len(plain)`,plain, key]
nonce = H(join(nlist,','))[:_ivlen]
_state = H('update2'+_state+nonce)
k_enc, k_auth = H('enc'+key+nonce), H('auth'+key+nonce)
n=len(plain) # cipher size not counting IV

stream = array('L', plain+'0000'[n&3:]) # pad to fill 32-bit words
xkey = _expand_key(k_enc, n+4)
for i in xrange(len(stream)):
stream[i] = stream[i] ^ xkey[i]
ct = nonce + stream.tostring()[:n]
auth = _hmac(ct, k_auth)
return ct + auth[:_maclen]

def p3_decrypt(cipher,key):
H = _hash
n=len(cipher)-_ivlen-_maclen # length of ciphertext
if n < 0:
raise CryptError, "invalid ciphertext"
nonce,stream,auth = \
cipher[:_ivlen], cipher[_ivlen:-_maclen]+'0000'[n&3:],cipher[-_maclen:]
k_enc, k_auth = H('enc'+key+nonce), H('auth'+key+nonce)
vauth = _hmac (cipher[:-_maclen], k_auth)[:_maclen]
if auth != vauth:
raise CryptError, "invalid key or ciphertext"

stream = array('L', stream)
xkey = _expand_key (k_enc, n+4)
for i in xrange (len(stream)):
stream[i] = stream[i] ^ xkey[i]
plain = stream.tostring()[:n]
return plain

# RFC 2104 HMAC message authentication code
# This implementation is faster than Python 2.2's hmac.py, and also works in
# old Python versions (at least as old as 1.5.2).
from string import translate
def _hmac_setup():
global _ipad, _opad, _itrans, _otrans
_itrans = array('B',[0]*256)
_otrans = array('B',[0]*256)
for i in xrange(256):
_itrans[i] = i ^ 0x36
_otrans[i] = i ^ 0x5c
_itrans = _itrans.tostring()
_otrans = _otrans.tostring()

_ipad = '\x36'*64
_opad = '\x5c'*64

def _hmac(msg, key):
if len(key)>64:
key=sha.new(key).digest()
ki = (translate(key,_itrans)+_ipad)[:64] # inner
ko = (translate(key,_otrans)+_opad)[:64] # outer
return hashlib.sha224(ko+hashlib.sha224(ki+msg).digest()).digest()

#
# benchmark and unit test
#

def _time_p3(n=1000,len=20):
plain="a"*len
t=time()
for i in xrange(n):
p3_encrypt(plain,"abcdefgh")
dt=time()-t
print "plain p3:", n,len,dt,"sec =",n*len/dt,"bytes/sec"

def _speed():
_time_p3(len=5)
_time_p3()
_time_p3(len=200)
_time_p3(len=2000,n=100)

def _test():
e=p3_encrypt
d=p3_decrypt

plain="test plaintext"
key = "test key"
c1 = e(plain,key)
c2 = e(plain,key)
assert c1!=c2
assert d(c2,key)==plain
assert d(c1,key)==plain
c3 = c2[:20]+chr(1+ord(c2[20]))+c2[21:] # change one ciphertext character

try:
print d(c3,key) # should throw exception
print "auth verification failure"
except CryptError:
pass

try:
print d(c2,'wrong key') # should throw exception
print "test failure"
except CryptError:
pass

_hmac_setup()
_test()
#_speed() # uncomment to run speed test

Ruby on Rails: "no such file to load sqlite3" when preforming "rake db:create"

Symptom:

You were trying to run the Ruby tutorial and when you do

rake db:create

You get the following error:

rake db:create

(in /Users/StokeMaster/rails/myapp)

rake aborted!

no such file to load -- sqlite3

Fix:

Try this command

sudo gem install sqlite3-ruby

Visual Studio 2005 & 2008: fatal error LNK1104: cannot open file 'LIBC.lib'

Symptom:

You tried to re-build an old Visual Studio 6.0 C or C++ project in Visual Studio 2005 or 2008 and you get the following error:

Fatal error LNK1104: cannot open file 'LIBC.lib'

Root Cause:

LIBC.LIB is no longer supported in the later version of Microsoft Visual Studio product.

Possible Fix:

Use the Multi-Thread-Safe version LIBCMT.LIB instead of LIBC.LIB that may fix.

• Go to the Project property page.
• Go to Linker on the left tree view panel
• Open the Input node
• In the "Additional Dependencies" you will find LIBC.lib, replace that with LIBMT.lib

Rebuild your project.

Mac OS Canon MP Series WiFi Printer Scanner Does Not Scan But Can Print

Symptom:

I have a Canon MP620 WiFi printer and I can print to it but I cannot scan, even though the Canon IJ Network Scan Utility can locate the printer/scanner, and my computer is on the display of the printer itself.

Cause:

In my specific case, if I am connected to a company VPN (CISCO VPN Client), scanner cannot initiate a communication.

Fix:

Try turning off the VPN connection.

Yedda C# Twitter Update Results in 417 Expectation failed error

Symptom:

You are trying to call UpdateAsXML or UpdateAsJSON functions in the Yedda C# Twitter wrapper but when you try that the following response is sent back.

Error: 417 “Expectation Failed.” 

Fix:

Find ExcecutePostCommand() function in the Yedda C# Twitter class. Add the part in red as below.

protected string ExecutePostCommand(string url, string userName, string password, string data) {

WebRequest request = WebRequest.Create(url);

        System.Net.ServicePointManager.Expect100Continue = false;

Machine Behind Firewall Gets: Failed auto update retrieval of third-party root list sequence number

Symptom:

You have a well protected system behind a firewall that won't even get out to the Internet and you get following type of error:

Event Type: Error

Event Source: crypt32

Event Category: None

Event ID: 8

Description:

Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist.

Possible Fix:

Appears that it is lacking the Intermediate CA Certification.

Add a cert manually  from: http://www.verisign.com/support/verisign-intermediate-ca/secure-site-pro-intermediate/index.html

Simple Regular Expressions Simple Wild Card Search

Symptom:

The surf condition is great in Santa Cruz, you really want go get out of the office so you don't really want to geek out with Regular Expression experiements when all you want to do is a search equivalent of (*foo*.doc) in a DOS or Shell or SQL Like search... just about anywhere you've been to... but now your search box is demaning that you type in a regular expression to give you the search results.

Typing in *foo*.doc does not give you a jack! WTF!

You are not only flabbagasted with so many people who just want to show off their admiration to the beaufy of Regular Expression and don't give you this simple most common use of regex!

Fix:

Try this:

.*foo.*doc

Just remember that when you could normally use a * in a DOS file search use the ".*" combo instead of just a * (. means almost any character and * means repeat as many of them that before the *). This will search files that are xfoo.doc and xfoodoc in your list.

By the way if you really really want to do *foo*.doc (escape) the extension period with a \ So to do a DOS/Shell search equivalent of *.doc you would do .*\.doc For me the above method is just adequate. But if you get the taste of .*\.doc then you are starting to tread to the zone of a regex geek. I'd just find the string, get done with it and rather go surfing myself!

Now you may say, what about the ? mark you used to be able to use to look for a single character match. You already know this. Use a period.

For example, a regular expression search of "f..k" will find "fink" as well as "folk", and "fork" among other things (I know what you are thinking.)

If that does not work then you have other esoteric regex stuff in the string you are searching, like a " or a ? or a \ or { and such which have specific function in the expression. In that case, sorry, go RTFM! I am sorry!


Have fun!.

NET Remoting Error: Cannot create channel sink to connect to URL

Symptom:

You try to call an Activator.GetObject() to call a remote object.

Cannot create channel sink to connect to URL 'tcp:testhostname:1234/RemoteFileManager.soap'. An appropriate channel has probably not been registered. at System.Runtime.Remoting.RemotingServices.Unmarshal(Type classToProxy, String url, Object data) at System.Activator.GetObject(Type type, String url, Object state)

One Possible Cause:

Before going further and check the initializer and other stuff, double check the URL. In my case I forgot double slash after tcp:// and that caused above exception to happen.

IDLE Autocomplete Does Not Work

Symptom:

You started to edit a Python program and Autocompletion does not work. You may have also noticed that it worked at one point or another.

Solution:

This is actually clearly stated in the Help document of the IDLE environment.

Just execute a program in IDLE (if you can). And it will load the symbols and after that automatic completion will work.

Note:

I looked for this quite a while on Google search but there was no clear explanation on this issue. I thought that some process goes to sleep or binding gets disabled.

On my Mac OS with Python 2.6, this happens every time I start IDLE up.

Visual Studio Remote Debugging Tips MS VS 2005

We have numerous situations at work where we need to debug issues at customer sites remotely. It is a huge hassle to install a development environment and source code and even source code control system at customer sites each time there is some hard-to-track crash or bug that we need to attend to.

Fortunately modern Visual Studio environment supports remote debugging. With the ubiquitous availability of VPNs this has became easier but there are still some challenges exist. I am sure that you have also been puzzled by why your system won't connect with the remote to begin a debug session, or get all sorts of different messages which all boil down to some connectivity and authentication issues.

I just got this to work (finally) with one of our customers using Visual Studio 2005 debugging environment. Both my system and the customer system was in different domains, so before I forget what hoops I had to jump through to get this going, I am going to document that here so that at least I can refer to this article myself.

I am sure that this is similar with 2008. We are using Windows XPs between the two.

The Most Important Gotcha Concept

The most important requirement for the remote debugging connection to work is the understanding of the following facts.

• It is a bidirectional communication and you cannot precisely control the user name and password for each way of the communication through the remote debugging tools. The logged-in user name and password should match on both remote and local debug environment. In other words, you want to log in to your local machine and the remote machine using exactly the same user name and password.


• You might say, other machine is in the domain and mine is not or likewise. But it does not actually seem to matter if the user name part (after the domain qualifier) and password pair is in the domain or not. The user name part and the password that goes with it must match on both ends.


• Note that if the user names are both in the domain and on the local system the password set in the domain will be used even if you are logged in as a local user. The interpretation of this is that "Administrator" should and cannot not be used in most sane situations since this is usually set by the domain's administrator and it would take an act of god to get the access to that password. But if you know what that is, change your local administrator's password as well as the local domain's password for the Administrator to get it to work. Not very advisable from the security stand-point though.

The Cookie Cutter Method

If remote debugging isn't working, at least some basic stuff going by creating some simple Hello World type app and use the following to see if you can connect and debug at all.

• On the LOCAL and REMOTE machine's user accounts, create the local user name account that DOES NOT exist in neither of the domains.


• Give that account the same password.


• Also it is best to edit C:\Windows\System32\Drivers\Etc\Hosts file and put each other system's WINS names and actual IP address. For example, if the remote machine is called XPWS1 then put that entry.

Other Stuff to Check

Windows firewalls may get in the way. I would temporarily turn this off while debugging the connection.

• The Local Security Settings (in Control Panel: Administrative Tools: Local Security Policy) must be tweaked on Windows XP as following. Go to Security Settings: Security Options: Network Access: Sharing and security model for local accounts. This must be changed to Classic - local users authenticate as themselves.

ActiveDirectory Recovery Note

Since the time of Windows NT, I really disliked the Domain Controller architecture in Microsoft network. The part that I really did not like about it is that it basically required two dedicated machines to handle this, and we are not supposed to install anything else on it, for example SQL server (you can, and I strongly advise you against doing this. Some day you run into trouble and it will cost you several times over the cost of the hardware you thought you saved.) In addition they had the idea of Primary and Backup domain controllers with the notion of the backup controller a bit dubious since if you lost the primary, you probably lost the ability to get back the primary easily.

When Windows 2000 came out I was a bit excited to be told about the fact that the AD does not have the notion of the Primary and Backup. But soon enough that was not true, and in fact it got even more complicated.

This was now 2008, in my small office, I had a brilliant idea of hosting two AD servers on virtual machines since we don't really maintain any more than a few user names and such. Well, however, we've just lost one of the controllers during a VM migration completely, so I had to basically create another one from the remaining "backup" controllers.

This has caused a several hours of "wasted time," since I really don't want delve into this AD stuff. So if this happens again here is the note to myself. Things like a backup fail-over should be basically instantaneous and I expect there ought to be one-button thingy for basically an idiotic (by choice) user by me, but this not being like that does protect lot of jobs in the industry I would guess.

• It seems to work better if you'd install the DNS first before adding the domain controller role.
• Download the Windows Support Tool from the MS web site. This has two important tools . One is called NETDIAG and another is DCDIAG. These are command line tools and if you run them without any argument they will tell you in more gory details about what's wrong with your DNS and Domain Controller settings. Basically they run a series of tests and they will return either pass or fail. The idea is to fix things so that they will all Pass. For each Fail, type in the error message into Google (not Live Search) and you will find the answer article on how to fix things on Microsoft web site. (Message to MS - Please improve the search on your own product related information.) I would fix the DNS first.
  
• Next tool you will need to use is NTDSUTIL program. You use this tool to basically transfer some of the critical roles that your lost domain controller had. The terminology you need to use to search is "Seize [blah blah] role" And you basically issue the Seize command to this tool. There are about 4 or 5 roles that you need to Seize, and one additional tricky thing is the "Infrastructure" role. This apparently should not be seized by the primary, so run the same tool on the secondary server and have it seize the "Infrastructure" role.
  

I think these would provide enough hints for you to get out of the lost PDC situation.

How To Nissan Key Fob Battery Replacement. 2005 Model year. Key-less system. What Battery To Buy

Symptom:

Want to replace a battery in Nissan Key Fob.

Battery:

The battery is CR2025, pretty standard. It is $15.00 at car dealership.

Replacement:

Pull the metal key out and there is a notch in the middle. With a small flat screw driver head apply a small pressure and then pull up the cover from the screw drive end while the pressure is being applied. It opens up quite easily.

Comment:

Sorry nothing to do with the regular IT article, but I just need to jot down the battery model if we need to do it again.

Mac QuickTime and QuickTime Web Plug-In Repair Note

This document is in the progress.

I am presently having QuickTime plug-in not playing certain type of video formats. It launches the QuickTime player from the browser both in Safari and Firefox but it does not play the actual movie. Presently below are the notes I am taking for what to do to fix the issue.

Check The Location of The QuickTime Plug-In

Plug-ins are located under /Library/Internet Plug-Ins There is the same directory under ~/Library/Internet Plug-Ins as well. On a fresh out of the box Macs neither locations contain anything. 

Check the QuickTime CODEC Installations

Extra and third party CODECS ones are usually installed at /Library/QuickTime

Popular CODECS and CODEC Utiity download sites:

• Apple QT component list: http://3ivx.com/download/macos.html
  
• 3ivx:  http://3ivx.com/download/macos.html
• Perian.Org http://www.perian.org (Especially popular with people having problem with playing the AVI)

Repair The Disk Permissions, Re-Install QuickTime

Some internet posts suggest that we need to preform the disk permission repair, reboot, re-install (the latest version of) QuickTime and re-repair the permission and reboot. To do the repair type in "Disk Utility" in Spotlight query filed (the magnifying glass stuff on top right of the Finder) then run the Disk Utility. 

There is a Fast Aid tab and in there you will find "Repair Disk Permissions" button. 

It takes about 3-4 minuets to run on a relatively new Mac (without much software installed) in my lab. 

Mobile Me iDisk Does Not Mount on Windows XP

Symptom:

I know I can use Map Network Drive feature on the Windows to mount iDisk using the Mobile Me credential, however when I type in my user name and password, it does not accept and it won't mount (map) my MobileMe iDisk volume (this is also true basically for most other WebDAV mounts.)

Solution:

You must explicitly click "Connect using a different user name." in the dialog box. There is some but a distinct difference between doing this first. Without doing this, you will still be asked for user name and password but that won't work even if you provide the correct user name and password of your Mobile Me account.

Note:

Mobile Me and iDisk is a great tool for me because I use Mac at home and XP at work and I often need to bring documenting work back and forth home and office. With remote desktop capabilities rampantly available, I no longer carry my laptop around. I just drag and drop files and continue to work at all locations.

QuickTime Plug-In Playback Jittery At Times

Symptom:

You have a page with a QuickTime plug-in using JavaScript with the AUTOPLAY and LOOP parameter set to TRUE and you are trying to view QuickTime movie embedded in the web browser on Safari (or any other browser). At times the movie plays back very jittery, but if you manually press the stop button and play button on the embedded QuickTime player, the jitteryness goes away completely (in my case we are sending AVI movies to it.)

You know there is nothing wrong with the movie file that was on the server because if you save the movie locally from the plug-in or make a copy of the file directly from the server and play it back it plays back normally.

Root Cause:

It appears that this problem occurs in the following manner:

• The web server starts to send part of the movie
• The QuickTime Plug-In starts to play any playable part
• But the play head catches up with the download
• The playing become jittery after that even even in the subsequent looping of the movie clip

Workaround Fix

In our case, we are not sending sound so we activated another QuickTime Plug-In parameter PLAYEVERYFRAME to TRUE. This may not completely fix your problem, however, at least by giving this a try, and the movie would play smoothly after it downloads all the frames then you know you have the exact problem as I had.

Comment

It appears that the reason this happens is that the plug-in will auto-adjust the play-back skip rate to preserve the audio playback sampling rate. Another way to try this is to set AUTOPLAY to off and try to play at different wait time (from almost no buffering to buffered full) and see you can duplicate this on your specific situation. This problem was worst when running on the Mac Safari on my MacBook Pro 17-in and lest on Microsoft Windows IE 7 under Windows XP. Also when the web server and video generation was on a very fast server this did not occur, but on a slower server this occurred more frequently.

Reference

Look in the latest Apple QuickTime Plug-In documentation (Google for) QTScripting_HTML.pdf for more information.

Time Took To Fix This

It took about 6 hours of time in front of the computer, visits to my customer site at night to qualify what is going on.

Windows SharePoint Services 3.0 Enabling Anonymous Access

The Problem:

You are trying to enable the anonymous access to your Microsoft SharePoint Services 3.0 site. You cannot figure out how.

Fix:

The Microsoft document (Enable anonymous access) on this is not clear on this. The document assumes that your system or sharepoint administrator has already done additional footwork, and describes the last few steps within the Site Actions part of the Sharepoint. 

There is (seems to be) a few more steps that needs to be done.

1. Terminal service or console access your web server's OS as an administrator.
2. First, IIS itself should allow anonymous access. This is done through the IIS administration feature (typically accessed from "My Computer->Manage").
   
3. Open the proprty of the SharePoint IIS web, select the Directory Security tab, then press the Edit button for the "Enable anonymous access" to allow the IIS to access. 
4. When that is done, you need to go to the SharePoint Cnetral Administration web site. The easiest way to get there is from the IIS Manager then right click over the SharePoint Administrator web and select Browse.
5. When the Central Administration page opens, select the Application Management tab.
6. Look for "Authentication Providers" item, then you will find the Anonymous access enable check box on that page. Save it.
7. Now log into your SharePoint page and then select Site Actions -> Site Settings and then select the Advanced Permissions. These steps are as described in the above mentioned Microsoft article, but you should now see Enable Anonymous permissions under the Settings menu bar.

Time Took To Find This Answer:

I spent about an hour trying to find this answer. The fact that anonymous enable is more or less "hidden" under "Authentication Providers" was a bit trickily for me. The reason I need to do this is that in my company the top page is accessible to anyone in the company whereas the individual department or other "site" will be secured.

Reparing Windows 2003 Installation, No Repair Prompt

Symptom:

You followed the Microsoft KB article http://support.microsoft.com/kb/325375 and tried to get the "repair" option, but you do not seem to see it.

Fix:

In my case, I had a USB drive connected to the server, which came up as the "C:" drive. It appears that the drive letter must match the original installation. You may also want to try restarting the CD after removing any attached storage outside of the C: drive.

AT&T Tilt, 8525, iPhone and 3G

My contract was up on AT&T, so that means I could upgrade my 8525 to something newer. I really thought hard about getting the iPhone 3G, but soon I have started to read about its poor 3G performance.

Incidentally, the 8525 had basically the identical problems as the iPhone users are complaining about. I have written about this before on this blog. But to summarize;

• Often the phone does not ring at all. I get the voicemail notification though so I know someone called just a minute ago.
• Anytime there was a 3G to GSM switch, it dropped a call and won't connect until I either reboot or bring the phone off-line and back online.
• Even in a very strong signal area (by the freeway in Redwood City), 3G did not connect up at all.

I thought that this was due to the poor implementation of 3G network by AT&T. But my co-worker who has a Samsung 3G phone in the same office worked all along. So there was a bit of doubt about that.

Also I've read about some problems with iPhone that I would be missing. I email a lot from the phone, and I do need a keyboard for that. I also cut and paste a lot while composing a message. For example, copying a page or URL out of a web browser (for which I use Opera Mobile with its much better JavaScript support.)

Then voice dialing. This I cannot go. It is a safety issue for myself and drivers and people around me.

So, it was really really hard to miss this opportunity to not to get the iPhone 3G. I am an avid Apple fan, but I really cannot buy into a phone that does not work as a phone like 8525 I had, but I did like a lot about 8525 and I decided to place my bet on the new AT&T Tilt.

Turns out that this is the best cell phone I've ever had.

• Now the calls never drops all the way from my home in Half Moon Bay area to Redwood City! I thought that dropping of the call was due to the ruralness of our area, but I was wrong. It was the phone.
• It now rings in my office and also at home without restarting.
• The GPS works with Google Maps
• I can tether it with my Macbook Pro and get on the Internet. No more hotel and Starbucks WiFi fees!
• The SIM card can be swapped without replacing the battery. This can be useful if I go out of country a lot and use the rental SIMs.
  

So here is some knit picking stuff:

• I wish that the display tilt up all the way vertically. If it does I can leave the phone on my dash and see the Google Maps easily while driving.
• I miss the function buttons that were on top. Now they moved all the buttons and clustered them really close together at the bottom of the phone. I often hit a wrong button to end the call etc.
• So far I could not activate the Voice Command with Jawbone

Definitely not as cool looking as the iPhone, but it is extremely practical and for business and communications use, this is so far the best phone I've used. And for music, I carry a separate iPod Nano. The battery lasts much longer that way.

Mac Parallels Disk Image Bloat, Error Compressing

I occasionally use Pararelles on my Mac. For example, to update my Windows Mobile Phone etc., that can only done on Windows. I have found out though that the disk image gets significantly bigger over time. There is an option to squeeze the disk, but that option did not run when I tried. I looked around on the net for the answer. I am jotting this down here so that I won't forget.

Snipped from this source: http://forum.parallels.com/showthread.php?t=138121.

Open Parallels and start windows 

2. go to the Actions menu and click on Create Snapshot
3. In the snapshot window just click the OK Button

4. Shut down windows using the shutdown feature in windows
5. Turn off Parallels 

6. Go to Applications/Parallels and open Parallels Image Tool 
7. Click Continue on the Introduction Page 
8. Click Choose on the source image page. 
9. Select your HDD 
10. Click Continue

11. Select Manage disk Properties in the action screen, Click continue 
12. In the Operations screen put a checkmark in the Merge snapshots item only. And click the Start button. 
13. A warning Message will drop down, Click Yes 
14. The Image tool will start to process your HDD this can take a long time be patient 
15. When The process completes click finish 

Next boot the VM:
It is normal for this to take a little longer than usual.

Finally Run Disc Compressor:

18. Go to Actions on the toolbar and select Run Parallels Copressor...... 
19. A dropdown menu will appear with a message on it click ok 
20. A countdown will begin, allow it to start automatically 
21. The Compressor will start the first set of operations this can take some time. 
22. After the first operations have completed Click on the restart button 
23. After the restart the next set of operations will start again this will take some time to complete. When the compression is completed the compacting of the disk will begin automatically. This can take hours to complete. Do not interrupt it, suspend your Mac or put it into sleep mode during this process. 
24. When Compacting is completed click on the OK button. 
25. Click Finish on the Compressor Window. 

Clean Up
26. Go to the Macintosh HD/Users/”your user name”/documents/parallels/”your virtual machine”/ and delete the Snapshots folder and the Snapshots.xml

VS 2005: Connection String Modifications in Class Libraries

Scenario:

An excellent practice in coding is to centralize and conseal data access code so that you do not have to reset configuration or in our case the "connection string" all over the places. You've probably experiencd that if you created a DataSet in the same project as all your main forms, connection string is in the Application's Settings file. And upon the form inialization, you can just change the connection string property then you are all set for the rest of the code.

What happens though if you placed the DataSet in a separate library. In this case you don't see the connection string any more in your Application's config file or Settings.

My Solution:

There are many different ways of doing this, from creating a factory class to overriding some config class objects that returns the correct (dynamically changed) connection string.

My solution is quite minimum compared to those but it does work and it does not require a lot of lines of code.

If you have created a Class Library on its own project then there is a namespace that is assigned to that project. If you create a DataSet in this project then it will create a local settings directory.

I usually have a database locally and so when I am developing I set my SQL hostname by default to (local) and when I go in production I just need to repoint the host name. The following code then will replace that with another hostname.

The property setting values are singletons (at least they seem to be) so if you run this once early on in your program execution, all the TableAdapters that use the connection string will take the new value from it.


namespace MyClassLib{
public class DBConnections
{
static public void SetDBHost(string hostName)
{
string cs =
Properties.Settings.Default.ConnectionString1;
cs = cs.Replace("(local)", hostName);
Properties.Settings.Default["ConnectionString"] = s; }
}
}

VS 2005: DataSet Designer Gives Unable To Find Connection Error

Symptom/ Situation:

You are using Microsoft Visual Studio 2005, and you have moved a DataSet (.xsd file set) from one location to another in your project on your Visual Studio 2005 and you get this kind of an error any time you want to add or modify a query in the Table Adapter, and you cannot add, delete, edit or modify the query that was previously defined.

Unable to find connection 'db1ConnectionString (MySettings)1' for object 'MySettings'. The connection string could not be found in application settings, or the data provider associated with the connection string could not be loaded. "

Possible Fix:

I had this issue and found out how to fix this in my case. Your case may vary.

• In the DataSet Designer mode click over the heading of the TableAdapter part and reveal its property.
• In the properties panel (usually on your right) you will see +Connection.
• Press the + icon
• Click the Value part of the connection and a pull-down menu will appear. (Re)select the proper connection string
• Now you should be able to modify the queries

Mac Tiger Does Not Autheticate When Connecting To WIndows 2003

Symptom:

When trying to access a file share (SMB share) from a Mac OS 10.4 (Tiger) to Windows 2003 Server which is in a Windows domain, you get a login screen, but it always fails on authentication.

Cause:

The "Microsoft network server: Digitally sign communications (always)" is Enabled in the Security Options of Local Policies of Security Settings in the Default Domain Controller Security Settings.

Fix:

This applies to Tiger which is running an older version of Samba software. A new version of it will not have this issue, and I have not checked that with Leopard.

Note that this may violate your general local security policy and may expose your windows server with additional security issues.

1. From the Start Menu, open Administrative Tools
2. Select Domain Controller Security Policy
3. In the Default Domain Controller Security Settings applet navigate through Security Settings, Local Policies, Security Options
4. Scroll down the list and find "Microsoft network server: Digitally sign communications (always)
5. Disable it.
6. From the command line tool type in "gpupdate" to load the change into the OS.

Time Took To Research and Fix This

About year and half.

ATT 8525 Phone Connectivity Instable

Symptom:

I have been using ATT (Cingular, HTC) 8525 for sometime, but whenever it switches to and from 3G to GSM (EDGE) networks there have always been all sorts of problems like a call dropping, cannot connect re-establish data connections etc. It also seems to get worse from either other networks, towers or a situation where there is an GSM only tower near-by and 3G tower at a receivable distance.

Fix:

I have disabled 3G from the phone and it operates much more stable. There is a registry hack you can do to show the bandwidth selector.

To enable the bandwidth selector tab in the Phone setup page.

[\HKLM\Software\OEM\PhoneSetting\]
"ShowUMTSBandPage"=dword:00000001

And this disables it.

[\HKLM\Software\OEM\PhoneSetting\]
"ShowUMTSBandPage"=dword:00000000

There is a freeware called MobileRegistryEditor that you can install it on your desktop and you can "remotely" alter the registry keys via a USB connection.

As with any registry hack, I cannot be responsible if you screw up your phone permanently.

Windows DNS: nslookup works but ping does not work

Symptom:

You are hosting your own DNS on Windows Server 2003 or likewise. Occasionally (especially after rebooting the DNS server), hostmame lookup does not occur, for example, ping or http request to your local host(s) from a web browser.

Boodoo Answer:

I do not know why or what is happening with this and I don't have time to figure out really what's gogin on but what helps are two things,

From a command line, try typing in "ipconfig /flushdns"

If that does not work you can try the following;

• Allow Dynamic updates on your Primary DNS nodes from the DNS configuration applet.
• Create reverse lookup zones.

Windows Dev: Add, Remove, Edit DataGridView

Problem:

This is very symptomatic of people like me who started out in .Net Framework 1.0's DataGrid class. When first encountering the new paradigm in .Net Framework 2.0 we still wonder why it they still made it so hard to work with the underlying DataTable or DataSet, and it must be a common knowledge that no site will tell you what to do a simple Insert, Update and Deletes.

For example, to find out which row was selected in the corresponding row of the DataTable. You probably even tried to hide a key column as the column number 0, and dismayed to find out that as soon as it is hidden the DataGridView won't even return the hidden field (though on the web control that technique does work).

Fix:

They actually did simplified it, but you do need to RTFM. You will find out that spending about an hour trying to understand the BindingSource class and utilizing it will significantly reduce or completely remove that grid and data sync problem headache.

Basically all you need to do is to drag the instance of BindingSource to the designer pane. Then using the DataSource property of the DataGridView, assign the newly created BindingSource.

Then in the BindingSource, assign the actual DataSet with the right table member and now they go magically in sync. For example, if you do an Insert and Update in the underlying DataSet's DataTable, it will automatically reflect the change in the grid. In other words, the DataGridView will automatically follow what you do with the underlying DataSet. I think finally that's significantly more convenient. Note that you should not invoke the Insert function of the TableAdapter class and hoping to the DataGridView to update. That do not go through the underlying DataSet, instead it directly fires the Insert SQL without going through any datasets.

Windows Dev: Storing and Changing SQL Connection String from Configuration File

When writing a .NET application with SQL database, we always need to store a configuration string somewhere. This can be done in many ways. I happened to like the Application Configuration capability that started to appear in Visual Studio 2005 with .NET Framework 2.0

This is a very typical thing we do, but at least in .NET Framework 2.0 there still is not an easy solution for this, and using the App.config approach, you will soon realize that you run into two problems (I am not going into the security aspects of it.)

1. You could store the entire connection string as the Application level configuration parameter in app.config but if you do that then you cannot change and save the string from anything in the applications section.
2. But you have to change the instance of that string in order to easily propagate the connection string to all TableAdapters

Well, it turns out that there is simple and easy way of doing this. You can modify the memory instance of the application connection string using the array indexer with the name rather than calling as a member of the property. If you can successfully make the change in the connection string in the constructor of your application in the following manner, the changed configuration string will propagate to all of the TableAdapters.

public Form1()
{
InitializeComponent();
string s = Properties.Settings.Default.MyConnectionString;
s = s.Replace("(local)", "192.168.0.100"); // This can come from another user configuration string.
Properties.Settings.Default["MyConnectionString"] = s;
}

Microsoft Certificate Services setup failed, Windows cannot

Symptom:

When you try to install (or re-install) the Microsoft Certificate Service you encounter the following error message and cannot continue. You did re-run the installation.

An error was detected while configuring Certificate Services.
The Certificate Services Setup Wizard will need to rerun to complete the
configuration.

Certificate Services setup failed with the following error: Windows cannot
find the network path. Verify that the network path is correct and the
destination computer is not busy or turned off. If Windows still cannot
find the network path, contact your network administrator. 0x80070033
(WIN32: 51)

The Cause:

The most likely cause of this is that File and Print Sharing got disabled. In my case, when I changed the host name, it got disabled.

Fix

Just enable the File and Print Sharing from the network control panel for ALL ACTIVE network connections and then try again.

Gmail Does Not Load, Stay in Continuous Loading Loop

Symptom

This happens from time to time on my MacBook Pro and Firefox. Interestingly, when this happens I switch to Safari and Safari works fine.

What happens is that when accessing the Gmail, the screen shows "Loading...." and briefly flash the part of the page then goes back to "Loading..." again and this continues ad infinitum.

Cause

I don't know the exact cause of this. Apparently there is some issue with a corrupted cookie that may be causing this issue. One thing the corruption could occur is that I am using the Mac Mail via IMAP to download messages at home. Because Mac Mail allows sorting by the sender, I can weed out old news and newsletters quicker. I know, I know I have not completely subscribed to the Gmail paradigm (but it is a free country too!).

Anyhow, I think when I do these deletions on Mac Mail, things may go out of sync and that's when the problem seems to start.

Fix

You can try different URLs to access Gmail and this has fixed my situation. In my case if I just use https:// this will usually fix the problem, but then I will need to use https://

If you really need to fix this, you will have to remove Gmail related cookies. I don't know which is what so I usually remove all Google issued cookies. That will also fix it completely.

https://mail.google.com/mail/
or
http://mail.google.com/mail/?ui=1
or
http://mail.google.com/mail/h/

Time Wasted:

Took about 10 minutes to find and try the solution.

I typed in this search term into Google "Gmail problem FireFox loop" and no Google help message came up, instead this forum gave me the answer.

http://www.emaildiscussions.com/showthread.php?t=52131

CISCO ASA 5510, 5505 Creating A VPN Passthrough

Situation

You have installed the CISCO ASA in your organization, configured the NAT so that all of your own computers are protected behind the NAT and Firewall but now some users want to use a VPN to connect to some network outside. For example, a visiting or partner employee may want to connect back to their corporate office via an IPSEC VPN.

The VPN login seems to work, but nothing gets connected.

Why Does This Not Work On Out of The Box Usually?

Because of Network Address Translation, the VPN IP addresses gets translated through the firewall.

Possible Solution

The CISCO support web site has a very comprehensive information on this. The URL to the support article is this.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008045a2d2.shtml

This article also shows you how to configure this situation using the ASDM User Interface. But I know you don't want to read that so in summary here is what you would do:

• Click Configuration on the Top Toolbar
• On the side tool bar is "Security Policy"
• Add the Following Access Rules (Access Rules Tab)
• Add and/or Activate esp protocol in IP from the outside to the inside interface, Source is outside and destination is inside.
• Add and/or Activate isakmp UDP protocol, source outside, destination the inside interface
• Add and/or Activate UDP port 4500 traffic from source outside, destination the inside interface

Status

We've implemented this in April 08, it is June now and has been working very well in our environment. We've tried the "regular" CISCO VPN client connecting to the outside as well as CheckPoint ScruRemote VPN clients with it.

Microsoft IIS FTP Server Does Not Work with Passive FTP

Symptom:


Typical User Complaints:

• I can log into an FTP site, but I cannot list the directory. It hangs.
• My FTP hangs
• FTP works from the office but FTP does not work from my home
• Typical of a Microsoft Windows product, FTP does not work (not entirely true)
• Microsoft Windows Server 2003 does not support Passive FTP (not true)

You have set up an IIS server on the Internet on Microsoft Windows 2003 R2 server. Everything appears to be going normally. You can FTP to "yourself" from within the same server, so you know FTP is working. Now you find out that people cannot see the directory when they connect to the FTP server. They can log in and connect but connection breaks as soon as the user tries to get a directory listing or try to send a file.

The Cause:

Your IIS Server, by default, does not support Passive FTP, and whoever trying to access your FTP server is opening the FTP server behind their own firewall and Network Address Translation (NAT). That's 99% of the case from Cable Modem and DSL users.

The Fix:

You will need to do two things.

Using wscript, you need to configure the IIS Metabase so that IIS allows the use of ports for Passive FTP, then restart the IIS.

Using anther batch script, you will need to add EACH port number in the Windows firewall exceptions list.

This site seems to give you the complete information on the whole issue and how to fix it step by step.

http://velikan.net/iis-passive-ftp/

Commentary: The Future is in Voice Recognition + Search

I am hereby putting this in writing, so that I can say in a few years to people "I told you so!" sort of things. I have been saying this for the past 2 years or so and each time I said this to my other geek colleagues, they almost always laugh.

When I was a kid in Japan and when I visited my grandfather's place. There was this telephone without any dial at all. To make a phone call he would pick up the receiver, then there is a crank on the right of the phone which he turns a few times. An operator answers. He will tell the operator, to "Give me Maeda-san." and the operator knows who this is, where this person is, and connects. Even more, if this Maeda-san was not at home, the operator will try again and when he is back at home, connected, the operator will call back my grandfather and connects.

Sounds awfully antiquated, classic or whatever you would say because what you would do today is to go to your computer, start Outlook, type in Maeda, and find the name of the person, then find one of the phone numbers, call the guy, he isn't there, leave a message etc. And we call that high tech modern age stuff.

What, however will happen next is actually we will all go back to what my grandfather had in the first place. Except that it is wireless of course.

Most of us will have cell phones with basically nothing but a green and red button. It will fit almost in any pocket.

What you will do with it?

You command it with voice only and the computer intelligence behind it will do all of the reset of the work. It is connected with a complex search engine with a voice recognition software both on the phone and also on the remote phone switch too.

So just say that I have said to the phone, "Order Pizza" Here is what happens in the background.

- The location service on the phone would know if I am at home or office. If I have ordered a pizza before both from my office or home at different outfits, it will basically know which pizza place I am talking about. It will perhaps ask me "Call Harbor Pizza?" if I am calling from my home in Half Moon Bay, or "Call Brick Oven Pizza?" If I am in the office. Of course, I can be in totally different city in that case the search engine linking would suggest other places near by.

- Of course it is 7 PM and line is all busy but no problem, like a human operator would do, it would try calling on your behalf and then connects you up when the line is open.

- Let's say that I was in the different city and ordered a pizza. I would want to go and pick up the pizza. I would say to the phone. "Gide me to the pizza place." Of course the historical information would know that which pizza place it was, and with the GPS phone and voice navigation, there is no problem phone doing the navigation. The user still has not touched any dial at all!

I think we will all be having a phone that do this. And you know your search engine provider is scanning all your emails and everything you store in remotely hosted applications. It can have a lot of context as to what you are asking about.

Sure enough, bits and pieces of the technology is already out there. I use VoiceCommand on my Pocket PC all the time, and I speak to the robot at United Airlines too. I think that the integration of these stuff will make a phone with dials obsolete in a few years.

OpenOffice.Org - Can't See Graphics or Pictures

Symptom:

When you open an OpenOffice.org Writer document, the graphics are disabled, all graphics are showing the [X] mark and you cannot find where to turn this back on. This is likely to have happened accidentally (Can't blame you, that's how that happened to me, and don't know how this has happened either.... Makes my mother-in-law feel better for even a seasoned software engineer can be flabbergasted with things like this at times!)

Solution:

1. Go to Tools menu. Select "Options..."
2. In the left panel of the Options dialog box, you should find a + sign on the left of OpenOffice.org Write/Web item. Click the + (if may already been open)
3. Select View
4. Find the Display section.
5. Chcek the item Graphics and objects

Note that there is likely a bug in OO 2.3.1, since once you turn the graphics mode on, you cannot turn it off even if you un-check the box.

Time Wasted To Find This Solution

I was looking for this option all over the menus and other places and Googling "Graphics mode on OpenOffice" would not find any article. It took approximately 30-40 minutes to finally found where this check box was hidden.