Monday, April 24, 2006

CTX: MetaframeEvents - Printer Management - Event ID 1106

Error:

Event Type: Error
Event Source: MetaframeEvents
Event Category: Printer Management
Event ID: 1106
Date: 2/6/2006
Time: 11:48:37 AM
User: N/A
Computer: COMPUTER1
Description: Client printer auto-creation failed. The driver could not be installed. Possible reasons for the failure: The driver is not in the list of drivers on the server. The driver cannot be located. The driver has not been mapped. Client name: (COMPUTER1) Printer: (Client\COMPUTER1#\HP LaserJet 2300L PCL 6) Printer driver: (HP LaserJet 2300L PCL 6)

Solution #1:

What you can do is, Under the Printer Management Section of the CMC you can specify what drivers you wish the Citrix Servers will use. But the Citrix Universal Driver would be fine to use in your environment, as the LaserJet 4 Driver is only PCL4 Compliant. So you can do this a number of ways but simply you can do this

1. Open your CMC Console
2. Right Click -> Printer Management
3. Click on Drivers Tab
4. Select Universal Driver Only
(This will map all client printers to the Universal Driver, which is PCL4 / LaserJet 4 Compliant)

Note - A pre-requisite for this to function correctly you must have already replicated the driver to all Citrix servers within your Farm, either by using the Driver Replication options of Metaframe or by installing the driver locally on the servers themselves.

Solution #2:

1. Open you CMC Console
2. Expand Printer Management
3. Right Click on Drivers -> Compatibility
4. Compatibility list options -> (Allow only drivers in the list.)
5. Click on Add -> Select the driver you wish to enable on the Farm
6. Click on OK
7. Click on OK Again to save the Changes
8. Right Click on Drivers -> Mapping
9. Click on Add -> Enter the Client Driver Name Eg. HP LaserJet 2300L PCL 6
10. Select the Pre-Installed Server Driver (HP LaserJet 4) or install the correct driver (then replicate to all Citrix servers) and choose the HP LaserJet 2300 Series PCL 6
11. Continue to do this for the remainder of the client printers.

P.S. You can get the client driver name from the Application log when the Metaframe server cannot find a compatible driver to assign.

Source: MetaframeEvents
Category: Printer Management
Event ID: 1106
Type: Error
Description: Client Printer auto-creation failed. The driver could not be installed.
-- In this section look for the following line...> Printer driver: (HP LaserJet 2300L PCL 6)
Remove the Brackets and you have your client driver name..>

The solution #2 is useful if have any errors related with PDF printers (Adobe PDF Converter, AdobePS Acrobat Distiller, Jaws PDF Creator, PrimoPDF, SolidPDF XChange, etc). You can follow the instructions from the solution #2 and map the PDF printer to Citrix Universal Printer.

Saturday, April 22, 2006

BETA: Microsoft Vista Build 5365 released today.

Microsoft Vista Build 5365 has been released to testers.According to Microsoft, this is another "refresher" build, with bug fixes rather than new features.
This build is quite a bit larger than its predecessor, with the x64 build being over 4 gigabytes.

Build details:

x86 Edition: vista_5365.8.060419-1800_winmain_idx05_x86fre_client-staged-dvd-LB2CFRE_EN_DVD.iso, 3,097.83 MB

x64 Edition: vista_5365.8.060419-1800_winmain_idx05_x64fre_client-staged-dvd-LB2CxFRE_EN_DVD.iso, 4,039.84 MB

Build 5365 is only available in English and only the x86 and x64 Ultimate editions are being released (not longhorn server included).

I tested this build and the speed of the OS is faster then previous builds. The installation changed and now is easy to install in VMware and Virtual Server.

Friday, April 21, 2006

MS: Printer was deleted warning. Event 3 Print.


If you get this error:

Event Type: Warning
Event Source: Print
Event Category: None
Event ID: 3
Date: 20/04/2006
Time: 23:01:45
User: NT AUTHORITY\SYSTEM
Computer: SERVER1
Description:
Printer PRINTER1 on SERVER1 (from COMPUTER1) in session 1 was deleted.

To stop logging this warning event

In Control Panel, open Printers and Faxes.
On the File menu, click Server Properties.
On the Advanced tab, clear the Log spooler warning events check box.

Thursday, April 20, 2006

MS: Configuration options for WLBS hosts connected to layer 2 switches (Cluster)

http://support.microsoft.com/?kbid=193602

MS: Network Load Balancing (NLB): Configuration Best Practices for Windows 2000 and Windows Server 2003

General Considerations

• Some routers require a static ARP entry because they do not support the resolution of unicast IP addresses to multicast media access control addresses. For example, Cisco routers require an ARP (address resolution protocol) entry for every virtual IP address. While Network Load Balancing uses Level 2 Multicast for the delivery of packets, Cisco's interpretation of the RFCs is that Multicast is for IP Multicast. So, when the router doesn't see a Multicast IP address, it does not automatically create an ARP entry, and one has to manually have to add it on the router.

• Network Load Balancing can operate in two modes: unicast and multicast. Unicast support is enabled by default, which ensures that it operates properly with all routers. You might elect to enable multicast mode so that a second network adapter is not required for communications within the cluster. If Network Load Balancing clients access a cluster (configured for multicast mode) through a router, be sure that the router accepts an Address Resolution Protocol (ARP) reply for the cluster's (unicast) IP addresses with a multicast media access control address in the payload of the ARP structure. ARP is a TCP/IP protocol that uses limited broadcast to the local network to resolve a logically assigned IP address. Verify that all cluster hosts are operating in unicast or multicast mode, one or the other, but not both.

• If the cluster is operating in unicast mode (default setting), Network Load Balancing cannot distinguish between single adapters on each host. Therefore, any communication among cluster hosts is not possible unless each cluster host has at least two network adapters.

• You can configure Network Load Balancing on more than one network adapter. However, if you do bind NLB to a second network adapter ensure that you are configuring them correctly.

• Use only the TCP/IP network protocol on the adapter NLB is enabled for. Do not add any other protocols (for example, IPX) to this adapter.

• Enable Network Load Balancing Manager logging. You can configure Network Load Balancing manager to log each Network Load Balancing Manager event. This log can be very useful in troubleshooting problems or errors when using Network Load Balancing Manager. Enable Network Load Balancing Manager logging by clicking Log Settings in the Network Load Balancing Manager Options menu. Check the Enable logging box and specify a name and location for the log file.

• Verify that the following is true for cluster parameters, port rules, and host parameters:

• Cluster parameters and port rules are set identically on all cluster hosts.

• Port rules are set for all ports used by the load-balanced application. For example, FTP uses port 20, port 21, and ports 102465535).

• Always click Add after setting a port rule. Otherwise, the port rule will not appear in the list of rules, and the rule will not take effect.

• Ensure that the dedicated IP address is unique and the cluster IP address is added to each cluster host.

• Verify that any given load-balanced application is started on all cluster hosts on which the application is installed. Network Load Balancing is not aware higher level applications and does not start or stop applications.

• Verify that the following is true for the dedicated IP address and the cluster IP address:

• Except in the case of a virtual private network (VPN), both the dedicated IP address and the cluster IP address must be entered during setup in the Network Load Balancing Properties dialog box and also in the Internet Protocol (TCP/IP) Properties dialog box. Make sure that the addresses are the same in both places.

• When configuring a VPN load balancing cluster, you should not configure the dedicated IP address. On a VPN, only the cluster IP address should be present on each of the cluster hosts because clients running Windows 95, Windows 98, or Windows NT 4.0 may be unable to connect to the cluster if the dedicated IP address is configured on the Network Load Balancing cluster hosts. If you omit this step, the cluster will converge and appear to be working properly, but the cluster host will not accept and handle cluster traffic.

• Ensure that the dedicated IP address is always listed first (before the cluster IP address) in the Internet Protocol (TCP/IP) Properties dialog box. This will ensure that responses to connections originating from a host will return to the same host.

• Both the dedicated IP address and the cluster IP address must be static IP addresses. They cannot be DHCP addresses.

• Ensure that all hosts in a cluster belong to the same subnet and that the cluster's clients are able to access this subnet.

• No special cluster interconnect is used by Network Load Balancing. NLB uses the same network interface to maintain cluster state awareness.

• Do not enable Network Load Balancing on a computer that is part of a server-cluster cluster. Microsoft does not support this configuration.

Security and Manageability

• Use Network Load Balancing Manager to configure NLB clusters. You can configure many Network Load Balancing options through either Network Load Balancing Manager or the Network Load Balancing Properties dialog box accessed through Network Connections. However, Network Load Balancing Manager is the preferred method. Using both Network Load Balancing Manager and Network Connections together to change Network Load Balancing properties can lead to unpredictable results. Only Windows Server 2003 NLB clusters can be configured by NLB manager. You can however manage clusters that contain both Windows Server 2003 and Windows 2000 or NT 4.0 servers.

• Ensure that applications that are load balanced are properly secured. The NLB security domain does not extend to applications. As such NLB will be totally unaware if security at the applications level is compromised.

• Use two or more network adapters in each cluster host if you would like to separate management functions from regular operations. Two network adapters, is not however a default requirement.

• Command line tool for managing NLB is "nlb.exe". NLB.exe exposes a mechanism for setting up NLB configuration parameters thru the command line. There are 2 additional configuration points not exposed but can be useful for monitoring NLB state. They are queryport and params Nlb.exe queryport retrieves the state of a given port rule using the same syntax as the enable/disable/drain command line options... the information returned includes the state of the port rule, enabled, disabled or draining if the port rule is found or an indication that the port rule was not found... if found, it also returns a count of packets accepted and dropped on that port rule. Nlb.exe - params retrieves the NLB configuration just the same as "nlb display", but rather than retrieving it from the registry, it queries it directly from the kernel-mode driver - this is the CURRENT state of NLB (the registry shows what the NEXT state of NLB would be if a reload or some other operation causing the driver to read the registry was performed - the registry MAY or MAY NOT be the current state of NLB)

• Enabling remote control has security implications and the user must ensure that the NLB cluster is secure (behind a firewall) if remote control is enables. The remote control mechanism uses the UDP protocol and is assigned port 2504. Remote control datagrams are sent to the clusters primary IP address. Since the Network Load Balancing driver on each cluster host handles them, these datagrams must be routed to the cluster subnet (instead of to a back-end subnet to which the cluster is attached). When remote control commands are issued from within the cluster, they are broadcast on the local subnet. This ensures that all cluster hosts receive them even if the cluster runs in unicast mode. As such the subnet the NLB clusters are hosted on should be secure. If remote control is enabled users can use nlb.exe to remotely manage their clusters.

High Availability

• Network Adapters and NIC teaming: Most vendors today offer redundant or fault tolerant adapters i.e. adapter teaming or adapter fault tolerance (AFT). These are supported with NLB, however refer to KB article 278431 for more information.

• Fault Tolerant/Load balancing Switches: Redundancy at the switch layer can easily be provided by striping the NLB cluster hosts across multiple switches and inter-connecting all the switches that contain a single NLB cluster. Additionally, to prevent switch flooding, only the ports connected to the Primary IP address (where all inbound traffic is sent) can be made hosts of a single VLAN.

• Fault tolerant Routers: Redundant routers are the most easily overcome using a VRP (virtual router protocol) or HSRP (hot router standby protocol). This allows the router to map the cluster's primary IP address and other multi-homed addresses to the corresponding media access control address. If your router does not meet this requirement, you can create a static ARP entry in the router or you can use Network Load balancing in its default unicast mode.

• Multiple NICs in cluster nodes

Windows 2000

• If you have 2 NICs on different subnets then the NIC to which NLB is bound should have default gateway and the routing tables need to be reconfigured to make all traffic go thru the NLB NIC. Default gateway setting on the other NIC should be blank.

• If you have 2 NICs on the same subnet you will need to configure the NIC to which NLB is bound with the default gateway. The other NIC should not have a default gateway configured. No need to hack routing tables.

• Recommendation is to use one NIC in each node unless there is a business need for 2 NICs

Windows Server 2003

• If you have 2 NICs different subnets you can choose to bind NLB to either or both NICs without any issues. All traffic will go thru the correct NIC (subnet)

• If you have 2 NICs on the same subnet traffic will be routed accordingly.

Troubleshooting

• The following tools can be used to troubleshoot NLB clusters:

• Event Viewer.

• NLB.exe Display & Query Commands.

• Ping.exe.

• Network Monitor.

• Network Monitor parser for NLB (part of Windows 2000 Server Resource Kit)

Refer to KB article 280503 for more information.

• Performance Monitor

• CPU Load

• Network Interface: packets/sec

• Web Service: connection attempts/sec.

MS: Network Load Balancing cluster node does not successfully converge

http://support.microsoft.com/?kbid=812870

MS: How to Troubleshoot the Cluster Service Account When It Modifies Computer Objects

http://support.microsoft.com/?kbid=307532

MS: How to manually re-create the Cluster service account

http://support.microsoft.com/?kbid=269229

TOOLS: Unlocker

Unlocker is an explorer extension that allows you with a simple right-click of the mouse on a file or folder to get rid of error message such as error deleting file or folder, cannot delete folder: it is used by another person or program.

Ever had such an annoying message given by Windows?

Cannot delete file: Access is denied
There has been a sharing violation.
The source or destination file may be in use.
The file is in use by another program or user.
Make sure the disk is not full or write-protected and that the file is not currently in use.

Unlocker is the solution.

http://ccollomb.free.fr/unlocker/

Terminal Server Web Resources (Links)

Microsoft

Microsoft Windows Server 2003 Terminal Services site

http://www.microsoft.com/windowsserver2003/technologies/terminalservices

Microsoft Support
http://support.microsoft.com/

Automated Deployment Service
http://www.microsoft.com/windowsserver2003/techinfo/overview/ads.mspx

TechNet
http://www.microsoft.com/technet/

Windows System Resource Management
http://www.microsoft.com/windowsserver2003/downloads/wsrm.mspx

Microsoft Press
http://www.microsoft.com/mspress

Citrix

Citrix Knowledge Base
http://knowledgebase.citrix.com/

Portal/License Activation
http://www.citrix.com/mycitrix

Rick Dehlinger’s TweakCitrix
http://www.tweakcitrix.com

Client Solutions

Tarantella
http://www.tarantella.com

New Moon
http://www.newmoon.com

Hob Soft
http://www.hobsoft.com/www_us/home.htm

UNIX RDP Client Rdesktop
http://www.rdesktop.org

WinConnect
http://www.thinsoftinc.com

Installation

InstallShield
http://www.installshield.com

NetSupport
http://www.netsupport.com

OnDemand WinInstall
http://www.wininstall.com

Wise Solutions
http://www.wise.com

Desktop Management

AppSense
http://www.appsense.com

AppLauncher
http://www.applauncher.com

TriCerat
http://www.tricerat.com

Softricity
http://www.softricity.com

Real Enterprise Solutions
http://www.respowerfuse.com

Emergent OnLine
http://www.go-eol.com

Load Tests

Mercury Interactive
http://www.mercuryinteractive.com

Tevron
http://www.tevron.com

Scapa Technologies
http://www.scapatech.com

Macro and Script Tools

KiXtart
http://www.kixtart.org

Insight Software Solution
http://www.macroexpress.com

Pitrinec Software
http://www.pitrinec.com

Wilson WindoWare
http://www.winbatch.com

TaskWare
http://www.wintask.com

Hiddensoft
http://www.hiddensoft.com/autoit

Script Horizon
http://www.scripthorizon.com

Universal Printer Drivers

ThinPrint
http://www.thinprint.com

UniPrint
http://www.uniprint.net

TriCerat
http://www.tricerat.com

Emergent OnLine
http://www.go-eol.com

Application Access Portals

visionapp
http://www.visionapp.com

Panther
http://www.pantherpowered.com

Information

Brian Madden
http://www.brianmadden.com/

WTS Technologies
http://www.wtstek.com

Technical Remote Computing
http://dev.remotenetworktechnology.com

SBC Hardcore User Page
http://www.xs4all.nl/~soundtcr

SysInternals
http://www.sysinternals.com

TheThin
http://www.thethin.net

Thin-world.com
http://thin-world.com/

Daves Thinplace
http://www.thinplace.de/

Thin Planet
http://www.thinplanet.com/

SBC-Technet
http://www.sbc-technet.com/

Terminal Server Product Guide
http://www.winntmag.com/Techware/InteractiveProduct/TerminalServer/

Labmice.net
http://www.labmice.net/terminalsrvcs/default.htm

MS: Terminal Server Client Connections and Logon Limited by MaxWorkItem and MaxMpxCt Values

http://support.microsoft.com/?kbid=232476

TOOLS: Filemon

FileMon monitors and displays file system activity on a system in real-time. Its advanced capabilities make it a powerful tool for exploring the way Windows works, seeing how applications use the files and DLLs, or tracking down problems in system or application file configurations.
http://www.sysinternals.com/Utilities/Filemon.html

MS: Terminal Services Commands

Change logon
Uses the following parameters to enable or disable client session logons and displays the current logon status. This utility is useful for system administration. The abbreviation for this command is Chlogon.
/enable: Enables user logon from clients, but not from the console (default setting).
/disable: Disables subsequent logons from clients. Does not affect users who are already logged on.
/query: Displays the current logon status.

Change port
Changes the mapping logic for serial ports to be compatible with MS- DOS applications. The abbreviation for this command is Chgport.

Change user
Uses the following parameters to change the mapping of .ini files and the registry for the current user during application installation. The abbreviation for this command is Chguser.
/execute: Enables the mapping of .ini files to the home directory (default setting).
/install: Disables the mapping of .ini files to the home directory during application installation.
/query: Displays the current setting.

Flattemp
Enables or disables a common (flat) temporary folder (temp mapping).
/enable: Enables common temporary folders.
/disable: Disables common temporary folders.
/query: Displays the current setting.

Logoff
Terminates a user session.

Msg
Sends a message to one or more users.

Query process
Displays information about the processes of all user sessions on a terminal server. This command includes parameters for further specification of the desired information, such as process ID, user name, session name, session ID, program, or server name.

Query session
Displays information about the sessions running on a terminal server. This command includes parameters for further specification of the desired information, such as user name, session name, session ID, program, or server name.

Query termserver
Lists all terminal servers running on the network. This command includes parameters for further specification of the desired information, such as server name or domain.

Query user
Displays information about the users logged on to a terminal server. This command includes parameters for further specification of the desired information, such as user name, session name, session ID, program, or server name.

Query winsta
Same as the Query session command.

Reset session
Resets a user session to initial values. This command includes parameters for further specification of the desired information, such as session name, session ID, or server name.

Rwinsta
Same as the Reset session command.

Shadow
Allows the monitoring of the terminal server session of another user. This command includes parameters for further specification of the desired information, such as session name, session ID, or server name. All information displayed on the shadowed computer session is also displayed on the target computer.

Tscon
Attaches the client or user to an existing terminal server session.

Tsdiscon
Disconnects the client or user session from the terminal server.

Tskill
Terminates a selected process using its process ID or its name in combination with the server name and the session ID. Administrators can use this command for all processes; users can use it only for their own processes.

Tsprof
Copies the configuration information of a Terminal Services user to the configuration data of another user. You can also use the Tsprof command to update a user's profile path.

Tsshutdn
Allows an administrator to shut down the terminal server in a controlled manner. After starting Tsshutdn, no programs can be executed anymore. The session of the user who started Tsshutdn is still active, but all session information will have read-only permissions.

In particular, commands starting with Query are able to transfer many functions of the Terminal Services Administration graphical tool to the command line. (See Chapter 4.)

MS: Locking Down Windows Server 2003 Terminal Server Sessions

In certain deployments, it might be necessary to restrict user activity to a predefined set of applications or Windows operating system functionality.
This White Paper explains how you can use the features of Active Directory to restrict user sessions on the Terminal Server to only the applications and desktop functionality that the administrator deems necessary. Certain group policies are highlighted here with brief explanations of their benefits. Not all of the settings are necessary because they can create a highly restricted user interface. Use this paper as a guide to configure Terminal Server for your environment.

MS: Using Windows Terminal Services to Run a Single Application

Using Windows Terminal Services to Run a Single Application

MS: How to transfer Terminal Services CAL from one computer to another

http://support.microsoft.com/?kbid=248430

MS: How do I reset the Temporary 90 Day Windows 2000 Terminal Services License

Caution remember to back up your registry before messing with it!
This is a user tip. Thethin.net and Worldofasp suggests that this procedure only be used for testing purposes in a test environment.

When an ICA client logs onto a Windows 2000 server before it is activated, or if they do not have a Windows NT/2000 machine, they will receive a 90-day temporary license. Once this license runs out they will no longer be able to connect to the Windows 2000 server. Below is a workaround that will work for the 90 days, but then you will have to repeat these steps.

Step 1: Apply Microsoft`s fix Q287687
This fix needs to be applied to the Windows 2000 server. For more information you can reference TechNet Article, Q287687 - Terminal Services Licensing Enhancements.

Step 2
The next step is to use Regedt32 or Regedit to remove the following registry entries on the CLIENT'S machine:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftMSLicensingStore.

Remove both the license000 and license001 keys. Removing these keys will force the Windows 2000 server to re-assign a license for the client's machine.

Step 3
The final step is to rename the icaapi.dll located on the server under winntsystem32 to icaapi.old. Once a client logs onto the server the icaapi.dll will automatically be recreated.

SCRIPT: Check if a user is a member of a specified group

IfMember is a command-line tool that checks whether the current user is a member of a specified group. It is typically used in Windows logon scripts and other batch files. IfMember uses its own process token to discover group membership, rather than querying the relevant domain controller each time it runs. While this has a significant performance benefit, it does mean that IfMember will only be aware of groups on the local computer, on the computer's domain, and on trusted domains. Remember to copy the file in the NETLOGON directory if you planning to use as login script.
Donwload IFMEMBER

Example:

IFMEMBER SITE1
IF ERRORLEVEL 1 GOTO SITE1

IFMEMBER SITE2
IF ERRORLEVEL 1 GOTO SITE2

GOTO END

:SITE1
net use J: \\SERVER1\User$\%username% /PERSISTENT:YES
rundll32 printui.dll,PrintUIEntry /in /n \\SERVER1\HP4050
rundll32 printui.dll,PrintUIEntry /y /n \\SERVER1\HP4050
GOTO END

:SITE2
net use J: \\SERVER2\User$\%username% /PERSISTENT:YES
rundll32 printui.dll,PrintUIEntry /in /n \\SERVER2\HP9000
rundll32 printui.dll,PrintUIEntry /y /n \\SERVER2\HP9000
GOTO END

:END
EXIT

MS: HOW TO: Configure Windows SharePoint Services to Use Kerberos Authentication

http://support.microsoft.com/?kbid=832769

MS: Microsoft Windows Server Update Services (WSUS) Documentation

Microsoft Windows Server Update Services Operations Guide

Deploying Microsoft Windows Server Update Services

Microsoft Windows Server Update Services Operations Guide

Step-by-Step Guide to Getting Started with Microsoft Windows Server Update Services

MS: HOW TO: Transfer Logins and Passwords Between Instances of SQL Server

http://support.microsoft.com/?kbid=246133

MS: HOW TO: Move Databases Between Computers That Are Running SQL Server

http://support.microsoft.com/?kbid=314546

MS: Exchange Server Mailbox Store Does Not Mount When the Mailbox Store Database Reaches the 16-GB Limit

http://support.microsoft.com/?kbid=828070

MS: Unable to Move or Log On to Exchange Resource Mailbox

http://support.microsoft.com/?kbid=278966

MS: How to use the ExMerge tool to upgrade to Exchange 2000 Server or to Exchange Server 2003

http://support.microsoft.com/kb/327304

MS: HOW TO Migrate from Exchange Server 5.5 to Exchange 2000 Server

http://support.microsoft.com/?kbid=316886

MS: HOW TO Migrate from Exchange Server 5.5 to Exchange 2000 by Using the In-Place Upgrade Method

http://support.microsoft.com/?kbid=324318

MS: Addressing Problems That Are Created When You Enable ADC-Generated Accounts

The information in this article applies to Microsoft Exchange 2000 Server
http://support.microsoft.com/?kbid=316047

MS: How to Reset License Manager Throughout an Enterprise

http://support.microsoft.com/?kbid=194065

MS: How License Service Keeps Track of License Usage

http://support.microsoft.com/?kbid=185953

MS: How to Reset License Manager Information

http://support.microsoft.com/?kbid=153140

MS: How to Manually Remove Exchange Server 5.5 Completely

http://support.microsoft.com/?kbid=259158º

MS: How to Properly Configure File System Antivirus Software on Exchange Server

Virtual server folders (Program Files\Exchsrvr\mailroot\)
Program Files\McAfee\GroupShield Exchange\i386\qtinewrk
Program Files\McAfee\GroupShield Exchange\i386\quarantine
Exchange databases and log files(\Exchsrvr\MDBData)
Exchange .mta files (\Exchsrvr\Mtadata).
Exchange message tracking log files (\Exchsrvr\Server_Name.log).
Site Replication Service (SRS) files (\Exchsrvr\Srsdata).
Internet Information Service (IIS) system files (\%SystemRoot%\System32\Inetsrv).
Internet Mail Connector files (\Exchsrvr\IMCData).
Exclude files *.chk
Exclude files *.log
Exclude files *.stm
Exclude files *.edb

MS: NetShield\VirusScan exclusions needed on a Microsoft Exchange 2000 server running GroupShield 5.x for Exchange 2000

Goal and/or Problem Description:

• NetShield\VirusScan exclusions needed on a Microsoft Exchange 2000 server running GroupShield 5.x for Exchange 2000 Problem Environment
• McAfee NetShield 4.5 for Windows
• McAfee VirusScan Enterprise 7.0
• McAfee GroupShield 5.2 for Exchange
• McAfee GroupShield 5.0 for Exchange
• Microsoft Exchange 2000
• Microsoft Windows 2000

Solution:

On a Microsoft Exchange 2000 server running both GroupShield 5.x for Exchange 2000 and NetShield 4.5 or VirusScan Enterprise 7.0, the following exclusions must be added to the NetShield\VirusScan configuration:

Exclude the following GroupShield directories:

• For GroupShield 5.0 for Exchange 2000:

..\Program Files\Network Associates\GroupShield Exchange\i386\qtinewrk
(the quarantine work directory)

..\Program Files\Network Associates\GroupShield Exchange\i386\qtineext

..\Program Files\Network Associates\GroupShield Exchange\i386\Quarantine
(QTINE.MDB resides here; exclude for performance reasons)

..\Program Files\Network Associates\GroupShield Exchange\i386\Log
(LOGFILE.MDB resides here; exclude for performance reasons)


• For GroupShield 5.2 for Exchange 2000:

..\Program Files\McAfee\GroupShield Exchange\i386\qtinewrk
(the quarantine work directory)

..\Program Files\McAfee\GroupShield Exchange\i386\qtineext

..\Program Files\McAfee\GroupShield Exchange\i386\Quarantine
(QTINE.MDB resides here; exclude for performance reasons)

..\Program Files\McAfee\GroupShield Exchange\i386\Log
(LOGFILE.MDB resides here; exclude for performance reasons)

Exclude the following Exchange server directories:

NOTE: NetShield\VirusScan may cause performance and other issues with scanning of database files and transaction logs.

..\exchsrvr\mdbdata
(Information Store data)

..\exchsrvr\mtadata
(Message Transfer Agent data)

..\exchsrvr\mailroot
(STMP service work directories)

..\exchsrvr\srsdata
(site replication service data)

..\exchsrvr\ServerName.log\*.log
(exclude if message tracking is enabled; do not exclude the directory since it is shared)

M:

MS: Recommendations for troubleshooting an Exchange Server computer with antivirus software installed

http://support.microsoft.com/?kbid=245822

Wednesday, April 19, 2006

MAC: Mac OS x86 Info Sites

OS x86 Project

MS: Microsoft Shared Computer Toolkit

The Shared Computer Toolkit for Windows was designed to help administrators better manage and secure public computers, such as those in kiosks, libraries, Internet cafes, schools, etc. But the toolkit is useful for any situation in which multiple persons use the same computer, including family computing and small business offices where several employees must use the same machine. This article shows you how to get and use the toolkit, which is in beta testing at the time of this writing.
The Toolkit does not run on XP Media Center Edition or XP Pro 64x Edition. It does run on Tablet PC Edition.

Microsoft Shared Computer Toolkit

How to Use Microsoft’s Shared Computer Toolkit

Tuesday, April 18, 2006

CTX: Event ID 1538 in CTXCPUUtilMgmt

Event Type: Warning
Event Source: CTXCPUUtilMgmt
Event Category: (1)
Event ID: 1538
Description:
ProcessManager: Unable to create process object for PID 4972.
Windows system message: 0x5.


http://support.citrix.com/article/CTX108621

MS: How to Run Internet Explorer 7.0 BETA Without Installing It

If you want to test IE7 without the risk of installing a beta software, here is a simple way to do it. This method does not install IE 7 the usual way- instead you just run it from the installer package and hence your system does not get littered with beta dlls all over the place.

1. Download IE7 beta from http://www.microsoft.com/windows/ie/ie7/default.mspx. Save the file at a location from where you want to run it. For example C:\IE7Beta
2. Right click the file and select "Extract Here" option from the Winzip/WinRAR context menu.
3. Once all the files are extracted, find the file named "shlwapi.dll" and delete it.
4. Create a file by name "IEXPLORE.exe.local". Make sure that it does not have the .txt extension. [Go to Tools-> Folder Options -> View -> uncheck "Hide extensions for known file types".]
5. Launch iexplore.exe from the same folder and verify that it works.
6. Right click on iexplore.exe and select "Send To...-> Desktop (Create Shortcut)".

This method also helps in running both IE7 and IE6 side-by-side! A great help for web designers. To uninstall, just delete the folder where you extracted the installation package!

Monday, April 17, 2006

CTX: How to Activate a License on MyCitrix.com

http://support.citrix.com/article/CTX103211

CTX: How to Migrate Server Farms and the Data Store

Document ID: CTX773628 (New Document ID: CTX677542)
This solution pertains to:

MetaFrame XP for Windows 2000
MetaFrame XP for Microsoft NT Server 4.0, Terminal Server

Use the dsmaint command to migrate a MetaFrame XP farm to a different type of data store (for example, from Access to Microsoft SQL Server, or from Microsoft SQL Server to Oracle).

The dsmaint command can migrate farm data between databases (dsmaint migrate) and reconfigure servers to use the new database (dsmaint config).
The syntax for the dsmaint migrate and dsmaint config commands is shown below (at a command prompt, type a command as one continuous string):

dsmaint migrate /srcdsn:dsnfilename /srcuser:username

/srcpwd:password /dstdsn:dsnfilename /dstuser:username
/dstpwd:password

dsmaint config /user:username /pwd:password /dsn:dsnfilename
Where:
dsnfilename = The DSN file for the database, including the full path.
username = The user name for the database.
password = The password for the database.

Migration can be performed with users logged on to the farm. Stopping and restarting the IMA Service does not affect currently connected sessions.
However, no new connections are allowed until the IMA Service is completely restarted.

IMPORTANT: Restarting the IMA Service on more than ten servers simultaneously can cause the database server to become a bottleneck, resulting in startup delays.

To migrate from Access to Microsoft SQL Server or Oracle

NOTE: Migration from an Access indirect database to a Microsoft SQL Server 2000 direct database using the dsmaint migrate command is not supported with MDAC 2.5 or MDAC 2.6 on all MetaFrame XP platforms. MDAC 2.5 SP1 for Terminal Server 4.0 and MDAC 2.5 SP1 or greater, not including MDAC 2.6, is supported on Windows 2000.

1. Create a new database on Oracle or Microsoft SQL server.
2. Create a new Mf20.dsn file pointing to the new database created in Step
1. By default, the DSN file is located in the following directory:

%ProgramFiles%\Citrix\Independent Management Architecture.

NOTE: Putting Mf20.dsn in the default location overwrites the existing file.

3. On the host server, execute the dsmaint migrate command, entering the current DSN file as the source and the new DSN file created in Step 2 as the destination. If the password for the new database was not changed, the default user name/password is citrix/citrix.

TIP: Enter the complete path (inside quotation marks if the path contains spaces) of the DSN file when required as a parameter for the dsmaint migrate command.

For example:

dsmaint migrate /srcdsn:"c:\program files\citrix\independent
management architecture\mf20.dsn" /srcuser:citrix /srcpwd:citrix
/dstdsn:"c:\NewLocation\New.dsn"
/dstuser:DB user /dstpwd:DB password
The migration was successful.

4. Execute dsmaint config on the original host server to point to the new DSN file.

For example: dsmaint config /user:DB user /pwd:DB password /dsn:"c:\New Location\New.dsn"

5. Stop and restart the IMA Service on the host server. When the IMA Service on the host server is restarted, the remaining indirect servers begin accessing the new data store indirectly through the host server..

IMPORTANT: Restarting the IMA Service instead of rebooting might cause the SNMP service to Dr. Watson if SNMP is enabled. This error is benign.

6. Copy the DSN file created in Step 2 to all remaining indirect servers in the farm.

7. Execute dsmaint config on all remaining indirect servers to establish a direct connection to the new database through the DSN copied in Step 6.

8. Stop and restart the IMA Service on all remaining indirect servers in the farm.

TIP: Steps 6 through 8 above can be executed on all the servers from a simple batch file placed in a central location.

CTX: MetaFrame Advanced Concepts - Farm Maintenance

This document includes:

Backup and Recovery Strategies
To move or restore an Access data store
Microsoft SQL Server and Oracle Databases
How to Migrate Server Farms and the Data Store
Compacting Access Databases

http://support.citrix.com/article/CTX677542

CTX: How to Activate a License on MyCitrix.com

http://support.citrix.com/article/CTX103211

CTX: Troubleshooting IMA Service Failure To Start

http://support.citrix.com/article/CTX105292

More Information

• CTX101917 –
Error: Error: Windows could not start the Independent Management Architecture on Local Computer .. and refer to service-specific error code -2147483647.
• CTX105166 –
IMA Service Hangs In a Starting State
• CTX103015 – IMA Service Fails on MFPrintss.dll
• CTX104200 –
Could not start IMA Service in CTX_MF_IMA_StartIMAService
• CTX103253 –
Error: IMA service failed to start with error 2147483649 and failed to load plug-ins
• CTX032712 –
Error: "IMA Service Error Message -2147483647"
• CTX101667 –
IMA service failed on startup. Service specific error 2147483649
• CTX103048 –
IMA Service fails to start when a domain or local user is configured for logon
• CTX101877 –
An error occurred while attempting to start the IMA Service. Event ID 3612, 3609, 3601, 7024, 2147483670
• CTX735338 –
IMA failed to start with error code 2147483649

MS: Change User

Changes the setting for .ini file mapping.

Syntax

change user {/execute | /install | /query}

Parameters

/execute

Enables .ini file mapping to the home directory. This is the default setting.

/install

Disables .ini file mapping to the home directory. All .ini files are read and written to the system directory. You must disable .ini file mapping when installing applications on a terminal server.

/query

Displays the current setting for .ini file mapping.

/?

Displays help at the command prompt.

Remarks

Use change user /install before installing an application to create .ini files for the application in the system directory. These files are used as master copies for user-specific .ini files. After installing the application, use change user /execute to revert to standard .ini file mapping.

The first time you run the application, it searches the home directory for its .ini files. If the .ini files are not found in the home directory, but are found in the system directory, Terminal Services copies the .ini files to the home directory, ensuring that each user has a unique copy of the application .ini files. Any new .ini files are created in the home directory.

Each user should have a unique copy of the .ini files for an application. This prevents instances where different users might have incompatible application configurations (for example, different default directories or screen resolutions).

When the system is in install mode (that is, change user /install), several things occur. All registry entries that are created are shadowed under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install. Keys added to HKEY_CURRENT_USER are copied under the \SOFTWARE key, and keys added to HKEY_LOCAL_MACHINE are copied under \MACHINE. If the application queries the Windows directory using system calls, such as GetWindowsDirectory, the terminal server returns the systemroot systemroot The path and folder name where the Windows system files are located. Typically, this is C:\Windows, although you can designate a different drive or folder when you install Windows. You can use the value %systemroot% to replace the actual location of the folder that contains the Windows system files. To identify your systemroot folder, click Start, click Run, type %systemroot%, and then click OK.directory. If any .ini file entries are added using system calls, such as WritePrivateProfileString, they are added to the .ini files under the systemroot directory.

When the system returns to execution mode (that is, change user /execute), and the application tries to read a registry entry under HKEY_CURRENT_USER that does not exist, Terminal Services checks to see whether a copy of the key exists under the \TerminalServer\Install key. If it does, the keys are copied to the appropriate location under HKEY_CURRENT_USER. If the application tries to read from an .ini file that does not exist, Terminal Services searches for that .ini file under the system root. If the .ini file is in the system root, it is copied to the \Windows subdirectory of the user's home directory. If the application queries the Windows directory, the terminal server returns the \Windows subdirectory of the user's home directory.

When you log on, Terminal Services checks whether its system .ini files are newer than the .ini files on your computer. If the system version is newer, your .ini file is either replaced or merged with the newer version. This depends on whether or not the INISYNC bit, 0x40, is set for this .ini file. Your previous version of the .ini file is renamed as Inifile.ctx. If the system registry values under the \TerminalServer\Install key are newer than your version under HKEY_CURRENT_USER, your version of the keys is deleted and replaced with the new keys from \TerminalServer\Install.

Examples

To disable .ini file mapping in the home directory, type:

change user /install

To enable .ini file mapping in the home directory, type:

change user /execute

To display the current setting for .ini file mapping, type:

change user /query

MS: A Description of the Group Policy Update Utility (GPUPDATE) in Windows 2003

http://support.microsoft.com/?kbid=298444

MS: Policy Settings for the Start Menu in Windows XP

http://support.microsoft.com/?kbid=292504

MS: Change the Amount of Space that Internet Explorer uses to store temporary Internet files

To change the amount of space that IE uses to store temporary Internet files, you typically open the IE Tools menu, select Internet Options, select the General tab,
then click Settings under the "Temporary Internet files" section. However, you can also adjust this setting in the registry by performing the following steps:

Start a registry editor (e.g., regedit.exe).

Navigate to the

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content registry subkey.

Double-click CacheLimit, change the Base to Decimal, enter the amount of space you want to use for
temporary Internet files (in kilobytes) in the "Value data" field, then click OK.

Navigate to the

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Content registry subkey.

Double-click CacheLimit, change the Base to Decimal, enter the same value you entered in Step 3, then click OK.

Close the registry editor.

The next time that IE starts, it will use the new size for the Temporary Internet Files folder.

MS: Change the Amount of Space that Internet Explorer uses to store temporary Internet files

To change the amount of space that IE uses to store temporary Internet files, you typically open the IE Tools menu, select Internet Options, select the General tab,
then click Settings under the "Temporary Internet files" section. However, you can also adjust this setting in the registry by performing the following steps:

Start a registry editor (e.g., regedit.exe).

Navigate to the

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content registry subkey.

Double-click CacheLimit, change the Base to Decimal, enter the amount of space you want to use for
temporary Internet files (in kilobytes) in the "Value data" field, then click OK.

Navigate to the

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Content registry subkey.

Double-click CacheLimit, change the Base to Decimal, enter the same value you entered in Step 3, then click OK.

Close the registry editor.

The next time that IE starts, it will use the new size for the Temporary Internet Files folder.

MS: Change the Amount of Space that Internet Explorer uses to store temporary Internet files

To change the amount of space that IE uses to store temporary Internet files, you typically open the IE Tools menu, select Internet Options, select the General tab,
then click Settings under the "Temporary Internet files" section. However, you can also adjust this setting in the registry by performing the following steps:

Start a registry editor (e.g., regedit.exe).

Navigate to the

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content registry subkey.

Double-click CacheLimit, change the Base to Decimal, enter the amount of space you want to use for
temporary Internet files (in kilobytes) in the "Value data" field, then click OK.

Navigate to the

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Content registry subkey.

Double-click CacheLimit, change the Base to Decimal, enter the same value you entered in Step 3, then click OK.

Close the registry editor.

The next time that IE starts, it will use the new size for the Temporary Internet Files folder.

MS: HOW TO: Modify the Default SizReqBuf Value in Windows 2000

This article describes how to modify the size of the SizReqBuf value. In File and Printer Sharing for Microsoft Networks, the SizReqBuf value determines how much data is buffered at one time to send to a client. The default values in Windows 2000 provide acceptable levels of performance in typical scenarios. However, on a high-latency connection, you may want to use an increased SizReqBuf value.
http://support.microsoft.com/?kbid=320829

MS: Command Line Printer Control in Windows 2000 / XP

Many, if not all, printer settings can be done from Windows 2000's command line using PRINTUI.DLL and RUNDLL32.EXE.

RUNDLL32 PRINTUI.DLL,PrintUIEntry /?

More information is available at Microsoft's TechNet under Q189105.

Usage:
RUNDLL32 PRINTUI.DLL,PrintUIEntry [ options ] [ @commandfile ]   

/a[file] binary file name
/b[name] base printer name
/c[name] unc machine name if the action is on a remote machine
/dl delete local printer
/dn delete network printer connection
/dd delete printer driver
/e display printing preferences
/f[file] either inf file or output file
/ga add per machine printer connections
/ge enum per machine printer connections
/gd delete per machine printer connections
/h[arch] driver architecture one of the following, Alpha ¦ Intel ¦ Mips ¦ PowerPC
/ia install printer driver using inf file
/id install printer driver using add printer driver wizard
/if install printer using inf file
/ii install printer using add printer wizard with an inf file
/il install printer using add printer wizard
/in add network printer connection
/j[provider] print provider name
/k print test page to specified printer, cant be combined with command when installing a printer
/l[path] printer driver source path
/m[model] printer driver model name
/n[name] printer name
/o display printer queue view
/p display printer properties
/q quiet mode, do not display error messages
/r[port] port name
/s display server properties
/Ss Store printer settings into a file
/Sr Restore printer settings from a file
Store or restore printer settings option flags that must be placed at the end of command:
2 PRINTER_INFO_2
7 PRINTER_INFO_7
c Color Profile
d PrinterData
s Security descriptor
g Global DevMode
m Minimal settings
u User DevMode
r Resolve name conflicts
f Force name
p Resolve port
/u use the existing printer driver if it's already installed
/t[#] zero based index page to start on
/v[version] driver version one of the following, Windows 95 or 98 ¦ Windows NT 3.1 ¦ Windows NT 3.5 or 3.51 ¦ Windows NT 3.51 ¦ Windows NT 4.0 ¦ Windows NT 4.0 or 2000 ¦ Windows 2000
/w prompt the user for a driver if specified driver is not found in the inf
/y set printer as the default
/Xg get printer settings
/Xs set printer settings
/z do not auto share this printer
/Z share this printer, can only be used with the /if option
/? help this message
@[file] command line argument file

Examples:

Run server properties:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /s /t1 /n\\machine   

Run printer properties:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /p /n\\machine\printer   

Run add printer wizard localy:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /il   

Run add printer wizard on \\machine:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /il /c\\machine   

Run queue view:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /o /n\\machine\printer   

Run inf install:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /if /b "Test Printer" /f %windir%\inf\ntprint.inf /r "lpt1:" /m "AGFA-AccuSet v52.3"   

Run add printer wizard using inf:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /ii /f %windir%\inf\ntprint.inf   

Add per machine printer connection:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /ga /c\\machine /n\\machine\printer /j"LanMan Print Services"   

Delete per machine printer connection:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /gd /c\\machine /n\\machine\printer   

Enumerate per machine printer connections:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /ge /c\\machine   

Add printer driver using inf:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /ia /c\\machine /m "AGFA-AccuSet v52.3" /h "Intel" /v "Windows 2000" /f %windir%\inf\ntprint.inf   

Remove printer driver:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /dd /c\\machine /m "AGFA-AccuSet v52.3" /h "Intel" /v "Windows 2000"   

Set printer as default:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /y /n "printer"   

Set printer comment:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Xs /n "printer" comment "My Cool Printer"   

Set printer port:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Xs /n "printer" PortName "port:"   

Get printer settings:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Xg /n "printer"   

Get printer settings saving results in a file:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /f "results.txt" /Xg /n "printer"   

Set printer settings command usage:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Xs /n "printer" ?   

Store all printer settings into a file:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Ss /n "printer" /a "file.dat"   

Restore all printer settings from a file:
RUNDLL32 PRINTUI.DLL,PrintUI /Sr /n "printer" /a "file.dat"   

Store printer information on level 2 into a file:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Ss /n "printer" /a "file.dat" 2   

Restore from a file printer security descriptor:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Sr /n "printer" /a "file.dat" s   

Restore from a file printer global devmode and printer data:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Sr /n "printer" /a "file.dat" g d   

Restore from a file minimum settings and resolve port name:
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Sr /n "printer" /a "file.dat" m p    

MS: "Access Denied" Error Message During Active Directory Promotion of Replica Domain Controller

http://support.microsoft.com/?kbid=250874

Windows vs Linux: Role Comparison Report: Web Server Role

This study is intended to provide guidance to the information technology manager who must make platform acquisition and deployment decisions to both maximize value and minimize security risk.
One of the most common uses of a server platform is to host and deploy distributed applications over the Web. This study presents a role-based comparison of the relative security of two different platforms, based on quantitative factorssuch as numbers of security software flaws and time to patchand qualitative factorssuch as ease of configuration and default security stance.
Whitepaper Link

HP: Tips and Tricks for Optimizing Windows Server 2003 on ProLiant servers

http://h20000.www2.hp.com/bc/docs/support/ SupportManual/c00208468/c00208468.pdf

HP Best Practices Checklist - Increasing network fault tolerance in a Windows Server 2003 high availability server cluster

http://h71028.www7.hp.com/enterprise/downloads/5981-6895EN.pdf

MS: To enable DHCP server logging

1. Open DHCP.

• To open DHCP, click Start, click Settings, click Control Panel, double-click Administrative Tools, and then double-click DHCP.

2. In the console tree, click the applicable DHCP server.

• DHCP/applicable DHCP server

3. On the Action menu, click Properties.

4. On the General tab, select Enable DHCP audit logging, and then click OK.

The directory path in which the DHCP server stores audit log files. DHCP audit logs are located by default at %windir%\System32\Dhcp.

MS: MS DTC Error 53258

Errors:

53258
MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC
will continue to function and will use the existing security settings. Error
Specifics: d:\srvrtm\com\complus\dtc\dtc\adme\uiname.cpp:9280, Pid: 576
No Callstack,
CmdLine: C:\WINDOWS\system32\msdtc.exe

53258
MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC
will continue to function and will use the existing security settings. Error
Specifics: %1

Solution:

Run the Component Services MMC snap-in: Start -> Administrative Tools -> Component Services

Browse to: Console Root -> Component Services -> Computers -> My Computer

Right click My Computer, and click "Stop MSDTC"
Select the "MSDTC" tab. On the bottom of the tab page, click the "Security Configuration" button. A new dialog will open.
Enable "Network DTC Access"
Then, right click My Computer again, and click "Start MSDTC"

MS: How the Windows Update client determines which proxy server to use to connect to the Windows Update Web site

http://support.microsoft.com/?kbid=900935

MS: HOW TO: Restore Administrative Shares That Have Been Deleted

http://support.microsoft.com/?kbid=318755

MS: Event ID 1003 and Event ID 1015 appear in the application log each time that you restart Windows Server 2003

http://support.microsoft.com/?kbid=832790

MS: How to Overcome 4,095-MB Paging File Size Limit in Windows

http://support.microsoft.com/?kbid=237740

MS: Disable Shutdown Event Tracker in Windows 2003 and Windows 2008

To disable Shutdown Event Tracker perform the following:

Open Group Policy, then load the group policy you want to apply the change to.

Note: On a computer that is not a part of a domain you can set this feature locally by running GPEDIT.MSC from the Run command.

Expand Computer Configuration >
Administrative Templates >
System.

Double-click Display Shutdown Event Tracker.
Select Disabled.

MS: Migrate File & Print Server a Cluster

1. Create cluster
2. Create Resource Group(s)
3. Create Printers and share them
4. Create File Shares
5. Migrate File data using Robocopy
6. Create new logon scripts and script to remap home drives
7. Create printer script to change all printers to the new location
8. Migrate a few test users in a pilot
9. Use robocopy on a regular basis to keep all content synched
10. test, test, and test some more with more pilot users until confident
that everything works
11. Migrate everyone else
12. Retire old server

Sunday, April 16, 2006

MAC: Backup Entourage 2004

Backup Entourage 2004

Entourage 2004 includes Export for:

Mail
Contacts
Calendar events
Tasks
Notes
Project Files


Another option is to backup the entire directory with your identity. The default location is:

Hard Disk Name/Users/user_name/Documents/Microsoft User Data/Office 2004 Identities/Main Identity

More info: http://support.microsoft.com/kb/268323

Friday, April 14, 2006

MS: Microsoft.com Moves to x64 Version of Windows

Microsoft.com Moves to x64 Version of Windows
In March 2004, approximately one year in advance of the official release of Microsoft® Windows Server™ 2003 x64 Edition, Microsoft.com decided to evaluate the benefits of implementing servers built on the x64-based hardware platform by running prerelease versions of that operating system on production www.microsoft.com Web servers. By April 2005, 100 percent of the production Web servers for Microsoft.com were running on the x64-based hardware and operating system platforms.
The resulting platform upgrade to the x64 version of Windows has drastically increased the mean time between application and Web service recycling for Microsoft.com Web servers, thereby increasing the overall site availability. More impressively, the CPU load on the servers decreased by 50 percent, and page response times for some applications are up to fifteen times faster.
Link

Thursday, April 13, 2006

MS: Using Secedit.exe to Force Group Policy to Be Applied Again (Windows 2000)

Using Secedit.exe to Force Group Policy to Be Applied Again (Windows 2000)
http://support.microsoft.com/?kbid=227448

MS: Windows PE: To configure a hard drive by using DiskPart

Windows PE: To configure a hard drive by using DiskPart

Boot Windows PE on the device.
At the command prompt, type DiskPart. The DiskPart command prompt is displayed.
To display the DiskPart help, type ?.
Use the DiskPart commands to list the current configurations, select a disk, or edit a partition.
For example, to create a 400 MB primary partition on the second disk in your system, use the following Diskpart commands:

list disk
select disk 1
list partition
create partition primary size=400

After you configure the hard disk, stop the utility by typing exit.
Reboot the device.

DEVELOPER: How To Change Passwords Programmatically in Windows

How To Change Passwords Programmatically in Windows
http://support.microsoft.com/?kbid=187535

MAC: Starting MAC OS X in Safe Mode

Mac OS X 10.2, 10.3: Starting up in Safe Mode

To start up into Safe Mode (to "Safe Boot"), do this:
Be sure the computer is shut down.
Press the power button.
Immediately after you hear the startup tone, press and hold the Shift key. Tip: The Shift key should be held as soon as possible after the startup tone but not before.
Release the Shift key when you see the gray Apple and progress indicator (looks like a spinning gear).
During the startup, you will see "Safe Boot" on the Mac OS X startup screen.
To leave Safe Mode, restart the computer normally, without holding any keys during startup.

ANTIVIRUS: VirusScan - Uninstall the framework services

VirusScan - Uninstall the framework services

C:\Program Files\Network Associates\Common Framework\frminst.exe /remove=updater or
frminst.exe /forceuninstall

Remove the following keys from the registry:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\Legacy_McAfee Framework
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\Legacy_McAfee Framework
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\Legacy_McAfee Framework

Select 'Security | Permissions' from the tool bar and give yourself full permissions to the root keys:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McAfee Framework
HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD
HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\ePolicy Orchestrator

Delete the following directories:

C:\Program Files\Network Associates\Common Framework
C:\Documents and Settings\All Users\Application Data\Network Associates

If for any reason it states that some of the .DLL files cannot be deleted, then stop the UpdaterUI process and then remove the .DLL files that are giving you trouble.

The UpdaterUI process has control of some of the ePO 3.0 agent .DLL files.

Reinstall VirusScan Enterprise 7.0 and FRAMEPKG.EXE

ANTVIRUS: EPO Firewall Ports

EPO Firewall Ports
81
82
8080
8081
8082
8443
8444

Wednesday, April 12, 2006

COMUNICATIONS: BlackBerry & Goodlink Support Forum

BlackBerry & Goodlink Support Forum

Regard Corporation - BlackBerry Support
http://www.regard.com/bb_support

Tek-Tips Forums - BlackBerry & GoodLink Forum
http://www.tek-tips.com/threadminder.cfm?pid=952

COMMUNICATIONS: GoodLink

GoodLink
Es la competencia de BlackBerry.
Mensajería inalámbrica global para dispositivos Palm y Windows Mobile
http://www.good.com

DEVELOPMENT: REALbasic

REALbasic
Con esta herramienta de desarrollo similar a Visual Basic podemos desarrollar en entorno Windows, MAC y Linux con el mismo código.
Tiene utilidades para portar código de Visual Basic.
http://www.realsoftware.com

MAC: Think Secret

MAC: Think Secret - Apple Mac Insider News
Sitio con mucha info acerca de Apple y sus productos
http://www.thinksecret.com

MAC: MacWorld

MacWorld
Sitio web con mucha info para comprar MACs
http://www.macworld.com

MAC: Microsoft Mactopia

Microsoft Mactopia
Microsoft Official Web Site for MAC products
http://www.microsoft.com/mac

MAC: Shop Low End Macs

Shop Low End, Refurbished and Used Macs
http://lowendmac.com/ppc/deals.html

SECURITY: Default IDs and Passwords in Vendor Products

Default IDs and Passwords in Vendor Products
http://www.cirt.net/cgi-bin/passwd.pl

SECURITY: bv-Control

The bv-Control portfolio of products allows administrators to audit, secure and manage operating systems, directories, applications and databases from a single common console. The software suite also provides in-depth auditing and reporting, as well as closed-loop problem identification and remediation, automating many tasks and allowing administrators to efficiently and securely manage the IT environment.
http://www.bindview.com/Products/bvControl

Tuesday, April 11, 2006

LINK: You Had Me At EHLO (Exchange Blogs)

You Had Me At EHLO...
aka the Microsoft Exchange Team Blog

One of the best blogs about Exchange
http://blogs.technet.com/exchange

MS: How to Set Size Limits for Messages

How to Set Size Limits for Messages
It is possible to set size limits for messages in your Exchange organization on several objects in Exchange System Manager. This article will show you where you can set these limits and how they interact.
http://www.msexchange.org/tutorials/Set-Size-Limits-Messages.html

Monday, April 10, 2006

SHOP: GO-L Computers

GO-L Computers
You can find in this site the more advanced computers and beautiful in the web.
Laptops, Workstations, Servers, LCD Monitors, etc.
http://www.go-l.com

CISCO: Resetting Catalyst Switches to Factory Defaults

Resetting Catalyst Switches to Factory Defaults
http://www.cisco.com/warp/public/473/156.html

TOOLS: MailMeter

MailMeter Storage Management
PST and Email Storage Nightmares?
Your mail server was never intended to be a storage system for the amount of email traffic that overwhelms organizations today.
MailMeter Storage Management saves the attachments from every email to a separate archive file location and deletes the original from your active mail server.
MailMeter Storage Management can:
Reduce the size of the email store significantly
Reduce backup times from over 24 hours, so no data is missed.
Improve reliability and performance of mail server
Eliminate the need for personal quotas
Eliminate the need for PST or NSF files and all the headaches associated with them
http://www.waterfordtechnologies.com/products/MailMeterSM/index.asp

LINK: browsers.evolt.org

This site contains probably the largest collection of internet browsers in the Web.
http://browsers.evolt.org

LINK: Planet PDF

Planet PDF
All info about the PDF format.
http://www.planetpdf.com

LINK: VideoHelp

VideoHelp
This site will help you to make your own VideoCDs, SVCDs or DVDs that can be played on your standalone DVD Player from video sources like DVD, Video, TV, DV, Cam or downloaded movie clips like DivX, MOV, RM, WMV and ASF. We also have extensive lists of Capture Cards, DVD Media, computer DVD Writers, desktop DVD Recorders and desktop DVD Players with features, compatibility information and user comments.
http://www.videohelp.com

TOOLS: DVD Identifier

'DVD Identifier' retrieves and interprets the pre-recorded information that is present on DVD media (DVD+R, DVD+R DLL, DVD+RW, DVD+RW DLL, DVD-R, DVD-R DLL, DVD-RW and dvd-ram) and on Blu-ray media (bd-r and bd-re). This information contains a variety of parameters such as disc manufacturing information and supported write speeds. Even though this information is usually printed on the packaging, the brand name may differ from the actual manufacturer or sometimes there might not even be any packaging information at all.
http://dvdplusid.cdfreaks.com