Search This Blog

Tuesday, August 30, 2011

I have mailmarshall experiences now

I have mailmarshall experiences now

sbs 2003 with symantec loaded

oh dear with mailmarshall loaded as well...

however they seemed not be able to receive or send email ...

the problem is symanted need ignore the mailmarshall unpack folder...

as symantec see the fake eicar.com as virus

that makes mailmarshall engine wont start

Saturday, August 27, 2011

do things in a professional way

1. 事情无论轻重都是大事。

I have a lot of important/significant/great/major... topics to discuss.


2. 结果无论大小都是突破性的。

I got some excellent/remarkable/fantastic/exceptional... results.


3. 第二次做成功的事都是解决了危机。

Finally, I solved our crises.


4. 没做成功的事都是正在绞尽脑汁的研究(现在进行时)

I’m USING five different ways to solve our problem.


5. 不想做的事都是正在准备做。

I haven’t done it YET.


6. 好都是自己的,坏都是大家的。

MY results. MY ideas. OUR problems.

Wednesday, August 24, 2011

cisco vpnclient for windows 7 with sp1

cisco vpnclient for windows 7 with sp1

a customer got a cisco thing as a gateway in their network

cisco sdm

this morning this fund org manager called and worried about some bounce-backs on their sbs 2003 server. something like emails sent months agao got bounced back... well its something with exchange 2003

oh, god, I need access their network remotely , however the cisco vpn client I got is version 5.0.2 (2007), it keeps telling me it cannot enable the virtual adaptor, oh dear I need new version, co-worker got x64 bit 5.0.7

but my windows 7 is x32 bit,

I registered myself at cisco,com , far out, it is not a free download , it need a contract ....

eventually i found a de website download a 5.0.6 version. this version works with upto vista. it works with my windows 7...

sigh,.... even with all those contracts , cisco still need shed their staff...

Tuesday, August 23, 2011

backup windows 7 notebook

backup windows 7 notebook

windows 7 backup included in windows 7 is quite good, it can do file - level backup and it can do image - level backup

and it can backup to a network location

http://www.pcworld.com/article/186997/windows_7s_builtin_backup.html

its very interesting MS removed file-level feature from the server 2008 version.

Sunday, August 21, 2011

interview questions

interview questions

have you got experience with cisco call manager ?

how big is your biggest customer?

how many customers you are looking after..

what's the cool thing about exchange 2010, do you use CAS servers?

what kind of firewalls you are using?

what's your certification status?

have you done any sharepoint website?

what do you see in your last job? what attracted you?

what can you see in 5 years?

you invested a lot of time in your last job?

give me an example of your archeivements on your last job.



Saturday, August 20, 2011

migrate a windows 2008 R2 based printer

migrate a windows 2008 R2 based printer

it is actually easy, dont just share your printers as printer server,

add the printer role

then in the source server , right-click migrate printers

export to a cab file

on the other printer click import printers

bingo

you are done

nice and easy

recover / restore a windows 2008 server, via vmware server and system state

recover / restore a windows 2008 server

this is vmware server hosted virtual machine , co-work installed a wireless modem (3G) driver on it. the next day it stopped responding .  the server keeps telling me a server kernel file is missing, and rebooting in a circle.

luckily he did a vmware snapshot ( only 1 snapshot in vmware server 2.0 ?),  before the changes...

so I reverted to the snapshot .... the server 2008 started fine ,... but I can't open the SCOM 2007 SP1 console. it crashed on a .net error.

I tried sfc /scannow on this windows 2008 server

but we need SCOM working, its the whole purpose of this server.

we had this server's last sunday's windows server backup.

I decidied to do a system restore of system state.

hark.... wbadmin cmd line options, I will list all versions of windows server backup and then use the correct version number to start the restore , it took about 2 hours in this case, and luckily there is no error in the system state restore error log

after a restart, the SCOM 2007 SP1 console is working again.

there is a problem with the SDK service then, it said it can't write to the security log.

so in gpedit.msc

change the users' permission to be able to do security audit.

Friday, August 19, 2011

‘The System Center Data Access service is unable to generate security audit events’

‘The System Center Data Access service is unable to generate security audit events’


http://thoughtsonopsmgr.blogspot.com/2011/08/eventid-26338-on-rms-system-center-data.html
 
http://systemcentercentral.com/Forums/tabid/60/indexId/82758/Default.aspx?tag=#vindex82762
 
 
this sdk problem happened after a system state restore ...?
 
job logged to fix it , and I follow ( I quote)
 
Steps to fix this problem: 1) Open the "Local Security Policy" MMC snap-in. 2) Go to Local Policies -> User Rights Assignment. 3) Double-click "Generate Security Audits". 4) Add the Data Access service account to the list of accounts allowed to generate security audits. 5) Restart the Data Access service.




Thursday, August 18, 2011

Windows SharePoint Services Search missing in Servers in Farm

its a MOSS 2007 server
http://stackoverflow.com/questions/4372880/windows-sharepoint-services-search-missing-in-servers-in-farm

When you install MOSS, the Enterprise search (Office SharePoint Server Search) takes over and the WSS search becomes Windows SharePoint Services Help Search.


Tuesday, August 16, 2011

HYPER-V dynamic memory?

http://technet.microsoft.com/en-us/library/ff817651(WS.10).aspx

HYPER-V dynamic memory?

A server running Hyper-V, with Windows Server 2008 R2 Service Pack 1 installed. For instructions about installing SP1, see Deployment Guide for Windows Server 2008 R2 with SP1 and Windows 7 with SP1 (http://go.microsoft.com/fwlink/?LinkId=192441).
Virtual machines running guest operating systems that support Dynamic Memory.
\
 
in my hyper-v manager on windows 7, all dynamic memory options are greyed out ...
 
because the windows 2008 R2 datacentre host is not updated to SP1
 
so if the VMs are updated to windows 2008 R2 SP1, dynamic memory still does not work
 

Monday, August 15, 2011

my NTBACKUP scripts from the internet

my NTBACKUP scripts from the internet

its done on a windows 2003 std server

this server has shadow protect loaded (I got a problem removing it)

with LSI ultra320 PCI card linked to Quantum SuperLoader 3 with SDLT 600 tape drive
it only got left hand side magazine (this didn't reflect on the the scripts)

the original problem with their NTbackup is that it wont start because of VSS error.


echo off
 rem close all open files first
 for /f "skip=4 tokens=1" %%a in ('net files') do net files %%a /close
 
  rsm refresh /LF"Quantum SuperLoader"
  ping localhost -n 30 > nul

net start "Volume Shadow Copy"
ping localhost -n 8 > nul

net start "Microsoft Software Shadow Copy Provider"
ping localhost -n 8 > nul
net start "StorageCraft Shadow Copy Provider"
ping localhost -n 8 > nul

  for /f "Tokens=1-4 Delims=/ " %%i in ('date /t') do set   dt=%%i-%%j-%%k-%%l
  for /f "Tokens=1" %%i in ('time /t') do set tm=-%%i
  set tm=%tm::=-%
  set dtt=%dt%%tm%
C:\WINDOWS\system32\ntbackup.exe backup "@C:\Documents and Settings\michael\Local Settings\Application Data\Microsoft\Windows NT\NTBackup\data\Production Backup.bks" /n "%dtt%" /d "%dtt%" /v:no /r:no /rs:no /hc:on /m normal /j "Production Backup" /l:s /p "DLT"
 
  exit

HYPER-V DC clock drifting and PDC sync with external source

HYPER-V DC clock drifting and PDC sync with external source
two things in this rant
1/ HYPER-V VM (DC) clock drifting, integration services make VM sync time with the hyper-v host, but if the vm is a DC, this process will be going in a circle.
I temporirily used a method as
http://mikefrobbins.com/2010/05/17/active-directory-and-server-time-synchronization-problems-with-hyper-v/
basically tick off time sycn in intergration services

but other papers on the internet seemed against this approach?

anyway , some cmd quite useful
w32tm /query /status

w32tm /resync /rediscover

2/ I used w32tm cmd to sync with internet clock on the PDC
but the clock on the PDC still about 2 minutes apart, there is no error in the log
the problem is w32tm contacted the source, but the source may be too far away failed to respond,
choose a local time server, chose one you can reach easily ....
then in the log , it will say w32t getting valid data and the ip address port 123 etc

configure windows 2008 R2 PDC to sync time with external NTP server

configure windows 2008 R2 PDC to sync time with external NTP server

netdom /query fsmo

net stop w32time

w32tm /config /syncfromflags:manual /manualpeerlist:0.nz.ntp.pool.org,1.nz.ntp.pool.org,2.nz.ntp.pool.org

w32tm /config /reliable:yes

net start w32time



w32tm /query /configuration

Sunday, August 14, 2011

logon scripts not replicated , group policy processing error

I dcpromo-ed to demote their windows 2003 DC properly , but I noticed the sysvol is not replicating properly so did they. the only replication was at the time I dcpromo-ed another windows 2008 R2 as DC. many other guys worked on their system from time to time, I am the guy de-commisoned their last 2003 DC. so I have to fix it.

there wasn't any error in the logs.

the functional level is still at windows 2003. so the AD still uses NTFRS to do the replication.

(in windows 2008 function level, it uses DFS to replicate)

the first clue is the cmd
NTFRSUTL FS

it shows my promo-ed DC is fine, but the PDC is NOT a member of any replication set.

but dssite shows everything is perfect...

well , I have to manually repair it, this link is a good reference

http://www.shantilal.net/technotes/1.html
and I quote here
3) Run it -> ADSIEDIT.MSC

4) Open the tab "DOMAIN"

5) Open the tab "DC=name, DC=of, DC=domain"

6) Open "OU=Domain Controllers"

7) Expand both servers, you will notice that the server that is reported as "Not beeing member of any replica set" will have no "CN=NTFRS Subscriptions" while the other server will have it.

8) Right click on the tab "CN=NTFRS Subscriptions" of the server that has no subscription and select NEW OBJECT

9) Select nTFRSSubscriber

10) You will be prompted for a CN value, check in the other server what´s the name, though usually it will be "CN=Domain System Volume (SYSVOL share)"

11) You will also be prompted for

fRSStagingPath = C:\WINDOWS\SYSVOL\staging\domain

again, in my case its windows 2008 R2, I need edit/check two locations 1/ domain controller OU 2/system node - file replication service


http://support.microsoft.com/kb/312862

use adsiedit.msc to edit DC in the OU domain controllers and there is another place for edit, it is under systems - frs node,

you will compare the good DC's properties with the problematic one, then re-create entries and attributes.

one problem I got is I kept getting error while trying to create entries. it suddenly come right. probably I need create the main entry first , then modify attributes later

in the process , I have to say I am disappointed at repadmin tool, it doesn't reveal any clue.

http://support.microsoft.com/kb/257338
http://www.eventid.net/display.asp?eventid=13508&eventno=349&source=ntfrs&phase=1

after I put those entries in , the sysvol on the PDC suddenly got changed to NtFrs_PreExisting___See_EventLog                

oh dear, my hair stands on end.

I put it back by referrring to
http://support.microsoft.com/kb/290762/en-us
http://www.compit.se/?p=131
I just copy and paste here (and I quote)
On both servers do step 1 – 7
1. Click Start, and then click Run.
2. In the Open box, type cmd and then press ENTER.
3. In the Command box, type net stop ntfrs.
4. Click Start, and then click Run.
5. In the Open box, type regedit and then press ENTER.
6. Locate the following subkey in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\NtFrs\Parameters\Backup/Restore\Process at Startup
7. In the right pane, double-click BurFlags.
8. In the Edit DWORD Value dialog box, type D2 on one of the servers and on the other server type D4 then click OK.
9. Quit Registry Editor.
10. On the server where you edited the BurFlags DWORD to D4 copy the folders in the folder NtFrs_PreExisting___See_EventLog to C:\WINDOWS\SYSVOL\sysvol\yourdomain.local
11. In the Command box on the server where you set the DWORD to D4, type net start ntfrs. When the service has started go to your other server and type net start ntfrs.
11. Quit the Command box.
12. Check the eventlog for messages.


http://support.microsoft.com/kb/312862

well, I restored sysvol on the PDC, but there is still no replication, there is an error logged on the PDC like DNS problem preventing replication something like that...

go back to basics run dcdiag /fix (there is no netdiag in w2008 ?)
the result showed there is a problem with one of the replica members, one of the attributes not right.
( this error is not showing up when I started working on this problem initially)
that's good, gave me something to work on
again use adsiedit to check domain controllers in the domain controller's OU, and system node FRS
again compare attributes between domain controllers
I spotted a problem and correct it, whether it is a typo or auto-generated error I dont know.
the sysvol started replicating ,
phew ....
what a long day....

there is a group policy error in gpmc.msc ... its about the policy files on sysvol is not the same as in AD. click ok to make it the same

comment
:
I got an impression after reading through MS documents, that a demoted DC should still remain in dssite ... even if its gone. just dont break the cycle...
oh dear can you ever delete those old DCs

I would have thought properly demoted DCs should disappear without problem.




















Wednesday, August 10, 2011

You cannot open a shared Outlook folder

http://support.microsoft.com/kb/912265

You cannot open a shared Outlook folder

outlook error messages like cannot open folder

you have to grant permission from the top level , reviewer permission all the way down to a particular folder

This applies to Exchange 2007 and Outlook 2010

Wednesday, August 3, 2011

silicon SiI3114 - PCI to 4 Port SATA150 and NTbackup

silicon SiI3114 - PCI to 4 Port SATA150 and NTbackup

yeah, windows 2003 still in use, NTbackup is in it.

anyway, raidmanager for sil3114 based raid controller showing one of the 4 hard drive keeps rebuilding

eventually the raid drive letter dropped off the system,

the raid5manager clearly showed disk 3 (chanel 2) drive failed rebuilding. eventually swapped that hard drive out.

blow the raid5 off, re-create a new one. it took more than 15 hours. if there is writing to the raid 5 volume, it would slow down the process even further...