Our client in Burnaby has already purchased a second Dell Vostro 1720 but so far has proven to be a disappointing model to standardize on. The biggest complaint we have with it is the keyboard. Its a little bouncy and doesn’t feel right. Its not any specific key on the keyboard that I can pin-point it to but all I can say is that it feels flimsy and not as clickity responsive like the Toshiba or Lenovo laptops.

I called Dell support for hardware warranty. The phone support was great, tech was pleasant, responsive, and whole experience was positive. The only issue I had was with the security in getting support. The tech asked me what company registered the laptop and it wasn’t the reseller I dealt with. I was stumped at the point. It wasn’t registered to my company or my client I purchased it for. This frustrated me because I had to hang up and call my reseller to find out who they registered the Dell warranty to so that I can get support. I did get the support I needed and keyboard was replaced. To improve on support, Dell should allow for support as long as warranty is active and not include another level of redtape. That is what HP does. Just my 10 cents (keep the change).

We recently set up one of the sites in Burnaby with a new OpenDNS account in order to see what staff are surfing during business hours and also see if anything is causing their bandwidth degradation woes. We found a lot of hits into an icellerate.net site and it turned out to be a media player of some sort that streamed content to that branch, overloading their internet connection daily. We have since blocked access to those sites.

The setup was fairly easy and we had to get creative in setting up the DNS on a router that is set up with dynamic IP from Telus. The manual walks you through changing the name servers to match the OpenDNS name servers but does not go into any details on what you would do for sites that are set up with dynamic IP, which means I couldn’t make changes to name servers. The only thing that I could do was change the name servers offered by the router acting as the DHCP server for the site. This works except that access to local resources breaks because they don’t have a local DNS server that maps local resources. I’ll work around this soon by upgrading the infrastructure to Windows 2008 AD but in the meantime they are configured to refer to local resources via IP and this solution works as they mainly use Terminal Services to run corporate applications.

We’ll be configuring the other sites soon with this solution.

I can’t believe its another earth-hour event tonight. We spent it at a friends house last year and I remember it vividly because it was the same night I thought I lost my wedding ring. Its a terrible feeling having to grope around in the dark for it. A worst feeling having to retrace your steps in memory and not getting any definite flashbacks as to its whereabouts. I did eventually find it in the back seat of my car. It must have fallen off when I was putting my daughter into her car seat.
Like last year, we at AMIN Solutions took part in this global event to save on energy. We switched off all lights, computers, monitors, and printers. We’ll make sure to do the same tonight. Its just for an hour so it isn’t a big deal. Please take part if you can. Here is more info http://www.earthhour.org.

I was helping a client get VPN connectivity into the network to allow for easy administration and support. Using remote control software like gotomeeting, logmeinpro, or crossloop was ok for a while it requires somebody to initiate a request for the connection. Unattended features are available but it involves sharing owner credentials which might not be ideal. This is why I still like to set up VPN connectivity as a secure alternative.

The first step was to determine if the appliance currently in place was VPN-capable. It was. Next is to conigure it, assumimg passwords were known which they weren’t. Then we had to locate the console cable and determine the correct ios revision in order to download the correct version of the password recovery tool. Once the correct tool version is downloaded, I had to find a tftp server because the PIX model was disk-less. I usually use tftp32.exe which is a free download and easy to use. Once tftp daemon server service was all set up, I was able to run the password recovery tool to erase the passwords and change them to something else.
Now that I was able to login, I changed the current vpngroup user password. I used an unsecured wireless connection in the building and this allowed me to test connecting via the Cisco VPN client. It worked out well on the first attempt and I was connected with no issues. I was lucky the vpn configurations was previously set up and all I neeeded to do was change the passowrds. I was also lucky that there was an unsecured wireless connection I could test from.
The only thing left to do now is to tie the logins to an LDAP server. I wonder if a newer cisco VPN client is needed for that. Where can I download that without requiring an online cisco userid and password? I don’t think this is important right now. I’m sure it will need to be addressed soon as we continue to use VPN in this company for a broader range of audiences with varying needs.

I use the sysinternals tool PSEXEC to remotely run batch software installations. Recently, I was running into an issue performing a silent unattended install from an MSI. After many frustrating attempts, I found this url http://forum.sysinternals.com/printer_friendly_posts.asp?TID=2542. By using the ALLUSERS=2 switch when running the MSI, the software installation succeeded. Apparently, running the MSI install without this switch defaults to installation in the admin account profile. If that admin does not have a profile on that PC, installation fails. Setting ALLUSERS=2 ensures it is installed for all profiles.

I just heard from a coworker that the use of handheld devices while driving will become illegal by January 1, 2010. That’s only a couple of days away. More specifically, he says that the use of hand-held cell phones, Blackberries, other smart phones, and any other electronic devices while behind the wheel will be forbidden and if caught will result in fines. Ouch. We cannot even use text or email while behind the wheel, and forget about portable games like PSP or Nintendo DS or watch DVD movies. I don’t use portable devices anyway but am addicted to using my cell while on the road (stopped and waiting in traffic of course).

This will be a major setback for me and will require some readjustments on my driving habits. Driving is a big part of the services industry so this could mean delays in response. Oh well. it just means we have to plan well in advance and communicate to people of the lack of communication while in transit. It is for the safety of everyone so I’m glad its finally reached British Columbia.

For tips on safe driving from Transport Canada check out the following link: http://www.tc.gc.ca/eng/roadsafety/safedrivers-distractions-index-52.htm.

Have a safe Christmas Holiday season.

I had a lot of problems installing Active Directory onto a second Windows 2003 Server Standard. As part of a two step process of decommissioning Active Directory from the main server and only running AD on the second server, I had to first complete DCPROMO on the second server. The DCPROMO partially completes and errors out at the final SYSVOL share creation. The event logs say that it is unable to complete AD installation until SYSVOL is fully replicated. The issues pointed to DNS so I spent a lot of time fixing that. I made sure DNS Server service was not installed on the second server and that all the CNAME records were correct. I then downloaded the Resource kit and ran DCDIAG /TEST:DNS and NETDIAG. The DCDIAG resulted in frsevent errors. I didn’t know how to fix a partially installed AD on the second server so I had to uninstall AD multiple times, taking stabs at different types of fixes. The reinstall unfortunately takes a long time to run so I had to make sure the fixes I applied produces positive results.

After numerous trips to forums and technical blogs, I searched thru the system log shows event ID 13555 on the main source server and found this link http://www.eventid.net/display.asp?eventid=13555&eventno=572&source=NtFrs&phase=1. I was focusing on the ntfrs errors on the second server thinking the issue was with the destination server. I didn’t think the issue was with the source main server. This links says that a corrupt ntfrs jet database could prevent successful SYSVOL replication. It made sense that if there was an nfrs jet database corruption, this would break DCPROMO. I followed the fixes documented in the link, which includes stopping bot netlogon and ntfrs services; deleting the contents of \windows\ntfrs\jet folder; then recreating the jet databases after netlogon and ntfrs services are restarted. This fixed the errors on the source main server, which fixed the DCDIAG errors, which eventually allowed me to complete the DCPROMO onto the second server.

After AD was installed onto the second domain controller, removing AD from the main server was easy. Hope this helps you out if you ever find yourself in this predicament.

We recently ran into an issue printing to Brother MFC 420 USB printers from a Windows XP computer connected via Remote Desktop to a Vista Ultimate computer. The printer is local to the Windows XP computer and the requirement is that the use should be able to print to this Brother printer from a Remote Desktop session on the Vista computer. Unfortunately, the printer redirection does not work and the reason for it is the printer driver name used by Windows XP for the Brother MFC 420 USB printer is different from the Vista printer driver naming convention. In order for printer redirection to work, the printer drivers (not the printer names) have to match.

To fix this, I followed Microsoft’s documentation on editing the registry and creating a new INF file that contains the one-to-one printer redirection mapping. Here is the url to the documentation http://technet.microsoft.com/en-us/library/cc775141.aspx and I have stripped out the section I used before the url becomes stale:

———snippet———

I just heard on the beat 94.5 radio station that its the hottest day its ever been in BC’s history. A very hot 32.9 degrees. It must be true because I can feel the difference today. It also means that a lot of data centers out there could be in trouble without proper cooling. I just came from a client in burnaby and I worry for them. The servers are in the basement and there no air conditioning units down there. I installed a temperature and humidity environment monitor from APC and will definitely monitor that. In fact, I’ll get alerted if the thresholds are reached. I hope not!

There is some discussion going on internally regarding the ftp services at a client’s site. ftp is currently hosted at an isp as a paid service they have asked us to bring internally in order to save money. Other staff have exclaimed that it should be hosted on a linux server, no doubt because of security and strongly advocated against using windows to host this ftp service. I on the other hand don’t mind windows and using iis to host a public ftp server. I know many of you out there will gasp at this (mostly blackhats) but I think there are other things to worry about first in terms of security and this isn’t one of them. As long as windows patches are religiously applied and passwords regularly changed, that should be good enough. The tool is already there and its part of windows so it doesn’t make sense to provision another server with another OS that will just sit in a corner outside of the domain under everyone’s radar. My take is that we should take all precautions to block out intruders but not at the expense of cost, ease of use, and ease of implementation.

What do you think?

— keep looking »

Search

Enter your email address:

Recently Written

• Dell Vostro 1720 laptop - how do you like it?
• Using OpenDNS to provide web filtering
• Earth-hour is tonight at 8:30p
• Adventures in setting up a Cisco PIX VPN router
• Running a batch install remotely and unattended
• Just heard about new laws in BC concerning driving with handheld devices
• Resolved issues running DCPROMO onto a second Windows 2003 Server
• Printer Redirection steps for remote desktop users
• Hottest day in BC history
• Hosting FTP server on windows or linux

Services

Express Payment

Computer Support Web Development

• Forums - Q & A
• Remote Control - Adobe ConnectNow
• Shop with Us - Online Catalog
• Shop with Us (legacy)

Subscribe in a reader

My Advertisers

Learn PHP In 17 Hours!

Multi profit websites!

Categories

• Administration
• Events
• Services
• Support
• Training

Archives

• April 2010
• March 2010
• February 2010
• January 2010
• December 2009
• September 2009
• July 2009
• June 2009
• March 2009
• January 2009
• December 2008
• October 2008
• August 2008
• April 2008
• March 2008
• January 2008
• December 2007
• November 2007
• September 2007
• August 2007
• June 2007
• May 2007
• April 2007
• March 2007
• February 2007
• January 2007
• December 2006
• November 2006