If anyone visits here regularly, rather than by google search, you'll have noticed that I haven't posted much lately. This is because of a major office move at work which I have been managing from the technical side of things, and moving a 25 server operation isn't an easy job. I've upgraded the entire network infrastructure throughout from SOHO to enterprise products.
Normal service will resume shortly!
I was configuring our new Cisco ASA 5510 firewall today, as part of a major infrastructure upgrade. I'm pretty comfortable with the Cisco IOS, but I still prefer the GUI for the basic set up, using command line to tweak the finer or more complex configurations. However, straight out of the box, I had a very hard time getting the ASDM to load. Being familiar with the PDM from the PIX range of firewalls, I should have guessed the problem straight away. Essentially, whatever problem you're having with the ASDM, whether it's not loading, not reading the configuration or whatever, the answer is likely to be "uninstall your current version of Java, google java 1.4.2, install it, try again". It was the same with the PDM, and guess what? It's the same with the ASDM.
I recently tried to use Microsoft reader on my iMate K-Jam mobile, it's Windows Mobile 5 powered, so according to Microsoft it's fully supported. However, when I tried to activate, I got the following error:
"You have an older version of Pocket PC which does not support Activation"
Not true I cried, and after a lot of Google-ing and trying various different fixes that are posted on the net, I found the only one that actually worked for me!
It was as simple as adding the activation web site to the "Trusted Sites" zone in Internet Explorer, and running IE in the administrators context. It was one of those simple ones that really makes the 2 hours spent searching for an answer all the more frustrating.
I've got a feeling Microsoft should add notes to that effect on the site...never mind.
32-bit processors have a limitation of only being able to directly address 4GB RAM - their architecture was never designed to address more. 64-bit processors get around that limitation by being able to us 64 bits to address RAM (potentially 16,777,216 GB), but what do you do if you have an application that won't work on a 64-bit copy of Windows, but does need to utilise more than 4GB of RAM?
The answer is to use PAE (Physical Address Extensions) and AWE (Application Windowing Extensions). I blundered through PAE a little while back, and found that it didn't work as expected because I was using Server 2003 Standard. PAE is only available as part of Server 2003 Enterprise and Datacenter edition.
Back to the problem at hand, I have a memory hungry application that sits on a Windows Server 2003 Enterprise box with SQL server 2005 installed.
Firstly, we need to enable PAE to allow the 32-bit operating system to address memory over the 4GB limit. This is configured by adding the /PAE switch to the boot.ini.
We also need to repartition the 4GB of Virtual Address Space (VAS) that 32-bit Windows can address by using the /3GB switch in the boot.ini. This allows 3GB of RAM to processes running in "Application Mode" and 1GB RAM to the "Kernel Mode". If you're using more the 16GB of memory don't use the /3GB switch as PAE/AWE will need 2GB of RAM in the Kernel Mode.
The memory intensive applications will run in, you guessed it, Application Mode and will therefore be able to utilise the extended memory provided through PAE and AWE.
Since SQL server will run in the Application Mode memory partition and is AWE aware, it can be configure to reside entirely in AWE managed memory.
The user account that is used to run SQL server must be granted the "Lock Pages in Memory" right and the "AWE Enabled" setting in the configuration of SQL server must be set to "1". We also need to set the "Max Server Memory" to stop SQL server consuming all the AWE memory available. The "Min Server Memory" does not need to be configured as AWE memory is not released by SQL server.
Once that is all configured and a reboot applied, SQL server should only consume about 256mb in task manager, the rest having been loaded into AWE memory and not viewable from the Task manager.
For a little while now I've had an irritating problem with my Vista laptop. Whenever I insert a DVD, CD of any kind, pops up the message asking me to prepare a blank disk:
It's impossible to access the files on the disc and I don't want Vista trying to "prepare" my data disc. Quite irritating, but not irritating enough to fix right away.
Microsoft have a KB article about it, which has worked in some cases, but not in most. There are various advices around to do with firmware, software, reinstalling the device - here's how I fixed it.
So, first step - eliminate any CD/DVD burning software that might be causing a conflict. If you've got commercial software, make sure you have your license key and media to reinstall at a later date.
I have the excellent ISO Recorder, by Alex Fienman - but I need to eliminate that as a possible cause, and it's free to install. I also have Roxio, which I've never used and came bundled with the OS installation. I removed all of them through the Programs and Features control panel.
The next thing to do is check that there are no firmware updates for your drive, from the manufacturers web site. My laptop is a Dell Latitude D820, with a TSST TS-L462D drive - I found a new update and ran the installation. Follow the manufacturers instructions on this one.
Next, I followed Microsoft's article which involves editing the registry. Editing the registry incorrectly can seriously damage your computer, so back it up first, and be careful. Don't restart at this point.
If you've installed VMWare server at all, it disables the autorun feature on your DVD drive so you don't have problems with virtual machines - however this can also cause the problem.
- Open regedit, and change the following key:
- Change the "Autorun" value from "0" to "1" which enables auto run on your drive and has been known to fix the issue.
Another solution which has been posted on many support forums is to add a file to "temporary burn" folder in your profile. I have no idea why this would resolve the problem, but it's worth a try. This did cause the "you have files ready to burn to your DVD drive" notification.
- Open explorer, navigate to C:\Users\<user name>\AppData\Local\Microsoft\Windows\Burn\Burn
- Right click the blank space, click "New > Text Document"
- Try and access your drive.
And finally, open up your Device Manager, locate your DVD/CD drive, right click it and uninstall. Restart your computer - when you do the registry edits will take effect and the device will reinstall.
Hopefully at this point you'll have a working, fully functional DVD drive.
If, like me, you enjoy a bit of design in your free time then I have a great site for you...
Blog Spoon Graphics is a fantastic site, with loads of free vector graphics downloads that you can use in your designs. It's also got some great tips and stuff on vector art - take a look!
This is probably a little off-topic, but hey - I like this site! And no, I haven't sold out, it's not a sponsored link...I just like it!
Fixing “Outlook(R) Mobile Access is supported only on Microsoft(R) Exchange Server 2003. Currently your mailbox is stored on an older version of Exchange server.” on Outlook Mobile Access under Server 2003
So I was testing the configuration on my Exchange 2003 server in preparation for the roll out of some Windows Mobile devices when I recieved the following error:
Outlook(R) Mobile Access is supported only on Microsoft(R) Exchange Server 2003. Currently your mailbox is stored on an older version of Exchange server. Please contact your system administrator for additional assistance.
"That's odd", I thought, "I only have Exchange Server 2003 in my organisation, how can I have an older version of Exchange?" It turns out that this has nothing to do with the version of Exchange you are using. I have set up my Exchange OWA to require SSL (see previous article on SSL and Integrated Authentication) and apparently this can cause issues for OMA.
The Microsoft-Server-ActiveSync and Outlook Mobile Access virtual directories
cannot access the contents of the user's mailbox if the Exchange virtual
directory is configured to require SSL. The Microsoft-Server-ActiveSync and
Outlook Mobile Access virtual directories only try to connect with the Exchange
virtual directory over TCP port 80 (HTTP), not over TCP Port 443 (HTTPS).
To resolve this, you need to follow these steps from MSKB 817379
|1.||Open Exchange Manager.|
|2.||Expand Administrative Groups,
expand the first administrative group, and then expand Servers.
|3.||Expand the server container for the Exchange Server 2003 server
that you will be configuring, expand Protocols,
and then expand HTTP.
|4.||Under the HTTP container, right-click the Exchange Virtual Server container, and then click Properties.|
|5.||Click the Settings tab, clear the
Enable Forms Based Authentication check box, and
then click OK.
|6.||Close Exchange Manager.|
|7.||Click Start, click Run, type IISRESET/NOFORCE,
and then press ENTER to restart Internet Information Services
Additionally, you must use Internet IIS Manager
to create this virtual directory for Exchange ActiveSync and Outlook Mobile
Access to work. If you are using Windows Server 2003, follow these steps:
|1.||Start Internet Information Services (IIS) Manager.|
|2.||Locate the Exchange virtual directory. The default location is as
Web Sites\Default Web Site\Exchange
|3.||Right-click the Exchange virtual directory, click All Tasks, and then click Save
Configuration to a File.
|4.||In the File name box, type a name.
For example, type ExchangeVDir. Click OK.
|5.||Right-click the root of this Web site. Typically, this is Default
Web Site. Click New, and then click Virtual Directory (from file).
|6.||In the Import Configuration dialog
box, click Browse, locate the file that you
created in step 4, click Open, and then click
|7.||Under Select a configuration to import
, click Exchange, and then click OK.
A dialog box will appear that states that the
|8.||In the Alias box, type a name for
the new virtual directory that you want Exchange ActiveSync and Outlook Mobile
Access to use. For example, type exchange-oma.
|9.||Right-click the new virtual directory. In this example, click
exchange-oma. Click Properties.
|10.||Click the Directory Security
|11.||Under Authentication and access
control, click Edit.
|12.||Make sure that only the following authentication methods are
enabled, and then click OK:
|13.||On the Directory Security tab,
under IP address and domain name restrictions,
|14.||Click the option for Denied access,
click Add, click Single
computer and type the IP address of the server that you are
configuring, and then click OK.
|15.||Under Secure communications, click
Edit. Make sure that Require
secure channel (SSL) is not enabled, and then click OK.
|16.||Click OK, and then close the IIS
|17.||Click Start, click Run, type regedit, and then
|18.||Locate the following registry subkey:
|19.||Right-click Parameters, click to
New, and then click String
|20.||Type ExchangeVDir, and then press
ENTER. Right-click ExchangeVDir, and then click
NoteExchangeVDir is case-sensitive. If you do not type ExchangeVDir exactly as it appears in this article,
|21.||In the Value data box, type the
name of the new virtual directory that you created in step 8. For example, type
/exchange-oma. Click OK.
|22.||Quit Registry Editor.|
|23.||Restart the IIS Admin service. To do this, follow these steps:
Recently I wrote a little utility for a client using the excellent Html Agility Pack to read and navigate through a HTML page, selecting the data that was needed and parsing it - basically a screen scrape. I downloaded the source, compiled it, added a reference to the dll in my project and tapped away for a few minutes and et voila, within a few minutes a working screen scrape. A fantastic library.
On uploading the project to my GoDaddy web hosting however, I encountered a problem. You see, my hosting is a shared hosting environment, and like most such webhosting environments is set to a Medium Trust level for .Net applications. As MS dryly puts it:
Applications that receive less than full trust by the runtime code
access security system are not allowed to call shared managed libraries
unless the library writer specifically allows them to through the use
of the AllowPartiallyTrustedCallersAttribute Class.
Therefore, application writers must be aware that some libraries will
not be available to them from a partially trusted context.
The solution, although slightly confusing from the MS documentation, is actually very simple. I opened the HtmlAgilityPack source code, and edited the AssemblyInfo.cs file. Firstly, add a reference to the AllowPartiallyTrustedCallersAttribute:
Since AllowPartiallyTrustedCallersAttribute is part of the System.Security namespace, we must add a reference at the top of the page:
I then rebuilt the project, rebuilt the web project and it now works like a charm.
I needed to use PowerShell for something today on my Vista laptop, but was unable to install the file. I had the normal UAC permission required when I ran it, but then it failed with this error
Installer encountered an error: 0x80070422
The service cannot be started, either because it is disabled or because it
has no enabled devices associated with it.
It turns out that you need to enable the Windows Update service in order to use an MSU file. How backwards is that? Well, lets see, I have to run a SERVICE in order to be able to install applications.
Incidently, PowerShell is fantastic, I'm just getting used to using it at the moment, probably more to come on that!
Well, I've been away with my friends at Firebrand again and guess what...MCSE Windows Server 2003!
- 70-293 Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure
- 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure
- 70-298 Designing Security for a Microsoft Windows Server 2003 Network