Monday, July 14, 2008
I Can't Believe it Still Works!!!!
This is a little off topic but I just have to stop and give Plantronics a major plug today. I have one of their BlueTooth headsets that I just got from work.....and promptly ran it through the washer....and dryer AND IT STILL WORKS!!!!!!!!!!!!!! I Can't believe it. Plantronics you are amazing.
Monday, July 7, 2008
Accessing Security Settings for your Exchange Administrative Group
So this is one that has popped up a couple of times recently. You need to access the security properties on your First Administrative Group in Exchange, but there is no security tab. Those permissions have to be inherited from somewhere right? Well yes and Microsoft is trying to protect us from ourselves (which in this case must be good). Well to do this you need to fire up your favorite registry editor and navigate to:
Then add a DWORD value with the name ShowSecurityPage and set the value to 1. Then you can make all the security changes you want.............just don't come crying to me if you mess up your exchange permissions!!
-Andrew
HKEY_CURRENT_USER\Software\Microsoft\Exchange\ExAdmin
Then add a DWORD value with the name ShowSecurityPage and set the value to 1. Then you can make all the security changes you want.............just don't come crying to me if you mess up your exchange permissions!!
-Andrew
Friday, June 6, 2008
The Weirdness of Terminal Servers
Every now and again you run into a problem a real head scratcher, one that you have never seen, one just shouldn't be happening because according to the Microsoft site you are doing everything right. Well I ran into one of those problems on Wednesday and then oddly enough I ran into it again on Thursday.
Here was the scenario: in both instances I was give a Windows 2003 Terminal Server and asked to add it to a windows 2000 domain. Seems simple enough, until you realize that between 2000 and 2003 there were some fairly serious changed made to the way Windows handles terminal services. The Biggest change is the introduction of the Remote Desktop Users group. When you have a windows 2003 domain this group is available by default and any machine that is setup as a terminal server automatically allows these users to access the computer via Remote Desktop.
Well what message did I get when I tried to login? You've all seen it:
That all fine and good but I DID add my users group to the Allow log on
through Terminal Services role in Group policy. Well it turns out that there is at least one other place you have to add your remote users group: the security settings on the RDP-TCP connection.
Here is where you go: Start>Programs>Administrative Tools>Terminal Services Configuration Once there click on Connections, right click on RDP-TCP, and select Permissions. In the permissions tab make sure that your users group whoever it may be has the User Access and Guest Access allowed. You should then be able to log into the machine.
Hope this helps
Here was the scenario: in both instances I was give a Windows 2003 Terminal Server and asked to add it to a windows 2000 domain. Seems simple enough, until you realize that between 2000 and 2003 there were some fairly serious changed made to the way Windows handles terminal services. The Biggest change is the introduction of the Remote Desktop Users group. When you have a windows 2003 domain this group is available by default and any machine that is setup as a terminal server automatically allows these users to access the computer via Remote Desktop.
Well what message did I get when I tried to login? You've all seen it:
To log on this remote computer, you must be granted the Allow log on
through Terminal Services right. By default, members of the Remote Desktop
Users group have this right. If you are not a member of the Remote Desktop
Users group or another group that has this right, or if the Remote Desktop
User Group does not have this right, you must be granted this right
manually.
That all fine and good but I DID add my users group to the Allow log on
through Terminal Services role in Group policy. Well it turns out that there is at least one other place you have to add your remote users group: the security settings on the RDP-TCP connection.
Here is where you go: Start>Programs>Administrative Tools>Terminal Services Configuration Once there click on Connections, right click on RDP-TCP, and select Permissions. In the permissions tab make sure that your users group whoever it may be has the User Access and Guest Access allowed. You should then be able to log into the machine.
Hope this helps
Saturday, May 31, 2008
phpMailer and other coding woes.
Okay so this one is going to be a little more esoteric, but it might help someone out there. I spent a lot of time debugging a program I had been handed that had fewer comments than I might have liked. Specifically it was an application written in Flex that used php to do some things like generate reports and send off notification e-mails.
A couple of weeks back this application stopped sending out notification e-mails and I had no idea what was going on. The problem was compounded by the fact that any errors the PHP threw were being hidden by the Flex front end. So this first part of this is going to be a little bit of basic php that I employed to dump info to a text file.
Here is an quick example of file writing in php:
The next line we use the fopen command to open the file ($fn) in 'a' or append mode and assign it to the $fp stream. You can look at the php docs for information about the fopen command.
Next we are going to write to the file. By writing "Some text \n" we are writing the phrase "some text" and then a new line to the file.
Finally we close the file.
Now one of the really important things to remember is if your text file that you are witting to is not available or the permissions are set wrong php will throw and error. So remember to do a chmod 777 on the file in Linux or to set the appropriate user rights in Windows.
Once I got the error messages into the text file I found this cryptic error message:
What I want you to take away from this is that if you are getting a Language string failed to load message in phpMailer check you message settings, TO, FROM, CC, BCC, Host, Mailer. Your problem is most likely with one of those items.
Hope this helps!!
A couple of weeks back this application stopped sending out notification e-mails and I had no idea what was going on. The problem was compounded by the fact that any errors the PHP threw were being hidden by the Flex front end. So this first part of this is going to be a little bit of basic php that I employed to dump info to a text file.
Here is an quick example of file writing in php:
The first line of actual code is there just to assign the filename to a variable to make it easier to deal with. It should be noted that (dirname(__FILE__) is a good little tool to indicate the current directory. It is much better then full paths because when you move your the guts of the app around you don't have to adjust file names all throughout your program. Also remember that if you are doing this in a windows environment you will need to escape your back slashes in your file path. So C:\Windows\System32\LogFiles would become C:\\Windows\\System32\\Logfiles. Or as odd as it might look to longtime Microsofties you can use C:/Windows/System32/Logfiles (hey it surprised the heck out of me too!!).
//Define the file
$fn = (dirname(__FILE__) . '/new.log');
//Open log file for writting
$fp = fopen($fn,'a');
//Write to the file
fwrite($fp,"Some text \n");
//Close the file
fclose($fp);
The next line we use the fopen command to open the file ($fn) in 'a' or append mode and assign it to the $fp stream. You can look at the php docs for information about the fopen command.
Next we are going to write to the file. By writing "Some text \n" we are writing the phrase "some text" and then a new line to the file.
Finally we close the file.
Now one of the really important things to remember is if your text file that you are witting to is not available or the permissions are set wrong php will throw and error. So remember to do a chmod 777 on the file in Linux or to set the appropriate user rights in Windows.
Once I got the error messages into the text file I found this cryptic error message:
Language string failed to load: recipients_failedSo not to be deterred I decided I would dump all the e-mail addresses to the text file to see what it was complaining about. And there it was. After spending nearly two day exploring issues with DNS phpMail and all those other things it turned out it was.................a malformed email address. All I had to do was correct the address in AD (where the addresses were being pulled from) and life was once again good.
What I want you to take away from this is that if you are getting a Language string failed to load message in phpMailer check you message settings, TO, FROM, CC, BCC, Host, Mailer. Your problem is most likely with one of those items.
Hope this helps!!
Thursday, May 29, 2008
Find your Linux version and other useful information from the command line.
Okay, so I admit it. I am not a Linux guru. I know my way around Linux fairly well, but every now and again I am faced with a problem that just leaves me scratching my head. The other day I needed to find out what distribution of Linux I was using and what version it was. I was left scratching my head, until I did some searching and found a couple of really cool tools.
The first one is:
lsb_release -a
It will give you a nicely little formatted output that looks something like this:
If you need information informatiopn specific to you Linux kernel you can use the uname command.
For example uname-a will give you a great deal of information about the machine you are currently working on. Unfortunately, the output is not as nicely formated as the above command. Your output might look something like this:
In my case several of the items normally displayed by uname are omitted because they are unknown.
Now, I don't know about uname, but I have tested lsb_release on Ubuntu, Fedora, SUSE, and Red Hat. I also tested it on Gentoo and know that at least on my installation it did not come as standard.
Have a great day.
The first one is:
lsb_release -a
It will give you a nicely little formatted output that looks something like this:
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 7.04
Release: 7.04
Codename: feisty
If you need information informatiopn specific to you Linux kernel you can use the uname command.
For example uname-a will give you a great deal of information about the machine you are currently working on. Unfortunately, the output is not as nicely formated as the above command. Your output might look something like this:
Linux don 2.6.22-14-generic #1 SMPSun Oct 14 23:05:12 GMT 2007 i686 GNU/Linux
In my case several of the items normally displayed by uname are omitted because they are unknown.
Now, I don't know about uname, but I have tested lsb_release on Ubuntu, Fedora, SUSE, and Red Hat. I also tested it on Gentoo and know that at least on my installation it did not come as standard.
Have a great day.
Help I can't ping FQDN's in Ubuntu!!!!
Okay, for this tip I need to specify that I have only ever encountered the problem on Ubuntu 7.10 (Gutsy Gibbon). However, from what I read while researching the problem it also applies to Ubuntu 8.04 (Hardy Heron). Basically, what happened was I could ping my mail server by its name (rex), but not its Fully Qualified Domain Name (rex.cms.local).
Turns out there is some strange interaction between DNS and Avahi (no not the woolly lemur the Linux implementation of Zeroconf) that only rears its ugly head when your local domain ends in a .local. Now, I hear that Avahi is great if you have a network of computers, no DNS server and no desire to set one up, but I don't have that problem. I have a DNS server dang it!! Two of them to be precise. All I want is nice easy DNS resolution!!
Well here is your solution:
Turns out there is some strange interaction between DNS and Avahi (no not the woolly lemur the Linux implementation of Zeroconf) that only rears its ugly head when your local domain ends in a .local. Now, I hear that Avahi is great if you have a network of computers, no DNS server and no desire to set one up, but I don't have that problem. I have a DNS server dang it!! Two of them to be precise. All I want is nice easy DNS resolution!!
Well here is your solution:
- Open /etc/nsswitch.conf in your favorite text editor (I like nano, vim works, if you are an emacs user.......well I guess you can keep reading).
- find the following line:
hosts: file mdns4_minimal [NOTFOUND=return] dns mdns4 - Change it to:
hosts: files dns - Thats it!!
POP3 and IMAP Logging
Okay so this first post has its genesis in a problem I was having with RightFax Enterprise Fax Server. Since I am sure there will be plenty of posts about RightFax in the future I will keep the details regarding that particular piece of software to a minimum. Suffice it to say that I got some bad advice from RightFax support and was not making any progress figuring out why it was not puling fax/emails from its designated "monitored inbox".
After some poking around with RightFax I decided I needed to take a step a back and see if the mail server was even being contacted by the fax server. Were they even talking? What I needed was a way to log POP3 activity. Now, those of you familiar with Exchange, will know that logging SMTP activity is easy, all you have to do is open the property editor for the SMTP virtual server in question and select "Enable Logging".
It should be the same for POP3 and IMAP right? Of course not ,or you wouldn't be reading this post! Unfortunately, to turn on logging for POP3 and IMAP requires registry editing. For full details see this article from Microsoft: http://support.microsoft.com/default.aspx?kbid=299778
Now, before you do this I must insert the standard blah blah blah blah about registry editing. If you have never messed around in the registry before just stick to what the article says and you will be fine. Change anything else and you are on your own buster!!!!
Okay, with out further ado I present the keys that need editing:
The DWORD value for these keys is normally set to 0 (no logging) and you have a choice of 0 to 5 . I would suggest starting at 5 and dialing it back if you are being hit with too many entries.
You might also consider changing the Protocol Logging Path key to something more convenient. It defaults to the Exchange MDBData directory and I like to keep all my logs in the C:\WINDOWS\system32\LogFiles directory for ease of access.
Hope this helps!
After some poking around with RightFax I decided I needed to take a step a back and see if the mail server was even being contacted by the fax server. Were they even talking? What I needed was a way to log POP3 activity. Now, those of you familiar with Exchange, will know that logging SMTP activity is easy, all you have to do is open the property editor for the SMTP virtual server in question and select "Enable Logging".
It should be the same for POP3 and IMAP right? Of course not ,or you wouldn't be reading this post! Unfortunately, to turn on logging for POP3 and IMAP requires registry editing. For full details see this article from Microsoft: http://support.microsoft.com/default.aspx?kbid=299778
Now, before you do this I must insert the standard blah blah blah blah about registry editing. If you have never messed around in the registry before just stick to what the article says and you will be fine. Change anything else and you are on your own buster!!!!
Okay, with out further ado I present the keys that need editing:
For IMAP:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Imap4svc\Parameters\IMAP Protocol Logging Level
For POP3: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Pop3svc\Parameters\POP3 Protocol Logging Level
The DWORD value for these keys is normally set to 0 (no logging) and you have a choice of 0 to 5 . I would suggest starting at 5 and dialing it back if you are being hit with too many entries.
You might also consider changing the Protocol Logging Path key to something more convenient. It defaults to the Exchange MDBData directory and I like to keep all my logs in the C:\WINDOWS\system32\LogFiles directory for ease of access.
Hope this helps!
Subscribe to:
Posts (Atom)