Windows Time Synchronization in AD Domain

MS Exchange CCR Cluster: Maint

How to Move a Storage Group and Its Database in a CCR Environment

Pasted from http://technet.microsoft.com/en-us/library/aa997196(EXCHG.80).aspx

How to Move a Database in a CCR Environment

Pasted from http://technet.microsoft.com/en-us/library/aa997646(EXCHG.80).aspx

MS Exchange Failover to SCR Node

It was a really fun weekend. Scheduled building powerdown overnight -- shutdown Exchange servers gracefully. Next morning both CCR nodes fail to boot up. After hours on the phone with server vendor, SAN vendor, and Microsoft decided to failover to SCR copy. It didn't seem to go according to documents I've read.

Below are notes of how documents said it should work:

To get a formated list of SG settings:
Get-storagegroup -server priexs01ccr | fl

The following commands were used to move PRIEXS01CCR to SCR target SECEXS01-1:
Restore-StorageGroupCopy –Identity

(Pasted from http://www.msexchange.org/articles_tutorials/exchange-server-2007/high-availability-recovery/clustered-continuous-replication-failover-standby-continuous-replication-part2.html)

StandbyMachine NH-W2K3-SRV01 -Force

(Pasted from http://www.msexchange.org/articles_tutorials/exchange-server-2007/high-availability-recovery/clustered-continuous-replication-failover-standby-continuous-replication-part2.html)

Get-storagegroup -server priexs01ccr | Restore-StorageGroupCopy -StandbyMachine Secexs01-1 -Force

Get-Storagegroup -server priexs01ccr | Disable-StorageGroupCopy -StandbyMachine Secexs01-1 -Confirm:$false

(Will most likely return errors)

Get-storagegroupcopystatus -server priexs01ccr -StandbyMachine Secexs01-1

(This is to verify that the StgCopy returns not configured)

DNS: change IP to new CMS IP

Verify the id used for cluster service has change computer perm in AD.
DO NOT RUN /NEWCMS unless you have MS on the phone and they tell you to.

Run the following with the correct info:
setup.com /RecoverCMS /CMSName:CCREX01 /CMSIPAddress:

(Pasted from http://www.msexchange.org/articles_tutorials/exchange-server-2007/high-availability-recovery/clustered-continuous-replication-failover-standby-continuous-replication-part2.html)

This is what we actually did with MS support:

Setup.com /RecoverCMS /CMSName:priexs01ccr /CMSIPAddress:

Get-MailboxDatabase -Server priexs01ccr | Set-MailboxDatabase -AllowFileRestore:$True

Get-MailboxDatabase -Server priexs01ccr | Mount-Database

Get-MailboxDatabase -Server priexs01ccr -Status |ft *name*,*mount*

(Creates a formated list with status)

Verify Allow restore is no longer checked on SGs, this should occur automatically after the DBs mount, but just in-case.



Change priority of DNS SRV records



IRS Circular 230 disclosure: To ensure compliance with requirements imposed by the IRS, we inform you that any tax advice that may be contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding any penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending to another party any transaction(s) or tax-related matter(s) that may be addressed herein.


This e-mail communication (including any attachments) may contain legally privileged and confidential information intended solely for the use of the intended recipient. If you are not the intended recipient, you should immediately stop reading this message and delete it from your system. Any unauthorized reading, distribution, copying or other use of this communication (or its attachments) is strictly prohibited.






Layer 2 COS






IP Routing










Interactive Video





Streaming Video





Critical Application















Bulk Data










Best Effort












Below is an example of a  quick start quality of service configuration.  We will walk through this configuration over the phone.


Apply the below under global configuration mode:


Config t


class-map match-any Voice
 match ip dscp ef

class-map match-any Routing

  match ip dscp cs6

class-map match-any Call-Signaling

  match ip dscp cs3

policy-map QOS
 class Voice
  priority percent 5
 class Routing
  bandwidth percent 5

class Call-Signaling

   bandwidth percent 5
 class class-default
  bandwidth percent 60

  queue-limit 256


Then apply the qos policy, in the outbound direction, to the interface:


interface "interface-name"

service-policy output QOS


We set DSCP CS3 for call-signaling. Some older devices use AF31 instead.  If this is the case then add AF31 to your call-signaling class-map.


class-map match-any Call-Signaling

  match ip dscp cs3

  match ip dscp af31



Also please reference the Cisco Solutions Reference Network Design (SRND) Guide for specific questions to best practice deployments within the enterprise.  Please click on the link below to access our SRND for QOS.





Windows::DNS Alias

This is a known issue with 2000 and 2003 servers.

When a client computer connects to a Windows 2000 or 2003 server using an alias, the client receives:
System error 52 has occurred.
A duplicate name exists on the network.
This error occurs when you attempt to connect to the server by using a CNAME alias that is created in the DNS zone:
net view \\alias.<domain name.com>
where alias is a CNAME record that is created for the server in the <domain name.com> zone. Because the server is not listening on the alias, it does not accept connections to that name.

Start – Run - Regedt32
Create the following DWORD Key manually.

Shutdown and restart the server.now alias should work again.

Outlook::Calendar Items

It seems like a couple times a month we get somebody with a wierd issue related to Outlook Appointments.
This Tech Support Article illustrates the many things that can go wrong with Outlook Calendar appointments and some of the solutions.




SNMP::Network Management::MRTG config repository

Plixer MRTG Repository

Labels: , ,


Cisco::SNMP::IP Accounting

Gathering IP accounting information from a router via SNMP.
Cisco document with details about SNMP calls to gather MAC table and IP accounting tables from routers via SNMP.

Perl script to do this:

use SNMP_util;

$host = $ARGV[0];
if ($host eq "") {
print "Host address (return = $defaultHost) ? ";
$host = <stdin>;
if ($host eq "") { die "Usage: ipac [host address]\n"; }

print "Gathering data from $host . . .\n";

@accounting = snmpwalk ("public\@$host",".");

my @src, @dest, $pkts, $bytes;

foreach $line (@accounting) {
($pre, $data) = split (/\:/, $line);
@mib = split(/\./, $pre);
if ($mib[1] eq "1") { push (@src, $data);}
elsif ($mib[1] eq "2") { push (@dest, $data);}
elsif ($mib[1] eq "3") { push (@pkts, $data);}
elsif ($mib[1] eq "4") { push (@bytes, $data);}
elsif ($mib[1] eq "5") { last;}
else { print "unrecognized data\n";}

my $index = 1;

open (OUT, ">", "output.html");
open (CSV, ">", "output.csv");

print OUT "<html><head><link rel=\"stylesheet\" type=\"text/css\" href=\"styles.css\" /></head><body><table border=\"1\" bordercolor=\"black\">";
print OUT "<h2>$host IP Accounting</h2><a href=\"output\.csv\" target=\"_blank\">Open in Excel</a>";
print CSV "$host IP Accounting\n";
print OUT "<tr><th>Source</th><th>Destination</th><th>Bytes</th><th>Packets</th></tr>\n";
print CSV "Source,Destination,Bytes,Packets\n";

foreach $from (@src) {
print OUT "<tr><td>$src[$index]</td><td>$dest[$index]</td><td>$bytes[$index]</td><td>$pkts[$index]</td></tr>\n";
print CSV "$src[$index],$dest[$index],$bytes[$index],$pkts[$index]\n";

print OUT "</table></body></html>\n";

close OUT;
close CSV;


Labels: , ,


Exchange2007::Outlook XP::Delivery Status Notification Issue

I have just installed Exchange 2007 and I am receiving delivery reports in some form of chinese text in outlook 2002;
It looks correct in OWA, if it's printed, forwarded, etc.

The exchange hub transport server sends the DSN messages in HTML format by default.

Changing it to send DSN's in text format will fix this issue.


powershell change this:

Get-TransportServer | Set-TransportServer –InternalDsnSendHtml $False




Disable activesync for all mailboxes:


get-Mailbox | set-CASMailbox -ActiveSyncEnabled:$False


Labels: , ,



I have a shutdown issue with Outlook from time to time. Cache mode file corruption can be problematic when Outlook Add-In's interfere with shutdown.
Outlook Shutdown Add-in


How much data do I have?

Thanks to: e-discovery team blog

CD = 650 MB = 50,000 pages.
DVD = 4.7 GB = 350,000 pages.
DLT Tape = 40/80 GB = 3 to 6 Million pages.
Super DLT Tape = 60/120 GB = 4 to 9 Million pages.
Page Estimates:
1 MB is about 75 pages;
1 GB is about 75,000 pages (pick-up truck full of documents).

Aver. pgs. per email: 1.5 (100,099 pages per GB).
Aver. pgs. per word document: 8 (64,782 pages per GB).
Aver. pgs. per spreadsheet: 50 (165,791 pages per GB).
Aver. pgs. per power point: 14 (17,552 pages per GB).

For the average .PST or .NSF Email File:
100 MB .PST file is 900 emails and 300 attachments.
400 MB .PST file is 3,500 emails and 1,200 attachments.
600 MB .PST file is 5,500 emails and 1,600 attachments.
A 1.00 GB .NSF file is 9,000 emails and 3,000 attachments.
A 1.5 GB .NSF file is 13,500 emails and 4,500 attachments.

*************************** Note: Many variables will affect ALL of the actual numbers above, including especially large image and video files, and recursive files.

*************************** Bits and Bytes Sizes:
•8 bits are equal to 1 byte (one or two words),
•1,024 bytes are equal to 1 kilobyte (KB).
•1,024 kilobytes (KB) are equal to 1 megabyte (MB or Meg).
•1,024 megabytes are equal to 1 gigabyte (GB or Gig) (truck full of paper).
•1,024 gigabytes are equal to 1 terabyte (TB) (50,000 trees of paper).
•1,024 terabytes are equal to 1 petabyte (PB) (250 Billion Pgs. of Text).
•1,024 petabytes are equal to 1 exabytes (EB) (1 000 000 000 000 000 000 bytes).


Security::VPN::Alphabet Soup

Integrity: AH = Authentication Header or ESP = Encapsulating Security Payload

Encryption: DES = Data Encryption Standard, 3DES = 3 DES keys used, AES = newer standard

Hash: SHA = Secure Hash Algorithm, MD5 = Message-Digest. SHA is newer/more secure. Vista uses SHA


Protocol Analysis::TCP::TCP State Descriptions

Thanks to: http://www.tcpipguide.com

Table 151: TCP Finite State Machine (FSM) States, Events and Transitions



and Transition


This is the default
state that each connection starts in before the process of establishing
it begins. The state is called “fictional” in the standard.
The reason is that this state represents the situation where there is
no connection between devices—it either hasn't been created yet,
or has just been destroyed. If that makes sense.

Passive Open: A server
begins the process of connection setup by doing a passive open on a
TCP port. At the same time, it sets up the data structure (
control block or TCB
) needed to manage
the connection. It then transitions to the LISTEN state.

Active Open,
Send SYN:
A client begins connection setup by sending a SYN
message, and also sets up a TCB for this connection. It then transitions
to the SYN-SENT state.


A device (normally a server)
is waiting to receive a synchronize (SYN) message from
a client. It has not yet sent its own SYN message.

Receive Client SYN,Send SYN+ACK: The server device receives a SYN from
a client. It sends back a message that contains its own SYN and
also acknowledges the one it received. The server moves to the SYN-RECEIVED


device (normally a client) has sent a synchronize (SYN)
message and is waiting for a matching SYN from the other device
(usually a server).

Receive SYN, Send ACK: If the device that has sent its SYN message receives a SYN from the other device but not an ACK for its own SYN, it acknowledges the SYN it receives and
then transitions to SYN-RECEIVED to wait for the acknowledgment to its SYN.

Receive SYN+ACK, Send ACK: If the device that sent the SYN receives both an acknowledgment to its SYN and also a SYN from the other device, it acknowledges the SYN received and then moves straight to the ESTABLISHED state.


The device has both received a SYN (connection request) from its partner and sent its own SYN. It is now waiting for an ACK to
its SYN to finish connection setup.

Receive ACK: When the device receives the ACK to the SYN it sent, it transitions to the ESTABLISHED state.


The “steady state” of an open TCP connection. Data can be exchanged freely once both devices in the connection enter this state. This will continue until the connection is closed for one reason or another.

Close, Send FIN: A device can close the connection by sending a message with the FIN(finish) bit sent and transition to the FIN-WAIT-1 state.

Receive FIN: A device may receive a FIN message from its connection partner asking that the connection be closed. It will acknowledge this message and transition to the CLOSE-WAIT state.


The device has received a close request (FIN) from the other device. It must now wait for the application on the local device to acknowledge this request and generate a matching request.

Close, Send FIN:The application using TCP, having been informed the other process wants to shut down, sends a close request to the TCP layer on the machine upon which it is running. TCP then sends a FIN to the remote device that already asked to terminate the connection. This device now
transitions to LAST-ACK.


A device that has already received a close request and acknowledged it, has sent its own FIN and is waiting for an ACK to this request.

Receive ACK for FIN: The device receives an acknowledgment for its close request. We have now sent our FIN and had it acknowledged, and received the other device's FIN and acknowledged it, so we
go straight to the CLOSED state.


A device in this state is waiting for an ACK for a FIN it has sent, or is waiting for a connection termination request from the other device.

Receive ACK for FIN:The device receives an acknowledgment for its close request. It transitions to the FIN-WAIT-2 state.

Receive FIN, Send ACK: The device does not receive an ACKfor its own FIN, but receives a FIN from the other device. It acknowledges it, and moves to the CLOSING state.


A device in this state has received
an ACK for its request to terminate the connection and is now waiting
for a matching FIN from the other device.

Receive FIN, Send ACK:
The device receives a FIN from the other device. It acknowledges
it and moves to the TIME-WAIT state.


The device has received a FIN from the other device and sent an ACK for it, but not yet received an ACK for its own FIN message.

ReceiveACK for FIN: The device receives an acknowledgment for its close request. It transitions to the TIME-WAIT state.


The device has now received aFIN from the other device and acknowledged it, and sent its ownFIN and received an ACK for it. We are done, except for waiting to ensure the ACK is received and prevent potential overlap with new connections.

Timer Expiration: After a designated wait period, device transitions to the CLOSED state.

Exchange::IIS::Redirect HTTP to HTTPS page for Outlook Web Access

The following KB article details customizing the error message for the 403.3 error (SSL required.)
MS KB 839357
I'm not an ASP programmer, but I couldn't get their sample code to work. Instead I used the more elegant HTML below:

<meta HTTP-EQUIV="REFRESH" content="0; url=https://email.COMPANY.com/exchange">
Redirecting to: <a href="https://email.COMPANY.com/exchange" target="_blank">https://email.COMPANY.com</a>


Exchange::Mailbox Cleanup Agent

Thanks to: MS Exchange Team Blog

Exchange 2000/2003 Mailbox Manager and msExchMailboxManagerAgeLimit.
In Exchange 2000/2003 mailbox manager policies may not process items as some administrators might expect. For example, if you set up a mailbox manager policy to delete messages from the inbox after 30 days, you may find that some of the messages are not deleted after the 30 day window has passed.

In Exchange 2000/2003, in order for a message to be processed by a policy, the age of the message must pass 3 criteria:




If any of these flags are less than the age specified on the mailbox manager policy settings, that message will not be processed. In other words, if you have a policy set to 30 days and at 29 days a user reads a message that falls under this policy (and hence sets the last modified flag back to 0 days) the message will not be processed after the 30th day because it will fail on 1 of the 3 criteria. It will not be processed until all the criteria are met (in this scenario after 30 more days)

This behavior is different than in Exchange 5.5. In Exchange 5.5, if the delivery time flag is present on a message then no other criteria will be checked. So in the above scenario, 30 days after receiving the message it would be purged.

The design was changed in Exchange 2000/2003 to better accommodate certain workflow programs, journaling and non-ipm.note message classes that would look at different message properties for cleanup.

However, in certain environments you might want to have Exchange 2000/2003 behave the same as Exchange 5.5. This can be done in Exchange 2000 with the post SP3 roll-up or with Exchange 2003 RTM by setting the msExchMailboxManagerAgeLimit attribute on the mailbox manager policy to a hex value of "0x3".

There are three values you can set this to depending on your needs:

0x1: The Last modification time will not prevent the deletion of a message. If the last modified modified date is greater than the limit, the item may be deleted.

0x2: The time that the message was submitted will not prevent the deletion of a message. If the submission time is greater than the limit, the item may be deleted.

0x3: This value sets both bits 0x1 and 0x2, and mimics the behavior from Exchange 5.5.

Note that Mailbox Manager does not ever delete recurring appointments or tasks, regardless of age. You cannot turn off evaluation of delivery time.

More information on setting this is in the following article: KB 326397


HP Servers::iLo

Reset iLo Administrator Password

Thanks NetNerds !

1. Installed SNMP because it was a preprequesite
2. Download and Install the HP Insight Management Agents.
3. Download HP Lights-Out Online Configuration Utility.
4. Download HP Lights-Out XML Scripting Sample for Windows

<ribcl VERSION="2.0">
<login USER_LOGIN="Administrator" PASSWORD="boguspassword">
  <user_INFO MODE="write">
   <mod_USER USER_LOGIN="Administrator">
    <password value="newpass"/>

hponfig.exe /f reset.xml



HTML::Style Sheet::Page Breaks

This is a wonderful thing:

<STYLE TYPE="text/css">
HR {page-break-before: always}



Windows::Exchange 2007::Power Shell

Cryptic result from Get-StorageGroupCopyStatus
Get-StorageGroupCopyStatus ExchMbx01ccr\TestStg01 -StandbyMachine ExchDR
Resulted in SummaryCopyStatus = "not configured"
Documentation on TechNet did not even list "not configured" as a possible value.

It turns out that the server name was incorrect.

Get-StorageGroupCopyStatus ExchMbx01ccr\TestStg01 -StandbyMachine ExchDR01
Results in SummaryCopyStatus = "Healthy"

Labels: ,


SMTP::From Address Spoofing

Sender Policy Framework
The Problem: Sender Address Forgery
Today, nearly all abusive e-mail messages carry fake sender addresses. The victims whose addresses are being abused often suffer from the consequences, because their reputation gets diminished and they have to disclaim liability for the abuse, or waste their time sorting out misdirected bounce messages.

The Solution: SPF
The Sender Policy Framework (SPF) is an open standard specifying a technical method to prevent sender address forgery. More precisely, the current version of SPF — called SPFv1 or SPF Classic — protects the envelope sender address, which is used for the delivery of messages. See the box on the right for a quick explanation of the different types of sender addresses in e-mails.

Labels: ,


Storage::Alphabet Soup

JBOD = "Just a Bunch Of Disks"
SBOD = "Switched Bunch Of Disks"

Switched = Better ;)




Data Center::Fire Suppression

Interesting information gleaned from overview from vendor:
- This system puts out a fire by quickly lowering the temperature of the room by 20 degrees or more. This also creates a vaccum in the room which, in addition to lower temp, puts out the fire. This change in pressure can displace ceiling tiles and stir up dust from the floor. Very shortly after the gas is deployed the room warms back up and the pressure in the room returns to normal.
- The gas is inert and not toxic to breath.
- The gas disperses sideways from a nosel that looks like a sprinkler head.
At our site this will be integrated with the same control system as our pre-action system.
So...it will work as follows:
- smoke alarm in the data center => the preaction system will release water control valve making water available to the system. The pipes remain pressurized so pipes still have only air in them until the heat from a fire causes a sprinkler to open.
- multiple smoke alarms in the data center => FM200 system will alarm, 30 second delay, the gas will be released. temp will go way down, ceiling tiles will be sucked down into the room--some will fall out, "hurricane" wind may blow more dust up from the floors, A/C system will be shut down to prevent air flow that would further feed fire. A few seconds later the room will warm up and the pressure will become normal. No cleanup procedure required. (just dust things off...)
Other interesting info from Q&A
- It is required to have a 4 foot square of ceiling around our sprinkler heads to allow for proper operation. If the sprinkler head is not at the top of the ceiling it will not heat up at the same rate as the rest of the room and not kick in soon enough.
- Sprinkler heads - bottom plate will melt off at 135 degrees F. That exposes an element that will melt at about 155 degrees F.
- in some cases locality may allow water fire suppression systems to be removed. This would likely require a backup system. Many times this is not allowed however either by the local statutes and/or building management.


Windows::Server Performance::Troubleshooting::Citrix

Troubleshooting Server Performance
The discussion of a specific issue below is perhaps useful in a more general sense for troubleshooting and performance monitoring topics.

Problem: After upgrading to Citrix Presentation Server 4.5 a higher average cpu utilization is observed as well as a high rate of context switches. Previously we have often received warnings in Citrix Performance Monitor for %interrupt -- this issue continues and is perhaps seen more often in 4.5 servers as well.

Background: Running PS4.5 using published applications and desktops on a Microsoft Windows 2003 SP2 server on a physical machine. Running several "high maintenance" accounting applications on two PS4.5 as published applications on virtual machines on VMWare Virtual Infrastructure 3.0 cluster. These all exhibit the symtoms above just since the upgrade to 4.5. Also, we are still running 4.0 on several other servers in the same Citrix Farm and various versions of PNA are in use by client machines (predominantly 8.x)

Investigation regarding context switches
A lot of good resources turned up:
Intel: Using Windows Performance Monitor
MSDN-Context Switches
Analyzing Processor Activity
Since this issue occurs on both physical and virtual servers it is not a VM problem, but will investigate this avenue as well to ensure correct and optimal configuration.
VMware: improving scalability for Citrix PS

- definition: CPU's share their time between all threads according to priority. When the CPU stops working on one thread and starts working on another that is a context switch.
- monitoring: A ballpark rule of thumb is "normally" there should be no more than 28000 context switches per CPU on a system.
- What to look for
- Page file - too small, or is allowed to dynamically grow - recommendation: set to larger fixed size.
- Consider write cache on RAID controller
- insufficient hardware
- poorly designed device drivers or applications

- PerfMon - system/context switches
- SysInternals - Process Explorer - View > select columns > Process Performance > context switches, context switch delta
- pstat.exe (windows resource kit or support tools

Some asides that came up during this investigation explained some issues we have had with virtualizing citrix servers. We needed to keep 2 cpu's in the VM after we converted them. That is the opposite of the VMWare recommendations we have seen.
- The multiprocessor HAL had not been downgraded to single processor HAL.
- Hidden devices in device manager had not all been removed.
1. Click Start, click Run, type cmd.exe, and then press ENTER.
2. Type set devmgr_show_nonpresent_devices=1, and then press ENTER.
3. Type Start DEVMGMT.MSC, and then press ENTER.
4. Click View, and then click Show Hidden Devices.
5. Expand the Network Adapters tree.
6. Right-click the dimmed network adapter, and then click Uninstall
uninstall any other physical devices not needed

- Interesting - on the VM servers when looking at Task Manager the %cpu listed individually for all the processes for all users did not appear to add up to what was showing up on the Performance tab (at least 50% discrepency.) This was not observed on the physical server
- For both VM's and physical servers: Citrix Performance Monitor was showing warnings and intermittent error conditions on %cpu, %interrupt, context switches/sec.
- The VM's cpu utilization on the host machine is extremely high. On the server with the greatest number of users it maxed out the host cpu for much of the time I watched it.
- Watching performance monitor a few minutes showed context switches/sec to be in the hundreds of thousands.
- Opened Process Explorer and set view to show context switches and context switch deltas. I observed that at times it reported up to 50% cpu was due to hardware interrupts (this was not as dramatic when I checked it on the physical machine so I wonder if this is a reporting issue related to vmware's magic behind the scenes.) Also, the highest context switch delta was for hardware interrupts so Process Explorer was no help to further isolate it.
- To isolate what driver or program might be causing this issue, I piped the output of pstat.exe to a file and looked for the highest count of context switches. I took the memory address of that thread and looked it up in the bottom section to find what address range it fell in. In this case it was CDM.SYS
- google search of CDM.SYS turned up multiple articles about Citrix servers. I think CDM stands for Client Data Mapper. Of greatest interest is an article about a hotfix for PS4.5:
http://support.citrix.com/article/CTX114121 (and I see a lot of other post FR1 hotfixes out there too.)
The issue resolved in this hotfix is:
"Winlogon.exe shows higher than average CPU consumption on the server. The issue occurs because the server refreshes the smart card reader state more frequently than necessary. This occurs even if smart cards are not being used. With this fix, the reader state is refreshed only once per noticeable event."

Labels: , ,



Tip: Disable unused NIC's!
If a server has an unplugged NIC it will get address automatically and it may register it's name with both IP's and part of the time DNS will respond with the unreachable 169.254.x.x address.



Monitoring and Management Products for Blackberry Enterprise Server






BoxTone from a company named Panacya Inc

Labels: ,


Links::Point to Point DS3

Interesting, cheaper solution for p2p DS3




- free helpdesk software for intranet:

- Remote support/access tool - free web based:

- Fortiva - e-mail archiving solution


Video Bridging Service Providers

To find a conference facility and also get VC hook-up:
Lad Reporting (located in Washington, DC)
Amanda Cordelli
(301) 762-8282

Video Conferencing Bridging Services:

Precision Videoconferencing Solutions
David Sayer
(720) 214-2347

Amy Eldridge
(970) 587-8003

Adam Moss
Providea Inc.
Major Account Manager
408-280-0537 (office)

1717 North Penny Lane, Suite 2
Schaumburg, Illinois 60173
1-800-266-3373 (select option 1)
1-847-413-3498 (select option 1)
1-800-866-1096 Fax



Video Utility::Link::Download

VLC media player
Free utility useful for a few nagging functions - snapping jpgs out of videos, grabbing some video off a DVD, etc.


Labels: ,


ESX Time Source

set up ESX hosts with an NTP source…


To configure NTP on the service console, you must:

  • Edit the following configuration files, as described in the following sections:

  • For ESX Server 3.0 only, run the following command. This opens the appropriate ports and enables the NTP daemon to talk with the external server.

  • [root@esxhost]# esxcfg-firewall --enableService ntpClient

  • Restart ntpd.
  • Labels:


    Citrix::ICA::Session Sharing

    Troubleshooting and Explaining Session Sharing

    Understanding and Troubleshooting Citrix's Seamless Windows Engine



    Network Latency

    Latency due to distance = approximately 1ms per 100km

    from: http://www.nessoft.com/kb/42

    There are two *normal* factors that significantly influence latency
    • The latency of the connecting device. For a cable modem, this can normally be between 5 and 40 ms. For a DSL modem this is normally 10 to 70ms. For a dial-up modem, this is normally anywhere from 100 to 220ms. For a cellular link, this can be from 200 to 600 ms. For a T1, this is normally 0 to 10 ms.

    • The distance the data is traveling. Data travels at (very roughly) 120,000 miles (or 192,000 kilometers) per second, or 120 miles (192 km) per ms (millisecond) over a network connection. With traceroute, we have to send the data there and back again, so the latency will raise roughly 1ms for every 60 miles (96km, although with the level of accuracy we're using here, we should say "100km") of distance between you and the target.



    Internet Explorer::cannot post data to a non-NTLM-authenticated Web site


    You cannot post any data to non-NTLM authenticated Web sites.

    This issue can occur after you visit an NTLM authenticated folder.

    add a value to the following registry key:
    HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Internet Settings/
    Add the following registry value:
    Value Name: DisableNTLMPreAuth
    Data Type: REG_DWORD
    Value: 1

    Also, turn off Enable Integrated Windows Authentication in Internet Explorer.
    1. Start Internet Explorer.
    2. Click Tools, click Internet Options, and then click the Advanced tab.
    3. Under Security, click to de-select Enable Integrated Windows Authentication (requires restart), and then click Apply.
    4. Close Internet Explorer.

    To resolve this issue from the server side, configure the Web site to use either of the following authentication methods:
    • Configure the Web site to permit anonymous access only.
    • Configure the Web site to permit both anonymous access and NLTM authentication (Integrated Windows authentication).


    VMWare::ESX::CPU Percent Ready

    Good discussion about what this means and how to optimize CPU performance.

    "%Ready = Percent of time there is work to be done, and no physical CPU to do it on.

    One rule of thumb that I use (saw it here some time ago) is that up to 5% Ready is OK, even normal; anything between 5% and 10%, best keep an eye on the VM and the host. Over 10% (for extended periods) you best be planning on taking some action.

    One thing to keep in mind, if the VM is assigned multiple CPUs, they must both be scheduled on physical CPUs/cores simultaniously. This can cause you some headache (voice of experience here.) If only one CPU has work, both need to be scheduled, which is harder to do, and can take longer, increasing %Ready, response time, and reducing resources for other VMs."

    "If you change from a multi-processor system to a uni-processor system you need to manually change the HAL on the Windows server after the conversion. To do this go into Device Manager after the machine first boots and discovers it's new hardware and then click on Computer then right-click on the processor and select Update Driver. Then select Install from specific location and then Don't search I will choose the driver to install. Then select show All compatible hardware and select the appropriate processor. For example, if you went from a dual cpu to a single cpu then select ACPI uni-processor PC instead of ACPI multi-processor PC. You will need to reboot once you change this. To verify what HAL you are using you right-click your hal.dll in c:\windows\system32 and select the Version tab and select Internal Name and it should say halmacpi.dll for multi-processor acpi and halacpi.dll for uni-processor acpi.

    Next clean up all the non-present hardware after the P2V conversion. To do this go to a CMD prompt and type SET DEVMGR_SHOW_NONPRESENT_DEVICES=1 and then DEVMGMT.MSC and then select Show Hidden Devices. Delete any old grayed out hardware.

    Next remove any vendor specific applications/drivers. For example on a HP server you should go to Add/Remove programs and remove any HP management agents, survey utility, array config utility, version control agent, etc. Also check your NIC and make sure there are no vendor specific drivers there (ie. teaming). Check the Services to see if all there is anything vendor specific related there and disable any services that are. "


    VBS::Parsing CSV

    This is a great ongoing series:
    Hey Scripting Guy!

    Const ForReading = 1

    Set objFSO = CreateObject("Scripting.FileSystemObject")
    Set objFile = objFSO.OpenTextFile("C:\Scripts\Test.txt", ForReading)

    Do Until objFile.AtEndOfStream
    strLine = objFile.ReadLine
    arrFields = Split(strLine, ",")

    If InStr(arrFields(1), "Everyone") Then
    strContents = strContents & arrFields(5) & vbCrlf
    End If


    Set objFile = objFSO.CreateTextFile("C:\Scripts\Everyone.txt")
    objFile.Write strContents