tag:blogger.com,1999:blog-27584762386982784682024-03-05T09:18:12.138-05:00Nerds Know BestTips, tricks and fixes for the techies of the world.Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comBlogger50125tag:blogger.com,1999:blog-2758476238698278468.post-34920641160295098482022-07-23T12:11:00.003-04:002022-07-23T13:10:13.542-04:00Using Redirects For Easy Profile Linking<p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3PXI4OoEh0oyCgC5HHxZOQXD6SZx0RZYKPt0CRsZtGuHHk8CuHGA7zvFiVTOJFOgh5C0VNAXPR9klfpfVWrNhy_K3KNjAzPVi2HMwHVieuKcVWWTu9UyklIZMuN2osabWJoZYtAIHGn260EM8B90A9ybMu91fnfSKBq918fJjuZg81shD2mnbEMYc/s599/redirect.png" style="margin-left: 1em; margin-right: 1em;"><img alt="301 Redirect" border="0" data-original-height="426" data-original-width="599" height="285" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3PXI4OoEh0oyCgC5HHxZOQXD6SZx0RZYKPt0CRsZtGuHHk8CuHGA7zvFiVTOJFOgh5C0VNAXPR9klfpfVWrNhy_K3KNjAzPVi2HMwHVieuKcVWWTu9UyklIZMuN2osabWJoZYtAIHGn260EM8B90A9ybMu91fnfSKBq918fJjuZg81shD2mnbEMYc/w400-h285/redirect.png" width="400" /></a></div><p></p><p><span style="font-family: inherit;">If you're anything like me, you probably have a plethora of user profiles all over the web. Most of these have some rather ugly URLs which makes sharing and linking to these profiles kind of cumbersome. For example, my user profile on Garmin Connect is <a href="https://connect.garmin.com/modern/profile/d04d79c2-2124-431d-b186-96e3ce48a7ba" target="_blank">https://connect.garmin.com/modern/profile/d04d79c2-2124-431d-b186-96e3ce48a7ba</a>. If you're talking with a friend or at an event, you're probably not going to tell somebody to follow you and spell out a nasty URL like that. It's much easier to just tell them something like <a href="http://garmin.gregkjono.com" target="_blank">garmin.gregkjono.com</a> and have that automatically forward them to that long cryptic URL.</span></p><p><span style="font-family: inherit;">This is done using HTTP redirects, or a forwarding service. HTTP redirects have been around for decades. In years past, you could use a web server to redirect users from one URL to another. </span><span style="font-family: inherit;">Now, Google Domains allows you to easily setup redirects like this using their forwarding service. </span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEij18B3bov6nWeuCrwlKmz20LyE_yNFhQd_7p-_JsedWSokp-HU0_DYEEKwEc9J8ZCPHII3bNqwhPSZ6120SUwqenALxYvTttacWuQZOARCLkIeRHh_nOap7aBBTPyaZjIbV-YjVTJ8QK17xziIVyitVRZUuBvRwTw57du0b74tUQxR2TvMTPlPi9O2/s1126/Web%20forwarding.png" style="margin-left: 1em; margin-right: 1em;"><img alt="Web Forwarding" border="0" data-original-height="420" data-original-width="1126" height="149" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEij18B3bov6nWeuCrwlKmz20LyE_yNFhQd_7p-_JsedWSokp-HU0_DYEEKwEc9J8ZCPHII3bNqwhPSZ6120SUwqenALxYvTttacWuQZOARCLkIeRHh_nOap7aBBTPyaZjIbV-YjVTJ8QK17xziIVyitVRZUuBvRwTw57du0b74tUQxR2TvMTPlPi9O2/w400-h149/Web%20forwarding.png" width="400" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: left;">If you go into the advanced options you have some more options as well. You can choose whether it's a permanent redirect, or temporary.</div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOsQqQ_IUD3_WoRkqOlpAkIei8CpibfLSrvt797BwMuRQH6x9k7hUjeOGMeVvbaFYW4x8dB1ICBMS45jkZ5ci6emxn4wjre83CDHJiG7R3ewweGDb8MPxDLZbYY2j-ixRLuK1zrd4Ce3aE7jt98hMrI0NkGV2gd7fgM9WkezqGmOZr3E8AC5cJPic7/s1090/forwarding.png" style="margin-left: 1em; margin-right: 1em;"><img alt="Temporary or Permanent Forwarding" border="0" data-original-height="472" data-original-width="1090" height="174" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOsQqQ_IUD3_WoRkqOlpAkIei8CpibfLSrvt797BwMuRQH6x9k7hUjeOGMeVvbaFYW4x8dB1ICBMS45jkZ5ci6emxn4wjre83CDHJiG7R3ewweGDb8MPxDLZbYY2j-ixRLuK1zrd4Ce3aE7jt98hMrI0NkGV2gd7fgM9WkezqGmOZr3E8AC5cJPic7/w400-h174/forwarding.png" width="400" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: left;">Path forwarding is another advanced option. If you choose "Do not forward" here, any file path with be redirected to the exact URL that you set to forward to. If you do forward paths, /file on one domain would redirect to /file on the domain that you forward to. Personally, I almost always choose to not forward paths.</div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJptfeTHM3BkNWiWDiuee42TPJdqwdpreBUXihXXLzeAUoe1dTxnlkFQHgEo8CEjXY9_L_TalDzZAVa25odqZ0g9hVQJlOakLddesWdeaK2F52IZLU_qIM2W0RZ1FHf3dBJHn9GQYF41GxXSkY3Dg2Lqixk-TAKvIFuS0l6Zj6F_IS_cfKYHOQ8nnY/s1112/path%20forwarding.png" style="margin-left: 1em; margin-right: 1em;"><img alt="Path Forwarding" border="0" data-original-height="593" data-original-width="1112" height="214" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJptfeTHM3BkNWiWDiuee42TPJdqwdpreBUXihXXLzeAUoe1dTxnlkFQHgEo8CEjXY9_L_TalDzZAVa25odqZ0g9hVQJlOakLddesWdeaK2F52IZLU_qIM2W0RZ1FHf3dBJHn9GQYF41GxXSkY3Dg2Lqixk-TAKvIFuS0l6Zj6F_IS_cfKYHOQ8nnY/w400-h214/path%20forwarding.png" width="400" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div>The final advanced option is whether to forward SSL (HTTPS) requests as well. I enabled this every time, otherwise if somebody tries to use HTTPS, it would just fail.<p></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJh5VvZvdhZ4LaOr8aYOjx2y8ARCCH8TfMKc9FpMYZoeaRVP0WHp85MDGjumCBTv55btLEBcmvCPkJhaOB0dJPPdarAy7UKnc9vjrgKCg39GmY5xd1mfGj0kfGqVULliRc_kNQy5ouylVH5MsSR3cbt4qjqrb9FQ0kDLSfQuEM0uZaWbVfzTGDhSuN/s1041/ssl%20forwarding.png" style="margin-left: 1em; margin-right: 1em;"><img alt="SSL forwarding" border="0" data-original-height="423" data-original-width="1041" height="163" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJh5VvZvdhZ4LaOr8aYOjx2y8ARCCH8TfMKc9FpMYZoeaRVP0WHp85MDGjumCBTv55btLEBcmvCPkJhaOB0dJPPdarAy7UKnc9vjrgKCg39GmY5xd1mfGj0kfGqVULliRc_kNQy5ouylVH5MsSR3cbt4qjqrb9FQ0kDLSfQuEM0uZaWbVfzTGDhSuN/w400-h163/ssl%20forwarding.png" width="400" /></a></div><p></p><p><span style="font-family: inherit;">None of these services have any additional fees, as long as you are using Google Domains as your domain registrar.</span></p><p><span style="font-family: inherit;">So, being I have gregkjono.com registered with Google domains, I was able to setup a lengthy list of redirects, like these</span></p><p style="text-align: center;"></p><div style="text-align: left;"><ul style="text-align: left;"><li><span style="font-family: inherit;"><a href="http://garmin.gregkjono.com" target="_blank">garmin.gregkjono.com</a><span> redirect to </span><a href="https://connect.garmin.com/modern/profile/d04d79c2-2124-431d-b186-96e3ce48a7ba" target="_blank">https://connect.garmin.com/modern/profile/d04d79c2-2124-431d-b186-96e3ce48a7ba</a></span></li><li><span style="font-family: inherit;"><a href="http://strava.gregkjono.com" target="_blank">strava.gregkjono.com</a><span> </span><span>redirects to </span><a href="https://www.strava.com/athletes/45063882" target="_blank">https://www.strava.com/athletes/45063882</a></span></li><li><span style="font-family: inherit;"><span style="color: #3c4043; letter-spacing: 0.2px;"><a href="http://trailforks.gregkjono.com" target="_blank">trailforks.gregkjono.com</a></span> redirects to<span style="color: #3c4043; letter-spacing: 0.2px;"> </span><span style="letter-spacing: 0.2px;"><span style="color: #3c4043;"><a href="https://www.trailforks.com/profile/Gkjono/" target="_blank">https://www.trailforks.com/profile/Gkjono/</a></span></span></span></li><li><span style="letter-spacing: 0.2px;">You get the idea...</span></li></ul><div><span style="letter-spacing: 0.2px;">You can also go to a another level with these. For example, I have multiple Instagram accounts. What I did was redirect <a href="http://instagram.gregkjono.com" target="_blank">instagram.gregkjono.com</a> to my main personal Instagram account. Then I added subdomains below instagram.gregkjono.com for my more focused Instagram accounts. So, now I have a list like this.</span></div><div><ul style="text-align: left;"><li><span style="font-family: inherit;"><a href="http://instagram.gregkjono.com" target="_blank">instagram.gregkjono.com</a><span> redirects to </span><span style="color: #3c4043; letter-spacing: 0.2px;"><a href="https://www.instagram.com/gregkjono" target="_blank">https://www.instagram.com/gregkjono</a></span></span></li><li><span style="font-family: inherit;"><a href="http://diving.instagram.gregkjono.com" target="_blank">diving.instagram.gregkjono.com</a> redirects to <a href="https://www.instagram.com/gregkjono_dives/" target="_blank">https://www.instagram.com/gregkjono_dives/</a></span></li><li><span style="font-family: inherit;"><a href="http://fitness.instagram.gregkjono.com" target="_blank">fitness.instagram.gregkjono.com</a> redirects to <a href="https://www.instagram.com/run.lift.ride.climb.etc/" target="_blank">https://www.instagram.com/run.lift.ride.climb.etc/</a></span></li></ul></div><div><span style="letter-spacing: 0.2px;">So, all-in-all, this is a simple trick to simplify your online presence. </span><span style="font-family: inherit; letter-spacing: 0.2px;">If you'd like more details on setting these up, Google has a </span><a href="https://support.google.com/domains/answer/4522141?hl=en#subdomain" style="font-family: inherit; letter-spacing: 0.2px;" target="_blank">walk-through</a><span style="font-family: inherit; letter-spacing: 0.2px;"> in their help pages.</span></div></div><p></p>Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comTampa, FL, USA27.950575 -82.4571776-0.35965883617884487 -117.6134276 56.260808836178846 -47.300927599999994tag:blogger.com,1999:blog-2758476238698278468.post-75980665415551736492022-07-18T18:29:00.004-04:002022-11-24T17:16:05.201-05:00SolarWinds KB<p> </p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiS2tyFQf7UQyJ-s0Fc9sy_CHyCdj1ssSQlHwwbFp6m-HrEgrFukPIHy8bYXwVKb36Q4_mnHdAk_AD37VvMjIf8V9SJoYCCcmtUo5ZhgOWLynVNi6TFp1-TzPkloe6iR6Ekn3bXxrdqfEPCSQf26aBjG-t7CTde37fzRHaTx13KxmrpEJpDzihARdbV/s1106/Performance%20Analysis.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="331" data-original-width="1106" height="120" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiS2tyFQf7UQyJ-s0Fc9sy_CHyCdj1ssSQlHwwbFp6m-HrEgrFukPIHy8bYXwVKb36Q4_mnHdAk_AD37VvMjIf8V9SJoYCCcmtUo5ZhgOWLynVNi6TFp1-TzPkloe6iR6Ekn3bXxrdqfEPCSQf26aBjG-t7CTde37fzRHaTx13KxmrpEJpDzihARdbV/w400-h120/Performance%20Analysis.png" width="400" /></a></div><p></p><p>I've been doing work on SolarWinds products for close to a decade now, including several years as a SolarWinds consultant. </p><p>I'm kicking off a new blog dedicated exclusively to SolarWinds at <a href="https://solarwinds.gregkjono.com">https://solarwinds.gregkjono.com</a> where I will be sharing various scripts, queries, tips and tricks that you can use to fix, enhance, automate and integrate your SolarWinds environment. There's an RSS feed available at <a href="http://solarwinds.gregkjono.com/feeds/posts/default" target="_blank">http://solarwinds.gregkjono.com/feeds/posts/default</a> which you can follow to get notified of new posts as well.</p><p>In relation, I am also starting to dump various scripts and queries to a <a href="https://github.com/gkjono/SolarWinds-Tools" target="_blank">GitHub repo</a>. Feel free to follow me on GitHub if you'd like to keep an eye on it.</p>Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comTampa, FL, USA27.950575 -82.4571776-0.35965883617884487 -117.6134276 56.260808836178846 -47.300927599999994tag:blogger.com,1999:blog-2758476238698278468.post-82911943016050194902017-01-18T17:05:00.000-05:002017-01-18T17:05:00.180-05:00Alternate Resolution: The public folder database contains folder replicas<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="font-family: Georgia, Times New Roman, serif;">I had a rather complex Exchange environment. I started with an Exchange 2010 server which I configured in a hybrid exchange configuration with Office 365, then later added an Exchange 2016 server on premise. I wanted to remove the Exchange 2010 server leaving just the Exchange 2016 server and Office 365 in a hybrid environment. However, I kept getting the error below when I was trying to remove the Exchange 2010 Public Folder database.</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<div style="background-color: white; border: 0px; box-sizing: border-box; color: #171717; font-style: italic; line-height: 1.5; margin-bottom: 2.2rem; margin-left: 1.5rem; margin-right: 1.5rem; padding: 0px; vertical-align: baseline; word-break: break-word; word-wrap: break-word;">
<span style="font-family: Georgia, Times New Roman, serif;">The public folder database ‘Public Folder Database’ cannot be deleted.</span></div>
<div style="background-color: white; border: 0px; box-sizing: border-box; color: #171717; font-style: italic; line-height: 1.5; margin-bottom: 2.2rem; margin-left: 1.5rem; margin-right: 1.5rem; padding: 0px; vertical-align: baseline; word-break: break-word; word-wrap: break-word;">
<span style="font-family: Georgia, Times New Roman, serif;">Public Folder Database<br style="box-sizing: border-box;" />Failed<br style="box-sizing: border-box;" />Error:<br style="box-sizing: border-box;" />The public folder database “Public Folder Database” contains folder replicas. Before deleting the public folder database, remove the folders or move the replicas to another public folder database. For detailed instructions about how to remove a public folder database, see http://go.microsoft.com/fwlink/?linkid=81409&clcid=0x409.</span></div>
<span style="font-family: Georgia, Times New Roman, serif;">I had already removed all of the public folders, but the error was persistent. However, my Google foo pulled up this resolution buried in a comment on the 300th page I looked at. This worked for me, hopefully it can help you too.</span><br />
<span style="font-family: Georgia, Times New Roman, serif;"><br /></span>
<span style="background-color: white; color: #171717;"><span style="font-family: Georgia, Times New Roman, serif;">Set-OrganizationConfig -PublicFolderMigrationComplete $True</span></span><br />
<span style="background-color: white; color: #171717;"><span style="font-family: Georgia, Times New Roman, serif;"><br /></span></span>
<span style="background-color: white;"><span style="color: #171717; font-family: Georgia, Times New Roman, serif;">Remove-PublicFolderDatabase "Public Folder Database" -RemoveLastAllowed</span></span><br />
<span style="background-color: white;"><span style="color: #171717; font-family: Georgia, Times New Roman, serif;"><br /></span></span>
<span style="background-color: white;"><span style="color: #171717; font-family: Georgia, Times New Roman, serif;">****Use at your own risk****</span></span>Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-50299951568083257042017-01-05T17:05:00.000-05:002017-01-05T17:05:01.639-05:00RESOLVED - We couldn't install updates because there's a problem with the date and time information on your deviceI ran into a very misleading error on my Windows 10 and Windows 2016 systems the other day. When trying to run Windows Update it returned a message saying something like "We couldn't install updates because there's a problem with the date and time information on your device". I checked the event logs and saw a few other errors that hinted at it being a date/time related issue as well.<br />
<br />
<blockquote class="tr_bq">
Log Name: Microsoft-Windows-WindowsUpdateClient/Operational<br />
Source: Microsoft-Windows-WindowsUpdateClient<br />
Date: 1/4/2017 1:45:54 PM<br />
Event ID: 25<br />
Task Category: Windows Update Agent<br />
Level: Error<br />
Keywords: Failure,Check for Updates<br />
User: SYSTEM<br />
Computer: UpdateClientSystem<br />
Description:<br />
Windows Update failed to check for updates with error 0x800B0101.</blockquote>
There was another variation of this error with a different error code as well.<br />
<blockquote class="tr_bq">
<br />
Windows Update failed to check for updates with error 0x80248014.</blockquote>
<br />
Of course I Googled the crap out of these errors, and everything pointed to the time being off on by system. I checked the date and time on both the system I was trying to update, and the WSUS server and they both looked correct. I ran "w32tm /resync" on both of them to resync the time with our NTP servers, but that didn't change anything either. I applied any missing patches on my WSUS server, including a few that were supposedly related to patching Windows 10/Windows2016, and it still failed.<br />
<br />
Looking at the WindowsUpdate.log file, there was finally a hint at the truth.<br />
<br />
<blockquote class="tr_bq">
2017/01/04 12:27:37.6720022 1136 388 WebServices Auto proxy settings for this web service call.<br />
2017/01/04 12:27:37.7919013 1136 388 WebServices WS error: There was an error communicating with the endpoint at 'https://WSUS-SERVER.DDOMAIN.LOCAL:8531/ClientWebService/client.asmx'.<br />
2017/01/04 12:27:37.7919026 1136 388 WebServices WS error: There was an error sending the HTTP request.<br />
2017/01/04 12:27:37.7919045 1136 388 WebServices WS error: <span style="background-color: yellow;">A required certificate is not within its validity period</span> when verifying against the current system clock or the timestamp in the signed file.<br />
2017/01/04 12:27:37.7921406 1136 388 WebServices WS error: The date in the certificate is invalid or has expired<br />
2017/01/04 12:27:37.7921478 1136 388 WebServices Web service call failed with hr = 800b0101.</blockquote>
That's right, the certificate was expired on my WSUS server. It had nothing to do the date or time on my Windows Update client, or the WSUS server. I renewed the certificate that was configured in the IIS bindings on my WSUS server and everything was happy again!Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-74709860780872826222016-09-28T17:01:00.000-04:002016-09-28T17:01:08.221-04:00Microsoft released a series of patches that broke user group policies - Resolution<div class="MsoNormal">
<span style="font-family: "verdana" , sans-serif;">Microsoft
released a series of patches that broke user group policies. Below is a snippet
from the TechNet blog at <a href="https://blogs.technet.microsoft.com/askpfeplat/2016/07/05/who-broke-my-user-gpos/">https://blogs.technet.microsoft.com/askpfeplat/2016/07/05/who-broke-my-user-gpos/</a>.<o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div style="background: white; margin-bottom: .0001pt; margin: 0in; vertical-align: baseline;">
<span style="color: #454545; font-family: "segoe ui" , sans-serif; font-size: 10.5pt;">We released new security patches for all currently supported
Operating Systems. Among those patches was this one:<span class="apple-converted-space"> </span><a href="https://support.microsoft.com/en-us/kb/3163622" style="box-sizing: inherit; font-style: inherit; font-weight: inherit; outline: 0px;"><span style="border: none 1.0pt; color: #969696; font-family: "inherit" , serif; padding: 0in;">MS 16-072</span></a>, which is also referenced as<span class="apple-converted-space"> </span><a href="https://support.microsoft.com/en-us/kb/3163622" style="box-sizing: inherit; font-style: inherit; font-weight: inherit; outline: 0px;"><span style="border: none 1.0pt; color: #969696; font-family: "inherit" , serif; padding: 0in;">KB 3163622</span></a>. OS Specific articles are released as
3159398, 3163017, 3163018, and 3163016.<br /><br /><o:p></o:p></span></div>
<div style="background: white; box-sizing: inherit; margin: 0in 0in 0.0001pt; outline: 0px; vertical-align: baseline; word-wrap: break-word;">
<span style="color: #454545; font-family: "segoe ui" , sans-serif; font-size: 10.5pt;"><a href="http://support.microsoft.com/kb/3159398" style="box-sizing: inherit; font-style: inherit; font-weight: inherit; outline: 0px;"><span style="border: none 1.0pt; color: #969696; font-family: "inherit" , serif; padding: 0in;">KB 3159398</span></a><span class="apple-converted-space"> </span>– Vista, 2008, 7, 2008 R2, 2012, 8.1,
2012 R2<br style="box-sizing: inherit;" />
<a href="http://support.microsoft.com/kb/3163017" style="box-sizing: inherit; font-style: inherit; font-weight: inherit; outline: 0px;"><span style="border: none 1.0pt; color: #969696; font-family: "inherit" , serif; padding: 0in;">KB 3163017</span></a><span class="apple-converted-space"> </span>–
Windows 10 TH1<br style="box-sizing: inherit;" />
<a href="http://support.microsoft.com/kb/3163018" style="box-sizing: inherit; font-style: inherit; font-weight: inherit; outline: 0px;"><span style="border: none 1.0pt; color: #969696; font-family: "inherit" , serif; padding: 0in;">KB 3163018</span></a><span class="apple-converted-space"> </span>–
Windows 10 TH2 and Server 2016 TP4<br style="box-sizing: inherit;" />
<a href="https://support.microsoft.com/en-us/kb/3163016" style="box-sizing: inherit; font-style: inherit; font-weight: inherit; outline: 0px;"><span style="border: none 1.0pt; color: #969696; font-family: "inherit" , serif; padding: 0in;">KB 3163016</span></a><span class="apple-converted-space"> </span>–
Server 2016 TP5<br /><br /><o:p></o:p></span></div>
<div style="background: white; box-sizing: inherit; margin: 0in 0in 0.0001pt; outline: 0px; vertical-align: baseline; word-wrap: break-word;">
<span style="color: #454545; font-family: "segoe ui" , sans-serif; font-size: 10.5pt;">NOTE: The AskDS blog also has some excellent content out there
on this topic that can be found<span class="apple-converted-space"> </span><a href="https://blogs.technet.microsoft.com/askds/2016/06/22/deploying-group-policy-security-update-ms16-072-kb3163622/" style="box-sizing: inherit; font-style: inherit; font-weight: inherit; outline: 0px;"><span style="border: none 1.0pt; color: #969696; font-family: "inherit" , serif; padding: 0in;">here</span></a>.<o:p></o:p></span></div>
<div style="background: white; box-sizing: inherit; margin: 0in 0in 0.0001pt; outline: 0px; vertical-align: baseline; word-wrap: break-word;">
<span style="color: #454545; font-family: "segoe ui" , sans-serif; font-size: 10.5pt;">After applying the appropriate patch to your systems, User group
policies are retrieved from SYSVOL differently than before. Prior to the
update, domain joined computers used the<span class="apple-converted-space"> </span><strong style="box-sizing: inherit; font-style: inherit; outline: 0px;"><span style="border: 1pt none windowtext; font-weight: normal; padding: 0in;">user’s
security</span></strong><span class="apple-converted-space"> </span>context
to make the connection and retrieve the policies. <span style="background: yellow; mso-highlight: yellow;">After the update is applied, domain joined computers will
now retrieve all policies using the<span class="apple-converted-space"> </span><strong style="box-sizing: inherit; font-style: inherit; outline: 0px;"><span style="border: 1pt none windowtext; font-weight: normal; padding: 0in;">computer
security</span></strong><span class="apple-converted-space"> </span>context.
The users that get the policy is still controlled by the policy scope just like
before. The only change is the computer is getting the policy for the user</span>.<o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="font-family: "verdana" , sans-serif;">Ones that
still had the default security scope of “authenticated users” typically still
worked because that also grants the permission to any domain authenticated
computers.<o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="font-family: "verdana" , sans-serif;">To work
around this change, the computer account will need “read” access to all GPOs in
order to evaluate whether the user policies are applicable. I used group policy
to grant the “domain computers” group read access to all existing group
policies, and modified the security descriptor in the defaultSecurityDescriptor
property of the CN=Group-Policy-Container object in the AD schema so that new
policies will get this permission by default. I have tested this and it seems
to have fixed the issue in new and existing group policies. I originally
thought this may be directly related to Windows 10 being that’s where I was
seeing it, but I guess not. If you have had issues with user group policies
lately, this was probably the problem.<o:p></o:p></span></div>
<br />
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="font-family: "verdana" , sans-serif;">Below is exactly what I did to fix the issue.</span></div>
<div class="MsoNormal">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: "verdana" , sans-serif;">From an elevated PowerShell prompt I ran:</span><br />
<span style="font-family: "verdana" , sans-serif;">Set-GPPermissions -all -PermissionLevel GpoRead -TargetName “Domain Computers” -TargetType Group</span></div>
<div class="MsoNormal">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: "verdana" , sans-serif;">That grants the "domain computers" group read permissions to all of the existing group policies. This will not remove any other permissions that were already granted to that group.</span></div>
<div class="MsoNormal">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: "verdana" , sans-serif;">Next I logged in to the domain controller that holds the operations master role. From there you can open ADSIedit and connect to the schema naming context. Find the CN=Group-Policy-Container object, right-click and click properties. Locate the defaultSecurityDescriptor attribute, and click edit. Append (A;CI;LCRPLORC;;;DC) to the end of that string. This will grant the "domain computers" group read access to any new group policies that are created in the domain.</span></div>
Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-37737026527960355822016-06-29T08:00:00.000-04:002016-06-29T08:00:34.986-04:00Delete Exchange Management Console CacheI recently ran into an issue with the Exchange Management Console (EMC) trying to contact old non-existent domain controllers after a Active Directory domain upgrade. When I tried to access parts of Exchange through the Exchange Management Console, it would prompt a message saying that "Unable to find 'OldDC.domain.local' computer information in domain controller 'OldDC.domain.local' to perform the suitability check. Verify the fully qualified domain name. It was running the command " or "OldDC.domain.local isn't a fully qualified domain name (FQDN). Please provide valid FQDN".<br />
<br />
To solve this problem, I just needed to delete the MMC cache for the Exchange Management Console at "C:\Users\%username%\AppData\Roaming\Microsoft\MMC\Exchange Management Console".Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-44796087113326638702013-11-27T22:27:00.000-05:002013-11-27T22:38:19.716-05:00Quick JPEG Optimization to Speed Up Your Web SiteIf you would like to quickly optimize the jpeg images for your web site, here's a quick method that works pretty good.<br />
<br />
First, download <a href="http://jpegclub.org/jpegtran.exe">jpegtran.exe</a>, and save it to C:\<br />
<br />
Download your image files to C:\Users\administrator\Desktop\files, or change the path in the code below to point to the root folder where you want to search for images to optimize. The script will crawl through subdirectories, so don't worry about the directory structure under the path that you specify.<br />
<br />
Open a PowerShell prompt (you may need to "run as administrator" depending on your security settings). If your files are in a different path, or you placed jpegtran.exe edit the code below to reflect those difference. Run the code below.<br />
<br />
<br />
<pre>$files = Get-ChildItem -Path C:\Users\administrator\Desktop\files -Recurse | where {$_.Extension -eq ".jpg"}
foreach($file in $files){
[string]$image = $file.FullName
[string]$cmd = "C:\jpegtran.exe -copy none -optimize $image $image"
Invoke-Expression $cmd
}
</pre>
<br />
The way the previous code is written, it will overwrite the existing file with the optimized one, so make a copy of them first if you want to keep the original as well.<br />
<br />
I hope that helps. I optimized all of the JPEGs on one of my sites in a few minutes, and that includes writing the PowerShell code above.Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-70743516901634656752013-10-31T20:36:00.000-04:002013-10-31T20:36:55.279-04:00How to Setup Visual Studio (TFS) Test Agents in the CloudWe ran into some issues trying to get the Visual Studio Test Agents to register and communicate with the Visual Studio Test Controller when the controller is inside our network, and the agents are in the cloud. There are some strange quirks that need to be addressed before this will work. However, following these steps you should be able to run test agents on VMs in Amazon AWS EC2, Microsoft Windows Azure, etc.<a name='more'></a><br />
<br />
Steps:<br />
<ol>
<li>You will need to NAT a public IP address to the private IP address of your Visual Studio Test Controller system, or place it in a DMZ and assign it a public IP address. I recommend the first option.</li>
<li>You will need to put in firewall rules to allow the following ports from the public IP address of your Visual Studio Test Agent VMs to your Visual Studio Test Controller system.</li>
<ul>
<li>137/udp, 138/udp, 139/tcp, 445/tcp, 6901/TCP, ICMP echo request.</li>
</ul>
<li>Create a domain user named "VsTestService" in the domain where the test controller resides.</li>
<ul>
<li>Add this user ( <domain>\VsTestService ) to the "administrators" group on your Visual Studio Test Controller system.</li>
<li>Add this user ( <domain>\VsTestService ) to the "TeamTestAgentService" group on the Visual Studio Test Controller system.</li>
</ul>
<li>Create a local account on the Visual Studio Test Controller system named "VsTestService" with the exact same password as the domain "VsTestService" account that you created in step 3.</li>
<ul>
<li>Add this user ( <ComputerName>\VsTestService ) to the "admininstrators" group on the Visual Studio Test Controller system.</li>
<li>Add this user ( <ComputerName>\VsTestService ) to the "TeamTestAgentService" group on the Visual Studio Test Controller system.</li>
<li>Add this user ( <ComputerName>\VsTestService ) to the "TeamTestControllerAdmins" group on the Visual Studio Test Controller system.</li>
</ul>
<li>Add the netbios hostname of the Visual Studio Test Agent system to the hosts file on the Visual Studio Test Controller system with the public IP address Visual Studio Test Agent system (or add it to your internal DNS). You can get this by running "echo %computername%" at a command prompt.</li>
<ul>
<li>Keep in mind that the public IP address of these VMs in the cloud often change if you shut off the VM and later power it back on. In this case, you will need to update the hosts file (or internal DNS) each time the IP address changes.</li>
</ul>
<li>Install the Visual Studio Test Controller on the Visual Studio Test Controller system. </li>
<ul>
<li>When configuring it, set the service to run under the domain service account you created ( <domain>\VsTestService ). If you run it under the local account, the test manager will likely fail to authenticate to the test controller.</li>
</ul>
<li>You will need to put in firewall rules to allow the following port 6910/tcp from the public IP address of your Visual Studio Test Controller system to your Visual Studio Test Agent system.</li>
<li>Create a local account on the Visual Studio Test Agent system named "VsTestService" with the exact same password that you used when you created the "VsTestService" accounts in steps 3 and 4.</li>
<ul>
<li>Add this user ( <ComputerName>\VsTestService ) to the "admininstrators" group on the Visual Studio Test Agent system.</li>
</ul>
<li>Add the netbios hostname and FQDN (active directory domain, not internet domain) of the Visual Studio Test Controller system to the hosts file of the Visual Studio Test Agent system with the public IP address of the Visual Studio Test Controller system (see the example below).<blockquote dir="ltr" style="margin-right: 0px;">
<div>
#Example</div>
<div>
111.222.333.444 ControllerName</div>
<div>
111.222.333.444 ControllerName.ADDomain.local</div>
</blockquote>
</li>
<li>Log off of the Visual Studio Test Agent system and log back on with the local "VsTestService" account you created ( <ComputerName>\VsTestService ).</li>
<li>Install the Visual Studio Test Agent on the Visual Studio Test Agent system.</li>
<ul>
<li>When configuring it, set the service to run under the local "VsTestService" account you created ( <ComputerName>\VsTestService ).</li>
</ul>
</ol>
It should install and test successfully if you followed all of these steps correctly!<br />
<br />
Note* If you have any hosts file entries with the IP address 127.0.0.1, it will probably still fail. For more information on this quirk, <a href="http://nerdsknowbest.blogspot.com/2013/10/visual-studio-unable-connect-controller-agent-registered.html" target="_blank">see this article</a>.Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-14636714657373024272013-10-31T19:35:00.000-04:002013-10-31T20:40:58.812-04:00Resolution: Visual Studio Test Agent Unable to Connect to the controller. There is no agent registered...<strong>Problem:</strong> I discovered a weird quirk with the Visual Studio Test Agents (a.k.a. TFS Test Agents). We were trying to set them up to do some load testing, and were getting the error below.<br />
<br />
Unable to connect to the controller on 'MyController:6901'. There is no agent with the name 'MyAgent' registered on the controller.<br />
<br />
If you click on the "View Log" link after attempting to configure the Test Agent, you will see the follwing detailed error:<br />
<br />
V, 2013/10/28, 17:33:25.342, Observed that agent 'MyAgent' does not exist. Microsoft.VisualStudio.TestTools.Exceptions.EqtException: There is no agent with <br />
the name 'MyAgent' registered on the controller.<a name='more'></a><br />
Server stack trace: <br />
at Microsoft.VisualStudio.TestTools.Controller.AgentManager.GetAgentMachine(String agentName)<br />
at Microsoft.VisualStudio.TestTools.Controller.AgentManager.GetAgentProperties(String agentName)<br />
at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Object[]& outArgs)<br />
at System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage msg)<br />
Exception rethrown at [0]: <br />
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)<br />
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)<br />
at Microsoft.VisualStudio.TestTools.Execution.IControllerCommands.GetAgentProperties(String agentName)<br />
at Microsoft.VisualStudio.TestTools.ConfigCore.TestControllerHelper.AgentExists(String agentName, IControllerCommands controllerCmds)<br />
<br />
<strong>Cause:</strong> The problem I had was that the agent's host file had some entries in there pointing to the loopback IP address of 127.0.0.1. For some reason, the controller grabbed the host names from the hosts file on the agent machines, and was trying to talk back to them based on the information in DNS. In our case, this was the load balancers, not the agent machines.<br />
<br />
<strong>Resolution:</strong> <br />
<ol>
<li>Comment out any hostfile entries on the agent machines that have the 127.0.0.1 IP address with a "#" pound sign.</li>
<li>Run "ipconfig /flushdns" on the agent and the controller.</li>
<li>Restart all of the services starting with "Visual Studio" on both the agent and the controller.</li>
<li>Rerun the agent configuration.</li>
</ol>
Note* If you are trying to run the agent on a machine in the cloud, on a workgroup member computer, or a computer from another domain, <a href="http://nerdsknowbest.blogspot.com/2013/10/how-to-setup-visual-studio-tfs-test-agents-cloud.html" target="_blank">see this article as well</a>.<br />
<ol>
</ol>
Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-12689148435748077452013-10-19T10:20:00.000-04:002013-10-19T10:21:41.529-04:00Resolved: WCAT: Invalid code received - Run error detected, terminating clientsWhen implementing WCAT for load testing for the first time I ran into the overly vague error message below.<br />
<br />
All clients connected, Test beginning.<br /> Invalid code received.<br /> message: Run error detected, terminating clients...<br /> message: Terminating all instances of wcclient...<br /> message: Terminating all local instances of wcctl.exe...<a name='more'></a><br />
<br />
Nothing I did seemed to let me get anymore information to help me zero in on the issue. After spending a significant amount of time troubleshooting, I started the client in one window using the command below<br />
<br />
wcclient localhost -b <br />
<br />
Then I opened a separate cmd window and ran my job using this command<br />
<br />
wcctl -clientfile ubr\scenario.ubr -settingsfile ubr\settings.ubr<br />
<br />
Obviously, you need to point to your files in their relative locations, but that's what I ran. The big thing, is that by running it this way, instead of through wcat.wsf you will actually see a useful error message. In my case, missing s semicolon on line 149.<br />
Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-72117376382085354242013-10-19T09:46:00.000-04:002013-10-19T09:50:38.441-04:00Connection Pooling for Commerce Server 2007 and 2009With as little as a couple hundred unique visitors on a website, we were seeing close to 300 SQL logons per second coming from Commerce Server. Every hit to SQL was creating a new connection. Luckily, this is a quick and easy fix to get Commerce Server to start reusing open connections to SQL by using connection pooling. <br />
<br />
Take into account though, if you are using impersonation on your Commerce Server website then this is a security risk. If a one user reuses the SQL connection of a different user, they can assume the security rights of that previous user. <a name='more'></a>See <a href="http://msdn.microsoft.com/en-us/library/aa545755%28v=cs.70%29.aspx">http://msdn.microsoft.com/en-us/library/aa545755%28v=cs.70%29.aspx</a> for more information on those risks.<br />
<br />
To enable connection pooling:<br />
<br />
<div class="ecxMsoNormal">
<span lang="EN">If you are using the 32-bit version of Commerce Server, change the value of the <span class="input">HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Commerce Server 2007\Profiles\UnsafeAuthenticatedConnectionSharing</span> registry key to <span class="input">1</span>.</span></div>
<div class="ecxMsoNormal">
<span lang="EN"></span> </div>
<div class="ecxMsoNormal">
<span lang="EN">If you are using the 64-bit version of Commerce Server, change the value of the <span class="input">HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Commerce Server 2007\Profiles\UnsafeAuthenticatedConnectionSharing</span> registry key to <span class="input">1</span>.</span></div>
<div class="ecxMsoNormal">
<span lang="EN"></span> </div>
<div class="ecxMsoNormal">
<span lang="EN">Then, reset IIS</span></div>
<div class="ecxMsoNormal">
<span lang="EN"></span> </div>
<div class="ecxMsoNormal">
<span lang="EN">These registry keys are valid for Commerce Server 2007 and 2009, despite the registry path saying 2007.</span></div>
<div class="ecxMsoNormal">
<span lang="EN"></span> </div>
<div class="ecxMsoNormal">
<span lang="EN"></span> </div>
<div class="ecxMsoNormal">
<span lang="EN"></span> </div>
<div class="ecxMsoNormal">
<span lang="EN"></span> </div>
Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-10242110143561779572013-09-14T00:38:00.000-04:002013-09-14T00:40:32.457-04:00Resolved: IDRAC Drive Error Either Virtual Media is detached or redirection for the selected virtual disk drive is already in useI haven't used Dell servers much in an enterprise environment, so working with their IDRAC (Integrated Dell Remote Access Controller) controllers was a little new to me. So when I got the error message below when trying to mount an ISO, I was a little confused at first.
<br />
<br />
<b>Drive Error</b>
<b>Either Virtual Media is detached or Virtual Media redirection for the selected virtual disk drive is already in use.
</b><a name='more'></a>
<br />
<br />
I guess it just comes down to sloppy navigation in my mind. You have to go to a completely different screen to "attach the virtual media" before you can mount an ISO.
<br />
<br />
<strong>Resolution:</strong> <br />
<ol>
<li>In IDRAC, click on "System" in the far left column.</li>
<li>Then, click on the "Console/Media" tab.</li>
<li>Then, click on "Configuration".</li>
<li>Then, select "Attach" in the "Status" row under "Virtual Media".</li>
<li>And finally, apply your changes.</li>
</ol>
You should now be able to mount an ISO as you would expect to be able to.<br />
<br />Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-27373253626504931722013-09-14T00:21:00.000-04:002013-09-14T00:40:43.581-04:00Resolved: Error message Windows is unable to install to the selected location. Error: 0x80300001 after loading additional driversThere is a very misleading/deceptive error that you might run into when installing various versions of the Windows operating system. It typically happens when you load additional drivers for raid controllers, fiber cards, SCSI controllers, etc. That error is:<br />
<br />
<strong>Error: "Windows is unable to install to the selected location. Error: 0x80300001."</strong><a name='more'></a><br />
<br />
When you get this error you will most likely get it for every available hard drive. Why? Because the error doesn't actually have anything to do with the disk that you are trying to install the OS too. It is complaining because the OS install CD is no longer in the drive because you took it out to load the drivers! <br />
<br />
<strong>Resolution:</strong> Put the OS install CD back in the CD drive!Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-35122261929268142212013-09-04T22:10:00.000-04:002013-09-04T22:11:21.579-04:00How to Turn On Debug Logging for Group PolicyWhen you are troubleshooting group policy issues, it's helpful to turn on some additional logging. Unfortunately, it's not just a simple switch you turn on. You have to know what you are doing to get those logs.<a name='more'></a><br />
<ol>
<li>Open regedit and go to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion</li>
<li>Create a subkey named "Diagnostics"</li>
<li>Create a new DWORD value under HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics named "GPSvcDebugLevel" (this is case sensitive)</li>
<li>Set the value of GPSvcDebugLevel to 0x00030002</li>
<li>Create the "usermode" directory under %windir%\debug\</li>
<li>You can run "gpupdate /force", but I prefer to reboot so you get a clean log as the policies are applied under normal circumstances.</li>
<li>Your new log is at %windir%\debug\usermode\Gpsvc.log</li>
</ol>
When you are done, change the value of HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics|GPSvcDebugLevel to 0x00000000 to disable the debug log or else it will continue to grow.Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-54980450490940708122013-07-24T20:47:00.000-04:002013-08-18T01:22:07.590-04:00Find a Cure for AIDS With Your Android Smart Phone<span style="font-family: Calibri;">Ever wish you could do more for humanity? Think AIDS sucks? Ever feel like you’re not getting everything out of your smart phone that you could? Thanks to World Community Grid, now your Android smart phone can join in the fight against AIDS by helping to actively search for a cure to AIDS using grid computing technology. </span><br />
<a name='more'></a><span style="font-family: Calibri;"><o:p></o:p></span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;"><a href="http://thekjonoway.blogspot.com/2012/07/grid-computing-can-solve-problem.html" target="_blank">Grid computing</a> (a.k.a. distributed computing) is the concept of taking a bunch of computers or devices and teaming them up to figure out huge problems, which would normally take a single computer a really long time to figure out. Each device checks out a small work packet, does it’s computations on it, then checks in the results and asks for another work packet. These grid computer systems can far out-power the world's most fasted super computers.<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Does the thought of running something like this on your Android smart phone scare you? Think it will kill your phone’s battery or jack up your data usage? According to the good folks at World Community Grid -<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt 0.5in;">
<span style="font-family: Calibri;">The FightAIDS@Home project is the first to be made available on our new Android app, with more projects to follow suit in the future. And don't worry, it won't kill your battery or use up your data quota: by default, the Android app will run only when your device is plugged in, and will only transmit data when your device is connected to a WiFi network.<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Want to help find a cure for AIDS? You need to do two things:</span></div>
<ol>
<li><div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;"><a href="http://www.worldcommunitygrid.org/reg/viewRegister.do" target="_blank">Register with World Community Grid</a> (if you haven't already)</span></div>
</li>
<li><div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;"><a href="http://www.worldcommunitygrid.org/reg/ms/viewDownloadAgain.do?platform=android" target="_blank">Download the app here!</a></span></div>
</li>
</ol>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Don't want to you your phone, but still want to help? They have apps for computers too. <a href="http://www.worldcommunitygrid.org/reg/ms/viewDownloadAgain.do" target="_blank">Download an app for your PC here</a>.</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
</div>
<br><br>Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-7137256873593288292013-07-24T20:22:00.000-04:002013-07-24T20:31:47.730-04:00Enterprise Level Management of Apple Mac OS X Devices<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Apple products seemingly are not designed with enterprise IT
in mind. They do not facilitate centralized management natively, and it’s a pain
point for many IT shops. Never-the-less, companies are still being infiltrated
with these devices as bring-your-own-device (BYOD) concepts gain ground.<o:p></o:p></span></div>
<a name='more'></a><br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">I came across a solution for this problem in one of the last
places I expected. I was doing an on-site interview at Google. Over lunch, one
of the employees there mentioned that they developed a product similar to SCCM,
but to use with Mac OS X devices. Furthermore, this software is freely available in their
code library! How about that? An enterprise level solution for managing software on Apple
devices, developed by one of the largest and most innovative companies in the
world, it’s available for free, and it’s open source so you can make
modifications to it if you want/need to!<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">According to the Google Code page, Simian can:<o:p></o:p></span></div>
<br />
<ul type="disc">
<li class="MsoNormal" style="line-height: normal; margin: 0in 0in 0.05in; mso-list: l0 level1 lfo1; mso-margin-top-alt: auto; tab-stops: list .5in;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt; mso-fareast-font-family: "Times New Roman";">Deploy new or updated software by targeting a single
Mac or tens of thousands. <o:p></o:p></span></li>
<li class="MsoNormal" style="line-height: normal; margin: 0in 0in 0.05in; mso-list: l0 level1 lfo1; mso-margin-top-alt: auto; tab-stops: list .5in;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt; mso-fareast-font-family: "Times New Roman";">Deploy updates whether the Mac is on an internal
network/VPN or not. <o:p></o:p></span></li>
<li class="MsoNormal" style="line-height: normal; margin: 0in 0in 0.05in; mso-list: l0 level1 lfo1; mso-margin-top-alt: auto; tab-stops: list .5in;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt; mso-fareast-font-family: "Times New Roman";">Force unattended/background installation of some
packages, while allowing others to be optional. <o:p></o:p></span></li>
<li class="MsoNormal" style="line-height: normal; margin: 0in 0in 0.05in; mso-list: l0 level1 lfo1; mso-margin-top-alt: auto; tab-stops: list .5in;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt; mso-fareast-font-family: "Times New Roman";">Forcefully deploy security patches and reboot Macs
after a given date, with varying levels of warning notifications. <o:p></o:p></span></li>
<li class="MsoNormal" style="line-height: normal; margin: 0in 0in 0.05in; mso-list: l0 level1 lfo1; mso-margin-top-alt: auto; tab-stops: list .5in;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt; mso-fareast-font-family: "Times New Roman";">Tightly manage Apple Software Update catalogs and
update release, or let updates auto-promote automatically. <o:p></o:p></span></li>
<li class="MsoNormal" style="line-height: normal; margin: 0in 0in 0.05in; mso-list: l0 level1 lfo1; mso-margin-top-alt: auto; tab-stops: list .5in;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt; mso-fareast-font-family: "Times New Roman";">Dynamically target clients based on user, hostname, OS
version, group (tag), and more. <o:p></o:p></span></li>
<li class="MsoNormal" style="line-height: normal; margin: 0in 0in 0.05in; mso-list: l0 level1 lfo1; mso-margin-top-alt: auto; tab-stops: list .5in;"><span style="font-family: "Arial","sans-serif"; font-size: 10pt; mso-fareast-font-family: "Times New Roman";">Obtain reports on all of this and the fleet overall.<o:p></o:p></span></li>
</ul>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">If this is something that you are interested in, you can
check out this product at </span><a href="http://code.google.com/p/simian/"><span style="color: #0563c1; font-family: Calibri;">http://code.google.com/p/simian/</span></a><o:p></o:p></div>
Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-20367563740138001342013-06-30T23:23:00.001-04:002013-06-30T23:33:31.557-04:00Resolution: Error during encryption or decryption. System error code 997 in SharePointI was recently ran into an issue in SharePoint where my Central Administration web app disappeared. When I tried to redeploy Central Administration, I was confronted with the error below.<br />
<br />
An exception of type System.ArgumentException was thrown. Additional exception information: Error during encryption or decryption. System error code 997.<br />
<br />
Everything I saw online said the only option was to create a new config database. Personally, I thought that seemed a bit extreme. Well, I found a better option that worked for me, and will probably work for you too.<a name='more'></a><br />
<br />
The problem is caused by the registry key HKLM\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\12.0\Secure\FarmAdmin getting deleted or corrupted. Fortunately, it is a rather easy fix if you know what to do.<br />
<br />
<ol>
<li>Open an elevated command prompt and change directories to <strong>%commonprogramfiles%\Microsoft Shared\Web server extensions\12\Bin</strong></li>
<li>Modify the username and password in this command, and run it on each server in the farm (This updates that registry key that got deleted/corrupted).<br /><strong>stsadm -o updatefarmcredentials -userlogin DomainName\UserName -password NewPassword -local</strong></li>
<li>Modify the username and password in this command, and run it one of your SharePoint servers (this step may fail, but just continue on. The is to update the credentials inside the config database).<br /><strong>stsadm -o updatefarmcredentials -userlogin DomainName\UserName -password NewPassword</strong></li>
<li>Run this command on each of the SharePoint servers in your farm.<br /><strong>iisreset /noforce</strong></li>
<li>If you were like me, and you need to reinstall Central Administration, run this command on the server where you want to have Central Administration installed (You may want to choose a different port or authentication provider, I just listed the most common options.).<br /><strong>psconfig.exe -cmd adminvs -provision -port 8080 -windowsauthprovider onlyusentlm</strong></li>
</ol>
Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-18116141976045615172013-05-27T20:17:00.000-04:002013-05-27T22:48:13.141-04:00How To Block Facebook Game InvitesI'm always seeing posts on Facebook from frustrated users who are asking their friends to not send them game invites anymore. Facebook doesn't make it real obvious, but you can block those annoying game invites. <br />
<a name='more'></a><br />
There are two ways to do this. First, you can block specific user's from sending you invites. And the second is to block a specific game or app.<br />
<br />
<strong>To block specific users from sending you game invites</strong>, first click on the little cog in the upper right corner of your Facebook page. It looks like this.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPByQM7PHO53rzbhPb-9dWolMP6LDaEuPXQH-nqdtg_D2ufykul99ZT9SPfytB7QrnzfeLwHTM_vLM0JB1LIMNsJK-diLSl3JCORj0C3dzgEMY92oLd4Ea0kroRaW_2R0gUZqNTbVXKHM/s1600/1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPByQM7PHO53rzbhPb-9dWolMP6LDaEuPXQH-nqdtg_D2ufykul99ZT9SPfytB7QrnzfeLwHTM_vLM0JB1LIMNsJK-diLSl3JCORj0C3dzgEMY92oLd4Ea0kroRaW_2R0gUZqNTbVXKHM/s1600/1.jpg" /></a></div>
<br />
Next, click on "Blocking" on the left side of the screen.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEydHI68QfKHAa8lAviRDUUlQu4np5y0hN6QZcXuaVJ0GrbxHGG-OvccDoyOxRuyIXv7YM8KjJGFnWMnTFY5RUbgQFYGX5SdtbFakXafLhz3aFAgW1Wybwp5HIdjGo6_fAp5djVMGdbrs/s1600/2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEydHI68QfKHAa8lAviRDUUlQu4np5y0hN6QZcXuaVJ0GrbxHGG-OvccDoyOxRuyIXv7YM8KjJGFnWMnTFY5RUbgQFYGX5SdtbFakXafLhz3aFAgW1Wybwp5HIdjGo6_fAp5djVMGdbrs/s320/2.jpg" width="177" /></a></div>
<br />
Then scroll down to the "Block app invites" section, type the name of the friend that you don't want to receive game invites from anymore and hit enter. Repeat for any other friends that you don't want to receive game invites from.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOJa4IdAIj6MO4UwFj4TApc-9uQKS91pm8woGCkRHwJk3PJv4yTHZcH1mtgJl473cG1agnMvc6BNFXFvRBLUSON9bL4zgE9Twpht-kgZN7UOOwW7VgYD-L71y5uJTilTETtK6mUXto2Qk/s1600/users.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOJa4IdAIj6MO4UwFj4TApc-9uQKS91pm8woGCkRHwJk3PJv4yTHZcH1mtgJl473cG1agnMvc6BNFXFvRBLUSON9bL4zgE9Twpht-kgZN7UOOwW7VgYD-L71y5uJTilTETtK6mUXto2Qk/s1600/users.jpg" /></a></div>
<br />
<strong>The second method is to block specific Facebook apps.</strong> You can do this on the same page, you just scroll further down to the "Block apps" section which is pictured below.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzOCM1DQ4mSeYHBAzOgU_Ntk39g1zRICgdnKXn3XXRTKB6BjE_1NHLNA5siI4cejuEkiPVxOJ_DmDqLqt2I5p8WZ5URwGPI6gDWebhCoehyphenhyphenOtsveQdqsPJ4Ks05ZzJCtV-4vtsopjlWrA/s1600/apps.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzOCM1DQ4mSeYHBAzOgU_Ntk39g1zRICgdnKXn3XXRTKB6BjE_1NHLNA5siI4cejuEkiPVxOJ_DmDqLqt2I5p8WZ5URwGPI6gDWebhCoehyphenhyphenOtsveQdqsPJ4Ks05ZzJCtV-4vtsopjlWrA/s1600/apps.jpg" /></a></div>
<br />
In this section, you just type the name of the app that you want to block (e.g. Farmville), and hit enter. Repeat that for each additional app. This will also prevent them from showing up in your news feeds!<br />
<br />
To help get you started, I posted a list of all the apps I have blocked. Some of them are duplicated because there are more than one apps with the same name. Not all of them are games per say... I would almost consider some of them a virus because they post false/fake stuff on your timeline and your friends walls to try to get them to grant the app rights to their accounts too.<br />
<br />
@Hearts<br />
21 questions<br />
3D Slots<br />
6waves Games<br />
Ace Hunter: Whitetail Deer Edition<br />
Activity analyzer<br />
Activity Statistics<br />
Add Me<br />
Angry Birds Cards<br />
Angry Birds Friends<br />
Animal Land<br />
Anime Pirates Game<br />
Answer To Friend's Question<br />
Answers™ About Me<br />
Are You A Creeper? 2<br />
Auto Collect Games Bonuses<br />
Battle Pirates<br />
Battle Stations<br />
Battleship<br />
Battleships<br />
BattleSolitaire<br />
Battlestar Galactica Online<br />
Bayou Blast<br />
Be my pot buddy, man!<br />
Best Casino<br />
Best Friend Quiz<br />
Bingo<br />
Bingo - AvaTingo Slots & Bingo<br />
Bingo Bash<br />
BINGO Blingo<br />
BINGO Blitz<br />
Bingo by Ryzing<br />
Bingo Island<br />
BINGO!<br />
Birthday Cards<br />
Black Jack 21<br />
Blackjack<br />
Blackjack Madness<br />
Blackwood & Bell Mysteries<br />
Bubble Atlantis<br />
Bubble Blitz<br />
Bubble Country<br />
Bubble Island<br />
Bubble Safari<br />
Bubble Safari Bonuses<br />
Bubble Saga<br />
Bubble Speed<br />
Bubble Witch Saga<br />
Bubbles IQ<br />
Buggle<br />
Caesars Casino<br />
Candy Bash<br />
Candy Buff<br />
Candy Crush Saga<br />
Candy Dash<br />
Candy Planet<br />
Cannabic Park<br />
Car Town<br />
CarChaos<br />
CasinoZone<br />
Cast Harry Potter Characters<br />
Castle Age<br />
CastleVille<br />
Celebrity Slots<br />
ChefVille<br />
christmas drinks<br />
Clickfun Casino<br />
Collapse! Blast<br />
Crazy Penguin Wars<br />
Creeper Of The Day<br />
Creeper Of The Day<br />
CreeperWorld.pl<br />
Cricket Master Blaster<br />
Criminal Case<br />
CSI: Crime City<br />
CSI: Miami Heat Wave<br />
Da Li Znas Ko Ti Je Pravi Drugar?<br />
Daily Stalker<br />
Dante's Inferno<br />
Deer Hunter<br />
Deer Hunter Online<br />
Diamond Dash<br />
Disney Animal Kingdom<br />
DoubleDown Casino Slots & Poker<br />
DoubleU Casino<br />
Dr. Pills<br />
Dragon City<br />
Dragonplay Poker<br />
Dream Zoo<br />
Drinks for Friends<br />
Drugfreeland<br />
Empires & Allies<br />
Family Farm<br />
FARKLE<br />
Farm 2 Bonuses<br />
Farm Bonuses<br />
Farm Bonuses Collector<br />
Farm Heroes Saga<br />
Farm Town<br />
Farmandia<br />
Farmerama<br />
FarmVille<br />
FarmVille 2<br />
FarmVille Bonus - Speed FW<br />
Friend Facts<br />
Friend Questions<br />
Friend Quiz<br />
Friendopinion<br />
Friends Interview<br />
FrontierVille<br />
FrontierVille PioneerTrail Items<br />
GameHouse Slots<br />
Gamers Unite!<br />
Games by GSN<br />
Games on Mindjolt<br />
Get Revealed<br />
Grand Poker<br />
Happy Pets<br />
Harry Potter Patronus<br />
Holiday Gifts<br />
Hollywood Spins<br />
Horóscopo Diário<br />
House M.D.: Critical Cases<br />
House of Fun<br />
iHeartRadio<br />
Indiana Jones Adventure World<br />
Jackpot Party Casino Slots<br />
Jackpotjoy Casino<br />
Jackpotjoy Slot Machines<br />
Jewel Journey<br />
Jewel Kingdom<br />
Jewels of the Amazon<br />
Jewels with Buddies<br />
Jungle Jewels<br />
Jurassic Farm<br />
Kabam Games<br />
Kidnap!<br />
Like<br />
Listia<br />
Logo Game<br />
Lost Bubble<br />
Luck Daily<br />
Lucky Gem Casino<br />
Lucky Slots<br />
Mafia Wars<br />
Mafia Wars 2<br />
Magic Pets<br />
Mahjongg Dimensions Blast<br />
Marvel: Avengers Alliance<br />
MeetMe<br />
Megapolis<br />
Memecenter<br />
Mirrorball Slots<br />
Mobsters 2: Vendetta<br />
Mobsters: Criminal Empire<br />
Monster World<br />
Music Challenge<br />
Muzy.com<br />
My Box<br />
My Friend Secrets<br />
My Secret Creepers<br />
My Secret Creepers<br />
My Shops<br />
My Top Visitors This Week<br />
My Zoo<br />
My Zoo 2<br />
Mystery Manor<br />
Mythic Heroes<br />
myVEGAS Slots<br />
Nightclub City<br />
Oregon Trail: American Settler<br />
Our Bingo<br />
Owned!<br />
Papa Pear Saga<br />
Papa’s Hot Doggeria<br />
Papa's Burgeria<br />
Papa's Pizzeria<br />
Pass a Drink<br />
Pass A Joint<br />
Pawn Stars: The Game<br />
Pearl's Peril<br />
Pengle<br />
People Roulette<br />
Perjuangan Semut<br />
Pet City<br />
Pet Rescue Saga<br />
Pet Society<br />
PF Manager<br />
Pharmacy<br />
Pillow Fight<br />
Play Barbie Diamond Castle game<br />
Play Deer Hunter Game<br />
Play Supreme Deer Hunting game<br />
Pockie Ninja II Social<br />
Poker Gorilla<br />
Poker Texas Boyaa<br />
PokeristClub<br />
Pot Farm<br />
Pot Island<br />
Pot Wars<br />
Press Your Luck<br />
Profflle Actvity<br />
Profflle Actvity<br />
Profflle Actvity<br />
Profflle Actvity<br />
Profflle Actvity<br />
Profflle Actvity<br />
Profflle Actvity<br />
Profflle Actvity<br />
Profflle Actvity<br />
Profflle Actvity<br />
Profile Activity<br />
Profile Creepers 1.14<br />
Profile Creepers 1.3<br />
Profile Creepers 1.3<br />
Profile Creepers 1.5<br />
Profile Creepers 1.6<br />
Profile Creepers 1.8<br />
Profile Creepers 1.8<br />
Profile Creepers 1.9<br />
Profile Stalkers<br />
Profile Stalkers<br />
Profile Stalkers<br />
Profile Stalkers<br />
Profile Stalkers<br />
Profile Viewers And Statics<br />
Profile Viewers v4.62<br />
Profile Viewers!<br />
Profile Viewers!<br />
Profile Viewers!<br />
Profile Viewers!<br />
Profile Viewers!<br />
Profile Viewers!<br />
Profile Viewers!<br />
Profile Viewers!<br />
Profile Viewerz<br />
Profile Viewerz<br />
Profile Viewerz<br />
Profile Viewerz<br />
Profile Viewerz<br />
Profile Viewerz<br />
Profile Viewerz<br />
Profile Viewerz<br />
Profile Viewerz<br />
Pyramid Solitaire Saga<br />
Question Party<br />
Quiz<br />
Quiz Taco!<br />
QuizBank<br />
QuizBone Quiz Maker<br />
QuizBone Quizzes<br />
Real Housewives: The Game<br />
Ruby Blast Adventures<br />
SimCity Social<br />
Slacker Radio<br />
Slagalica<br />
Slotomania Adventures<br />
Slotomania Slot Machines<br />
Slots Farm<br />
SlotSpot Casino<br />
Smiles<br />
Social Empires<br />
Social Interview<br />
Social Wars<br />
SongPop<br />
Songza<br />
Status Stalker<br />
Storage Wars: The Game<br />
Supreme Deer Hunting<br />
Sword Quest<br />
Tap Diamond<br />
Tarot Cards<br />
TDP4 Team Battle<br />
Team Slots<br />
Tetris Battle<br />
Tetris Friends<br />
Texas HoldEm Poker<br />
Texas HoldEm Poker Deluxe<br />
TF - meeting is easy<br />
The Hunger Games Adventures<br />
The Movie List Challenge<br />
The Price Is Right Slots<br />
The Sims FreePlay<br />
The Sims Social<br />
The Sims Social<br />
The Sims Social<br />
The Sims Social Bonuses<br />
The Tycoon 3 (симс)<br />
The Ville<br />
The Ville Bonuses<br />
Truth Game<br />
Truth Quiz<br />
Truths About You<br />
Ultimate Qublix Poker<br />
Vampire Diaries: Get Sucked In<br />
Vampire Wars<br />
Visitor<br />
Visitor<br />
Visitor<br />
Visitor<br />
Visitor<br />
Visitor<br />
Visitor<br />
War of Mercenaries<br />
Weebly<br />
what drug are you ?<br />
What Drug Are You?<br />
What type of drug are you?<br />
Who's Your Stalker?<br />
Wild Ones<br />
Wild Wild Taxi<br />
WildCard Poker<br />
WildTangent Games<br />
Willy's Sweet Shop<br />
YOU DON'T KNOW JACK<br />
Your Luck [daily]<br />
Your Top Stalker<br />
Your Top Stalkers<br />
YoVille<br />
Zombie Pets<br />
Zoo Bonuses<br />
Zoo Paradise<br />
Zoo World<br />
Zoo World Classic<br />
Zynga<br />
Zynga Bingo<br />
Zynga Games<br />
Zynga Slingo<br />
Zynga Slots<br />
<br />Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-21589574878644280822013-04-30T18:32:00.000-04:002013-04-30T18:32:53.233-04:00How To Remove The Root Hints from Windows DNSI ran into a problem while I was locking down a Windows DNS server where I would remove the root hints, but they would keep coming back. I first thought it was because of the "root hints" updates that Microsoft releases every so often. In reality, it was because the root entries were listed in the %windir%\system32\dns\cache.dns file. If you comment out those root hints with a semicolon (including the lines that start with a period (.)), then remove the root hints from your DNS server properties in the DNS Manager MMC snap-in. They should stay away. An example of the cache.dns file after it's been commented out is below.<br />
<a name='more'></a><br />
<span style="color: black; font-family: "Segoe UI","sans-serif"; font-size: 10pt; mso-fareast-font-family: "Times New Roman";"><span style="word-wrap: break-word;"></span></span>
<br />
<pre>;
; cache.dns -- DNS CACHE FILE
;
; Initial cache data for root domain servers.
;
; YOU SHOULD CHANGE:
; -> Nothing if connected to the Internet. Edit this file only when
; updated root name server list is released.
; OR
; -> If NOT connected to the Internet, remove these records and replace
; with NS and A records for the DNS server authoritative for the
; root domain at your site.
;
; Note, if you are a root domain server, for your own private intranet,
; no cache is required, and you may edit your boot file to remove
; it.
;
; This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . <file>"
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC
; under anonymous FTP as
; file /domain/named.root
; on server FTP.INTERNIC.NET
;
; last update: Nov 5, 2002
; related version of root zone: 2002110501
;
;
; formerly NS.INTERNIC.NET
;
;. 3600000 IN NS A.ROOT-SERVERS.NET.
;A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; formerly NS1.ISI.EDU
;
;. 3600000 NS B.ROOT-SERVERS.NET.
;B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107
;
; formerly C.PSI.NET
;
;. 3600000 NS C.ROOT-SERVERS.NET.
;C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; formerly TERP.UMD.EDU
;
;. 3600000 NS D.ROOT-SERVERS.NET.
;D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
; formerly NS.NASA.GOV
;
;. 3600000 NS E.ROOT-SERVERS.NET.
;E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; formerly NS.ISC.ORG
;
;. 3600000 NS F.ROOT-SERVERS.NET.
;F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
;
; formerly NS.NIC.DDN.MIL
;
;. 3600000 NS G.ROOT-SERVERS.NET.
;G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
;. 3600000 NS H.ROOT-SERVERS.NET.
;H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
;
; formerly NIC.NORDU.NET
;
;. 3600000 NS I.ROOT-SERVERS.NET.
;I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; operated by VeriSign, Inc.
;
;. 3600000 NS J.ROOT-SERVERS.NET.
;J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
;
; housed in LINX, operated by RIPE NCC
;
;. 3600000 NS K.ROOT-SERVERS.NET.
;K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
;
; operated by IANA
;
;. 3600000 NS L.ROOT-SERVERS.NET.
;L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
;
; housed in Japan, operated by WIDE
;
;. 3600000 NS M.ROOT-SERVERS.NET.
;M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
; End of File
</file></pre>
Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-83447459462093685042013-04-14T20:09:00.000-04:002013-04-14T20:09:59.130-04:00Faulting application gpresult.exe, version 5.2.3790.3959, faulting module gpresult.exe, version 5.2.3790.3959, fault address 0x000000000001323c.There is a problem with gpresult on 64 bit servers that can cause it to crash with the following errors.<br />
<br />
<pre>Event Type: Error
Event Source: Application Error
Event Category: (100)
Event ID: 1000
Date: 4/11/2013
Time: 3:01:51 PM
User: N/A
Computer: SERVER
Description:
Faulting application gpresult.exe, version 5.2.3790.3959, faulting module gpresult.exe, version 5.2.3790.3959, fault address 0x000000000001323c.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 67 70 72 ure gpr
0018: 65 73 75 6c 74 2e 65 78 esult.ex
0020: 65 20 35 2e 32 2e 33 37 e 5.2.37
0028: 39 30 2e 33 39 35 39 20 90.3959
0030: 69 6e 20 67 70 72 65 73 in gpres
0038: 75 6c 74 2e 65 78 65 20 ult.exe
0040: 35 2e 32 2e 33 37 39 30 5.2.3790
0048: 2e 33 39 35 39 20 61 74 .3959 at
0050: 20 6f 66 66 73 65 74 20 offset
0058: 30 30 30 30 30 30 30 30 00000000
0060: 30 30 30 31 33 32 33 63 0001323c
<a name='more'></a></pre>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwAVpSNc3WwbPo-0L6Abs-Ny3G66vg_dGHd0i8XE-AS6QDuqyJG4iw1_mVNtRAqF2Hq5Qvth2VBxqVKCYQXnZpHSzjHavpnNKMhG3PWfZLu6AfKEHPVME96ZnLDyLNydKkm2F12eJARLQ/s1600/gpresult.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Query Group Policy RSOP Data has encountered a problem and needs to close. We are sorry for the incovenience." border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwAVpSNc3WwbPo-0L6Abs-Ny3G66vg_dGHd0i8XE-AS6QDuqyJG4iw1_mVNtRAqF2Hq5Qvth2VBxqVKCYQXnZpHSzjHavpnNKMhG3PWfZLu6AfKEHPVME96ZnLDyLNydKkm2F12eJARLQ/s1600/gpresult.jpg" title="" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdvDTMdzlbAd4IXObuJKBdA3FtOWdOGdjGPP7-6Z_MPuIJbta2doxK9DaZBVngVWQsAFK-02W7reooqSa8HPKvGLXrtCTU5yyJdwPaTvPOtwWoGYOI319zrn6HK06dV5V_od_VXnPi6bI/s1600/gpresult2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Error signature: BEX64 P1: Gpresult.exe P2: 5.2.3790.3959 p3: 45d6962c p4: gpresult.exe p5: 5.2.3790.3959 p6: 45d6962c p7: 000000000001323c p8: c0000409 p9: 000000000000000" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdvDTMdzlbAd4IXObuJKBdA3FtOWdOGdjGPP7-6Z_MPuIJbta2doxK9DaZBVngVWQsAFK-02W7reooqSa8HPKvGLXrtCTU5yyJdwPaTvPOtwWoGYOI319zrn6HK06dV5V_od_VXnPi6bI/s1600/gpresult2.jpg" title="" /></a></div>
<br />
<br />
To fix the problem, you need to change the value of <strong>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/PasswordExpiryWarning/DisplayName</strong> to read <strong>"Interactive logon: Prompt user to change password before expire"</strong> instead of <strong>"Interactive logon: Prompt user to change password before expiration"</strong>.<br />
<br />
Also see <a href="http://support.microsoft.com/kb/971243">http://support.microsoft.com/kb/971243</a>Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-78561572829091417252013-04-14T19:54:00.000-04:002013-04-14T20:10:07.167-04:00How to Disable Credential Caching in ADFSIf you have session problems in ADFS, you may need to disable Local Security Authority (LSA) credential caching on the AD FS server temporarily. This can affect any application that uses claims based authentication including SharePoint, CRM, Office 365, etc. To do this, you need to:<br />
<a name='more'></a><br />
<ol>
<li><span style="color: #e06666;">Create a new DWORD value named <strong>LsaLookupCacheMaxSize </strong>under<strong> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa.</strong></span></li>
<li><span style="color: #e06666;">Set the value of <strong>LsaLookupCacheMaxSize </strong>to<strong> 0.</strong></span></li>
<li><span style="color: #e06666;"><strong>Reboot</strong> the ADFS server.</span></li>
</ol>
Also see <a href="http://support.microsoft.com/kb/2535191">http://support.microsoft.com/kb/2535191</a><br />
<ol>
</ol>
Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-90788849893782360412013-04-14T19:44:00.000-04:002013-04-14T20:10:15.747-04:00404 Error for Isolated Users in Dynamics CRMI had an issue recently where one user was getting a 404 error when trying to log into CRM. While troubleshooting this issues I tried everything I could think of, including <a href="http://nerdsknowbest.blogspot.com/2013/04/how-to-disable-credential-caching-in.html" target="_blank">disabling Local Security Authority (LSA) credential caching on the ADFS server</a>, recreating the user's Active Directory account, disabled/re-enabled her CRM account, purged her kerberos tickets, deleted her cookies, killed her ADFS sessions, rebooted servers, reset passwords, checked her security roles, etc. After trying every perceivable resolution, this is what I had to do to fix the issue.<br />
<a name='more'></a><br />
<ol>
<li><strong><span style="color: #e06666;">Changed the logon account for the affected user to an unrelated service account that wasn't used in CRM, and disabled the CRM account.</span></strong></li>
<li><strong><span style="color: #e06666;">Created a brand new account for the user in CRM, and assigned the security roles that the old account had.</span></strong></li>
</ol>
Hopefully that works for you too.Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-47582953173422251212013-03-29T00:52:00.001-04:002013-03-29T00:54:02.043-04:00Resolution: Errors After Installing Update Rollup for Dynamics CRM 2011After installing an update rollup for Dynamics CRM 2011 ( I was installing UR12, but others have gotten the same error with outher URs), I started getting this error. <br />
<br />
<br />
<code>
Log Name: Application
Source: ASP.NET 4.0.30319.0
Date: 3/28/2013 8:40:04 AM
Event ID: 1309
Task Category: Web Event
Level: Warning
Keywords: Classic
User: N/A
Computer: crm_server.domain.local
Description:
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 3/28/2013 8:40:04 AM
Event time (UTC): 3/28/2013 1:40:04 PM
Event ID: 857c1ec3a88c43799878637451e1b3a7
Event sequence: 36389
Event occurrence: 23
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/1/ROOT-1-140088322863478416
Trust level: Full
Application Virtual Path: /
Application Path: C:\Program Files\Microsoft Dynamics CRM\CRMWeb\
Machine name: CRM_SERVER
Process information:
Process ID: 3508
Process name: w3wp.exe
Account name: DOMAIN\service_account
Exception information:
Exception type: CrmException
Exception message: <span style="background-color: yellow;">Attribute objecttypecode on Entity PrincipalObjectAccessReadSnapshot is of type picklist but has Child Attributes Count 0</span>
at </code><br />
<code><a name='more'></a>Microsoft.Crm.Application.Platform.ServiceCommands.PlatformCommand.XrmExecuteInternal()
at Microsoft.Crm.Application.Platform.ServiceCommands.RetrieveMultipleCommand.Execute()
at Microsoft.Crm.ApplicationQuery.RetrieveMultipleCommand.RetrieveData()
at Microsoft.Crm.ApplicationQuery.ExecuteQuery()
at Microsoft.Crm.Application.Platform.Grid.GridDataProviderQueryBuilder.GetData(QueryBuilder queryBuilder)
at Microsoft.Crm.Application.Platform.Grid.GridDataProviderQueryBuilder.LoadQueryData()
at Microsoft.Crm.Application.Platform.Grid.GridDataProviderQueryBuilder.LoadData()
at Microsoft.Crm.Application.Platform.Grid.GridDataProviderBase.PrepareGridData()
at Microsoft.Crm.Application.Platform.Grid.GridDataProviderBase.PrepareData()
at Microsoft.Crm.Application.Controls.GridUIProvider.Render(HtmlTextWriter output)
at Microsoft.Crm.Application.Components.UI.Grid.DataGrid.RenderData(HtmlTextWriter output)
at Microsoft.Crm.Application.Components.UI.Grid.DataGrid.RenderInnerHtml(HtmlTextWriter output)
at Microsoft.Crm.Application.Components.UI.Grid.DataGrid.Render(HtmlTextWriter output)
at ASP.claimsopssupporttest_tools_emailtemplateeditor_emailtemplateeditor_aspx.__RendercrmForm(HtmlTextWriter __w, Control parameterContainer)
at System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter writer, ICollection children)
at Microsoft.Crm.Application.Forms.EndUserForm.Render(HtmlTextWriter output)
at ASP.claimsopssupporttest_tools_emailtemplateeditor_emailtemplateeditor_aspx.__Render__control1(HtmlTextWriter __w, Control parameterContainer)
at System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter writer, ICollection children)
at System.Web.UI.Page.Render(HtmlTextWriter writer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Request information:
Request URL: Request path: /CRMOrg/tools/emailtemplateeditor/emailtemplateeditor.aspx
Thread information:
Thread ID: 24
Thread account name: </code><br />
<code>Stack trace: at Microsoft.Crm.Application.Platform.ServiceCommands.PlatformCommand.XrmExecuteInternal()
at Microsoft.Crm.Application.Platform.ServiceCommands.RetrieveMultipleCommand.Execute()
at Microsoft.Crm.ApplicationQuery.RetrieveMultipleCommand.RetrieveData()
at Microsoft.Crm.ApplicationQuery.ExecuteQuery()
at Microsoft.Crm.Application.Platform.Grid.GridDataProviderQueryBuilder.GetData(QueryBuilder queryBuilder)
at Microsoft.Crm.Application.Platform.Grid.GridDataProviderQueryBuilder.LoadQueryData()
at Microsoft.Crm.Application.Platform.Grid.GridDataProviderQueryBuilder.LoadData()
at Microsoft.Crm.Application.Platform.Grid.GridDataProviderBase.PrepareGridData()
at Microsoft.Crm.Application.Platform.Grid.GridDataProviderBase.PrepareData()
at Microsoft.Crm.Application.Controls.GridUIProvider.Render(HtmlTextWriter output)
at Microsoft.Crm.Application.Components.UI.Grid.DataGrid.RenderData(HtmlTextWriter output)
at Microsoft.Crm.Application.Components.UI.Grid.DataGrid.RenderInnerHtml(HtmlTextWriter output)
at Microsoft.Crm.Application.Components.UI.Grid.DataGrid.Render(HtmlTextWriter output)
at ASP.claimsopssupporttest_tools_emailtemplateeditor_emailtemplateeditor_aspx.__RendercrmForm(HtmlTextWriter __w, Control parameterContainer)
at System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter writer, ICollection children)
at Microsoft.Crm.Application.Forms.EndUserForm.Render(HtmlTextWriter output)
at ASP.claimsopssupporttest_tools_emailtemplateeditor_emailtemplateeditor_aspx.__Render__control1(HtmlTextWriter __w, Control parameterContainer)
at System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter writer, ICollection children)
at System.Web.UI.Page.Render(HtmlTextWriter writer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
</code><br />
<code></code>
<br />
I poked around a little and noticed that the update rollup wasn't applied to one of my organization database. We have two organization databases and one was at UR12 and the other was still at UR11. In deployment manager, I tried to manually update the database and it failed. That led me to this error that was in C:\Users\username\AppData\Roaming\Microsoft\MSCRM\Logs\crm50dmsnapin.log.<br />
<br />
<code>
09:05:35| Error| Installer Complete: OrganizationDatabaseHotFixer - Error encountered
09:05:36| Error| Exception occured during Microsoft.Crm.Tools.Admin.OrganizationDatabaseHotFixer: Action Microsoft.Crm.Tools.Admin.InstallDatabaseUpdatesAction failed.
InnerException:
System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Data.SqlClient.SqlException: <span style="background-color: yellow;">Cannot insert duplicate key row in object 'dbo.DependencyBase' with unique index 'ndx_UniqueDependencyNodes'. The duplicate key value is (guid).</span>
The statement has been terminated.
at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning()
at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString)
at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, DbAsyncResult result)
at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(DbAsyncResult result, String methodName, Boolean sendToPipe)
at System.Data.SqlClient.SqlCommand.ExecuteNonQuery()
at Microsoft.Crm.CrmDbConnection.InternalExecuteWithRetry[TResult](Func`1 ExecuteMethod, IDbCommand command)
at Microsoft.Crm.CrmDbConnection.InternalExecuteNonQuery(IDbCommand command, Boolean capturePerfTrace)
at Microsoft.Crm.CrmDbConnection.ExecuteNonQuery(IDbCommand command, Boolean impersonate, Boolean capturePerfTrace)
at Microsoft.Crm.BusinessEntities.SimpleBulkInserterWithType.Flush(ISqlExecutionContext context)
at Microsoft.Crm.ObjectModel.DependencyHelperBase.BulkInsertDependencies(BusinessEntityCollection dependencies, ISqlExecutionContext context)
at Microsoft.Crm.Dependency.ComponentCollector.CreateComponentDependencies(Dictionary`2 recordsByComponentType, ExecutionContext context)
at Microsoft.Crm.Dependency.ComponentCollector.ProcessRecords(ExecutionContext context)
at Microsoft.Crm.BusinessEntities.ExecutionContext.ProcessDependencies(FlushCacheOption option, CreateNewCollectorOption createOption)
at Microsoft.Crm.BusinessEntities.ExecutionContext.OnEndRequest()
at Microsoft.Crm.Setup.MetadataPatchService.ProcessMetadataDiffFile(String targetRevision)
--- End of inner exception stack trace ---
at System.RuntimeMethodHandle._InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeType typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.RuntimeType.InvokeMember(String name, BindingFlags bindingFlags, Binder binder, Object target, Object[] providedArgs, ParameterModifier[] modifiers, CultureInfo culture, String[] namedParams)
at Microsoft.Crm.Setup.Database.DllMethodAction.Execute(Guid organizationId)
at Microsoft.Crm.Setup.Database.DatabaseInstaller.ExecuteReleases(ReleaseInfo releaseInfo, Boolean isInstall)
at Microsoft.Crm.Setup.Database.DatabaseInstaller.Install(Int32 languageCode, String configurationFilePath, Boolean upgradeDatabase, Boolean isInstall)
at Microsoft.Crm.Setup.Database.DatabaseInstaller.InstallUpdate(String configurationFilePath, Boolean upgradeDatabase)
at Microsoft.Crm.Setup.Common.Update.DBUpdateDatabaseInstaller.ApplyDBUpdates(Guid orgId)
at Microsoft.Crm.Tools.Admin.InstallDatabaseUpdatesAction.ApplyDBUpdatesInternal(Guid orgId, String orgUniqueName, String releaseFilePath, Boolean ignoreErrors)
at Microsoft.Crm.Tools.Admin.InstallDatabaseUpdatesAction.ApplyDBUpdates(Guid orgId, String orgUniqueName, OrganizationOperationType operationType)
at Microsoft.Crm.Tools.Admin.InstallDatabaseUpdatesAction.Do(IDictionary parameters)
at Microsoft.Crm.Setup.Common.CrmAction.ExecuteAction(CrmAction action, IDictionary parameters, Boolean undo)
InnerException:
System.Data.SqlClient.SqlException (0x80131904): Cannot insert duplicate key row in object 'dbo.DependencyBase' with unique index 'ndx_UniqueDependencyNodes'. The duplicate key value is (guid).
The statement has been terminated.
at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning()
at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString)
at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, DbAsyncResult result)
at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(DbAsyncResult result, String methodName, Boolean sendToPipe)
at System.Data.SqlClient.SqlCommand.ExecuteNonQuery()
at Microsoft.Crm.CrmDbConnection.InternalExecuteWithRetry[TResult](Func`1 ExecuteMethod, IDbCommand command)
at Microsoft.Crm.CrmDbConnection.InternalExecuteNonQuery(IDbCommand command, Boolean capturePerfTrace)
at Microsoft.Crm.CrmDbConnection.ExecuteNonQuery(IDbCommand command, Boolean impersonate, Boolean capturePerfTrace)
at Microsoft.Crm.BusinessEntities.SimpleBulkInserterWithType.Flush(ISqlExecutionContext context)
at Microsoft.Crm.ObjectModel.DependencyHelperBase.BulkInsertDependencies(BusinessEntityCollection dependencies, ISqlExecutionContext context)
at Microsoft.Crm.Dependency.ComponentCollector.CreateComponentDependencies(Dictionary`2 recordsByComponentType, ExecutionContext context)
at Microsoft.Crm.Dependency.ComponentCollector.ProcessRecords(ExecutionContext context)
at Microsoft.Crm.BusinessEntities.ExecutionContext.ProcessDependencies(FlushCacheOption option, CreateNewCollectorOption createOption)
at Microsoft.Crm.BusinessEntities.ExecutionContext.OnEndRequest()
at Microsoft.Crm.Setup.MetadataPatchService.ProcessMetadataDiffFile(String targetRevision)
ClientConnectionId:be6bf5ae-acf5-4fe2-83a8-53e2gfe8a2a3
09:05:36| Info| Setting organization state. New state = Failed
09:05:36| Error| Update Organization with Id=(guid) failed with Exception:
System.Exception: Action Microsoft.Crm.Tools.Admin.InstallDatabaseUpdatesAction failed. ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Data.SqlClient.SqlException: <span style="background-color: yellow;">Cannot insert duplicate key row in object 'dbo.DependencyBase' with unique index 'ndx_UniqueDependencyNodes'. The duplicate key value is (guid).</span>
The statement has been terminated.
at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning()
at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString)
at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, DbAsyncResult result)
at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(DbAsyncResult result, String methodName, Boolean sendToPipe)
at System.Data.SqlClient.SqlCommand.ExecuteNonQuery()
at Microsoft.Crm.CrmDbConnection.InternalExecuteWithRetry[TResult](Func`1 ExecuteMethod, IDbCommand command)
at Microsoft.Crm.CrmDbConnection.InternalExecuteNonQuery(IDbCommand command, Boolean capturePerfTrace)
at Microsoft.Crm.CrmDbConnection.ExecuteNonQuery(IDbCommand command, Boolean impersonate, Boolean capturePerfTrace)
at Microsoft.Crm.BusinessEntities.SimpleBulkInserterWithType.Flush(ISqlExecutionContext context)
at Microsoft.Crm.ObjectModel.DependencyHelperBase.BulkInsertDependencies(BusinessEntityCollection dependencies, ISqlExecutionContext context)
at Microsoft.Crm.Dependency.ComponentCollector.CreateComponentDependencies(Dictionary`2 recordsByComponentType, ExecutionContext context)
at Microsoft.Crm.Dependency.ComponentCollector.ProcessRecords(ExecutionContext context)
at Microsoft.Crm.BusinessEntities.ExecutionContext.ProcessDependencies(FlushCacheOption option, CreateNewCollectorOption createOption)
at Microsoft.Crm.BusinessEntities.ExecutionContext.OnEndRequest()
at Microsoft.Crm.Setup.MetadataPatchService.ProcessMetadataDiffFile(String targetRevision)
--- End of inner exception stack trace ---
at System.RuntimeMethodHandle._InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeType typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.RuntimeType.InvokeMember(String name, BindingFlags bindingFlags, Binder binder, Object target, Object[] providedArgs, ParameterModifier[] modifiers, CultureInfo culture, String[] namedParams)
at Microsoft.Crm.Setup.Database.DllMethodAction.Execute(Guid organizationId)
at Microsoft.Crm.Setup.Database.DatabaseInstaller.ExecuteReleases(ReleaseInfo releaseInfo, Boolean isInstall)
at Microsoft.Crm.Setup.Database.DatabaseInstaller.Install(Int32 languageCode, String configurationFilePath, Boolean upgradeDatabase, Boolean isInstall)
at Microsoft.Crm.Setup.Database.DatabaseInstaller.InstallUpdate(String configurationFilePath, Boolean upgradeDatabase)
at Microsoft.Crm.Setup.Common.Update.DBUpdateDatabaseInstaller.ApplyDBUpdates(Guid orgId)
at Microsoft.Crm.Tools.Admin.InstallDatabaseUpdatesAction.ApplyDBUpdatesInternal(Guid orgId, String orgUniqueName, String releaseFilePath, Boolean ignoreErrors)
at Microsoft.Crm.Tools.Admin.InstallDatabaseUpdatesAction.ApplyDBUpdates(Guid orgId, String orgUniqueName, OrganizationOperationType operationType)
at Microsoft.Crm.Tools.Admin.InstallDatabaseUpdatesAction.Do(IDictionary parameters)
at Microsoft.Crm.Setup.Common.CrmAction.ExecuteAction(CrmAction action, IDictionary parameters, Boolean undo)
--- End of inner exception stack trace ---
at Microsoft.Crm.Setup.Common.CrmAction.ExecuteAction(CrmAction action, IDictionary parameters, Boolean undo)
at Microsoft.Crm.Setup.Common.Installer.Install(IDictionary stateSaver)
at Microsoft.Crm.Tools.Admin.OrganizationOperation.Install(IDictionary stateSaver)
at Microsoft.Crm.Tools.Admin.OrganizationOperation.Execute()
at Microsoft.Crm.Tools.Admin.OrganizationDatabaseHotFixer.Execute()
at Microsoft.Crm.Tools.Admin.ApplyDatabaseHotFixInstaller.ApplyDatabaseHotFix(IApplyDatabaseHotFixInfo applyDatabaseHotFixInfo)
</code><br />
<br />
The problem was with one of the ndx_UniqueDependencyNodes indexs. To fix that problem we followed a suggestion we found on <a href="http://social.microsoft.com/Forums/en-US/crm/thread/cf12f112-f9b7-4504-925e-7d837e32a808?prof=required">http://social.microsoft.com/Forums/en-US/crm/thread/cf12f112-f9b7-4504-925e-7d837e32a808?prof=required</a> that said to "open the index 'ndx_UniqueDependencyNodes' for 'dbo.DependencyBase' and select 'Skip repeating values' option on 'Parameters' tab. This option is next after 'Rebuild index'."
<br />
<br />
After that I was able up manually update the organization database from the deployment manager successfully. Unfortunately, we were still getting our original error. We ended up rebuilding that same index on the other organization database that originally was updated successfully while installing the update rollup, and the errors went away on the entire environment.Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-58277239204168204922013-03-27T22:42:00.000-04:002013-03-27T23:01:28.614-04:00Filter Security Event Logs by User in Windows 2008 & Windows 7<span style="font-family: Georgia, "Times New Roman", serif;">If you are like me, you probably miss being able to easily filter your security event logs by a specific user like we did in previous versions of Microsoft Windows. Well, it is still possible in Windows 2008 and Windows 7. You just need to use the XML filter option. When you are in the security event logs, click on "Filter Current Log..." from the actions pane. Click the XML tab of the window that opens, and check the box next to "Edit query manually".</span><br />
<span style="font-family: Georgia, "Times New Roman", serif;"><a name='more'></a></span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJWeufSgpnL23KJmAOGgsDbrBe1nARYyHrzcGu0gw3DbSNbqh5Vd9nZi6J7zrAtLlZoOAsUGzLlbxHW35pjDR5rTASEe2RcFPtrJIIosvSP1_FvfRsEf84wYdR_MsfJ4DPbiMYEuifkCE/s1600/filter.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJWeufSgpnL23KJmAOGgsDbrBe1nARYyHrzcGu0gw3DbSNbqh5Vd9nZi6J7zrAtLlZoOAsUGzLlbxHW35pjDR5rTASEe2RcFPtrJIIosvSP1_FvfRsEf84wYdR_MsfJ4DPbiMYEuifkCE/s200/filter.jpg" width="200" /></a></div>
<span style="font-family: Georgia, "Times New Roman", serif;"> </span><br />
<span style="font-family: Georgia, "Times New Roman", serif;"></span><span style="font-family: Georgia, "Times New Roman", serif;"></span><br />
<span style="font-family: Georgia, "Times New Roman", serif;">If you want to see all events in the security event log for a specific user, then you need to use an XML filter like this. (Make sure to replace <username> with the username that you want to show logs for.)</span><br />
<span style="font-family: Georgia, "Times New Roman", serif;">
</span><br />
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="font-family: Georgia, "Times New Roman", serif;"><QueryList></span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="font-family: Georgia, "Times New Roman", serif;"><Query Id="0" Path="Security"></span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="font-family: Georgia, "Times New Roman", serif;"><Select Path="Security">*
[EventData[Data[@Name='subjectUsername']='<username>']]</Select></span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="font-family: Georgia, "Times New Roman", serif;"></Query></span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="font-family: Georgia, "Times New Roman", serif;"></QueryList><o:p></o:p></span></div>
<span style="font-family: Georgia, "Times New Roman", serif;">
</span><br />
<span style="font-family: Georgia, "Times New Roman", serif;">If you only want to see the successful and failed logon events for a specific user, than you could modify it to look like this.</span><br />
<span style="font-family: Georgia, "Times New Roman", serif;"></span><br />
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="font-family: Georgia, "Times New Roman", serif;"><QueryList></span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="font-family: Georgia, "Times New Roman", serif;"><Query Id="0" Path="Security"></span></div>
<span style="font-family: Georgia, "Times New Roman", serif;"> <Select Path="Security">*[System[(EventID=4624 or EventID=4625)]]</Select></span><br />
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="font-family: Georgia, "Times New Roman", serif;"><Select Path="Security">* [EventData[Data[@Name='subjectUsername']='<username>']]</Select></span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="font-family: Georgia, "Times New Roman", serif;"></Query></span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="font-family: Georgia, "Times New Roman", serif;"></QueryList></span></div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="font-family: Georgia, "Times New Roman", serif;"></span> </div>
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
<span style="font-family: Georgia, "Times New Roman", serif;"><o:p></o:p></span> </div>
Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.comtag:blogger.com,1999:blog-2758476238698278468.post-27160903323934095142013-03-19T22:13:00.000-04:002013-03-19T22:25:45.401-04:00Dynamics CRM: Authentication is Required - Timing Out and Prompting for CredentialsIf you are running Dynamics CRM 4.0 and 2011 with claims based authentication, by default you get a prompt saying "Authentication is Required" after 20 minutes. If you want to extend this timeout, you need to make some changes to the relying party trust in Active Directory Federation Services (ADFS).<br />
<a name='more'></a><br />
<ol>
<li>Log into your ADFS server and open the The <strong>Active Directory Federation Services</strong> (<strong>ADFS</strong>) <strong>Microsoft Management</strong> <strong>Console</strong> <strong>(MMC)</strong> and determine the name of the relying party trust that CRM is using. </li>
<li><strong>Open a Powershell prompt</strong> with elevated privileges ( right-click and run as administrator ).</li>
<li>Add the ADFS snap-in for powershell by running: <strong>Add-PSSnapin Microsoft.Adfs.PowerShell</strong></li>
<li>Run the following command from your powershell prompt. Change "relying_party" with the name you found in step 1, and you can replace 480 with the number of minutes that you want the timeout to be <strong>Set-ADFSRelyingPartyTrust -Targetname "relying_party" -TokenLifetime 480 </strong></li>
</ol>
Greg Kjonohttp://www.blogger.com/profile/13427101041549574045noreply@blogger.com