Monthly Archives: May 2004

You are browsing the site archives by month.

Shavlik posts that it’s updated it’s XML file

Shavlik Technologies has released updated XML files for Shavlik HFNetChkPro.
XML data version = 1.1.2.105 
Last modified on 5/31/2004

 This update includes the following changes:
 – Added detection for Exchange Server 2003 SP1


(we are still testing the deployment instructions for this SP, thus the package
is not available for download and deployment at this time.  We will release an
updated XML file when this SP is available for download and deployment via Shavlik
HFNetChkPro.)

– Added detection and deployment for ISA Server 2000 SP2


I’m not surprised that the Exchange file is not ready to deploy.  I’ve seen some people having a bit issues with the install and it needs the GZIP patch prior to installation.  Plus post installation we need to adjust some settings.

Okay this has nothing to do with SBS…..

Today we had Ice Cream [old family recipe], which means this is the start of Summertime in California…..and I just looked at Weather.com and yup, we’re definitely going to get hot next week.


6 eggs [I now use eggbeaters since this is a non cooked ice cream recipe]


2 cans of evaporated milk


2 cans of sweetened condensed milk


2 tablespoons of Vanilla along with scrapings of vanilla beans


1 teaspoon of orange extract [can also be lemon extract or even better Grand Marnier liqueor


Mix and pour into a 4 or 5 quart ice cream container, fill remaining space with whole milk, half and half, and some cream in whatever proportions to your taste


Load up in the electric or hand crank ice cream maker, cover with ice, enough rock salt to melt the ice and about 45 minutes later… voila.  So good, you don’t even need chocolate syrup


Now back to our regularly scheduled SBS blog….  ;-)

Terminal Server in Application mode – why can’t SBS 2003 do it?

In the newsgroups today, a person updated his SBS 2000 and was prompted that the TS in application mode would be removed during the upgrade.  He went through the upgrade and then posted back in the newsgroups asking how to turn on Application mode again…….

Well… it can’t be turned back on again….. and we should not have been allowed to do it in the first place. 

Let’s determine why shall we?

Okay first and foremost, would you agree that allowing your employees to sit at your server and use it as a workstation is a good idea?  Probably not right?  Well that’s what you are doing when you do TS in application mode.  You are allowing people to log onto that server, use possibly “leaky“ applications that may require you to reboot the server, and in general, expanding greatly the threat vectors on that server.

Take for example – Internet Explorer.  You have to remove the Enhanced IE security [go into add/remove programs to remove this on a normal server].  Michael Howard [MS Security dude] talks about the threat modeling that they did on Windows 2003 server.  Near the end of the project they did a “threat model“ brainstorm and asked themselves what was a potential issue….and the threat that came back was surfing on that domain controller.  So the Security folks pushed through that Enhanced IE [you know that box that prompts you the web site you are wanting to go to is not in a trusted zone?].  Andrew Duthie talks about the settings on his blog.

Right now my security issues are the spybots and gunk that are going after Internet Explorer.  Just last night in talking “geek“ with my friends from LA that were up for a visit, Pierre talked about having to track down a browser hijack program [He wanted  to do it manually, but he could have used the CWshredder tool].  Now ask yourself, do you want to do that on your one and only domain controller?  Think of what you do to clean up your separate desktops. 

So the next time someone says “But it’s dumb, I want my TS in application mode back!“ remember that we can’t do things the way we used to.  That was then, this is now. 

Now, there is one way that this can be better.  Documentation and information. 

In one of the listserves I’m on we were chatting about the lack of documentation on this issue [and I'd add the lack of documentation of WHY we shouldn't do it]  Now granted, we women would argue that guys don’t read, but I do agree with my fellow listmates that the information about the lack of TS in application mode should be WAY more obvious.  The information of how it is no longer supported or included and why it’s not safe and secure to have it there in the first place needs to be way way more obvious.  In fact it should be part of the sales and marketing stuff because to me, it shows better than anything else that Microsoft is indeed “walking the walk, talking the talk“.  We asked them to make the products more secure.  They responded.  This should be a selling point that they are making it more secure, not a “What happened to TS?“ question in the newsgroup.

Documents that discuss TS in application mode removed …..

This KB   and read Page 44 in this document

Stuff hitting the Download site of interest today …

Let’s not forget Exchange 2000


Download details: Update Rollup for Exchange 2000 (KB836488):
http://www.microsoft.com/downloads/details.aspx?familyid=43f5cdf6-d1e6-4476-b5f2-e17371236c3c&displaylang=en


Download details: Windows SharePoint Services 2003 Software Development Kit (SDK):
http://www.microsoft.com/downloads/details.aspx?familyid=1c64af62-c2e9-4ca3-a2a0-7d4319980011&displaylang=en

Random musings ‘eh?

Random musings is the title of Charles Anthe [SBS Release Manager] latest blog entry and talks about upcoming changes to SBS2k3.  Remember when you have a newsreader inside of Outlook like Newsgator or IntraVnews, that blog entry gets pushed to your inbox into a folder.  Really cool. 


He also talks about a tool that he’s testing that notifies you of downloads.  Right now the way I do it is through the Thundermain scrape of the Microsoft Downloads site.  If you click on that link it looks like goblety gook, but in an RSS reader it shows me what new stuff has hit the download site…..


 


speaking of which…. next post…

Exchange 2003 SP1 install info – just a heads up

1.  You need to install the GZIP patch from 831464 first


831464 – FIX: IIS 6.0 compression corruption causes access violations:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q831464


2.  Can’t install because of an issue with Search


If you are getting Dependency Manager: ***ERRORLOG EVENT*** :
CDependencyManager::ValidateDependencyStates() : The dependency of
Microsoft Exchange Messaging and Collaboration Services on Microsoft
Search is not satisfied.


Look under this key “HKEY_LOCAL_Machine\Software\Microsoft\Search\Install”
and if all you have is [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Search\Install]
“InstallPath”=”C:\\Program Files\\Common Files\\System\\MSSearch”


Then add the following :

   Major Version: REG_DWORD: 0x9
   Minor Version: REG_DWORD: 0x6b
   Version: REG_SZ: 9.107.5512

Then reboot


3.  Forgot to add, when I’m installing a big SP like this, I’ll manually shut off the Services to the “things“ that I know will be affected… in this case shut off all services with Exchange in the name, all A/V services, all IIS services.  Go into start, control panel, admin tools, services, and “stop“ the service.

So I just moved around the furniture a bit…

And added a new post category of “Needed Patches/Tweaks” to capture all the items needed to finish up an install “after“ the box is loaded with SBS2k3.

I’m stealing this disclaimer from Les [Les is More]

Be aware that this list is a compliation of all hotfixes and configurations.
They do not all apply to all installations, do not use them out of context.
Use only what is required for your installation.


Patch for BCM with SBS2k3 – http://msmvps.com/bradley/posts/7228.aspx


Tweak for change in Domain\User after Exchange 2k3 sp1 – http://msmvps.com/bradley/posts/7156.aspx


Memory switch tweak  http://msmvps.com/bradley/posts/7147.aspx


Exchange 2003 sp1 –  http://msmvps.com/bradley/posts/7084.aspx 


POP3 Connector patch – http://msmvps.com/bradley/posts/6920.aspx


ISA Server 2000 – sp2 http://msmvps.com/bradley/posts/6868.aspx


Tweaks that “I“ personally do – http://msmvps.com/bradley/posts/6193.aspx


Installing Trend – http://msmvps.com/bradley/posts/6038.aspx


Hotfixes – now included in Exchange 2003 sp1 – http://msmvps.com/bradley/posts/5295.aspx


Error #50070 STS_Config – http://msmvps.com/bradley/posts/4292.aspx


Change REG key http://msmvps.com/bradley/posts/4283.aspx


Disk quotas/permissions http://msmvps.com/bradley/posts/4040.aspx


Faxes not opening right? http://msmvps.com/bradley/posts/4025.aspx


Sharepoint slow to open? http://msmvps.com/bradley/posts/3799.aspx


Error 800423f4 in backup log? http://msmvps.com/bradley/posts/3792.aspx


Install SUS http://msmvps.com/bradley/posts/3074.aspx


POP Connecter taking all resources? http://msmvps.com/bradley/posts/2540.aspx


Install GFI faxmaker http://msmvps.com/bradley/posts/2155.aspx


VSC and SQL server issues http://msmvps.com/bradley/posts/1239.aspx


Tweak ISA http://msmvps.com/bradley/posts/1221.aspx


Disable NDR http://msmvps.com/bradley/posts/1220.aspx


Hooking MACs into you LAN? http://msmvps.com/bradley/posts/1161.aspx


Add ISA to the console http://msmvps.com/bradley/posts/1112.aspx


Flat file backup of Sharepoint http://msmvps.com/bradley/posts/1103.aspx


Sharepoint fix http://msmvps.com/bradley/posts/1089.aspx


Outlook over HTTP http://msmvps.com/bradley/posts/1043.aspx


Anti Virus fix http://msmvps.com/bradley/posts/932.aspx


Enable Full text search http://msmvps.com/bradley/posts/822.aspx


Hotfix for Travan drive http://msmvps.com/bradley/posts/808.aspx


Get Sharepoint through ISAhttp://msmvps.com/bradley/posts/796.aspx


Exclude site from Google Searches http://msmvps.com/bradley/posts/618.aspx


Sharepoint on first launch http://msmvps.com/bradley/posts/599.aspx


I think that’s all the funky patches and tweaks that us SBSers need for post installation.  Do I need any more?

Patch to get BCM working with SBS2k3

Download details: Business Contact Manager for Outlook 2003 Update: Windows Small Business Server 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyID=EAB86AF5-1F5E-4EF3-9691-90F9B870B9B6&displaylang=en

Just signed up for Tavis’ blog on TazNetworks!

Fellow SBSer Tavis Patterson has a SBS/SMB blog located at http://www.taznetworks.com/rss/webblog.html with the RSS feed for it http://www.taznetworks.com/rss/tazrss.xml


If you haven’t found the power of RSS feeds and newsreaders, this is the time to get cracking…. I personally like newsgator but there is also IntraVnews


Advantage of IntraVnews – free for personal use


Advantage of Newsgator – plug ins that post to blogs, read and post NNTP newsgroups


 

ISA tools….

Until the ISAserver.org tools site is back up [Jim is at TechEd and he’s redecorating or something  ;-)  I found another site with ISA tools — http://www.toolzz.com/ISAToolzz.htm