Windows 7 in an unknown network Zone

I have a machine (Windows 7) on a domain but it tells me it is in an Unknown / Unidentified network zone and therefore has applied the Public firewall profile.
You can’t ping it, remote desktop to it or any other form of remote management.

I looked about on the internet for a solution and found many that made it look so easy to fix, but none of them worked.

(Example http://www.sevenforums.com/tutorials/43629-network-location-set-home-work-public-network.html)

I believed that there was nothing to loose so I opened the registry editer on the machines (Normal warnings about caution apply when editing the registry).

I navigated to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles

I exported the profiles key as a backup.

I then deleted all profiles under this key.

I rebooted the machine and it was fixed. It found the domain, hooked into the domain zone and applied the domain profile. All is working again.

 

 

Tags: , ,

Watch out Australian Businesses!

My business is happy to sponsor well-meaning community efforts. We were legitimately listed in the AiPol (Australasian Policing) magazine last year.
We can’t throw money away and only advertise when we can.

 Imagine our surprise when we had an Ad in the “Crime Alert” publication, but never placed it.


 The Ad is a form of sponsorship and we never signed up for it. We never had a hand in designing the Ad and never got to see it before it was “Published”.
We had our Credit card debited and have since successfully had the money refunded.

We new we had been scammed somehow and moved on.

Then we started getting more phone calls about more magazines we apparently sponsored and now owed the money for.

The list so far includes
  • Crime Alert
  • Volunteer Rescue Forum
  • Sun smart Kids
  • Neighbourhood Support Guide
  • Street Watch

 

All of these are around the $440 Ex Gst price (AUS) and all the Ad’s appear to be lifted from company websites.
The content of the publications also appears to be lifted from Websites.
The email contact addresses are @Hotmail.com or @Bigpond.com.au and bounce back.
They all have answering services on 1800 or 1300 numbers. Their addresses all seem to be in QLD.
When you have them on the phone, all deny knowing about the other publications.

All have the same stamp “Proof of Publication” in the rear of the publication.
All have laser printed ads in them that texturally feel different to the rest of the magazine.

None of them have a presence online and the phone numbers do not appear to be in Google.

This scam is known as a Charitable publication scam or Directories and advertising (false billing) scam
Charitable publication scams happen when a telesales agent calls a business selling advertising space in a bogus publication for a seemingly good cause. The caller will give the impression that the publisher is partnered with local charities, emergency services, crime prevention or community health initiatives. Sometimes the caller will say that a business has placed an order previously, or even that someone else in the business has agreed to take out the advertising space. They will either ask for payment details upfront for a 10% discount or already have your credit card details. All offer to send out a proof of publication with the Invoice. This does arrive but looks suspect. In general the fraudsters may also send the business invoices whether or not the victim has agreed to take out the advertising space. They may follow up the invoices with threats of legal action.

So if you get a call like this from a publication you have no connection with, write down their number, name and the publication name and contact the ACCC and Scamwatch.

 

 

Programmatically alter “Automatically Detect settings” in IE through VBS

I am trying to turn off the “Automatically Detect settings” in the proxy settings in Internet Explorer (IE), using vbscript (vbs).

It is not as easy as you would think. There are loads of forums out there where people are trying to find the answer. I now have working code, for my version of IE in my environment and whilst you need to do your own testing (not on production machines) I want to let the world know how I did it.

The problem is that this tick box is set by the following registry keys

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings

The value is binary and whilst reading this with vbs is easy, changing the huge Hex value into something you can save back, is almost impossible. The REG_BINARY in the Regwrite method wants an integer.

The value looks something like this (This has been edited to keep details private).
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections] “DefaultConnectionSettings”=hex:46,00,00,00,67,38,00,00,03,00,00,00,10,00,00,\ 73,74,72,61,2e,63,6f,6d,3b,2a,2e,6a,68,67,2e,6c,6f,63,61,6c,3b,31,39,32,2e,\ 02,00,00,00,c0,a8,02,45,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 73,74,72,61,2e,63,6f,6d,3b,2a,2e,6a,68,67,2e,6c,6f,63,61,6c,3b,31,39,32,2e,\ 02,00,00,00,c0,a8,02,45,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 02,00,00,00,c0,a8,02,45,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 64,61,74,a2,2c,55,62,09,d5,ce,01,00,00,00,00,00,00,00,00,00,00,00,00,01,00,\ 00,00,02,00,00,00,c0,a8,02,45,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00 “SavedLegacySettings”=hex:46,00,00,00,d1,4f,00,00,03,00,00,00,10,00,00,00,31,\ 02,00,00,00,c0,a8,02,45,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 2e,74,65,6c,73,74,72,61,2e,63,6f,6d,3b,2a,2e,74,69,70,74,2e,74,65,6c,73,74,\ 02,00,00,00,c0,a8,02,45,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 38,2e,32,2e,2a,3b,3c,6c,6f,63,61,6c,3e,00,00,00,00,01,00,00,00,1a,00,00,00,\ 02,00,00,00,c0,a8,02,45,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 74,a2,2c,55,62,09,d5,ce,01,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,\ 02,00,00,00,c0,a8,02,45,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00

I spent ages reading how the individual offsets changed certain details. I tried to work out how to change certain parts of these values. I also tried to work out how to reset these values back to a default settings.

Lot’s of people are arguing online what each value does. I got to the point where that was all meaningless.

I looked at importing a reg file to solve my problem. Then I had a change of thought. What if I could somehow force something into this key that blanks all settings but the one I want, and then trough code, add back the other values I needed.
If i can find the code I need and if IE rebuilds the rest of the key, this might be possible. I deleted the whole key. Went into IE and unticked just the “Automatically Detect settings” setting.

I then reviewed the registry and noted that the value of that key was now very simple. It was basically “0F”  and the rest of the data was made up of “00″. So, I wrote my vbs code to delete the key, put back “0F” and then wrote the remainder of what I needed into the settings and … it works !
WSHShell.Regdelete “HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings” WSHShell.Regdelete “HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings” WSHShell.RegWrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings”,&H46,”REG_BINARY” WSHShell.RegWrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings”,&H46,”REG_BINARY”

 

The rest of the code was

 
WSHShell.RegWrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable”, 1, “REG_DWORD” WSHShell.RegWrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer”, Proxy IP WSHShell.RegWrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride”, “IP addresses or servernanes here;<local>” WSHShell.RegWrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisablePasswordCaching”, 1, “REG_DWORD” ‘WSHShell.RegWrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\Autoconfig”, 0, “REG_DWORD”

This now leaves me with “Automatically Detect settings” off, “Use Automatic configuration script” off, “Bypass Proxy for local servers” on, Proxy details all filled in and a bypass list created.

Perfect !

Tags: , ,

Backups !

Do you have data on your workstation or home PC that should be backed up? Hard drive failure and data loss happens all too often. Hard drives are getting cheaper and seem to be more prone to failure. USB hard drives are fragile and easily knocked and then fail.

Do you have baby’s first steps? Your wedding? Financials all on a special drive? I have seen many parents almost be physically sick when they loose … everything.

Backing up is not just a server “thing” All your data is important.
Where I work, we are reminded about data backups all too often. We are doing data recovery too often.

When we go through this with clients, we often impliment a personal plan … and stick to it for 6 months, maybe a year. Then it falls by the wayside. Suddenly a client looses data again, we panic and we start our own personal backups agian.

Well …. A laptop at my office just failed. Guess what? Last backup was 3 months ago. It does contain data that is not on the server.

We are a small business. Just like many of our clients. We understand small business preasures. We know what is important to them. We suffer the same issues.

Time to revisit the backup schedules for Key machines.

Tags: , ,

What is a HP (Hewlett Packard) Carepack and why do I care?

It is your HP hardware insurance. After the original warranty has expired, it allows you to annually, in simple terms, “extend your warranty”.

It allows you to also upgrade to a better warranty with better support.

 

A Carepack is a service provided by HP to look after the HP hardware and any labour associated with replacing failed hardware, in your systems (Servers, desktops, printers etc.).

You can have a standard one where you get a next day response from HP, 5 days a week, or maybe a 4 hour response 24×7. It contracts HP to give you service and have parts available for you.

 
The longest Carepack we have had in service was 11 years. The client’s warranty expired at year 3, they kept renewing every year thereafter. Their server was “Under warranty” for 11 years.

 

Servers WILL fail. It is question of when and what will you do when it does. Items in servers are working 24×7 and as they are mechanical, they will fail. They get hot, dusty and wear out.

Typically hard drives and power supplies fail at the year 4 mark. These items cost lots of money.

 

The Carepack is typically less than the cost of the commonly failing parts.

 

Don’t let your Carepack expire. If you let it expire, you can’t get back the same agreement.  You can get more expensive offerings that cover less options as it is after the warranty period.

 

Carepacks cover the courier to get parts to you, storage of parts for your type of server/or other hardware, a HP engineer to visit the site and the parts.

They cover any testing/Diagnostics you do with HP over the phone (Using your own time). All of this within the terms of your Carepack (e.g. you can get weekday 9-5 only, 24 hours a day or other combinations).

 

Carepacks do not cover 3rd party hardware failures, the time it takes to repair software issues (update drives and firmware), any time IT companies help you to diagnose an issue (including swapping parts in and out).

Carepacks do not cover the recovery time from backups nor time to quickly backup all your files. Your data becomes your problem.

 

If you do not have a Carepack, you fall into the second hand market (or old stick market). This means you self-diagnose, search online for the part, if it is from overseas, have downtime whilst it ships to you and it sits in customs.

There might be Customs duty, GST and then the part you receive .. might be faulty or damaged in transit. Maybe it has firmware and boot screens in a different language or is a different revision, shape to what you had.

(This is even if you can find the part in the first place)

 

You then need to fit it and hope your software will accept the new part and hope you got the correct part. Windows might reject it and not run. You might be without your server or other hardware for weeks.

 

Let’s give you a real world example. We practice what we preach. We have a 5 year old server at Business Technology Partners. In the last year we have had a few hard disks fail (at about $500 each).

Our Carepack is about $800 inc GST. We have had hard drives changed, quickly, no expense to us, no data loss and no downtime. Sounds good?

(It covers the price of the Carepack!)

 

Yesterday our server motherboard and a ram stick failed. This obviously has a business impact.

We contacted HP, ran the diagnostics they requested, organised for a site visit and waited for the engineer. He came out, replaced the motherboard and isolated the ram fault.

This took about 2.5 hours and was at no cost to us (Except the downtime which was very low as the parts are made available to us from our local capital city).

 

I decided to price this up.

The motherboard sells online in a new condition (but old stock) from overseas at $1000 USD. The Ram is $512 ex Gst. The HP engineer’s time is over $200 ex per hour, with a minimum of 2 hours.

(HP make the same reconditioned board available in limited quantity for current HP owners without Carepacks for about $1600 ex GST.)

If I got for the overseas board, it will take ages to get here and there will be GST payable.  Is the board someone else’s refuse? Am I sure it is new ? was this from eBay and do I need to wait for the auction to finish?

 

HP spare parts are hard to obtain at this age. If I have to rebuild my network onto a new server platform it would easily cost over $20,000 for a new server plus weeks of delay sorting that out and at least 80 hours of IT services on top.

Can my business sustain this ?

 

Suddenly the cost of a Carepack in downtime and financial costs, is cheap. Suddenly I can see where the insurance pays off.

 

If you can’t pay your Carepack all at once, see if you can spread payments out over a year. It is worth it !

 

 

 

Tags: , ,

Time to eat humble pie (A PayPal followup)

I recently posted that

It only takes one small event to destroy the goodwill of hundreds of events.

I need to follow this up and say that “goodwill can be earnt by great deeds”.

 

I need to give a big thank you to PayPal. Whilst they did not refund my lost money that I disputed (due to Terms and Conditions). Whilst I still do not have my product. Whilst their communication via email was not very useful and I had lots of stress working with them towards a solution ….

 

… they have made a Goodwill payment to cover my loses. They did not need to legally do this and it is not a normal procedure. They have covered my payment and made me a happy man.

 

I am not sure if this is in response to my tweets, Facebook or blog posts. It might even be from the dispute customer service survey I filled in.

 

Regardless, my faith is restored. This was a selfless unnecessary positive act. I am back in love with Paypal.

goodwill can be earnt by great deeds

Tags: , ,