Just another Microsoft MVPs site

Month: August 2004 (page 2 of 2)

OWA 440 Authentication Timeout

As I mentioned in my earlier post today, I migrated my server here at home this weekend.  Well, once the new server was online, the only hiccup I discovered was that I couln’t access OWA.  I kept getting this bloody ‘440 Authentication Timeout’ page in IE.  And I would get it instantly, so there was no way it was actually timing out.  A quick google on this error returned a half dozen pages of threads, with no resolutions.  As a result, I figured I’d better blog this for future reference . . .


The root cause of this is the IUSR_<servername> and IWAM_<servername> accounts’ passwords being out of sync (between AD & IIS).  Here’s the steps necessary to fix this.  (And make sure to verify that neither of these accounts are locked out in AD!  I missed that the first time around and spent an extra hour and a half trying to figure out why it wasn’t working! :^)


1)  Open AD Users & Computers.  Expand the Users OU, right-click on the IUSR_<servername> account and select ‘Reset password’  Reset the password to anything you want (however, it can’t be blank).



2)  Open this User Account’s properties and verify that the account is not locked out  :^)  Also, make sure that ‘Password never expires’ and ‘User cannot change password’ are selected.


3)  Repeat steps 1 & 2 for the IWAM_<servername> account.  Close AD Users & Computers.



4)  Open Internet Information Services  (Start | Administrative Tools)


5)  Expand <servername> | Web Sites


6)  Right-click on ‘Default Web Site’ and select Properties.


7)  Go to the ‘Directory Security’ tab and click the Edit button under ‘Authentication & Access Control’


8)  Enter the new password for the IUSR_<servername> account and click OK.


9)  Enter the password again to confirm and click OK.


10) Click OK.


11)  Open a command prompt and enter  iisreset


12)  At the command prompt, enter the following commands:
        cd c:\inetpub\adminscripts
        adsutil SET w3svc/WAMUserPass <password>    (Where <password> = the password you entered for the IWAM_<servername> account in AD Users & Computers)
        c:\windows\system32\cscript.exe “c:\inetpub\adminscripts\synciwam.vbs” -v
        iisreset


Voila!  That should fix you right up . . .    :^)

Swingers Rock – Yeah Baby!

Hey now, get your mind out of the gutter – this is a PG (ok ok, PG-13 ;^)  blog and I’m talking about migrations . . .


If you follow the microsoft.public sbs newsgroups, you probably know that I’m a big fan of temp dc migrations (or swing migrations as Jeff calls them).  Well, lucky enough for me – I haven’ had to do a migration like this for well over a year.  Fast forward to present day, and my poor little server here at home was dying a slow death.  (And yes, I admit that I’m using the term ‘server’ here *VERY* loosely . . . my COUGH server here at home was an old Dell Dimension XPS T500 . . . original specs when I bought that bad boy new back in the spring of ’99 were a P3-500 processor, 128 MB RAM, a whopping 8GB hard drive and Win98 SE.  Woo Hoo!   It has been upgraded a few times, so its current specs are P3-500, 384 MB RAM (don’t ask!), an WD 80GB IDE hard drive and a Sony SCSI DDS3 tape drive (Ebay special that I picked up for only $125 which included a controller card & 5 new tapes!) . . .


Anyway, she was slowly dying, and getting ever slower and sslloowweerr and ssslllooowwweeerrr.  Well as luck would have it, I had a friend who called me up a couple weeks ago to say that they bought a new PC and asked if I could get rid of the old one for them.  Yeah, sure – no problem.  So I stop by to pick this PC up, and to my surprise, it’s really not too old and has good life left in it.  I point this out, but they don’t have anyone who would need a PC, so I packed it up and brought it home.  The PC?  A Compaq Presario with an Athlon XP 1800 processor, 120 GB Hard Drive, 1GB RAM, DVD-ROM / CD-RW and a 17” LCD Monitor.  Needless to say, I didn’t dispose of it  :^)   Nope, I finally got an LCD monitor for home . . . yeah! 


So, with the help of a spare ‘bench’ PC, I did a swing migration of my home SBS this weekend.  I started yesterday afternoon, and the new server was in place by mid-morning.  Granted, this went a little smoother than most since it was an SBS2k3 – SBS2k3 migration (just moving to new hardware), but this reminded me why I love this migration method. 


1)     It preserves your domain.  No recreating user accounts, computer accounts, GPOs or login scripts. 
2)     Exchange?  Not an issue.  Literally drop the old databases in and you’re good to go.  You don’t even have to run the Mailbox Cleanup Agent.
3)     It is 100% invisible to the users & workstations.  Assuming that you’ve restored your shares prior to them logging on, they have no clue that the server was replaced.  Their profiles, data, etc. – everything is in tact.
4)     You always have a safety net in case something goes wrong.  If I wanted to, I could swap the servers again right now and put the old server back online, and it would continue servicing the network without any issues (besides the obvious data discrepancy). 
5)    You literally minimize your down-time.  Total down-time for me? About a half hour – really.  That was the time it took to shut down the old server, pull the tape drive out & install in the new server, boot up & restore my Exchange stores.  30 minutes later I’m online and have email access (which is the absolute necessity :^)  Oh sure, it’s going to take a total of about another hour and a half to restore all of my data shares from tape, but that gives me the opportunity to do other important things like post here . . .  :^)


So, the at your next SBS user group meeting, be sure to ask everyone, “So, do you like to swing?”  :^)

Another new category . . .

Another new post category has appeared – Peachtree – which will contain ramblings about Peachtree Accounting for Windows.


So where did this come from?  Well here’s a little tidbit of information for ya:  right before I graduated from college, I determined that Corporate America wasn’t for me (let’s just say I have a hard time keeping opinions to myself ;^).  Throughout most of my college years, I had single-handedly computerized my aunt & uncle’s diesel repair business.  I talked to them and secured a job so I could at least eat until I decided what exactly I wanted to do, then called up my recruiter and told her that no, I would not be taking the job at IBM (in Rochester, MN).  Of course, my mom about fell over when I told her that I opted for $12/hr over a starting salary of $38,500 + benefits.


Well, I ended up becoming the Controller or the family business (yes, I was a bean counter for several years) – and was generally known to be a pain-in-the-ass because of the level of detail / paper trail that I demanded.  Eventually everyone figured out that it was a whole hell of a lot easier to just do it my way from the beginning, otherwise I was going to make their lives hell until it was my way (proof that I was right about not belonging in Corporate America ;^)  I’m quite proud of the level of accountability I was able to obtain & maintain.  We used Peachtree for the simple fact that when we were deploying the first network back in late ’96, QuickBooks didn’t have a network ready version – only a single person could be in the company file at a time, and that just wasn’t an option.  Peachtree had just come out with a network version, so I went that direction.


For the 18 months before this, I had my aunt using QuickBooks to do very basic tracking, which was limited to A/R (invoices were still hand-written, so she maually entered the customer, invoice no, date & net amount simply so we could get control of receivables) and I had her keeping the checkbook register on their as well.  Since the extent of my bookkeeping application experience up to this point was with QuickBooks, implementing Peachtree was a bit of a learning curve.  Luckily I had taken accounting in high school, so I had a rudimentary understanding of debits & credits, how the journals related to the G/L, etc, but it was still an uphill battle for the first 6 months.  However, once I got past that initial curve, you couldn’t pay me to go back to QuickBooks.  Eww, yuck!  I had a handful of small businesses that I helped on a quarterly basis to make sure everything was in place and then prepare their quarterly reports.  Several of those were running QuickBooks and I dreaded having to deal with that software.  Now, I’ll admit that the last version I was exposed to was either QBPro 2000 or 2001 (can’t remember) – but at that time there were still things that drove me batty.  Basically they assumed that you’re stupid and made you jump through their hoops ‘for your protection’ – and damn did that burn my arse.  One example was the inability to do a single massive journal entry to adjust year-end account balances (which we usually get from our accountants for things like depreciation, etc.).  Nope, you’d key that thing in, only for QB to tell you that ‘you can’t use xxx account and xxx account in the same entry’   WHAT?!?    It balances, and it’s from the accountant.  No, you had to set up a clearing account and post each individual account adjustment to the clearing account.  Nothing like drastically increasing the data-entry requirements.  Argh.    The other area that constantly burned me was payroll.  Those of you that have done payroll accounting know that you almost always have a discrepancy at the end of the quarter, due mostly to fractions of cents, because each pay period your taxes are calculated on that period’s gross wages, whereas at the end of the quarter, the tax liability on your 941 is calculated on the total gross for the quarter, and you’re bound to be off a little (for me it was usually around a dime) from the calculated value and the amount you actually withheld.  As a matter of principal, I always paid the lower amount (which was almost always the calculated value).  So when I posted the FICA deposit check, that debited my Federal Payroll Taxes Payable liability account, but since I was paying the lower amount, the effectively left a dime in that liability account.  No biggie – just post a quick General Journal entry moving that dime from the tax liability account to a rounding account and you’re good to go.  That is as long as you weren’t using QuickBooks.  I’m giving Intuit the benefit of the doubt that they may have fixed this in recent versions, but at the time they had a wizard-type interface to pay payroll taxes and even complete the 941.  The problem was that QuickBooks expected you to pay the amount that was withheld.  There was no way to edit / adjust this.  So when it hit the end of the quarter and the 941 indicated that the customer owed X, QuickBooks didn’t care – they made you send the amount they showed you owed.  As a result, you often ended up entering a fractions of cents adjustment on the 941 to ADD TO THE AMOUNT OF TAXES YOU HAD TO PAY.   Nope, I definitley didn’t like this. 


The other PITA was Unemployment.  Again, this may have been fixed in recent versions as it has been a couple years, but at the time there was no unemployment tax report in QuickBooks.  For those of you not familiar with unemployment, employers in most states pay two different unemplyment tax – Federal Unemployment & State Unemployment.  Federal Unemployment is only taxed on the first $7,000 that the employee earns.  State Unemployment naturally varies from state to state.  In 2004 in Iowa, state unemployment is taxed on the first $19,600 that the employee earns.  Since there is a cap on this tax, you need to know what the employee’s taxable earnings are each quarter, which QuickBooks didn’t provide.  We ended up keeping this in a separate Excel spreadsheet for the customers using QuickBooks so we knew taxable wages for each employee so we could complete the state form.  How did Peachtree handle this?  A simple report.  Pick your Unemployment Tax (State / Federal) and pick your quarter, then you got:


Employee Name      SSN        Gross Wages         Taxable Wages        Exempt Wages    


Which was the exact information we needed.  And don’t even get me started on inventory.  As of QuickBooks Premier 2003, the only costing method was Average!  Come on, where’ LIFO/FIFO?!  How can you do decent inventory accounting with an average costing method?  I’ll concede that QuickBooks has more gratuitous bells & whistles (Peachtree 2004 was the first version that allowed for emailing of forms from within the program).  But I am completely confident that I can get better records and have a better paper trail with Peachtree.  I guess I feel more comfortable and secure with my double-entry journals & general ledger. 

Ok Marc, here you go . . .

You requested it, so I added a category for Retail Management System.  Now, I can’t guarantee that I’ll be posting much in that area in the near future, as Amy is our resident RMS expert.  However, here’s something I’m going to throw out, not only for RMS’ers, but for SBS’ers as well:


Have you guys checked out SQL Server 2000 Reporting Services yet?  All I can say is WOW!!  Earlier this week I posted about one of our customers and their painful accounting system migration.  Well, I mentioned in there that they had extensive customizations?  Well, the customizations weren’t to the app itself, but they used custom Excel spreadsheets that pulled data out of the accounting system, and gave them their job reports (they’re a mechanical engineering / HVAC general contracting firm).  Basically, these custom spreadsheets would give them awesome information – to the point that they ran the business off of these spreadsheets.  For any given job, the various spreadsheets would give them proposal vs actual numbers, labor breakdowns, material costs, etc.  They could know exactly where they were standing in terms of profitability on each job at any given point in time, and one of the speadsheets would create detailed monthly billing for whichever job you selected, accessing all of the time ticket entries in the accounting system, totalling & grouping hours for each workman type (journeyman, etc.) since they have different billing rates, as well as access materials requisitions, automatically calculate markups on those, etc.  The current accounting partner is working on creating many of these reports within the accounting app itself, and it is taking much longer than anticipated (and costing the client much more than they anticipated).  And due to the complexity of some of the reports, they run very SSLLOOWW since the data is on the server, but the client is doing the processing for the report.


Ok, so you’re probably wondering what this has to do with the SQL Reporting Services, right?  Well, the accounting application has an optional ODBC connectivity module that allows various environments to connect to it’s data (read only) via ODBC.  Luckily for me, the client bought this module.  SQL Reporting Services can connect to a wide variety of data sources besides SQL, including Oracle, Paradox, OLE DB & ODBC.  So, now do you see where I’m going?  We can install SQL Reporting Services on the client’s SBS 2003 Premium, access their accounting data via ODBC (which conveniently enough lives on the same server), build our custom reports and publish them to the server, where users can run them from their web browser.


Now, let’s go one step further – SQL Reporting Services allows for a push model.  Therefore, users don’t have to necessarily go and open the report they want every time they want it.  For example, with our client their project managers get a report on each of their projects once a week so they know where they’re sitting in terms of profitability / budget.  With SQL Reporting Services, once we get this profitability report built, each project manager could configure the server to automatically generate these reports and send them via email on a set schedule.  So we go from just a few months ago where the girls up front were printing a separate report (via those Excel spreadsheets) for each active job, collating according to project manager, and giving each PM a stack of paper every Monday, to the server handling the dirty work and dropping the right reports in each PM’s inbox . . .   boy, if I can pull this off, Amy, Cynthia & Rena will really love me . . . :^)  


The only potential downside is for the accounting partner – I have a feeling it may not bode well for them if I can provide a faster, integrated, scalable reporting solution in a fraction of the time that the other partner has taken and for pennies on the dollar of what the other partner charged . . .  :^)   But I’ll let them worry about that after I get Reporting Services installed and a report or two configured . . . 


In short, this opens a huge window of opportunity for us to provide additional value and big business solutions to small business.  I’m also going to argue that this is a perfect reason for retail shops to deploy SBS Premium as well.  Besides the general benefits of SBS (Exchange & RWW), Reporting Services offers an impressive custom reporting solution for the RMS data.  I’m going to have to get myself familiar with this quickly.  We have a retail customer where in about six weeks we’ll be deploying RMS at their primary retail location, along with SBS & RMS Headquarters at their corporate office, and they’re deploying Great Plains for accounting as well.  Then over the next year we’ll bring each of their four other retail locations online.  I can already foresee that Reporting Services combined with that RMS & Great Plains data will allow us to provide them with some impressive value-added reporting options . . .    Ooooh – this is exciting!   (Can you see my database developer side coming out?)


Reporting Services requires a valid SQL 2000 license, and can only be installed on the SQL server.  In addition, you need to have a copy of Visual Studio to build your reports (yeah MSDN Universal Subscription!)  Anyway – there’s a great demo of SQL Server 2000 Reporting Services here.  I strongly suggest you take approximately 20 minutes to watch it . . . .  You can download the trial here, or you SBS Premium owners can order it (only cost you S&H) here.

Satisfied customers are one thing . . .

. . . and then there’s those customers who not only love you, but truly trust and depend on you.  I *love* building those types of relationships. 


Case in point . . .  we have a customer who we replaced their entire network infrastructure, including most of the cabling.  Well, this customer had an old Novell 3.12 server, tired old Win98 clients and an archaic DOS-based accounting application from 1986 (I shit you not!).  They really didn’t want to change their accounting system, as it did everything they needed it to – however, it absolutely would not run on anything newer than Windows 98, so they upgraded their accounting system as well.  They opted to go with a new Windows version of their same software, and enlisted another partner to assist with that migration. 


Our network migration went off without a hitch – SBS Premium, 10 PCs, all data including individual user profiles migrated, including moving data into Sharepoint, all in about 3 days.  The accounting system – well, that’s an entirely different story.  Short story is that their old system was extensively customized, and apparently the partner drastically underestimated the time / effort / complexity of the customizations the client required.  The other huge issue has been with the performance of the new accounting app (or lack thereof).  This is a Windows application, but is really written and deployed like old DOS apps.  For example, each module (A/P, A/R, G/L, etc) isn’t a single program, but actually up to a few dozen different programs – so that when you open a new window, you’re actually opening a new program.  Next, their standard deploymnt is to install this on the server, and each client just has a shortcut pointing to a share on the server and run this across the network.  They have three people using the accounting system, and the partner couldn’t understand why it was so SSSLLLLOOOOWWWW . . . .  hmmm, depending on what they’re doing, each accounting user could have three or four different programs that they’re accessing simultaneously across the network, plus the data traffic.  Now throw in the four Project Managers using Project and AutoCAD (pulling those files across the network), everyone having their Outook open, Messenger, etc.and the multiple Access databases and Office files constantly being accessed . . . hmm, I wonder why it’s slow.  Of course the other partner tries blaming it on my anti-virus.  Sorry dude, but there’s no way in hell you’re getting me to disable A/V . . . 


Anyway, I was onsite this morning to install a fax modem & configure SBS fax for them, and the Vice President (& controller) was talking about how the accounting app was so unbearably slow.  All of the other applications ran great – but of course, the accounting app is the major one.  So I started tweaking as much as I possibly could.  Out of sheer luck, I found new drivers for the LAN nic were just posted last week, so I downloaded & installed them, tweaked a few extra settings (disabling QoS, hard setting workstations to 100 full, etc.) and was able to get a significant speed boost.  You can literally miss the login script if you blink (which maps several drives, updates Trend’s OfficeScan client, etc.)  This network is screamin’ . . .  which means that the accounting app is at least usable.  (No more waiting 7 minutes for a report – and no I’m not exaggerating, we timed it).  But it’s still sluggish at best. 


I was able to get this speed boost shortly before the accounting partner happened to show up.  He still insists that the speed issue has to do with our network, because he has other clients setup the same way without any speed issues.  (Nevermind that it’s plain Windows server in workgroup mode with no A/V and nothing else going on on the network.)  And despite my recommendations, he won’t install the accounting application locally on each workstation to at least see if there is a performance boost.


Anyway, the speed boost made the Vice President’s day – and she was so pleased that she insisted on buying me lunch – while the accounting partner was left in a corner to work on some report . . . .   :^)     That made my week!

Of all things to bring people to my blog . . .

Ok, so I’ve been watching the stats on my blog somewhat consistently – and I’ve gotta laugh.  Want to know what post gets the most hits, over 3 times as many as the #2 post?


Oh Stormy Night


And you want to know why?  Because everyone and their Grandma appears to be googling the   r u s t o l e u m
e p o x y  s h i e l d  g a r a g e  f l o o r  c o a t i n g, and ending up here of all places.  How’s that for amusing?  Sorry for the spammer spacing there, but I thought I’d spare the googlers another hit  . . .   :^)

Whoa – It’s August?!? I must have missed that memo . . .

But seriously – where does the time go?  It’s just a complete blur, and any more I feel like I’m just hanging on for dear life on a runaway train . . .


I started thinking about this two weeks ago when I received an email from my MVP lead (John ROCKS! – really – I mean, how can you go wrong with an MVP lead in a kilt??  :^)  Anyway, John emailed me with the wonderful annual questionaire since my award is up for renewal in Oct.  My first reaction was ‘my God – it’s been a year already?!?’ . . . then as I thought back over the last year, I realized that my newsgroup participation dropped drastically after the first of the year – to the point where I practically fell off the radar for about four months.  Sure, there are reasonable explanations as to why (primarily a new business venture that took off at the end of January that consumed just about every free minute I had) – but that doesn’t change the fact that I feel like I haven’t given to the newsgroups like I have in the past, and I hope to rectify that . . . now if I didn’t have to work for a living, that would be *so* much easier . . .   :^)


While I definitely have community activity over the past year, with co-founding the Greater Omaha Small Business Server Users Group and launching it’s website (www.gosbs.org), a relatively new pet project with Nick at www.smbfocus.com,. and a few development projects that will hopefully benefit the community (if I can finish them before I die ;^), I still consider the newsgroups ‘home’ – that’s where I was introduced to this absolutely wonderful, world-class SBS community we have, and that’s where I feel like I should be devoting more time . . .


So, I guess I either need to find a QFE that adjusts the registry entry for MaxHoursPerDay from 24 to 48, or I need to start thinking about getting a clone . . .  :^)

Newer posts