Technology Made Simple
Friday January 15th 2021

Insider

Archives

Q&A Monday: Hard Drive Wipe

Question:

At my company we are throwing out a bunch of older computers, and I want to make sure that all the data on the computer and servers are completely non recoverable, is there an easy way to do this?
Answer:

I’ve seen two major approaches to this kind of problem.  One of them being the low tech approach, where you just physically destroy the hard disk drives, usually drilling them or by just smashing them…and even one case putting them through an industrial shredder.  This way, you have to make sure that the disks inside the hard drive case are destroyed.  This was usually a great task to accomplish after some particularly frustrating days in the office.   But there was only so much that could be done in a given time.
The second approach is a software that will erase the hard drive information.  I’ve seen some first time admins, just format the hard drive, and this isn’t 100% guaranteed to make all the data unrecoverable.  I’ve seen companies pay alot of money for a secure format of their hard disks, but for my general use I’ve been using Darik’s Boot and Nuke as my personal program of choice.  It is a simple program to use.  You download it from the website, and burn it to a CD.  Then reboot the computer and boot to the CD, follow the promts and then wait…one it is done running you harddrive will be good to throw in the trash and be confident that you hard drives will be safe.  I’ve burt multipul copies of this CD, lined up a bunch of computers and just let them sit and erase.  This does take some time, so I found it’s usually better to set it up at the end of the day and then just check on them the next morning.

——————————————————————————————–
If  you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question.  Check back every Monday for a new Question and Answer session, and check back Wednesday and Friday for other technical insights

Windows Printer Pooling

Microsoft Windows Logo    You may run into a situation where you need to pool a bunch of printers together and have the jobs printed to them spread out amongst different printers.  One example is if you company prints a bunch of reports on a regular basis.  Printing to just one printer (depending on the size of your reports) could take forever, yet if you spread the jobs out over several printers, you can make everything work faster.  That is the idea behind printer pooling in NT, 2000 and XP (might be in Vista or 7, but haven’t checked yet), plus it may be cheaper for your company to print to a bunch of smaller printers than a couple giant ones.
Configuring Printer Pooling is very easy, you start by configuring the printer as you would a standard printer. Then by using the Ports tab of the Printer Properties you can check the “Enable Printer Pooling” option at the bottom of the dialog box. This will allow you to add and select ports for each of your additional printers.  If these are network printers, they will need to be added first, before they appear in the ports box.
Now something to consider when creating a printer pool, all the printers in that pool will print off of one driver.  This isn’t too bad when all the printers are the same model, but when they are different models, you’ll need to find a driver that will work with all the printers.  If you have the same make of printer, but different models most cases the oldest printer model driver should work for all the printers.  Yet, if it’s a mix bunch like Xerox, HP and Dell, then you need to experiment and make sure you find the driver that will meet you needs.  I have heard that some mixes pairs like Epson inkjet and a HP laser printer wont work together because these two devices have distinct data streams which are incompatible with each other.  So make sure everything is tested and work together before you make this pool public.
Now something to remember, the printer pool will always print to the first printer in the pool, and then to every other one.  If you do a lot of printing, it is a good idea to keep all the printers in the pool in the same general area, because in a heavy printing enviroment, it is impossible to predict where the print job will end up, so save the workers the hastle of running around the office to see where their document printed, and keep them all in the same area.

Virtualized Domain Controllers

I got a call yesterday from my old job, it was the software specialist who was having problems with the VMWare 3.51 server which I installed a couple of months before I left.  Though by the time I was able to get a break and call them back, but it got me thinking about my first VMWare environment I built.  I made a blunder that first virtualization…well 2 actually, but one of them hopefully I can help you to avoid.
One of the first servers I got on the VMware enviroment was one of our domain controllers.  The domain controller we had was outdated and many time unable to hold up to the task of being a domain controller.  So with the VMware environment, I hoped to sort that out.  I virtualized the server and for the first day things seemed to be going OK.  Yet, I noticed over the next couple of days, the time on the server moving ahead.  This was a problem, because all of our workstations used this server for their time.  Then some of the other servers starting acting up because of the time discrepancy.  It was an easy fix, that I want to impart to you, so you don’t make my rookie mistake.First, inside the infrastructure client option, ensure that the option “Time synchronization between the virtual machine and the host operating system” is unchecked.Secondly, I our domain controller was not set to use an external time source (like time.microsoft.com). The procedure is simple and can be found in detail on Microsoft’s Knowledgebase article 816042, but in essence, it comes down to setting the following registry values under

HKLM\SYSTEM\CurrentControlSet\Services\W32Time\:

  • Parameters\Type = “NTP”
  • Parameters\NtpServer = “time.windows.com,0x1”
  • Config\AnnounceFlags = “5”
  • TimeProviders\NtpServer\Enabled = “1”
  • TimeProviders\NtpClient\SpecialPollInterval = “60”

Finally, you need to restart the W32Time service at the domain controller using net stop W32Time followed by net start W32Time, or you can just restart the server like I did.  Though if you are going to restart the server, remember if it’s the only domain controller in the domain, you wont be able to log on or authenticate during the downtime.  Luckily we had a physical domain controller to handle the load while I was rebooting.
Now it’s always a best practice to have two domain controllers to a domain, for fault tolerance, but in this case, I decided to keep a physical domain controller and a virtual domain controller.  Our enviroment only had on Dell Equilogic SAN, which stores the VMware files, so incase that went down I wanted a physical one in it’s place.  Though if you have a more robust network, you could put two virtual ones in, as long as they don’t reside on the same hardware.
So hopefully I’ve given you the domain controller virtualization tip, so you’re not driven as mad as I was when you do it.  I know Microsoft kind of discourages you from making a domain controller virtual (SEE KB888794), yet I’ve seen it work flawlessly and give you a Hight Availability (HA) with your domain controller and even seen it work well for Disaster Recovery(DR).

Q&A Monday: Domain Password Last Changed

Question:

I am in a situation on where I need to find out when the last time a user changed their network password.  Our domain policy forces the change in account passwords every 120 days, and a user is claiming that it’s been longer than that, I checked the GPO and everything looks OK, but is there a way to actually check the last time someone changed their password?

Answer:

I’ve run into this situation before, where a user is unsure when the password was changed and believed it was way passed due.  I did some searching around the internet and found a couple of scripts that would do this for you.  After testing out a bunch of scripts, I found one that would do what I wanted and was actually easy to you.  This script came from http://www.rlmueller.net.  It was very simple to run, and gave me password last set dates for every user in my domain.  Here’s how I did it.

  1. I downloaded the program from the website – direct download link here
  2. I renamed the PwdLastChanged.txt to PwdLastChanged.vbs (renaming this file to a VB Script so we can run it)
  3. Open up a command prompt and browse to where you downloaded the script (for me it was my C: drive)
  4. run the following command: cscript //nologo PwdLastChanged.vbs “c:\Report.txt”
    NOTE: the C:\Report.txt can be changed to whatever you want
  5. You browse to the location of C:\Report.txt (or wherever you pointed it) and you have two options
    1. You can just open the Report.txt file and look at the information
    2. I renamed the Report.txt file to Report.csv and opened with Excel and made the information  more readable.

Now this script is not only handy for finding out when a user is due for a password change.  I’ve also been able to use this script to find out accounts that are not in use anymore.  Because if a password falls outside of the set password expiration time, you can assume that the account hasn’t been used in that time frame.  For example, your password changes are forced every 4 months, and you see accounts with 8+ months since the password has been changed, it may be an old inactive account.  Now this wont work for everyone, but it is a good place to start.

——————————————————————————————–
If  you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question.  Check back every Monday for a new Question and Answer session, and check back Wednesday and Friday for other technical insightes.

Changing IP Address of VMware ESX Host

I’ve come into many occasions where I needed to change the IP address of an ESX server.  In one ocassion there was tiering a network so the servers were on a different network from the workstations, and in another it was moving the ESX server to a test network where it could not touch the network where it came from.  So on both ocassions I spent time talking with VMware Support to help me resolve the issue, and the instructions that they have given me were very simple and straight forward.  I wanted to post an entry where I went over those steps, becuase I know I can’t be the only one running into this situation (and constantly forgetting).  All you will need to do this is either physical access to the server or SSH access.  Note: Because of the changing of the IP address, I suggest you physically be at the server if at all possible.

If your server is ESX 3.X or 4.0 Follow These Steps:

  1. Log in as root to the ESX host (either using the server or a SSH connection)
  2. type: service network stop
  3. Run “esxcfg-vswif” command to change the IP of the hosts:

    esxcfg-vswif -i NEW_IP_ADDRESS -n MASK_ADDRESS vswif0

  4. Edit the /etc/sysconfig/network file and change the gateway IP if needed.
  5. Run the following command to restart the network:

    service network start

  6. Add the host back to VirtualCenter using it’s name or by its IP Address.
  7. Reconnect host to VirtualCenter so you can manage it again with Virtual Center.

Depending on your set up, you may have a virtual center to connect it to, if you don’t you’ll need to get one set up so you can connect the license to the ESX host.  Remeber as always make sure you have enough proper licensing to do this and that you are still in proper use of VMware’s licensing.

Q&A Monday: Server Disk Defrag

Question:

I was recently promoted to a Junior System Admin role at my company, and server maintenance has recently come under my job responsibility.  I was wondering if it is a good idea to defragment the disk on the servers?  We occasionally do defrags on the local PCs, but does defraging a server really help?

Answer:

Ah yes, the server defrag question.  When I got my first job as Jr System Admin, I ran into this question as well.  The company I worked for at the time, didn’t really have a maintenance schedule, so our server were usually heavily fragmented and we would have some slow server response times because of it.   Though when you’re learning you tend to just get use to that kind of stuff…I did.  When a couple years later I was promoted to System Administrator for that company I implemented a software called DisKeeper on all of our servers.  I was amazed to see that installing the software and scheduling frequent defragmentation jobs on the servers did seem to improve the processing speed of those servers.  Now this improvement wasn’t like night and day, but files did copy a little faster, the databases did run a little faster.  Now on average I saw processing performance from the servers in the area of around 15%-20%.  Though in that company it wasn’t the silver bullet, just for the shear number of data that we housed in the data center, but it did make a difference from what I saw.  Though your results will vary, because as I mentioned the servers were heavily fragmented, but every server can use a little touch-up.  Defragmentation should be one of the many steps you should use in order to make sure your servers are running at the peak of performance.  Each server type will have it’s own ways to optimize output and keep you as sane as possible.

——————————————————————————————–
If  you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question.  Check back every Monday for a new Question and Answer session, and check back Wednesday and Friday for other technical insightes.

Remove the .NET Framework Assistant for Firefox

Like me you may have abandoned the Internet Explorer browser for the more secure Firefox.  Well if you recently updated your computer, Microsoft may have snuck a vulnerability into Firefox without even telling you.  If you take a look at the installed add-ons in Firefox you might notice an add-on called Microsoft .net Framework Assistant. If your like me, you might not have remembered installing it, and it’s because you didn’t Microsoft did. The second thing that you’ll notice is that you cannot uninstall it as it is grayed out.  Well like me, you don’t like Microsoft putting possibly security holes in software that isn’t theirs, so you’ll want to remove it, and here’s how to do it.

NOTE: As always this fix requires you to modify your registry.  It is strongly recommended that you backup your registry prior to making any changes, so that in the unlikely event of problems you can restore the registry back to the way it was.

To remove the .NET Framework Assistant for Firefox from your computer, follow these steps:

  1. Close FireFox (not sure if this is necessary, but a good rule of thumb)
  2. Click Start, click Run, type regedit, and then press ENTER.
  3. Locate on of the keys below (depending on your operating systems) and then click the following registry subkey.For 32Bit computers:
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions
    For 64Bit computers:
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions
  4. You’ll see a subkey called {20a82645-c095-46ed-80e3-08825760534b} delete it and reopen Firefox and you’ll see that it’s gone.
  5. Log on with an account that has Administrator permissions.

Now you’re Firefox is purged of the uninvited .Net add on.  I have a problem with things being installed in Firefox without me choosing to install it.  I’ve seen a lot of outrage on it, so hopefully Microsoft has learned their lesson, but something tell me like usual they wont and this is just a start to their installing patches in other operating systems.

Q&A Monday: Change Remote Desktop Port

Question:

Do you know if there is any way to change the port number of remote desktop? I am looking to make RDP more secure by changing the default port on our servers.

Answer:

There is a way to change the default port for all supported versions of Windows and it isn’t really that complicated.  By default for those of you not aware, Remote Desktop works on port 53389.  Jobs where I’ve used remote desktop as the primary means for connecting to servers (though not my ideal way of connecting to computers or servers)  I generally recommended that we use the firewall to assign a different port and NAT the port number to the default one.  Though in today’s’ world you have to be aware of both external and internal attempts to view data.  So if RDP is used, it is smart to change the port that’s used.  This also adds a step to connecting to computers and servers, but makes just randomly connecting to a resource a little more difficult.
To make the quick change you need to modify the registry settings for this to occur.  NOTE: As with every time you make changes to the registry, I recommend you make a backup of the registry prior to making the change. You need to browse to the following Key:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]

In this Folder you want to find the “PortNumber” key and double click it or right click and modify, to get the edit screen to pop up.  By default, this will give you the Hex value “d3d”, but if you click on the decimal radial, you’ll see the numbers in plain.

For this example I’ll pretend you want to turn the default 3389 to 13389 (you can choose whatever you want it to be), you just need to add the value in here, click back to the Hexadecimal value (which is automatically convereted, in this example d3d becomes 344d).  Click OK, and restart your computer or server.  One the computer/server comes back online, it should be listening on the new port.  Of course you will want to test it out, and get use to connecting to the new port.  One up the Remote Desktop Program and type in the server/computer name, a colon, and the new port.  For my example, like this:

This will make sure that you connect to the server/computer, otherwise the Remote Desktop Program will try to connect to the old port and the computer/server will no respond on the old port.

If you are doing this to many computers, or you just want to be lazy (like I do some times), I’ve included a zip file with a batch script and a registry key.  You could add these to your logon script and run them that way.  Please make sure you backup the registry or thoroughly test the files before deploying.  I can’t be responsible if this somehow messes up your system, every addition to your computer or network should be tested before you make changes.  Please make sure you modify the files to meet your needs.  The script as of now, will make the change to port 13389.

[Batch Script Zip Available Here]
——————————————————————————————–
If  you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question.  Check back every Monday for a new Question and Answer session, and check back during the week for Jim’s other technical insights.

It’s the most wonderful time of the year…for Viruses

I know that this time of the year, the average home users computer is pretty vulnerable to virus, spyware and malware attacks.  The reason I think this is, is because with most newer computers you get a year of Anti Virus protection, and well that year is coming to an end.  Most people in this tight economy (or even in general) don’t want to pay for continued protection, and this leads to all sorts of problems.  As the software stops updating, your computer starts to become more susceptible to viruses.  There is also the other end of the spectrum, where during the Christmas season people are given new computers for the holidays, and because people are so excited to use these computers they forget (or don’t want to) activate the anti virus protection…and then some of them even forget after the excitement of the year is over.
One of these two scenarios is generally the cause for most of the calls I get this time of the year.  Virus programmers also are aware that online shopping is at it’s highest point this time of the year, and they will take advantage of that, trying to get your information.  It isn’t hard to hear a story about this time of the year, where someone went shopping on a major company’s website to only have their information stolen.  There is also a lot of websites that just pop up for the holiday shopping season, with the intent on stealing the information.
I wanted to share some tips on how to stay safe this season, and by no means is this a complete list.  I generally only use one credit card when I shop online.  I also make sure that every other day I check that cards balance, to make sure nothing I didn’t order shows up there.  It now takes an average of 3 days from when the time your card information was stolen until it is used, so make sure you check constantly.  Another is try to limit your shopping online to stores that you know and trust.  When you get to entering in your information, make sure the site is secure, you’ll see a https:// rather than a http:// at the front of an address.  This doesn’t guarantee that your information is safe, just means your information is encoded.  One of the top ones, make sure that you have a current up to date virus definitions (see your manufactures website to check).  If you have or receive a wireless router this season, make sure that you require a password to join the wireless network.  Having your network open to the world only make sure that inexperienced people have access to your information.
Though this isn’t an extensive list, it is a basic list.  I am sure there are some techs out there whose computer is more like Fort Knox, but the average person isn’t going to have that kind of time or patience, so simple is better in this case.  I just want to make sure that everyone has a happy holiday season, and that your credit and identity stay yours.

Q&A Monday: Blue Screen of Doom

Question:

I turned of my computer normally yesterday and used it for no more than half an hour. I tried turning it on this morning and the blue screen of death showed up. It reset and this time showed me the black screen which tells me that Windows was not successfully shut down along with the choices of booting it normally, in safe mode, in safe mode with networking and so on. So I chose all of them and I keep getting this blue screen. I cant even start Windows. What can I do?

Answer:

A Microsoft Windows based computer can for many reasons start showing what techs like to call, “The Blue Screen of Doom (or Death).  Sometimes this event occurs after the installation or upgrade of hardware or even software, causing the Blue Screen to appear.  Rarely, you will see this error once and a subsequent reboot of the system will clear the problem up, it was only temporary.  Though the vast amount of the time, you will need to attempt to repair your current windows installation.  Below you’ll find the steps to repair your Windows XP installation:

Note for Prior to Install:

Repairing a Windows XP installation is valuable when you need to keep your programs and data in tact but need to restore the Windows XP system files to their original state. This is often an easy fix for complicated Windows XP issues. Even though a repair installation does not alter any programs or data, other than Windows XP itself, I always highly advise that you take precautions in the rare event that something will go horribly wrong and you lose all data. That means that if there’s anything you want to keep you should back it up to a CD or another drive before to beginning this process.

Begin Repair:

To begin the Windows XP repair process, you will need to boot from the Windows XP CD.  Watch for a Press any key to boot from CD… message similar to the one shown below. If for some reason you do not press a key (or miss it), your PC will attempt to boot to Windows XP, If this happens,all you need to do is to reboot  your computer and try again.

Press Any Key to Boot to CD

Press Any Key to Boot to CD

The Windows Setup screen will appear and a number of files and drivers will start to load. This will be similar to when you installed Windows the first time.

Drives will start to load

Drives will start to load

After the necessary files and drivers are loaded, the Windows XP Professional Setup screen will appear.  You want to Press Enter to setup Windows XP now.  Even though you might be tempted to select the second option to repair a Windows XP installation, the Recovery Console is not the way we want to go, because we want to truly perform a complete repair installation.

Make sure you select setup, not repair

Make sure you select setup, not repair

The next screen that appears is the Windows XP Licensing Agreement screen. Read through the agreement and press F8 to confirm that you agree with the terms of use.

Press F8 to accept the license agreement

Press F8 to accept the license agreement

On the next screen, Windows XP Setup needs to know which Windows installation you want to either repair or install a fresh copy over.

If you have a single installation of Windows on your PC it will already be highlighted. If you have multiple installations, use the arrow keys on your keyboard to select only the installation that you are wanting to reinstall. Then we want to repair the selected Windows XP installation, so press the R key to continue.

Repair Installation Screen

Windows XP Setup will now delete the old system files from the Windows XP installation that is currently on your computer. This step usually only takes a minute or so. None of your data files should be deleted during this process. Only system files that Windows XP is able to restore from the CD is being removed.

File Copied

Now the Windows XP CD will start copying back the original XP files, this will make sure that your are starting with a fresh copy of Windows Files without the modifications, though all your programs, data and settings, should all be there.

Installing New Files

Windows XP will now begin installing. You don’t need to do anything here.

Install Files

At this stage you’ll need to reapply some of the settings that the repair wiped out, such as your time zone, your network settings, etc.  Just follow the easy prompts and you’ll be back on your way.

9-xpnew

This is the screen where you set up your workgroup or domain.  If you are not in a business environment, then most likely you don’t have a domain and you can just click next and leave workgroup selected.

Domain Join

More installing.

Installing

When done your computer will reboot.  Just wait for the computer to start up.

XP Boot Screen

The Welcome to Microsoft Windows screen appears next, informing you that the next few minutes will be spent setting up your computer.

New Setup

Registration with Microsoft is optional, but if you’d like to do that now, choose Yes, I’d like to register with Microsoft now, click Next -> and follow the instructions to register.Otherwise, choose No, not at this time and click Next ->.

Register XP

In this step, setup wants to know the names of the users who will use Windows XP so it can setup individual accounts for each user. You must enter at least one name but can enter up to 5 here. More users can be entered from within Windows XP after the repair installation is complete.

XP New User Creation

Thank you screen appears, just click next.

Thank You

Welcome to you repaired version of Windows.

New XP

——————————————————————————————–
If  you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question.  Check back every Monday for a new Question and Answer session, and check back during the week for Jim’s other technical insights.

 Page 17 of 18  « First  ... « 14  15  16  17  18 »