Technology Made Simple
Monday June 21st 2021

Software Update: iOS 5.1 Software Update

Apple released their new version of the iOS software yesterday.  This update contains improvements and bug fixes, including:

  • Japanese language support for Siri (availability may be limited during initial rollout)
  • Photos can now be deleted from Photo Stream
  • Camera shortcut now always visible on Lock Screen for iPhone 4S, iPhone 4, iPhone 3GS and iPod touch (4th generation)
  • Camera face detection now highlights all detected faces
  • Redesigned Camera app for iPad
  • Genius Mixes and Genius playlists for iTunes Match subscribers
  • Audio for TV shows and movies on iPad optimized to sound louder and clearer
  • Podcast controls for playback speed and a 30 second rewind for iPad
  • Updated AT&T network indicator
  • Addresses bugs affecting battery life
  • Fixes an issue that occasionally caused audio to drop for outgoing calls

for more information please visit Apple’s Support site: http://support.apple.com/kb/DL1504

5 ways to limit your DNS Issues

  One of the things most overlook on a network when things are going well, but when they aren’t, are one of the most pain in the butt things imaginable is DNS for a network.  When you start messing with DNS, you’ll find there are many ways things can go wrong or become endlessly complicated.  I’ve find there are 5 rules that can help you keep DNS manageable and keep DNS problems to a minimum.

    1. Limit the number of zones

      Like many things in IT, doing some level of housekeeping, the longer a company is around the more likely they have accumulated more DNS zones, whether it be from projects that no longer exist or a product line no longer offered, or anything else your company might have been doing.  It’s may seem like a daunting task going through all the zones or forwarders, but if there becomes an issue, you’ll be happy you have less to dig through.

    2. Remove all WINS dependencies

      I’m still shocked that many networks out there still have WINS enabled and working.  WINS is really outdated now-a-days and you are only adding another level of troubleshooting if a problem exist.  If you have a mixed environment; Windows, Linux and Mac; only Windows machine will fully take advantage of WINS anyway, so no need to keep it running.

    3.  Separate Internal and External DNS Servers

      This is the security guy inside me, I can’t stand when companies use one DNS server for both internal and external.  For one this is a huge security concern and two this can make managing DNS a little more confusing when you need to make changes or troubleshoot.

    4. Combine DNS and DHCP

      Since most business networks today are Windows based, it doesn’t make the most sense to have a Linux or Mac server doing DNS and/or DHCP, when windows is the OS of the computers.  I’ve used both Linux and Windows based DNS systems and when it comes to troubleshooting and using Windows is better for business is the long run.  It’s hard to type that as someone who uses Linux for other things.

    5.  Make DNS highly available

      DNS is really a network service that you want to keep up and running as much as possible and Windows DNS can be made highly available.  This can be done by using more than two DNS servers.  The advanced tab of the networking configuration panel for the Windows system allows for a tertiary or higher DNS server to be entered. The advantage of this, if one of the servers is down, DNS can still look up the chain and resolve DNS for your network, giving you a level of fault tolerance in your network.  This works great when physically in different areas.

    I’m sure this isn’t a complete list of ways to Limit DNS issues in your company, so if you have any please list them in the comments below.

    Q&A Monday: Mapping admin C$ Share on Windows 7

    Question:

    On my Windows XP machines I am able to use \\hostname\C$ to map to the C drive on that computer, but when I try it with my new Windows 7 machines, I can’t get it to map.

    Answer:

    This isn’t just a Windows 7 issue, this issue also occurred on Windows Vista machines as well.  This is caused by the UAC (User Access Control) doesn’t allow account elevation over the network with a local user account.  Now there is a registry change you can make that, but I really want you to think long and hard before doing this, because it does make your system less secure.

    so good to understand how Windows works.

    Manual Registry Hack

    Open regedit.exe through the start menu search or run box, and then navigate down to the following key, creating a new key if it doesn’t exist.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

     

    On the right-hand side, add a new 32-bit DWORD value named LocalAccountTokenFilterPolicy and set the value to 1.  To remove this, all you need to do is set the value to 0 or just delete the key.  You just need file sharing turned on now, and you can now map the C$ drive on Vista or 7.

    ——————————————————————————————–
    If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question. Check back every Monday for a new Question and Answer session, and during the rest of the week for his other technical insights.

    Please don’t daisy chain switches

    There are many times that I would walk into a business to help troubleshoot a problem, to find that someone didn’t take the proper time to do something right, and instead took the easy way.  Usually this come in the form of switches (or even worse hubs) that are daisy chained together one after another…and sometimes, after another.
    I understand, I made this mistake early in my career, pressured to  get lines in a new area of the office, but not given the money to do it properly.  There were even times, when I really did intend to come back to correct the problem only to get endlessly sidetracked and never get back to fix the temporary solution, hence making in permanent.
    The problem is after time this problem can compound by either endlessly daisy chaining switches (either purposely or accidentally) and more likely than not, these new switches are not on UPS power, just plugged into a wall.  This is fine as long as there are no power outages or spikes.  I’ve run into the problem multiple times where a client is complaining about no connection to the network, only to find a switch in the way that needed to be power cycled to work again.
    Rather than run the risk of having problem, I always suggest that you use stack-able switches and make sure they are powered by UPS.  If it’s done right the first time, the client or your company will have less problems in long run, and that’s the information you need to pass along to them.
    In my early days, I wouldn’t even bother to make the objection to adding switches to make extra connections, but experience has taught me, this isn’t good.  They cause another level of failure and can cost additional money in trying to troubleshoot a connection issue or buy a new server when all you needed to do was remove an old switch that was hidden. (At one company, there was an old 10MB switch that was forgotten in the ceiling, of course they found out after spending a couple grand on a new server that wasn’t needed).  This is why it’s better to just do it once and correctly. It may take a little more time/month/both but in the long run it will make things run a lot smoother.

     

    Q&A Monday: IIS 7.5 Error 401.3

    Question:

    I’m trying to test my ASP.Net website and I keep getting this error:
    HTTP Error 401.3 – Unauthorized
    You do not have permission to view this directory or page because of
    the access control list (ACL) configuration or encryption settings for
    this resource on the Web server.

    I tested the site both from the IP address, as I have locally on that server to make sure it wasn’t something else.  I have the following users on the website application folder, with full read/write permissions:

    • NETWORK SERVICE, IIS_IUSRS, SYSTEM, Administrators, Helpdesk, PJordon (my account)

    Is there something I am missing, to get me able to view the site?  Could I have set up something wrong?

    Patrick Jordan
    Penderyn, UK

     

    Answer:

    IIS7 created another user account which may be the cause of these problems, IUSR.  Check to make sure this user has read access to the folder and files you are trying to access.  You can do this by checking the security tab and seeing if this user in that list.  If not add them, and you should be on your way.

     

    ——————————————————————————————–
    If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question. Check back every Monday for a new Question and Answer session, and during the rest of the week for his other technical insights.

    Upgrade BackTrack 5 R1 to the new R2

    If you are anything like me, you hate to wait for things and here’s a time you can get the information before the release.  BackTrack R2 will be released on March 1st 2012, but there are directions to make all the upgrades today, all you need to do is follow the directions below, and you’ll get the newest kernel, security updates and tools today.

    Directions:

    1. Update and upgrade your BackTrack  R1 installation.  Open Terminal and type :

     

    apt-get update
    apt-get dist-upgrade
    apt-get install beef
    reboot

    Now we have the newest kernel installed as well as any last updates we have for the official R2 release. You need to reboot to have the 3.2.6 kernel kick in.

    2. Now you can install all of the new tools featured in BackTrack 5 R2:

     

    apt-get install pipal findmyhash metasploit joomscan hashcat-gui golismero easy-creds pyrit sqlsus vega libhijack tlssled hash-identifier wol-e dirb reaver wce sslyze magictree nipper-ng rec-studio hotpatch xspy arduino rebind horst watobo patator thc-ssl-dos redfang findmyhash killerbee goofile bt-audit bluelog extundelete se-toolkit casefile sucrack dpscan dnschef

     

    3. Now we need to add the new security updates repository to /etc/apt/sources.list, and run another upgrade  In Terminal type.

    echo “deb http://updates.repository.backtrack-linux.org revolution main microverse non-free testing” >> /etc/apt/sources.list

    apt-get update
    apt-get dist-upgrade

    During this time around updating you’ll be asked what you want to do about the file revision updates. As it ask you what you want to do, just accept all the default settings, and when it asks about grub, keep the local file.

     

     

    4. Now most people who use the BackTrack software like to keep services in the stopped position unless they are currently using them, so you’ll want to stop some of the newly installed services from auto-starting, in Terminal:

     

    /etc/init.d/apache2 stop
    /etc/init.d/cups stop
    /etc/init.d/winbind stop

    update-rc.d -f cups remove
    update-rc.d -f apache2 remove
    update-rc.d -f winbind remove

    That’s it now you have the newest BackTrack kernel, software and security updates.  All this 6 days before the software is officially released on the site on March 1st.  Hope this was a help to you.

    Q&A Monday: Windows 7 Hide Accounts from Welcome Menu

    Question:

    We are deploying Windows 7 machines to users that are not the domain, and I want to add some accounts for administration to the machine, but I only want the users to be give the option of seeing the one account they are going to use.  Is there any way to hide the other accounts?

     John Higgins
    Oakland, CA

    Answer:

    *NOTE: To do this involves making changes to the registry, please make sure you know what you are doing, making an incorrect change could cause your computer to no longer work.  Also make a backup of the registry prior to making the change, just in case*

    Open up RegEdit.exe

    Browse to the following location:

    HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon

    In the left panel of Registry Editor, right click on Winlogon key and click New then Key.  This will allow you to create a new key under Winlogon, name this new key:  SpecialAccounts, then do the same steps to create another key under SpecialAccounts called: UserList and press Enter.

    Now we finally move into the right panel of registry editor, in the blank area right clikc and create a DWORD(32bit) with the name of the user account you want to hide.  (i.e. if your username is Helpdesk, then you’ll name the DWORD Helpdesk)  Double click the newly created DWORD and make the value:

    0 to hide

    1 to show it again
    Now, if you have a have a Windows XP machine that you need to do this with, the directions are a little different please see our other article: Q&A Monday: Hide Accounts from XP Welcome Screen

    ——————————————————————————————–
    If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question. Check back every Monday for a new Question and Answer session, and during the rest of the week for his other technical insights.

    SysPrep a Windows 7 Upgraded Machine

    When working in any kind of company, I love imaging computers.  When there is a problem with a machine you can quickly blow down the company image and get the computer or laptop back to the user as quickly as possible.  Recently when working on a Windows 7 image that I had inherited from a previous administrator I ran into an interesting error while trying to run SysPrep on that Windows 7 machine:

    sysprep cannot run on a computer that has been upgraded from a previous version

    After doing some background research, I found that the Windows 7 image on the server was an updated image, the original laptops came in with Windows Vista, and was upgraded to 7 before the image was created.  So I went online to see if there was anyway to do SysPrep with an upgraded Windows 7 install.  Most articles that I found, just gave you normal directions on doing a SysPrep and none answered this question.  So finally I was able to find the answer, it all lies within a single registry key:

    HKEY_LOCAL_MACHINE\system\setup

    There was a key called “upgrade”, that once deleted lets you run SysPrep like normal.  Delete that key and you are good.

     

    Q&A Monday: Enable and Disable Proxy via Scripts

    Question:

    I use my laptop both inside and outside of my company’s network.  It is a company issued laptop and when I am in the office, I am suppose to use their proxy server, when I am out on the road, I’m suppose to use the local connection, which does not have a proxy.  Currently I go into internet settings and enable or disable  the proxy server as needed, what I am looking for is a simpler way to this.  Please help me

    Christopher  Sheppard
    Northampton, PA

    Answer:

    While looking into the proxy settings in the Internet Options, I was able to trace it down to a couple of registry settings, but once set up you only need to make a single change to a key.  This key resides in the following place:

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings in the ProxyEnable key.

    If the key is equal to 1 the proxy setting is enabled (checked) and if it’s 0 the proxy is disabled (unchecked)

    *NOTE: As with all registry changes, make sure you know what you are doing, and wrong changes can mess up your computer.  Also make sure you backup you registry prior to making any changes*

     

    So to start making an easy to run script, you need to open notepad, and create a registy entry like so:

    Windows Registry Editor Version 5.00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    “ProxyEnable”=dword:00000001

    save the file as ProxyEnable.reg (the name doesn’t matter, but the .reg does matter), then open a new notepad and paste the following into it:

    Windows Registry Editor Version 5.00

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    “ProxyEnable”=dword:00000000

    save the file as ProxyDisable.reg

    Now, you can put these on your desktop and import the change, to go from Proxy to without, with only a single icon for each.  If you have another way to do this please let me know, but this is a simple and clean way of quickly switching without going into internet settings.

    ——————————————————————————————–
    If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question. Check back every Monday for a new Question and Answer session, and during the rest of the week for his other technical insights.

     

    Average Mailbox Size Using Exchange PowerShell

    PowerShell is now becoming more and more prevalent in Microsoft’s Exchange and Server software.     This scripting language is becoming a must know for Administrators and knowing this scripting can help get all kinds of useful information.  When I was an administrator for an Exchange system, it helped me to monitor the mailbox(s) and databases for their size, so that I could make plans for the future.

    The script below gathers mailbox information and pulls the information together and shows it in the PowerShell window.

     

    <———–Start Script———–>

    # Retrieve the list of mailboxes from the specified mailbox database
    $listOfMailboxes = Get-MailboxDatabase "Mailbox Database 1081629644" | Get-Mailbox
    # Initialize the counter variables that we'll use
    $mailboxCount = 0
    $mailboxTotalItemCount = 0
    $mailboxTotalSize = 0
    $mailboxAverageSize = 0
    $mailboxAverageItemCount = 0
    # Start a loop that will count stats from individual mailboxes
    foreach ($individualMailbox in $listOfMailboxes)
        {
           # increment the mailbox count by 1
           $mailboxCount++
           # Get the name of the current mailbox so that we can...
           $individualMailboxName = $individualMailbox.Identity.DistinguishedName
           #... quickly and easily get stats from that mailbox
           $individualMailboxStats = Get-MailboxStatistics -Identity $individualMailbox
           # Get the size of the mailbox in MB and save it in a variable
           $individualMailboxSize = $individualMailboxStats.TotalItemSize.value.toMB()
           # Get the number of items in the mailbox and save it in a variable
           $individualMailboxItemCount = $individualMailboxStats.ItemCount
           # Add the size of this mailbox to a running total
           $mailboxTotalSize = $mailboxTotalSize + $individualMailboxSize
           # Add the number of items in this mailbox to a running total
           $mailboxTotalItemCount = $mailboxTotalItemCount + $individualMailboxItemCount
        }
    # Calculate the average mailbox size
    $mailboxAverageSize = $mailboxTotalSize / $mailboxCount
    # Calculate the average number of items per mailbox
    $mailboxAverageItemCount = $mailboxTotalItemCount / $mailboxCount
    # Display the results to the user
    Write-Host "Total Number of Mailboxes in database: $mailboxCount"
    Write-Host "Total Size of Mailboxes:               $mailboxTotalSize MB"
    Write-Host "Total Items in Mailboxes:              $mailboxTotalItemCount"
    Write-Host "-------------------"
    Write-Host "Average Mailbox Size:                  $mailboxAverageSize MB"
    Write-Host "Average Items per Mailbox:             $mailboxAverageItemCount"
    <-----------End Script----------->

    If everything ran correctly and you don’t see any errors, you will see the below displayed.

    Total Number of Mailboxes in database: 320
    Total Size of Mailboxes:               412270 MB
    Total Items in Mailboxes:              14757
    -------------------
    Average Mailbox Size:                  1288 MB
    Average Items per Mailbox:             46.115625

     

     Page 4 of 18  « First  ... « 2  3  4  5  6 » ...  Last »