tag:blogger.com,1999:blog-113765982024-03-13T17:02:28.323-07:00ObservationsThe career journal of one Steve Ballantyne.Unknownnoreply@blogger.comBlogger44125tag:blogger.com,1999:blog-11376598.post-41935991873569437992014-12-12T12:29:00.001-08:002014-12-12T12:29:18.013-08:00Adobe Flash Update is a f*cking joke!I had this bright idea that I would blog some of my accomplishments. At least the ones that might be helpful to other people. That was like 10 years ago. Woops.<br />
<br />
Remember when Flash Player was a Macromedia product? I miss those days. Adobe needs to pull their developers head from their respective asses and figure out how to make a product updater that actually works. If all of your users are local administrators (are you stupid?) and you don't use a proxy server with active directory authentication (must be nice), and you trust your users to allow the update to run when asked (all too often) then you must represent their imaginary customer.<br />
<br />
For the rest of you like myself, I had to write a horrific batch script to accomplish some simple tasks.<br />
<br />
<ul>
<li>Is there a new version that we need to install?</li>
<li>If so - remove all the old stuff.</li>
<li>Install the new stuff.</li>
</ul>
<div>
I like to install both the ActiveX *AND* the plugin. You don't need the plugin if you only run IE in your environment. But we are encountering a lot of applications written for Mozilla code (read Firefox). Might as well have it there if we need it.</div>
<div>
<br /></div>
<div>
Go download the files. To get your hands on the MSI installers, you will need to sign a distribution agreement. So I can't give you those files. Or even a link to them. While Adobe has no time to cater to the needs of their customers, they seem to have plenty of time tracking down and yelling at people like me.</div>
<div>
<br /></div>
<div>
Put your files out in some common place. Like the NETLOGON folder in your AD environment. Or a file share somewhere.</div>
<div>
<br /></div>
<div>
But enough of that - here is the script. Note, you might want to uncomment the pause at the bottom of this script so that you can do some debugging with it.</div>
<div>
<br /></div>
<br />
<blockquote class="tr_bq">
@ECHO OFF</blockquote>
<blockquote class="tr_bq">
<blockquote class="tr_bq">
REM Update Adobe Flash Player</blockquote>
<blockquote class="tr_bq">
REM Steve Ballantyne 12/12/2014</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
SET LATESTVERSION=16.0.0.235</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
REM Make sure our Temp folder exists.</blockquote>
<blockquote class="tr_bq">
IF NOT EXIST c:\Temp MKDIR c:\Temp</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
REM Check the LOGONSERVER variable - sometimes Windows is STOOPIDS</blockquote>
<blockquote class="tr_bq">
IF [%LOGONSERVER%] == [] (set LOGONSERVER=\\SOMEDOMAINCONTOLLER)</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
REM We must get rid of old versions of Flash</blockquote>
<blockquote class="tr_bq">
IF EXIST c:\Windows\System32\Macromed\Flash\FlashUtil*ActiveX.exe (set SYSTYPE=System32)</blockquote>
<blockquote class="tr_bq">
IF EXIST c:\Windows\SysWOW64\Macromed\Flash\FlashUtil*ActiveX.exe (set SYSTYPE=SysWOW64)</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
DIR /B c:\Windows\%SYSTYPE%\Macromed\Flash\FlashUtil*ActiveX.exe > c:\Temp\flashuninst.txt</blockquote>
<blockquote class="tr_bq">
set /P FLASHUNINST= < C:\Temp\flashuninst.txt</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
REM Do a version check against INSTALLED version (eg FlashUtil32_15_0_0_246_ActiveX.exe)</blockquote>
<blockquote class="tr_bq">
for /F "tokens=2 delims=_" %%a in ("%FLASHUNINST%") do SET MAJORV=%%a</blockquote>
<blockquote class="tr_bq">
for /F "tokens=3 delims=_" %%a in ("%FLASHUNINST%") do SET MINORV1=%%a</blockquote>
<blockquote class="tr_bq">
for /F "tokens=4 delims=_" %%a in ("%FLASHUNINST%") do SET MINORV2=%%a</blockquote>
<blockquote class="tr_bq">
for /F "tokens=5 delims=_" %%a in ("%FLASHUNINST%") do SET MINORV3=%%a</blockquote>
<blockquote class="tr_bq">
echo INSTALLED VERSION IS %MAJORV% %MINORV1% %MINORV2% %MINORV3%</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
REM Chop up version number of the LATEST FlashPlayer (variable set at the top of this file)</blockquote>
<blockquote class="tr_bq">
for /F "tokens=1 delims=." %%b in ("%LATESTVERSION%") do SET IMAJORV=%%b</blockquote>
<blockquote class="tr_bq">
for /F "tokens=2 delims=." %%b in ("%LATESTVERSION%") do SET IMINORV1=%%b</blockquote>
<blockquote class="tr_bq">
for /F "tokens=3 delims=." %%b in ("%LATESTVERSION%") do SET IMINORV2=%%b</blockquote>
<blockquote class="tr_bq">
for /F "tokens=4 delims=." %%b in ("%LATESTVERSION%") do SET IMINORV3=%%b</blockquote>
<blockquote class="tr_bq">
echo LATEST VERSION IS %IMAJORV% %IMINORV1% %IMINORV2% %IMINORV3%</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
REM Compare MAJOR version first (if it's the same or lower we keep on truckin)</blockquote>
<blockquote class="tr_bq">
IF %IMAJORV% GTR %MAJORV% goto UPDATE</blockquote>
<blockquote class="tr_bq">
REM Compare Minor versions next</blockquote>
<blockquote class="tr_bq">
IF %IMAJORV% EQU %MAJORV% goto CHECKMINOR1</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
:CHECKMINOR1</blockquote>
<blockquote class="tr_bq">
IF %IMINORV1% GEQ %MINORV1% (goto UPDATE) ELSE (goto CHECKMINOR2)</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
:CHECKMINOR2</blockquote>
<blockquote class="tr_bq">
IF %IMINORV2% GEQ %MINORV2% (goto UPDATE) ELSE (goto CHECKMINOR3)</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
:CHECKMINOR3</blockquote>
<blockquote class="tr_bq">
IF %IMINORV3% GTR %MINORV3% (goto UPDATE) ELSE (goto CHECKMINOR3b)</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
:CHECKMINOR3b</blockquote>
<blockquote class="tr_bq">
IF %IMINORV3% EQU %MINORV3% (goto DONE) ELSE (goto FAIL)</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
:FAIL</blockquote>
<blockquote class="tr_bq">
echo.</blockquote>
<blockquote class="tr_bq">
echo Something is wrong ...</blockquote>
<blockquote class="tr_bq">
echo Maybe the installed is newer than </blockquote>
<blockquote class="tr_bq">
echo the one we are installing?</blockquote>
<blockquote class="tr_bq">
echo.</blockquote>
<blockquote class="tr_bq">
echo %computername% (%USERNAME%) FAILED to install Flash Player - Installed version %MAJORV%.%MINORV1%.%MINORV2%.%MINORV3% and the latest version %LATESTVERSION% on %DATE% at %TIME% >> \\SOMEWHERE\FlashInstallLog.txt</blockquote>
<blockquote class="tr_bq">
echo.</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
goto DONE</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
:UPDATE</blockquote>
<blockquote class="tr_bq">
ECHO c:\Windows\%SYSTYPE%\Macromed\Flash\%FLASHUNINST% -uninstall</blockquote>
<blockquote class="tr_bq">
REM Install ...</blockquote>
<blockquote class="tr_bq">
msiexec /i %LOGONSERVER%\NETLOGON\flashplayer\install_flash_player_%IMAJORV%_plugin.msi /quiet</blockquote>
<blockquote class="tr_bq">
msiexec /i %LOGONSERVER%\NETLOGON\flashplayer\install_flash_player_%IMAJORV%_active_x.msi /quiet</blockquote>
<blockquote class="tr_bq">
REM Leave a breadcrumbs file</blockquote>
<blockquote class="tr_bq">
date /t > c:\Windows\%SYSTYPE%\Macromed\Flash\DA-FlashPlayer-Installed-%LATESTVERSION%.txt && time /t >> c:\Windows\%SYSTYPE%\Macromed\Flash\DA-FlashPlayer-Installed-%LATESTVERSION%.txt</blockquote>
<blockquote class="tr_bq">
REM Cleanup</blockquote>
<blockquote class="tr_bq">
DEL c:\Temp\flashuninst.txt</blockquote>
<blockquote class="tr_bq">
echo %computername% (%USERNAME%) succeeded in installing Flash Player - Installed version was %MAJORV%.%MINORV1%.%MINORV2%.%MINORV3% updated to %LATESTVERSION% on %DATE% at %TIME% >> \\SOMEWHERE\FlashInstallLog.txt</blockquote>
<blockquote class="tr_bq">
GOTO DONE</blockquote>
<blockquote class="tr_bq">
<br /></blockquote>
<blockquote class="tr_bq">
:DONE</blockquote>
<blockquote class="tr_bq">
REM Goodbye!</blockquote>
<blockquote class="tr_bq">
REM pause</blockquote>
</blockquote>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-6062710416694672072013-06-26T19:46:00.002-07:002013-06-26T19:46:51.431-07:00Goodbye posssibly?Friends, it's been a great couple of years. But I have my doubts that my little blog will be around much longer. Google has been destroying Blogger.com since they took it over with some of the worst decisions in the history of bad decisions. At one point, I would have put them over Wordpress on who would win the Blog-war of 10 or so years ago.<br />
<br />
Since then they have:<br />
<ul>
<li>Allowed SPAM to run amok for something like seven years.</li>
<li>Launched several experimental features - while implimenting none of them.</li>
<li>Added a few new themes (at the rate of one or two every couple of years).</li>
<li>Ignored all voices of reason from their user base. </li>
</ul>
At least Blogger is good for one thing - and that's the occassionaly porn-blog.<br />
<br />
But then I got this notice ...<br />
<br />
<blockquote class="tr_bq">
Please be advised that on <span class="aBn" data-term="goog_610197804" tabindex="0"><span class="aQJ">June 30th 2013</span></span>, we will be updating our <a href="http://www.google.com/appserve/mkt/2B55UoFt9Ud5Z5TlrTKHSn" target="_blank">Content Policy</a> to strictly prohibit the monetization of Adult content on Blogger. After <span class="aBn" data-term="goog_610197805" tabindex="0"><span class="aQJ">June 30th 2013</span></span>,
we will be enforcing this policy and will remove blogs which are adult
in nature and are displaying advertisements to adult websites.
</blockquote>
<br />
For those keeping score - thatis FOUR FUCKING DAYS from now. So if you had an adult blog - I guess they are telling you to go fuck yourself. You have four days before your shit is permanently taken offline.<br />
<br />
I was once an Android developer, and I got the same bullshit with their Market rules. Seems like once a month they were sending out new rules, while reminding you that "we said we are allowed to make up the rules as we go along, and fuck you, we're Google".<br />
<br />
So it's probably only a matter of time before they find something in my 10+ years of material here that 'they' don't like, at which point the lights will go out here.<br />
<br />
If you actually look here for new content, or are still a subscriber (?) to this old Blog - thank you for reading over the years, and goodbye ... probably.<br />
<br />Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-76221461367111829992010-05-03T10:04:00.000-07:002010-05-03T10:26:19.778-07:00Trend Micro Officescan 10 Removal ScriptThe folks at Trend Micro make a pretty nice Anti-virus tool, but like other Anti-virus vendors, they do not provide a good means of uninstalling the client.<br /><br />On multiple occasions I have had clients which end up with a half-installed version of Officescan. The result is that you cannot install the client because it's all ready there. And you can't remove it, because it's not installed.<br /><br /><a href="http://esupport.trendmicro.com/Pages/Uninstalling-the-OfficeScan-10-client.aspx#P140_2883">Trend Micro has an article in their knowledge base which tells you what needs done to manually uninstall the client</a> ... but it's a lot of steps and it's no fun to repeat this across multiple workstations/servers. For that reason - I have created a batch script which performs all of the steps for you. It takes only a few seconds to run and it works like a champ! Honestly, I don't know why they don't just package this into an exe for their users and save them some brain cells.<br /><br />To use my script (for Windows XP and 2003 ONLY):<br /><br />1) Copy and paste the contents below into a file named "trendmicroremoval.bat".<br /><br /><blockquote>@echo off<br /><br />echo Trend Micro OfficeScan 10 client removal script!<br />echo by Steve Ballantyne 4/30/2010<br />echo Based upon: http://esupport.trendmicro.com/Pages/Uninstalling-the-OfficeScan-10-client.aspx#P140_2883<br />echo.<br />echo This script assumes that you have all ready uninstalled<br />echo the TrendMicro OfficeScan client from add/remove programs<br />echo and it did a sloppy job. If not, go in and add/remove it<br />echo first and then only run this if you need to!<br />echo.<br />echo This only works for OfficeScan 10, and only for XP/2003.<br />echo Other operating systems won't run 'devcon.exe' for the <br />echo device removal portion of this script. See the referenced<br />echo URL for the full instructions.<br />echo.<br /><br />echo SERVICE REMOVAL<br />echo.<br /><br />REM Stop all services<br />net stop "tmlisten"<br />net stop "tmproxy"<br />net stop "ntrtscan"<br />net stop "TMBMServer"<br /><br />REM Remove the services.<br />sc delete "tmlisten"<br />sc delete "tmproxy"<br />sc delete "ntrtscan"<br />sc delete "TMBMServer"<br /><br />echo.<br />echo PROGRAM FILES DIR REMOVAL<br />echo.<br /><br />REM Program Files Directory.<br />DEL /S /F /Q "C:\Program Files\Trend Micro\"<br /><br />echo.<br />echo REGISTRY KEYS REMOVAL<br />echo.<br /><br />REM Registry keys GALORE.<br />REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OfficeScanNT" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OfficeScanNT Monitor" /F<br /><br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ntrtscan" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tmcfw" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tmcomm" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TmFilter" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tmlisten" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tmpfw" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TmPreFilter" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TmProxy" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tmtdi" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSApiNt" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tmlwf " /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tmwfp " /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TMBMServer" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tmevtmgr" /VA /F<br /><br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ntrtscan" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tmcfw" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tmcomm" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TmFilter" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tmlisten" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tmpfw" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TmPreFilter" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TmProxy" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tmtdi" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VSApiNt" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tmlwf " /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tmwfp " /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TMBMServer" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tmevtmgr" /VA /F<br /><br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ntrtscan" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tmcfw" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tmcomm" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TmFilter" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tmlisten" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tmpfw" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TmPreFilter" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TmProxy" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tmtdi" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\VSApiNt" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tmlwf " /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tmwfp " /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TMBMServer" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tmevtmgr" /VA /F<br /><br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ntrtscan" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\tmcfw" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\tmcomm" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TmFilter" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tmlisten" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\tmpfw" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TmPreFilter" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TmProxy" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\tmtdi" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\VSApiNt" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\tmlwf " /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\tmwfp " /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TMBMServer" /VA /F<br />REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\tmevtmgr" /VA /F<br /><br />echo.<br />echo HIDDEN DEVICE REMOVAL<br />echo.<br /><br />REM tmcomm<br />devcon /r remove "ROOT\LEGACY_TMCOMM\0000"<br />REM tmactmon<br />devcon /r remove "ROOT\LEGACY_TMACTMON\0000"<br />REM tmevtmgr<br />devcon /r remove "ROOT\LEGACY_TMEVTMGR\0000"<br />REM Trend Micro Filter ?? (not verified)<br />devcon /r remove "ROOT\LEGACY_TMFILTER\0000"<br />REM Trend Micro PreFilter ?? (not verified)<br />devcon /r remove "ROOT\LEGACY_TMPREFILTER\0000"<br />REM Trend Micro TDI Driver<br />devcon /r remove "ROOT\LEGACY_TMTDI\0000"<br />REM Trend Micro VSAPI NT ?? (not verified)<br />devcon /r remove "ROOT\LEGACY_VSAPINT\0000"<br />REM Trend Micro Unauthorized Change Prevention Service ?? (not verified)<br />devcon /r remove "ROOT\LEGACY_TMBMSRV\0000"<br />REM Trend Micro WFP Callout Driver ?? (not verified)<br />devcon /r remove "ROOT\LEGACY_TMWFP\0000"<br /><br />echo.<br />echo DONE - Now try to reinstall!<br />echo.<br />PAUSE</blockquote><br /><br />2) Grab a copy of DEVCON from <a href="http://support.microsoft.com/kb/311272">this Microsoft download page</a>. Place the devcon.exe file next to the trendmicroremoval.bat file. This will allow the batch script to remove some hidden devices.<br /><br />3) Run the batch file, and watch in awe.<br /><br />4) Now you can reinstall the client (assuming that was your goal to begin with).<br /><br />Did this help you? Drop me a comment!<br /><br />NOTE: Devcon is what limits this script to XP/2003 only. If you are running Windows 2008, Vista, Windows 7, etc. you can still run the batch file, just not the devcon part. You would have to follow manual instructions for device removal according to the Trend Micro KB.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-343622070276777162008-10-26T08:03:00.000-07:002008-10-26T08:41:10.855-07:00Thin Clients Part II - Security AddedLate last week I took my little thin client computing concept a step further and added some security. My goal was to add at least one layer of security, if not two layers to this process. Like a smart card concept I wanted to have a physical token (the thumb drive itself) as well as a "secret PIN" which the user would need to supply. This might add a bit of time to the login process, but the security would be well worth it.<br /><br /><b>The New Process</b><br />We will still use an autorun.inf file which will allow the user to plug in the thumb drive and simply press enter for the default choice. The default choice, is to run a batch script which I have called "connect.bat". Here are those files.<br /><br /><b>autorun.inf</b><br /><code>[autorun]<br />open=connect.bat<br />ACTION = LAB CONNECT</code><br /><br /><b>connect.bat</b><br /><code>SET STARTRUN=%0<br />7za.exe e -oC:\TEMP -y RDPPACK.zip<br />REM COPY %0\..\*.* C:\TEMP<br />C:<br />cd C:\TEMP<br />start /normal ssh.bat<br />PING -n 8 127.0.0.1>null<br />start /normal RDP.bat<br />start /normal WAIT.bat</code><br /><br />When connect.bat runs, it launches 7zip, which extracts a zip file to the c:\Temp directory. I used 7zip for a couple reasons: a) it's freely downloadable at <a href="http://www.7-zip.org">http://www.7-zip.org</a>, b) you can create password protected (encrypted) zip files with it, c) I had it installed and I all ready use it in other batch processes.<br /><br />My zip file, RDPPACK.zip, is an archive which contains several other batch files. One of these batch files contains passwords so we protect the zip file by password protecting it when we create it.<br /><br />My RDPPACK archive contains the following files:<br />labconnect.rdp - This is the file which contains RDP details such as IP and port number.<br />plink.exe - This is <a href="http://www.chiark.greenend.org.uk/~sgtatham/putty/">a free command line secure shell client for windows</a>.<br />RDP.bat - Simple batch file to connect to the host using the settings in labconnect.rdp.<br />ssh.bat - This is a new batch file which uses plink.exe to open a secure shell session with our VirtualBox server.<br />WAIT.bat - This waits for the thumb drive to be removed, and then cleans up and kills things when that happens.<br /><br />Once the zip is un-extracted (takes only a split second) we start up three other batch files simultaneously.<br /><br />Here is the play by play. The user plugs in the thumb drive which runs connect.bat. This starts the file extraction which pauses momentarily and waits for the user to enter their password. In my examples I used a simple four digit "PIN Number". The files are extracted, and "ssh.bat" is launched.<br /><br /><b>ssh.bat</b><br /><code>SET STARTRUN=%0<br />plink -ssh -L 13390:localhost:3390 -pw password username@10.0.46.55<br />EXIT</code><br /><br />There are two items of bad news to mention here. One is that there is an EIGHT SECOND wait placed after this script runs. This is the unfortunate amount of time it takes for the secure session to be established. The other bad news is that the username and password are exposed here "in the clear". This could be hidden by putting an @ symbol in the batch script in front of that first line (keeping the command from being echoed to the user). But it will sill remain in the Temp directory while this script is running and a bad guy could find it. I would like to think that the user will not share the PIN number which revealed this information, and if their thumb drive was lost or stolen you could simply change this password on the server. So it's "pretty good" security in my book.<br /><br />The plink syntax works like this: "-ssh" means to use the secure shell protocol, the "-L 13390:localhost:3390" will redirect connections that the host makes to itself on port 13390 to the server on port 3390, the "-pw password" would be this users password on the server, "username@10.0.46.55" would be the users username and the servers IP address. This means that we have created the user on the server, assigned them a password, enabled the secure shell daemon, and we are firewalled to disallow connections on port 3390. Yes, we do NOT want to allow connections to port 3390 from anybody. The only reason our remote users can do it is because they are sending these connections through the secure tunnel we established here. Clever, huh?<br /><br />Once the secure session is established (we simply waited 8 seconds and assumed it's ready) we then run RDP.bat and WAIT.bat simultaneously.<br /><br /><b>RDP.bat</b><br /><code>mstsc /f labconnect.rdp<br />EXIT</code><br /><br /><b>WAIT.bat</b><br /><code>PING -n 10 127.0.0.1>null<br />GOTO CHECKEXIST<br /><br />:CHECKEXIST<br />IF EXIST %STARTRUN% GOTO WAIT<br />GOTO KILLTASK<br /><br />:WAIT<br />PING -n 3 127.0.0.1>null<br />GOTO CHECKEXIST<br /><br />:KILLTASK<br />taskkill /f /im "mstsc.exe"<br />taskkill /f /im "plink.exe"<br />DEL /F C:\Temp\autorun.inf C:\Temp\connect.bat C:\Temp\labconnect.rdp C:\Temp\plink.exe C:\Temp\RDP.bat C:\Temp\ssh.bat C:\Temp\7za.exe<br />EXIT</code><br /><br />RDP.bat will connect us up to the server. There were some changes made in the RDP file. That is, the client now connects to localhost:13390 instead of the server IP and port 3390.<br /><br />WAIT.bat will start pinging itself in a loop, and wait for the drive to come disconnected. When that occurs, it will immediately end task on the terminal services connection, and then the secure shell tunnel. Afterward (and this is new) it does some cleaning up and deletes all that stuff that it left laying around in C:\Temp. The only thing which will remain is the WAIT.bat file itself. Which as you can see, presents no risk as it contains no passwords, etc.<br /><br /><b>Problems</b><br />I probably spent a couple of hours on this process over the span of a week. What was most frustrating was getting VirtualBox to cooperate with me. There are a few known issues with various VRDP elements. One is "authentication". Theoretically you can authenticate your VRDP sessions against a local user database on your VirtualBox server. This didn't work at all for me and after reading through a couple of forums I found that it doesn't work for anyone else either. <br /><br />I am also having problems with my Windows clients when they connect to a VirtualBox at full screen. It seems that the windows get doubled up and don't display correctly. If you specify an exact window size in your RDP file such as 800x600, you will not have this problem. I went through the trouble of setting up a Windows VirtualBox server and found that the problem exists there as well. I have since opened up a Bug report with VirtualBox which I hope gets some attention.<br /><br />Lastly, expect VRDP on VirtualBox to provide you with rather slow window refreshes. I would like to think that this is also something that the VirtualBox developers are improving as they have always been aware of this bug.<br /><br />Hack on, and I hope that someone out there finds this information useful, at some point. ;-)Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-72364541929901221232008-10-21T13:35:00.000-07:002008-10-22T08:17:54.075-07:00Thin Client Computing on the CheapMany, many years ago I was attending a trade show and I saw something really cool. There was a booth set up with a couple of screens which had card readers attached to them. You could insert one of their sample cards and a screen popped up running Windows and a couple of applications. When you removed the card, it was gone. You could then walk to one of the other terminals and insert the card - and there was what you were last working on (instantly). It was pretty neat, and the concept was simple. Running on the back end was a heavy duty server which was emulating a dozen or so Windows machines. The front end was a dumbed down Linux terminal which just connected the user to the virtual Windows machines by means of a remote connection protocol (RDP). There was a little more to it, such as strong certificate based security, but we won't tackle that just yet.<br /><br />My plan today was to create a collection of virtual Windows machines, and a USB "key" which could connect me to one simply by inserting it to a workstation.<br /><br />The Server: In my case, this was easy since I all ready have a Linux box running VirtualBox. If you want to create this environment, go on out to VirtualBox.org and get yourself a copy. Note that it's *FREE* to <b>those who qualify</b> (read the fine print). Also, there is an Open Source Edition which is free to everybody, but it lacks some key features like USB support (so avoid it for this discussion). Once you have VirtualBox you will want to create at least one workstation. This can be anything really. In my case, it was Windows XP. In the settings for that workstation you will want to go into Settings and then Remote Display. Enable remote display and set your port number (default will be 3389).<br /><br />The Workstation: I am referring here to the "dumb terminal" that you will be using. This should be on the same network as the server (or there should be routing established between them). Nothing needs to be done special on this workstation. It should be running Windows for our discussion. In my case I am using Windows XP boxes.<br /><br />Prepare an RDP File: This can be done on any Windows machine. Basically we just want to make a settings file that we can put on our Thumb Drive. To create this, get onto a Windows PC and click Start > All Programs > Accessories > Communication > Remote Desktop Connection. Enter your IP and port number like this SERVER:3395. If you used the default port of 3389, just enter the server name. You can specify all sorts of other info here if you want. Many of these settings have no bearing since you are connecting to VirtualBox, and not "Windows itself". When you are done, choose to save your settings. Save this right onto your thumb drive and call the file "connect.rdp".<br /><br />The Thumb Drive (or Jump Drive): This is where all my work came in. You will need to create a couple of batch files on the root of the thumb drive. Here is what they are named, and what should go inside of them ....<br /><br /><B>autorun.inf</B> - This will initiate your remote client upon plugging in the Thumb Drive.<br /><code>[autorun]<br />open=connect.bat<br />ACTION = LAB CONNECT</code><br /><br /><B>connect.bat</B> - This is required to launch the RDP session, and the "watcher".<br /><code>SET STARTRUN=%0<br />COPY %0\..\*.* C:\TEMP<br />C:<br />cd C:\TEMP<br />start /normal RDP.bat<br />start /normal WAIT.bat</code><br /><br /><B>RDP.bat</B> - This will launch the remote window and ultimately quit.<br /><code>mstsc /f connect.rdp<br />EXIT</code><br /><br /><B>wait.bat</B> - This will watch for the removal of the thumb drive. If it's removed, the remote session is closed within 3 seconds.<br /><code>GOTO CHECKEXIST<br /><br />:CHECKEXIST<br />IF EXIST %STARTRUN% GOTO WAIT<br />GOTO KILLTASK<br /><br />:WAIT<br />PING -n 3 127.0.0.1>null<br />GOTO CHECKEXIST<br /><br />:KILLTASK<br />taskkill /f /im "mstsc.exe"<br />EXIT</code><br /><br />With all this in place, here is how it will work.<br /><br />When you insert your thumb drive, Windows XP will find the autorun.inf file and use it to launch an "Autorun list" in Windows XP. All you should have to do here is press enter (for security reasons this choice cannot be made automatically). At that point, you should see a remote connection window pop up. This whole process takes a few seconds.<br /><br />While you are remotely connected, there will be two Command Prompt windows lingering in the background. One is just running the RDP application. The other is running a watch on the thumb drive. If you watch it, you will see that the PC pings itself three times, sending the result to "nowhere". The reasoning behind this is to give the PC something to do to waste time. Windows XP does not have a sleep or wait method that you might use to waste time cycles. Every time it completes it's three pings, it will check for the existence of the drive letter being used by the thumb drive. Through some clever tricks involving the "%0" variable, we are able to determine this drive letter regardless of what was chosen when it was inserted. If the drive letter is gone, the batch process hunts down the RDP task and kills it, then ends that script by exiting. The other script which had been running the RDP task moves to the next line, which tells it to exit also. The result is, the remote connection window and all it's friend vanish almost the instant the the thumb drive is removed.<br /><br />You will see that my scripts first copy themselves to C:\Temp before running. The reasoning behind this was that if the drive is removed while a batch script is running from it, the script will fail and leave a "Terminate Batch" prompt on the screen. A colleague noted that in a production environment you would probably want yet another batch file in this process which removes all these items from Temp once it's done running. But it's a work in progress.<br /><br />Next, I will focus on adding some form of security to this process as there presently isn't any.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-1449023407968984782008-10-15T11:37:00.000-07:002008-10-15T11:56:35.676-07:00Poor Mans Low Level FormatOn occasion I am asked to "blank out a device" or remove any data it contains. Usually this is because we are disposing of media or we are selling off equipment at the hospital which once may have contained a patients medical records. This seems to be an easy task, with a complicated solution. The goal is to "write zeroes" to the hard drive repeatedly. This is affectionately referred to as a low-level format.<br /><br />Sure, there are utilities to perform this task. Some are free, while others and get quite expensive. I also seem to run into problems where certain utilities only work with certain drives (a Western Digital utility only works with Western Digital drives).<br /><br />Enter the simple and free solution: Linux.<br /><br />I have several different versions of Linux laying around. Old versions of Ubuntu, new versions of Xubuntu, you name it. So here is what I did. <br /><br />1) Insert your live distribution of Linux, and boot to it (this may require changing BIOS options, or changing boot options).<br />2) Wait for the desktop to appear, or fail to appear. I was working with some bizarro medical machines today which failed to boot completely and instead dumped me into "BusyBox". BusyBox is like a small shell which can only execute very minimal commands. But this will do.<br />3) If you boot all the way to a graphical desktop you can either open a Terminal window, or press Ctrl+Alt+F1 to get a virtual terminal. <br />4) Enter this command: cat /dev/zero > /dev/sda (or /dev/hda for older IDE drives).<br />5) Wait for the error message, "No space left on device".<br /><br />The error message is inevitable. We are simply running a contents list of an imaginary device called "zero" which is filled with an infinite amount of zeroes. Then we are redirecting that stream of zeros right into the hard drive device ignoring all boundaries, partitions, master boot records, etc. Eventually we strike the end of the drive and it tries to keep going, hence the error message.<br /><br />If you want to follow the old "D.O.D. Standards" you will want to repeat this low level format at least 6 more times (if not 9 more). You can run this command repeatedly by separating your commands with semicolons. For example ...<br /><br /><code>cat /dev/zero > /dev/sda; cat /dev/zero > /dev/sda;cat /dev/zero > /dev/sda</code><br /><br />... would perform three consecutive low level formats. Sure, you could write this into a shell script. But then we are talking about something quick and dirty here which you can do simply by booting whatever distribution of Linux you have laying around.<br /><br />Disclaimer: A purist might say "That's hogwash Steve! That data is still retrievable by using a chemical separation process on the platters". To which I would say, "then take them home and prove me wrong". Yes, data could still theoretically be retrieved from these disks ... if you have a laboratory environment, or the money to pay someone retrieve it. If you are really paranoid, consider alternating between writing zeroes to the device, and writing random data to the device. This can just as easily be performed with ...<br /><br /><code>cat /dev/urandom > /dev/sda</code><br /><br />They say that by alternating and randomizing the data that you write, recovery becomes all the more impossible.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-40601433844403718852008-07-02T08:03:00.000-07:002008-07-02T08:20:04.695-07:00Thinkpad x60 Booting DisasterA while back one of our doctors at the hospital bought himself a ThinkPad x60. At the time, it was about the most portable model that you could buy without sacrificing speed and extra memory. Yet - it was a ThinkPad. I will spare you the soapbox essay on why I believe that ThinkPads are crap. If you are using a ThinkPad and you you "just love it", good for you. But heed my warning: keep your stuff backed up, because your hard drive will fail in a year (or maybe sooner). And don't even get me started on the "lenovo" brand - which produced this gem. I think lenovo must translate into Chinese as "cheaply manufactured crap".<br /><br />The good doctor brought me his laptop with a failed hard drive. That was no surprise. It was very well covered under warranty, but I had a hell of a time finding a number to call on the lenovo support site. IBM seemed to have disowned anything that lenovo produced, so they were not offering anything but a redirecting URL. Eventually I called a "paid support line" where I would be expected to put $70 on a credit card for a one-time support request. Knowing full well I wasn't paying a dime for something covered under warranty - I bounced around in their phone system a couple times and eventually found a live person. Lo and behold, this was the right department and they were able to send me a new drive. To their credit - it arrived less than 24 hours later.<br /><br />All I had to do now was to restore the ghost image I took of the failing drive. I went through the usual process only to find that the PC was not going to boot. This was not all that shocking seeing how I imaged a failing hard drive and probably picked up a few errors along the way. All I really needed to do was to boot the Windows XP SP2 CD, and slip into the Recovery Console. From there you can run a "fixboot" and "fixmbr" to put things in order. There was just one problem ... this model has no CD-ROM drive.<br /><br />Following what seems like poorly written instructions - I was able to slap together a Windows XP SP2 bootable ThumbDrive image, using <a href="http://www.eeeguides.com/2007/11/installing-windows-xp-from-usb-thumb.html">this guide.</a> While I was able to boot from the USB stick, I was not able to get past the "Setup is starting Windows" before it would blue-screen on me with a stop message. The problem seemed to be that Windows was losing itself, after having booted from the stick.<br /><br />The solution to that issue ended up being to go into the BIOS of the x60 and setting the SATA option from "AHCI" to "Compatibility Mode". Not sure what that had to do with the USB boot problem, but it worked. No more blue screens. And I was able to start the Windows XP Recovery Console. But here was the other catch - by performing a "fixboot" and "fixmbr" I actually fixed the boot files of the laptop hard drive, but then BROKE the boot sector of the USB stick!<br /><br />Lessons learned. Who knew that these old Recovery Console commands had arguments and switches. After rebuilding my thumb drive (there's an hour lost) I was able to get back to the Recovery Console and run both commands with a drive letter. That is, "fixboot c:" and "fixmbr c:".<br /><br />Now - I am back in business with a booting, working, and updated copy of Windows XP. I went ahead and set the BIOS options back to default for the SATA controls, as I don't know if that really has any effect on how the drive is accessed. You had better believe that I am taking a ghost image of this while it's working. This hard drive will surely fail in another year or so.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-57862494826145073312008-06-29T12:13:00.000-07:002008-06-29T12:27:08.774-07:00Automatic Photo ResizingLast year we took a family vacation to Hatteras Island. Being the geeky guy I am, I wanted to take all of my digital photos and upload them to an online gallery while I was still vacationing. Then friends and family could see all the beautiful things that we were seeing as the trip went on. This gallery can be <a href="http://picasaweb.google.com/steve.ballantyne/HatterasIsland">found here.</a><br /><br />While I enjoyed sharing the pictures, I didn't enjoy all the time it took away from my trip. I had dragged along my old iBook for the trip and it was not very efficient at getting images off of my camera (it took an hour or more). Resizing the pictures was extremely slow due to the low processing power. Uploading the pictures was painful because the beach house had a highly unstable DSL connection which was constantly disconnecting mid-image transfer.<br /><br />This year will be different! In a few weeks we will be driving out to Beavers Island Michigan on a family getaway. I will be taking along my Asus Eee PC for image transfer. This laptop has an SD Slot in the side which matches the memory card style that our camera uses. So after a long day of hanging out at the beach or taking adventurous hikes - I can take the card out of the camera and stuff it into my laptop. I will use my cell phone, and a USB connection to my laptop to provide myself "modem speed" Internet access so that I can upload my photos.<br /><br />But wait - I can't upload these pictures in their native resolution (they're too big). So I wrote a script to use. This script requires that you have imagemagick installed, which can be added with "sudo apt-get install imagemagick" if you are running Debian/Ubuntu/etc.<br /><br /><code># Image Resizing Made Fun<br /># http://steveballantyne.blogspot.com<br />#<br /># Set this as the path to where your picture card is/gets mounted<br />cameracard="/media/disk"<br /># If you want your resized images to have a prefix, set that here<br />prefix="beavermi_"<br /># Create a subdirectory in your home directory, which will contain<br /># folders with the MMDDYY directories beneath it.<br />subdir="to-post"<br /># Choose your resize percentage<br />resizevalue="25%"<br /># Create a folder under subdir with a date code in this format: MMDDYY<br />newdir=`date +%m%d%y`<br />mkdir -p $HOME/$subdir/$newdir<br /># Perform all the resizing work<br />for i in `ls $cameracard`; do convert -resize $resizevalue -quality 80 $cameracard/$i $HOME/to-post/$newdir/$prefix_$i; done</code><br /><br />In a nutshell, it does a listing of all the pictures on my memory card. Then one by one it resizes the pictures to 25 percent of their original size, at 80 percent the quality. I am using 'convert' and not 'mogrify' here. The difference is that this will not affect the original photos. When done, I will have a folder of pictures that will be small enough to share in my online gallery.<br /><br />I also wanted to script the process of uploading the pictures ... but this proved to be a bit more difficult. There are scripts out there for uploading to online galleries but none for Blogger/Picassa.<br /><br />Perhaps I will work on that later.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-11162556776227310492008-05-22T17:02:00.000-07:002008-05-31T07:39:14.630-07:00Green WallpapersDo you like green wallpapers? You are not alone. There seems to be an abundance of lovely chloroform laced wallpapers out there. Some of the extreme close-up photography has got me asking "did nature make that?". Whether you are just celebrating the outdoors or you are sick of that ugly field in Windows XP ... here are some green wallpapers that are sure to please.<br /><br />I have linked all of these thumbnails to their homes on <a href="http://interfacelift.com/wallpaper/">Interfacelift.com</a> which features some of the most stunning photography I've ever seen. And yes, they have wallpaper in your size (including wide screen displays).<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=1022"><img style="cursor:pointer; cursor:hand;" src="http://2.bp.blogspot.com/_XvyJdNQD_5w/SDYMmIONYEI/AAAAAAAAAfU/WEtfaO87gYI/s400/01022_grassbycosmic_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203360268654829634" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=1264"><img style="cursor:pointer; cursor:hand;" src="http://3.bp.blogspot.com/_XvyJdNQD_5w/SDYMmYONYFI/AAAAAAAAAfc/ImYNGjKCgu8/s400/01264_leaf40_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203360272949796946" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=1454"><img style="cursor:pointer; cursor:hand;" src="http://3.bp.blogspot.com/_XvyJdNQD_5w/SDYMmYONYGI/AAAAAAAAAfk/rvyKG1SbzJw/s400/01454_greenforever_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203360272949796962" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=1511"><img style="cursor:pointer; cursor:hand;" src="http://4.bp.blogspot.com/_XvyJdNQD_5w/SDYMmoONYHI/AAAAAAAAAfs/gFDp-e1acn0/s400/01511_greenhoops_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203360277244764274" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=1568"><img style="cursor:pointer; cursor:hand;" src="http://4.bp.blogspot.com/_XvyJdNQD_5w/SDYMmoONYII/AAAAAAAAAf0/Bm-QcgaZXao/s400/01568_greenparadise_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203360277244764290" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=386"><img style="cursor:pointer; cursor:hand;" src="http://3.bp.blogspot.com/_XvyJdNQD_5w/SDYL-YONX_I/AAAAAAAAAes/CyP_yHMedUA/s400/00386_dewdrop_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203359585755029490" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=534"><img style="cursor:pointer; cursor:hand;" src="http://3.bp.blogspot.com/_XvyJdNQD_5w/SDYL-YONYAI/AAAAAAAAAe0/mnoDIxEpwqs/s400/00534_bananaleaves_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203359585755029506" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=620"><img style="cursor:pointer; cursor:hand;" src="http://4.bp.blogspot.com/_XvyJdNQD_5w/SDYL-oONYBI/AAAAAAAAAe8/yu5eHGedRm8/s400/00620_itsthesamecoloratnight_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203359590049996818" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=636"><img style="cursor:pointer; cursor:hand;" src="http://1.bp.blogspot.com/_XvyJdNQD_5w/SDYL-4ONYCI/AAAAAAAAAfE/pSI144Hz6LI/s400/00636_greenstuff_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203359594344964130" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=738"><img style="cursor:pointer; cursor:hand;" src="http://1.bp.blogspot.com/_XvyJdNQD_5w/SDYL-4ONYDI/AAAAAAAAAfM/J_4sxXG1pfM/s400/00738_sanscosm_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203359594344964146" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=143"><img style="cursor:pointer; cursor:hand;" src="http://2.bp.blogspot.com/_XvyJdNQD_5w/SDYLPIONX6I/AAAAAAAAAeE/84V11d-O570/s400/00143_grapeleaf_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203358774006210466" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=184"><img style="cursor:pointer; cursor:hand;" src="http://3.bp.blogspot.com/_XvyJdNQD_5w/SDYLPYONX7I/AAAAAAAAAeM/s1IQqPWPCXQ/s400/00184_greentube_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203358778301177778" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=194"><img style="cursor:pointer; cursor:hand;" src="http://3.bp.blogspot.com/_XvyJdNQD_5w/SDYLPYONX8I/AAAAAAAAAeU/cLWYb6b4hhM/s400/00194_summerfrog_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203358778301177794" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=240"><img style="cursor:pointer; cursor:hand;" src="http://3.bp.blogspot.com/_XvyJdNQD_5w/SDYLPYONX9I/AAAAAAAAAec/6ua1vf-_lOg/s400/00240_green_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203358778301177810" /></a><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://interfacelift.com/wallpaper/details.php?id=292"><img style="cursor:pointer; cursor:hand;" src="http://3.bp.blogspot.com/_XvyJdNQD_5w/SDYLPYONX-I/AAAAAAAAAek/ZuHz7VlSyNA/s400/00292_laureldroplets_1440x900.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5203358778301177826" /></a><br /><br />Still need more green? <a href="http://interfacelift.com/search.php?k=green&logic=and&title=on&contents=on&description=on&wallpaper=on">Try this search!</a><br /><br />*NEW* I will be getting an EEE PC soon to use at work. If you have an EEE PC, and are looking for some nice green wallpaper, look no further. Download <a href="http://www.oddree.com/steveb/GreenEeePC.zip">this zip package</a> which includes all the above wallpaper which I have scaled and cropped to fit the 800x480 dimensions of the screen.<br /><br />-Steve BallantyneUnknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-51015429094736338532008-05-20T09:03:00.000-07:002008-05-20T09:17:40.887-07:00Fun with Screenlets in UbuntuIf you're not big on eye candy, this software likely won't "do it for you". In the spirit of things that you really don't need cluttering up your desktop - I bring you "Screenlets". The idea is that a Screenlet is a desktop widget. These widgets range from things that you might want to keep at arms length, to silly gadgets that might entertain the duller moments of your day. These widgets can be "locked down" so that they become active elements of your wallpaper (more or less). If you have used Windows Vista or modern versions of OS X you should be familiar with this concept. Most folks keep their widgets floating around the right edge of their screen.<br /><br />Admittedly this whole concept is growing old but I was impressed with how easy it is to install Screenlets in Ubuntu, add a collection of fun gadgets, and perhaps even create your own. Screenlets are written using the popular Python scripting engine. While I have had bad luck with similar widget engines in the past, it seems that using common libraries and Python elements has allowed the desktop widget concept to become stable and usable. I have played with these same widgets for several days and have yet to crash anything, or suffer through any error messages.<br /><br />You can install Screenlets in Ubuntu with a single command in terminal:<br /><code>sudo apt-get install screenlets</code><br /><br />The above will also add all the supporting libraries, and the default "base" of Screenlets to begin using. It's likely that whatever you had in mind comes in the default Screenlet collection. If not, there are few hundred more available from http://www.screenlets.org. There's a large community of widget developers and users out there sharing their ideas.<br /><br />Once you have installed Screenlets, you can begin adding your widgets using the Screenlets Manager. To access the manager, click System > Preferences > Screenlets. You may also use a "Screenlets Daemon" icon which should appear in the upper right hand corner of your display near the time and volume control slider.<br /><br />Here you can select a Screenlet, and click "Add" to the right. It should immediately appear on your Desktop. From there you should be able to slide them around by clicking and dragging on them. With a right-click you will find options to change the size of the widget, decide if they should linger on top or underneath your windows, and even "lock" them into place to prevent the accidental sliding around of them. I installed a few common Screenlets and took this screen shot.<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://1.bp.blogspot.com/_XvyJdNQD_5w/SDL2gfO_6FI/AAAAAAAAAd0/kUkKUVDS95E/s1600-h/screenlets-slice.jpg"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;" src="http://1.bp.blogspot.com/_XvyJdNQD_5w/SDL2gfO_6FI/AAAAAAAAAd0/kUkKUVDS95E/s400/screenlets-slice.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5202491557566998610" /></a><br /><br />These widgets are pretty large on my desktop. The only one I really refer to often is the old analog clock. It's nice to have an analog clock, with the correct time displayed on it. We actually have three analog clocks in my department at the office. They are all battery operated, and each keep their own time. One has recently quit all together, and rather fuss with it I have decided that this clock should display "important times in nerd history". This weeks theme was Back to the Future. I'm waiting for the strike of lightning that will take Marty back to 1985.<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://4.bp.blogspot.com/_XvyJdNQD_5w/SDL5aPO_6GI/AAAAAAAAAd8/r3L-mA-pOig/s1600-h/bttf-clock.JPG"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;" src="http://4.bp.blogspot.com/_XvyJdNQD_5w/SDL5aPO_6GI/AAAAAAAAAd8/r3L-mA-pOig/s400/bttf-clock.JPG" border="0" alt=""id="BLOGGER_PHOTO_ID_5202494748727699554" /></a><br /><br />Now, go get busy cluttering your desktop with stupid eye candy. It's time well wasted.<br /><br />-Steve BallantyneUnknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-33674930325685860582008-05-15T12:56:00.000-07:002008-05-15T13:08:59.258-07:00Windows XP Service Pack 3 - Choose Your BrowserHaving applied the newly released Windows XP Service Pack 3 to my virtual administrative machine yesterday I can now safely say "mistakes were made". This morning I spent a good couple of hours trying to determine what went wrong, and how to correct it. I hope you can learn from my mistakes. This is what I discovered.<br /><br />1) Once you install Windows XP Service Pack 3, you will never be able to change your browser. If you were running IE 6, you will be stuck with it from here until re-installation (that's a joke). If you have IE 7, you can never revert back to IE 6. That "uninstall IE 7" ability will be removed upon successful installation of Service Pack 3.<br /><br />2) If you were running IE 6, and then installed SP3, you can never have IE 7. Attempts to install it manually will fail.<br /><br />3) If you are stuck with IE 6, you cannot install post IE 7 updates, for which there are about three. You would think Windows Update would recognize this flaw and not attempt to install these updates that you cannot even accept, but that is not the case. If you get stuck in this loop, you will have 3 updates that are pending installation ... forever. Every time you update, it will fail. Every time. Sucks to be you.<br /><br />4) If you install Windows XP right out of the box (like a normal clean install) and run through the updates that are recommended to you - you will effectively screw things up. That's because Windows Update will not offer you the IE 7 update until after you have installed SP 3 and it's too late.<br /><br />With all that said - here is how you *should* update Windows XP. First, install Windows XP Service Pack 2 if it's not all ready streamlined into your product disc. Then run Windows Update and grab the dozen or so updates that are offered, and reboot. Run Windows Update again. If it offers you Service Pack 3, stop there and don't install it. Now browse to the <a href="http://www.microsoft.com/ie">home for IE 7</a> and choose to "Download Now". You want to install it manually. Once that completes, reboot. At this point you can run Windows Update and accept the Service Pack 3 update.<br /><br />Hey Microsoft, what the hell are you thinking?<br /><br />-Steve BallantyneUnknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-13064663871626210482008-05-14T12:11:00.000-07:002008-05-14T12:17:43.935-07:00Watch Movie DVD's in UbuntuDue to some rather silly and lengthy legalities, Ubuntu Linux does not install in a state that allow you to watch a regular old DVD movie. I have tried without success on multiple occasions in the past to insert a disc to watch - only to have it fail. It never really occurred to me that this was "by design" and I always assumed that it must have been something I was doing wrong. Recently I found that I could play any of the movies that I had created (without encryption) but not a single commercial disc.<br /><br />After some investigation I learned that you can enable the ability to watch commercial discs rather easily, but it's likely illegal (read the fine print).<br /><br />Rather than act as if I came up with the solution, I am pasting a link to a pretty good article on the subject matter. While the article was written on earlier versions of Ubuntu, this trick still seems to work on the latest release (Hardy Heron).<br /><br /><a href="http://ubuntu-tutorials.com/2006/12/14/how-to-enable-dvd-playback-ubuntu-510-6061-610/">How to enable DVD playback</a><br /><br />-Steve BallantyneUnknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-85626067913884781142008-05-13T11:03:00.000-07:002008-05-13T11:38:43.454-07:00Scheduled and automated Secure FTP (SSL)A few months ago I had a request from one of our department members to automate a tedious process. One of our health systems crank out a plain text file which on a daily basis needs to be sent off to an insurance carrier. The insurance company uses FTP to facilitate the "upload" of data, but there is a catch. Because this information contains patient health data, you would not want to send it in plain text. Their method of securing the data is to use certificate based secure FTP. I should state that there are other methods of securing FTP traffic, namely with SSH tunneling. Using certificates for an FTP server is not common practice, and so automating it was difficult.<br /><br />Here is the script that I created which happily runs on an Ubuntu Linux box. Note that names, passwords, and the like have been removed to protect confidentiality.<br /><br /><code>#!/bin/bash<br />#<br /># HL7 FTP drop<br /># By Steve Ballantyne 02-28-08<br />#<br /><br /># Calculate the date in specified format and make a directory with it<br />TIME=`date +%m-%d-%Y`<br /># Build working directory<br />if [ -f /data/healthinsurance/README.txt ]<br />then<br /> sleep 0<br />else<br /> mkdir "/data/healthinsurance/$TIME"<br />fi<br /><br />cd "/data/healthinsurance/$TIME"<br /><br /># Check for SERVER Share<br />if [ -f /mnt/healthinsurance/README.txt ]<br />then<br /> mv /mnt/healthinsurance/Submissions/healthinsurance/working/KCHDEM* /data/healthinsurance/$TIME<br />else<br /> #Map to SERVER drive<br /> mount -t smbfs -o username=ballantynesd,password=password "//SERVER/e$" /mnt/healthinsurance<br /> # Now move it<br /> mv /mnt/healthinsurance/Submissions/healthinsurance/working/KCHDEM* /data/healthinsurance/$TIME<br />fi<br /><br /># Go put the file on the server<br />curl --ftp-ssl ftp://ftp.generichealthcare.com -u username:password -T /data/healthinsurance/$TIME/KCHDEM*.txt --insecure<br /># Done - Exit</code><br /><br />Here's the play-by-play of what this script does.<br /><br />1) A check is made for a README file. If this file doesn't exist, someone may have messed with our directory structure.<br />2) A date variable is created in the form of MM-DD-YYYY. Then, a directory is created using that variable, and we change directory, or 'cd', into it.<br />3) We check to see if a README file exists on a shared drive, which has been mounted. If it does not exist - then the drive has come un-mounted so we run through a routine to re-mount the Windows share.<br />4) Once the mounting issue is resolved, we move the file from the SERVER into that local folder we created with the date variable.<br />5) With the file in our grips, we use 'curl' to send the file to the health insurance company. Note that we needed two special switches: '--ftp-ssl' and '--insecure'. The '--insecure' was required in my case because the certificate being used for this connection was self-signed.<br /><br />Now that we understand what we are doing, how will we automate it?<br /><br />I saved the above script into a file called /root/healthins.sh. Then I did a 'chmod 755 healthins.sh' so that it was executable. Next, I became root by using 'su -' and supplying the root password. Finally, I ran 'crontab -e' which allowed me to edit the root users cron entries. <br /><br />This is the line I added to the bottom of my scheduled jobs (it was empty).<br /><br /><code>1 1 * * * /root/healthins.sh >> /root/healthins.log 2>>&1</code><br /><br />That line says that on the first minute of the first hour of every day ... run the script called 'healthins.sh' which exists in the /root directory. Then, redirect all of the output from this process into a log file called 'healthins.log' which also exists in root. The '>>' indicates that this file should be appended. That is, *added to* and not overwritten. <br /><br />I'm happy to say that this has been running well, aside from a mistake I had made in my logging process. But I figured since I was in fixing this - I should document this process for future generations. If this helped you in some way, won't you please drop me a line?<br /><br />-Steve BallantyneUnknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-85009728527657715112008-05-09T12:38:00.000-07:002008-05-11T10:21:36.658-07:00Dress up Ubuntu 8.04 Hardy to look like gOS SpaceThe nice people over at <a href="http://www.thinkgos.com/">gOS</a> (read: good Operating System) have released their latest project called "gOS Space". Think Ubuntu, if you layered it up with some eye candy, and then added a nifty dockbar and populated it with MySpace and YouTube Launchers. I have to admit that the visual appearance is pretty good. It's also oddly familiar, because with all of these various pieces mixed together, it resembles the latest OS from Apple.<br /><br />I downloaded it and tried to boot it in a virtual PC (using VirtualBox). I failed. I also tried burning it to a CD-ROM and I failed at that too. That's because the ISO image is about 68 meg's off from fitting on a standard CD. So I grabbed a DVD and burned a copy. Then I booted it up. The "beauty" of gOS is that you don't have to install it. You can boot to it, and try it out. I tried it. I played with it a while. I was ready to get back to Ubuntu which I had all ready installed, but I wanted to take this nice theme with me.<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://4.bp.blogspot.com/_XvyJdNQD_5w/SCSsbi8DyUI/AAAAAAAAAdI/VIBcRYYCiGI/s1600-h/gos-ubuntu-screenshot.jpg"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;" src="http://4.bp.blogspot.com/_XvyJdNQD_5w/SCSsbi8DyUI/AAAAAAAAAdI/VIBcRYYCiGI/s400/gos-ubuntu-screenshot.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5198469459127552322" /></a><br /><br />Here's how you can re-theme your Ubuntu 8.04 Hardy with the pretty space theme.<br /><br /><span style="font-weight:bold;">#1 - Get the wallpaper</span><br />If all you wanted was the wallpaper, this is an easy task for you. Because I have mirrored it. you can <a href="http://www.oddree.com/gos-space/gos-rocket-final.png">right click here and download a copy</a>. Then make it your background. You're done!<br /><br /><span style="font-weight:bold;">#2 - Install the wicked green bubbly window theme</span><br />One of the niftier looking aspects of this theme are the windows. You won't really see what these look like unless you do some digging. The screen-shots on the gOS site don't show them. I borrowed them the best way I knew how. Find the directories ... tar-ball them up ... and carry them over.<br /><br />* <a href="http://www.oddree.com/gos-space/newgosspace.tar.gz">Right click here and Download this file</a> (save it anywhere).<br />* Move the file to the root of the file system, and un-tar it. In a Terminal ...<br /><code>cd Desktop<br />sudo mv newgosspace.tar.gz /<br />cd /<br />sudo tar -xzvf newgosspace.tar.gz</code><br />* Apply the theme you just installed: click System > Preferences > Appearance. Then select the "gOS_Theme". Click "apply".<br />* You're done. Everything is green.<br /><br /><span style="font-weight:bold;">#3 - Install the pretty Dock Bar</span><br />gOS makes use of the "Avant Window Navigator". This has been around for quite a while, and can be installed relatively easily to Ubuntu Hardy. But ... the version that they are using for gOS is slightly newer than what you would get from the Hardy repositories. Trust me, you will want the latest stuff if you want the full effect. Namely, what the new version offers over the old one is a big collection of "applets" for your dock-bar, and that neat looking "tilted tile" of your icons (as seen in the screenshot).<br /><br />If you want to live on the edge, and install the latest stuff ...<br /><br />* Open up /etc/apt/sources.list and add this line to the bottom:<br /><code>deb http://ppa.launchpad.net/reacocard-awn/ubuntu hardy main</code><br />You will need roots authority to save this file, so you might want to run something like "sudo gedit /etc/apt/sources.list" to open it.<br />* Now, in a Terminal run "sudo apt-get update".<br />* Also in a terminal, run this ...<br /><code> sudo apt-get install awn-core-applets-bzr avant-window-navigator-bzr python-alsaaudio python-awn-bzr python-feedparser</code><br />* You will be asked if you want to install all the above, plus some dependencies. Say Yes!<br /><br />You are almost done. But here is the problem: you have no "preferences manager". Why didn't you install it in the above command? Because it won't work. Basically, you are mixing old and new parts of this application together, and Ubuntu doesn't like it.<br /><br />* Open <a href="http://ppa.launchpad.net/reacocard-awn/ubuntu/pool/main/a/avant-window-navigator-bzr/">this web page</a>, and find the version of awn-manager-bzr_0.3.1.bzr234.1~hardy that matches your version of Ubuntu and PC type. If you are running Hardy and have a standard Intel i386 version, you want to download <a href="http://ppa.launchpad.net/reacocard-awn/ubuntu/pool/main/a/avant-window-navigator-bzr/awn-manager-bzr_0.3.1.bzr234.1~hardy_i386.deb">this one</a>.<br />* Find the file you just downloaded, and open it (double click it). Then, click the green Install button to install the package. You may be told that this same package exists in your repository. You should ignore that message. It's referring to an earlier release of that same package.<br />* Click Applications > Accessories > Avant Window Navigator. It should launch at the bottom.<br /><br />If you were using a "bottom Panel" you now have some real redundancy going on here. You may move that bar to the right side of the screen (click and drag it) or you can right click on it and "delete it". I suggest you keep it around in case you don't like this dock bar (it's been known to be buggy, while it's been very stable for me).<br /><br />Now you have some configuration to do. If you right click the left most portion of this Avant bar (there's an empty little slice there) you can select "Preferences". From there you can add applets, and the like. I suggest you add the "Stacker" applet (one for each stacker menu you want to create). Then you can right click on each Stacker (as it appears in the dock bar) and click "Preferences". If you would like to use the "visual styling" that I created for my dock, you can download <a href="http://www.oddree.com/gos-space/gOS_Space_Theme.tgz">this file</a>. Just save it somewhere handy, and in the dock preferences, click the Themes tab, then Add, and browse to that file. I found the manager to be a bit buggy with themes. If you add the theme, and it doesn't show up in the list - close the manager and re-open it.<br /><br />If you want the slick Apple look for a Stacker... click the Backend tab and choose "Folder backend". Point it to a folder which contains shortcuts. If you don't have a folder of shortcuts - create one and come back. Click on the Applet Layout tab and check "Composite applet icon". Click the Stack Layout tab and change the Layout to "Curved gui". You may want to fiddle with the other options and tweak them to your liking.<br /><br />Now you can run full fledged Ubuntu, with all the style of gOS Space! Enjoy.<br /><br />-Steve BallantyneUnknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-46333836858330832462008-04-28T13:51:00.000-07:002008-05-12T11:40:16.426-07:00Nightmares with Exchange 2003 Free/Busy TimeI hadn't been in my current position long before I started noticing strange problems with our Public Folder structure. When I accepted my position as the Network Administrator I became the lucky winner of a battered 2003 Exchange server which was migrated over from version 5.5 back in ... 2005 or so.<br /><br />I suppose the first sign that something was wrong was that there were strange little entries in the Public Folder list that didn't do anything. When you clicked on them in Outlook a message said "Unable to display the contents of this folder". I used to wonder what was in there and why I couldn't see it. But after asking around I could see that these were "artifacts". That's a nice way of saying, "junk that was left behind and for reasons beyond explanation - they will remain to exist for the life of the server". I tried to delete them. Operation failed. Crap. Now I didn't really care what was in them. That fun curiosity had left me. I just wanted them to go away.<br /><br />And then came the Free/Busy issue. I had one of our more important and highly scheduled administrative folks ask me why people could schedule her to meetings when she was clearly booked solid. It only took a little bit of clicking around to see that something was wrong here. She was booked all day long but her "free time" only reflected an hour of busy time. I began with trying all the easy fixes, starting with "outlook.exe /cleanfreebusy" from the command line. It ran, without error. It fixed nothing.<br /><br />Then I stared digging through an endless search of forums, newsgroups, and "knowledge-less bases". It seems I am not alone in my quest for operational Free/Busy functionality. There are many out there that like me are having the same types of issues. I saw a lot of people asking "can't I just delete this Free/Busy time and start it over"? The answer is, no. Because Free/Busy time is a system folder which lives in Public Folders, it isn't easily accessible by anyone. From within the Exchange System Manager you can navigate to it, play with it's simple permissions, and check it's replication. But that's about it. Oddly enough, I didn't really see anything wrong with this folder, despite the fact that it was totally broken.<br /><br />I also <a href="http://groups.google.com/group/microsoft.public.exchange.admin/browse_thread/thread/a53231896b1d1ce1/5b7886d4895e5c89?lnk=st&q=steve+ballantyne#5b7886d4895e5c89">publicly displayed my frustration in a newsgroup</a>, which bared no helpful advice whatsoever.<br /><br />After reading techno-babble off and on for the better part of two days I came across something of interest. It asked me to check an attribute on the Exchange server using the adsiedit.msc tool. Lo and behold I had located a problem. A particular attribute still held a link to my dead Exchange 5.5 server. Fixing this broken link would theoretically release, recreate, and reattach my Public Folder infrastructure. And so the following weekend I stayed up late drinking diet soda and hacking up my server only to find that the problem STILL EXISTED.<br /><br /><span style="font-weight:bold;">So here is the solution for anyone else that might end up in this mess.</span> First I should mention that I have held back on releasing this entry until today (even though I performed this work nearly a month a ago). The details are a bit fuzzy to me now, but I didn't want to post a solution that wouldn't work. Today, I can honestly say that everyone's Free/Busy time is in good standing - and all those odd-ball Public Folders have been done away with.<br /><br />Following this procedure will blow away your Public Folders completely, leaving nothing behind. The majority of this process covers how to backup and restore the data that your users will want back. This is a risky procedure, so if you try to do this and break things really badly - don't come looking for me. You have been warned.<br /><br />Another important note: <span style="font-weight:bold;">Performing this procedure will break "favorites".</span> That means if your clients have opened up Outlook and said "add this folder to Favorites", they will now have a broken link. Even if your folder comes back with the same name and the same location - the shortcut will still not work. They (with your help) will need to recreate all of those shortcuts. Expect calls. Clicking on a dead shortcut will cause Outlook to crash!!<br /><br />Step #1 - Make a backup. If you use Veritas, Symantec, or something of that nature - make a full backup of your Public Folders now. Hope you will never need it. In fact, try not to ever use it. Refer to the notes at the end of this post.<br /><br />Step #2 - Back up the Public Folder permissions. Get a copy of <a href="http://www.microsoft.com/downloads/details.aspx?FamilyID=635BE792-D8AD-49E3-ADA4-E2422C0AB424&displaylang=en">the Microsoft Exchange Server Public Folder DAV-based Administration Tool.</a> Install this tool (it extracts to a folder) and run it. Then click File > Connect. Enter the properties for your server, and run this as someone with Administrative access. Make sure that the radio button option is selected for "Public Folders". Now you should be able to expand Public Folders, and see them all listed in the left pane. Click on the very top item "Public Folders", and then click Tools > Export Permissions. Leave things at default, and click OK (you may have to set up a log file, so create one if prompted). This will create a text file with all of the Public Folders names, and all the permissions to go with them. In my case, I then opened up this text file ... went down to where it switched from "real" public folders to invisible System Folders. Then I *deleted every line* which referred to System Folders. You should do this too. Problems with Free/Busy could be related to incorrect permissions being applied to your folder set. You do not want to re-import those faulty permissions back onto a healthy Public Folder store.<br /><br />Step #3 - Back up your Public Folder data. I did this the old fashioned way. By that, I mean that I opened up Outlook, expanded Public Folders, then selected All Public Folders. Then I performed a File > Export, and exported *everything* in Public Folders to a PST file. The danger in doing this is: <span style="font-weight:bold;">you cannot back up folders that you have no permission to</span>. So if someone has excluded you access to a folder, it will not get backed up. That could get you in trouble. Compare what you see in Step #2, with what you see inside of Outlook. Make sure you are not missing anything. Also know, this could take *HOURS* depending on the amount of Public Folder data that you have. In my case the store was a little less than 700MB and it took 45 minutes.<br /><br />Step #4 - Remove Public Folders. To do this, go into Services on the Exchange Server and stop the Information Store. Now, browse to where the Exchange data files are physically stored. Usually this is in x:\Programs Files\Exchsrvr\mdbdata. There are two files; pub1.edb, and pub1.stm. Rename these files - but do NOT delete them. I just added an .old extension to them. Now, go back and restart the Information Store service. This will cause chaos and confusion to your Exchange Server. It should give you a bad news message and ask if you want to create a blank Public Folder set. Say yes. Congratulations, you just destroyed all of your users data. Better act quickly on step #5.<br /><br />Step #5 - Put the Public Folder data back. This is the reverse of exporting. Go into Outlook, Expand Public folders and notice that it's empty. Now, import your PST back to Public Folders. <span style="font-weight:bold;">Note that there is a trick to this!</span> The trick is, you cannot import back into a system folder without Outlook telling you to "stop doing that". What you can do, is expand Public Folders, then expand All Public Folders - and then start the File > Import wizard. At the second or third step where you tell it where you are importing to - select "to currently selected folder". You will also notice that in your PST file this subtree has some bizarre name like "IPM_NON_SUBTREE". Don't worry about that. It will restore to where it needs to. Watch the files copy. When done, make sure things look okay.<br /><br />Step #6 - Still awake? Now fix the permissions. Open up your tool from Step #2, and click File > Connect. Again, fill in your server properties and make sure Public Folders are selected. Now select Public Folders and then Tools > Import Permissions. This should go pretty quickly. To see if things worked, you should go right clicking randomly on your folders and make sure that the permissions look right. You can also check the log for this tool you have been using.<br /><br />Step #7 - Update everyones Free/Busy time. The best way to do this is to send out a mass meeting notice for a "fake meeting". You can put it for a Sunday at Midnight, make it last 10 minutes, and put the location down as "fairy land". What's important is that everyone in your organization gets it, and agrees to the meeting. Doing so, will reset their free/busy data on the server. You can also recreate this data by having each user run Outlook from a command line with the /cleanfreebusy switch. Good luck with that! I used the fake meeting method, and it worked wonders.<br /><br />That should be all there is to it. But there are some ...<br /><br /><span style="font-weight:bold;">Possible Pitfalls!</span><br />Free/Busy still not accurate - Let's say that you have imported everything, fixed all the permissions, and the Free/Busy is still whacked. Take a moment to think about this. We have fixed all future appointments, but existing ones may still be a problem. I found that if you delete a reoccurring appointment and recreated it, the free/busy became accurate. Also - waiting longer seems to work. I waited about two weeks and everything seems correct. What fixed it? Who knows. It's Exchange Server.<br /><br />Folders are missing - If someone had a folder which you could not access, than you probably didn't back it up. Way to go! The good news is that you *renamed the data files*, you did not delete them. The bad news is that you will have a hard time getting the data out of them. If at all possible - do NOT restore from a tape backup. The best thing you can do is use a tool to extract the data from the public folder files. One such tool is called <a href="http://www.ontrackpowercontrols.com/">OnTrack PowerControls</a>. It's expensive to buy, but you should be able to use the trial version to extract from a detached Information Store database file. Basically you need to extract the data into a PST, and then import that PST back to the Public Folder tree. If you are stuck doing this ... read the manual for the PowerControls product. ;-)<br /><br />I sincerely hope that this information comes in useful to someone, some day. It took me a few weeks of off and on experimentation to come up with this. If this helped (or harmed) you won't you please drop me a comment and let me know?<br /><br />-Steve BallantyneUnknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-23438275147259930052008-04-22T08:27:00.000-07:002008-09-30T06:34:49.215-07:00VirtualBox with Multiple Bridged Network InterfacesSeveral months ago, I made the switch from VMWare over to VirtualBox. It didn't require a lot of arm twisting. VMWare costs around $500-$600 (for a basic Workstation license) and VirtualBox is absolutely free. While VMWare is a far more robust product, I don't really use most of the advanced features that justify the inflated cost.<br /><br />Now - many months later I have run into a dilemma with VirtualBox. I want to have two virtual machines running (simultaneously) which can both access the network using IP addresses which they have obtained through DHCP. Setting up a single workstation proved to be quite a challenge, and two required a lot of reading and digging. VMWare definitely makes virtual networking easier - at least on the Windows side of things. I am, of course, running Ubuntu Linux natively and virtualizing all my Windows Operating Systems with VirtualBox.<br /><br />Here is the script, which made this all possible for me - with comments to follow. In this example, I have TWO physical network cards. eth0, and eth1. eth0 connects my host (the Linux box) to one network for Internet connectivity, etc. in Linux. eth1 is connected to our production network, and will be used solely for my virtual guests.<br /><br />Note: You will need to install uml-utilities and bridge-utils first. Do that with: sudo apt-get install uml-utilities bridge-utils.<br /><br /><code>modprobe tun<br />tunctl -t tap0 -u ballantynesd<br />brctl addbr br0<br />ifconfig eth1 0.0.0.0 promisc<br />brctl addif br0 eth1<br />ifconfig eth1 up<br />dhclient br0<br />brctl addif br0 tap0<br />ifconfig tap0 up<br />chmod 0666 /dev/net/tun<br /># This was added Apr 22 2008<br />tunctl -t tap1 -u ballantynesd<br />brctl addif br0 tap1<br />ifconfig tap1 up<br />echo 1 > /proc/sys/net/ipv4/conf/tap0/proxy_arp<br />echo 1 > /proc/sys/net/ipv4/conf/tap1/proxy_arp</code><br /><br />The above was saved into a file, which should be run as root *before* starting VirtualBox. You can do this with a 'sudo vboxup.sh', or similar. Exchange 'ballantynesd' with the user name that you are running with on your Linux box. Exchange eth1 for your production NIC, whatever that happens to be.<br /><br />To complete setting up your virtual guests, you will need to shut them down, open up the settings for them, browse to network settings. Change from "NAT" to "Host", and in the lower area set the network card to tap0 or tap1. Leave the rest alone! <br /><br />With luck, and prayer - you should be able to boot up your virtual machine and obtain an IP with DHCP (or assign one statically if you like). <br /><br />Good luck! Give me a shout if this should help you out.<br /><br />-Steve Ballantyne<br /><br />EDIT: 05/08/2008<br /><br />It seems that an upgrade to Ubuntu 8.04 LTS, and an upgrade to the new "Sun" branded VirtualBox 1.6.0 ... is not a good idea. I have tried for the past two days to make things work as documented. Namely, the nice little bridge that I had going on. Following the prescribed documentation got me nowhere, so I reverted back to configuring my interfaces "the old fashioned way" and used the above script. My new script is for a single Virtual Box, and it looks a little something like this ...<br /><br />As stated earlier - this script must be run with 'sudo'.<br /><code><br /># Don't need these, so they die<br />ifconfig vbox0 down<br />ifconfig eth1 down<br /># Throw up a bridge<br />brctl addbr br0<br /># Add my main card to the bridge<br />brctl addif br0 eth0<br />ifconfig eth0 0.0.0.0 promisc<br /># Bridge goes up<br />ifconfig br0 up<br /># Bridge obtains an IP address<br />dhclient br0<br /># Give me a virtual adapter<br />modprobe tun<br />tunctl -t tap0 -u ballantynesd<br /># Add the adapter to the bridge<br />brctl addif br0 tap0<br />chmod 0666 /dev/net/tun<br />ifconfig tap0 up<br /></code><br /><br />Good luck!!Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-14833190021702774862008-03-24T10:52:00.000-07:002008-03-24T12:28:46.317-07:00Connecting RightFax to SharePoint DataIf you have set up SharePoint “correctly”, then everything should be going into two SQL databases. One to hold the configuration notes for the server, and another to hold the bulk of the user data. It’s likely that you have created a few “Lists” for the sake of holding onto (and sharing) contact data.<br /><br />Why not then – tie your RightFax Phonebook right into your SharePoint contact data?<br /><br />To begin, you will need to identify the “List” in which you want to query. From within SharePoint, your List has a “name” which you have given it. In my case, it was called “KCH Directory”. SharePoint has an “ID” which it uses to track this data, and we need to locate this string.<br /><br />Get onto the SQL server which houses your SharePoint data, and run the SQL Query Analyzer. Point the query analyzer to the correct database. Mine was called “KCH_WSS_CONTENT”. Now, enter this SQL query …<br /><br /><code>select tp_ID from Lists where tp_Title = 'KCH Directory'</code><br /><br />… where ‘KCH Directory’ is the name of your list. Then click the green arrow to process the query. You should see one row returned, with the ID we are after. Right click on that ID and “copy” it. Now paste it to Notepad for later reference.<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://2.bp.blogspot.com/_XvyJdNQD_5w/R-fqwVvX0dI/AAAAAAAAAb4/tj6DS8tN7Sk/s1600-h/rightfax1.JPG"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;" src="http://2.bp.blogspot.com/_XvyJdNQD_5w/R-fqwVvX0dI/AAAAAAAAAb4/tj6DS8tN7Sk/s400/rightfax1.JPG" border="0" alt=""id="BLOGGER_PHOTO_ID_5181368012503503314" /></a><br /><br />Next, we need to create an ODBC connection for your RightFax server to use. Open Administrative Tools > Data Sources (ODBC).<br /><br />Click the System DSN tab, and click “Add …”. Scroll to the bottom of the list and choose SQL Server, then “Finish”. Next you will be given a wizard. Name your source whatever you want. I named mine “passql”. For server, enter the name of the SQL server which houses the SharePoint database, then click next. Change the authentication type if you need to (I didn’t) and click next. Make sure you stop here and “Change the default database to” – and enter the name of the database that has all of your SQL data in it. Then click next, change nothing, and click Finish. Finally, click Okay to leave this window.<br /><br />Now right-click the RightFax system tray icon, and choose “ODBC Configuration”. Then click “Add”.<br /><br />Now, name this phone book whatever you like and select our recently created ODBC connection from the ODBC source list.<br /><br />Fill in your fields “appropriately”. You may need to do some mapping here. That means going back to your SQL Query Analyzer and performing a dump of your UserData table with a query like this …<br /><br /><code>select * from UserData where tp_ListId = 'YOUR-ID-STRING'</code><br /><br />In my case, I was able to match up fields in RightFax to these:<br /><br />nvarchar1 – last name<br />nvarchar2 – first name<br />nvarchar17 – fax number<br />nvarchar11 - location<br />nvarchar15 - voice<br />nvarchar6 – company<br /><br />So entering them into the RightFax ODBC window, looked like this:<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://4.bp.blogspot.com/_XvyJdNQD_5w/R-frC1vX0eI/AAAAAAAAAcA/P2XG1kpFQis/s1600-h/rightfax2.JPG"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;" src="http://4.bp.blogspot.com/_XvyJdNQD_5w/R-frC1vX0eI/AAAAAAAAAcA/P2XG1kpFQis/s400/rightfax2.JPG" border="0" alt=""id="BLOGGER_PHOTO_ID_5181368330331083234" /></a><br /><br />Notice that we only have one field for a name, while SharePoint divides it into a first, last, and middle initial. I have combined first and last, and skipped middle initial (creating one solid RightFax field). All of this information will end up on your Fax Cover Sheet (FCS), which is nice.<br /><br />The “WHERE” box is a SQL statement “where”. What we are saying here is what we want and don’t want from the UserData SQL dump. In my case I am specifying the particular List that I had in mind, minus the blank company names, and fax-less entries. I also (optionally) told it to only show me entries where the fax number started with a left parentheses “(“. That was because someone had typed textual information into the fax fields on some of my SharePoint data.<br /><br />My WHERE looked like this (photo obscured) …<br /><br /><code>(tp_ListId = ‘YOUR-ID-STRING-HERE' and UserData.nvarchar17 is not null and UserData.nvarchar17 like '(%' and UserData.nvarchar6 is not null)</code><br /><br />The “ORDER BY” allows you to sort your entries. In my case, I just let it try to sort by last name. But this could have been Company Name, or even numerical Fax Number.<br /><br />Click OK, and try it out! In my case, I had to do a lot of checking and double checking of my SQL syntax. One little typo and your Phonebook will show up stone empty (there will be no error messages).<br /><br />To test it – open RightFax FaxUtil, and click the yellow address book symbol. You should have a new tab with the name that you used in the ODBC configuration (mine was passql). When you click the tab, the actual query will take place so there might be a slight delay. You should get a nice list of data, and a few boxes overtop to help you filter out what you were after.<br /><br />Obviously the ODBC connection, and the RightFax ODBC configuration will need to be repeated for your clients. But there is a way to cheat this as well. You can export elements from the registry, combine them into one .reg file, and import it after running through the installation. You can find the Captaris KB article: <a href="http://www.captaris.com/Scripts/captaris.cfg/php.exe/enduser/std_adp.php?p_faqid=199&p_created=1034578800&p_sid=xWNK1x_i&p_accessibility=0&p_redirect=&p_lva=&p_sp=cF9zcmNoPTEmcF9zb3J0X2J5PSZwX2dyaWRzb3J0PSZwX3Jvd19jbnQ9MzE0JnBfcHJvZHM9MCZwX2NhdHM9MCZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0xJnBfc2VhcmNoX3RleHQ9cGhvbmVib29rIG9kYmMgcmVnaXN0cnk*&p_li=&p_topview=1">here</a>.<br /><br />I certainly hope this is useful to someone else out there. Drop me a line in the comments and let me know! ;-)Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-65113632421616807962007-11-29T11:59:00.000-08:002007-11-29T12:19:46.209-08:00News Flash : Vista Is TerribleYou are probably sick of reading it and I am sick of saying it but Vista is very, <span style="font-weight:bold;">very </span>bad. My latest gripe is all the new error messages that I seem to be generating. This takes me back to the days of old with Windows where you get a message that makes absolutely no sense at all, which also supplies you with the sense that someone will do something about it, and then leaves without giving much more detail (only to reappear in an hour or so).<br /><br />Here is one ...<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://2.bp.blogspot.com/_XvyJdNQD_5w/R08bmSgnmQI/AAAAAAAAAUQ/WWv6O9IuKww/s1600-h/crash.jpg"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;" src="http://2.bp.blogspot.com/_XvyJdNQD_5w/R08bmSgnmQI/AAAAAAAAAUQ/WWv6O9IuKww/s400/crash.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5138356044470655234" /></a><br />A program stopped working. I knew that all ready though, because it went away when it crashed. The error message indicates that Windows will notify me of a solution. But when I "close program", I don't get any notifications. I guess they will track me down and call me. One day I will get a call from an engineer who has a solution to the 3,000+ crashes I had this year.<br /><br />Here is another ...<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://2.bp.blogspot.com/_XvyJdNQD_5w/R08chSgnmRI/AAAAAAAAAUY/fTOVoMbB_q4/s1600-h/crash2.jpg"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;" src="http://2.bp.blogspot.com/_XvyJdNQD_5w/R08chSgnmRI/AAAAAAAAAUY/fTOVoMbB_q4/s400/crash2.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5138357058082937106" /></a><br />It seems that "some program" which wants to remain anonymous is trying to tell me something, but it simply can't. Oh the suspense! Should I be reminded later? What if the program has something really important to tell me? Unfortunately I didn't click the "Why does this happen?" link. I will never know the crackpot reasoning behind the message. It ended up being a browser window which was trying to refresh it's advertisements.<br /><br />More worthless error messages to come!Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-52959164821030847552007-10-28T07:17:00.000-07:002007-10-28T07:43:26.577-07:00The Desktop RevolutionApple started it. Many years ago, they released OS X. Everyone marveled at the new effects and tools that it brought, and suddenly Microsoft began to show an interest in giving their desktop products a long overdue makeover. Pretty soon, Windows XP was "all the rave". It was met with a lot of resistance by the business users who were probably correct in saying "Windows 2000 seemed to run faster ... and I don't need these effects to do my job".<br /><br />Apple continued to build upon it's success in OS, releasing a new version nearly every year for five years. Each time, outdoing itself with innovative new features that provided new tricks for the user, but also looked *really* good doing it. Microsoft answered with "please wait". Once they felt that they had caught up, they release Windows Vista. Even with the BETA releases it was obvious that Microsoft would never keep up with the "design wars" that laid ahead. Windows Vista simply duplicated a few effects that they liked from OS X but also tried to sneak in a software-crippling security overhaul. This has of course left most users demanding "I want Windows XP back".<br /><br />Meanwhile, open source groups have aimed to out-do the commercial software companies when it comes to good looks. And why not? Linux after has been built and is maintained by the people, for the people since it's inception. It's the democracy of software. If something bombs and doesn't work, it either gets fixed or becomes "deprecated". Developers can work together on projects and build code at all hours of the day and night using systems that they developed earlier on. So it shouldn't be any surprise that the race to come up with the best looking desktop will be plaid out on open source platforms.<br /><br />If you work in or around IT, or you have a nerd for a friend, you have no doubt heard of Beryl. Beryl <i>was</i> an experiment in using a commercial graphics card to create mind-bending effects for simple window and desktop management. It got a lot of attention. As did the Compiz project which aimed to do similar effects. Eventually they merged the two projects allowing the user to get the best effects from each collection, and possibly a little more stability. The result is <a href="http://compiz.org/">"Compiz Fusion"</a>.<br /><br />I must admit I was fascinated watching YouTube videos like <a href="http://www.youtube.com/watch?v=E4Fbk52Mk1w">this one</a>. Windows Vista has a "tile effect" that let's you stack windows at an angle. Compiz allows you multiple desktops on a rotating cube, window-tabbing, OS X "expose" style arrangements, and more. Do I need all that to enjoy my computer? No. In fact, with these state of the art effects come a slew of bugs and crashes. After all, the code you are using to demonstrate effects like these were written by dozens of different people and were assembled moments later to begin experimenting with them. Still, someone like me sees a demonstration of the effects and I am all ready working on getting them running on my PC.<br /><br />I am not the only one amused. Search YouTube for "compiz" and you will find that these videos are getting hundreds of thousands of viewings. Take a look around the forums for popular Linux distributions like Ubuntu and you will find that they are plagued with questions from folks who are fighting through crashes and panics to get these effects on their screens.<br /><br />The war wages on, and yet the real casualties here are going to be "the business desktop user". Remember that attention like this does not go un-noticed. Shareholders will demand that commercial products implement the "fire painting" that their nephew was showing off. Microsoft will quickly attempt to duplicate the feature and put it into their home version of Windows Vista. The business users who purchased Vista Ultimate edition (and have little show for it at this point) will demand that it also be available to them. Before long, I will be rolling through group policies, user complaints, and help desk calls trying to stop the madness. Of course when I am done at work, I will go home, fire up Linux, and begin experimenting with effects that are years ahead of anything that Microsoft has done.<br /><br />If you still haven't watched it yet, you owe it to yourself to see what all the fuss is about: <a href="http://www.youtube.com/watch?v=E4Fbk52Mk1w">http://www.youtube.com/watch?v=E4Fbk52Mk1w</a>. Note that the video ends with "I have to admit: I made this with iMovie". Credit to Apple, where credit was due.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-27971635944464839712007-10-23T18:58:00.000-07:002007-10-23T19:10:11.767-07:00Starting x11vnc EasilyI had a friend recently ask me how I share out my desktop in Linux so that I can log in and run things remotely. I told him that I use a tool called "x11vnc" which allows you to share out an X-Windows session that has all ready been started. This is different than the normal VNC server functionality for Linux, which is to start an all new X-Windows session for remote access.<br /><br />Using your default display allows you to get back to whatever you left running at the house. Perhaps a web page you were on at the time, a few bit-torrents that you want to check up on, etc. <br /><br />In trying to share my method I had to confess that I really don't know how I made it all work. I was up late one night when I finally string together a command which got the desktop shared. Since then, I had been copying and pasting commands from a text file that I had saved away. The text file has now perished in a re-installation so I finally took the time to figure this all out again. This time, I have written a sensible shell script which I will document here for my friend Rob, and for anyone else who might be interested.<br /><br /><blockquote>#!/bin/bash<br /><br /># Set this to your username<br />USERNAME="steve"<br />XAUTH=`/usr/bin/ls /var/run/xauth`<br /><br /># Are we root, or just some schmuck?<br />if [ $(whoami) = "root" ]<br />then<br /> # Now, do we have a password file created?<br /> if [ -e /home/$USERNAME/.vnc/passwd ]<br /> then<br /> x11vnc -shared -display :0 -auth /var/run/xauth/$XAUTH -usepw -forever<br />else<br /> echo -e "You have not set a password yet, run: x11vnc -storepasswd as $USERNAME."<br /> exit 1<br />fi<br />else<br /> echo "You need to be root to do this (or use sudo -b ./startx11vnc)."<br /> exit 1<br /> fi <br /><br /> exit 1<br /></blockquote><br /><br />This script requires root permissions, and does the usual griping if it's run as a regular user. It then goes out to see if the person running it has all ready created a VNC connection password. If not, it gripes some more but drops a hint on how to create one. If running this as root, and you have a password file created, we then go out and find your xauth file. This file is needed to point x11vnc to the active running session. With that, we finally launch x11vnc and begin sharing the desktop.<br /><br />Notice that to run x11vnc, the script suggests using "-b" which will allow the sudo command to ask for the password, and then politely launch the program into the background. In doing so, you can safely close the terminal window that you launched this command from.<br /><br />Although wouldn't it be nice if this ran every time you logged on? Oh, I will have to work on that now.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-13171210125194143262007-10-21T06:52:00.000-07:002007-10-21T07:19:27.512-07:00Dell's DeVoI thought with all the advancement of modern-day "personal computers" that I might celebrate some de-evolution. Namely, by one of the biggest players in the market: Dell. More so, this is a short list of things that I have grown to hate Dell for and I need a place to gripe about it.<br /><UL><LI><b>Upside-down, and angled USB ports</b> - For several years Dell built a line of PC's with USB ports that were impossible to plug anything into. That's because the ports were flip-flopped from what they should have been, then angled at 45 degrees, and then covered with a plastic "hood" that had to be pulled up. Other than the fact that it reminds me of the deck lid on a Volkswagen Beetle - there is no benefit to this awful design flaw. If your PC was sitting on the floor (which it probably was, because the case was so damned big) you practically had to do a hand stand to plug in a jump-drive.<br /><LI><b>Dysfunctional Mouse Pads</b> - How can you possibly screw up with a rubber matted piece of canvas? By plastering your logo onto it in high contrast colors then slapping some odd-ball reflective coating onto it which gives it a "shiny" appearance. The effect was that every time your optical mouse struck the lower right corner of the Dell logo, it repositioned itself on the screen. Today, I still occasionally find one of these mouse pads on a users desk and send it directly to the garbage. It seems that there are a lot of users with far more patience for something like this than me.<br /><LI><b>Ghost Mouse Syndrome</b> - My poor father was the first to discover this flaw in Dell laptops. It seems that the mouse had a funny way of creeping around on it's own. Most attribute the problem to an oversensitive glide pad, which many other conspire that your mouse was being controlled by the souls of dead slave laborers from China. Aside from the creepy effect, the mouse would sometimes click itself too, causing a drag-over and delete effect on whatever you happened to be typing. I called Dell about it (not expecting much action). Dell said "plug in an external mouse". I asked "what if you're on an airplane or something?". Dell responded "you can also disable it in the BIOS". Ah yes. Problem solved. Dad can survive on Alt+Tab, Alt+F4, and other quick-key combo's.<br /><LI><b>Peek-A-Boo 15 Inchers</b> - Oddly, just after the warranty had expired ... I saw a large number of 15 inch LCD displays being sent to the garbage. They seemed to come down with a case of "peek-a-boo". That's where your screen suddenly goes black. Just about the time you are picking up the phone to call the IT department, it comes back. Eventually, it goes black every thirty seconds or so making work impossible. Dell was aware of some sort of flaw in the devices but since these are "old news" they have made no attempt to assist anyone with one of these dying pieces of garbage. But if you call them, they can assist you in finding someone in your area who will recycle the components at little or no cost.<br /><LI><b>Case Bloat</b> - Bigger is better! And titanic cases are back in style. Introducing the largest PC on the market - the GX-745 series. When you drop a few thousand dollars into a new PC these days, you expect to get your moneys worth. Dell sells that illusion by sending you an over-sized boat anchor. They seem to have forgotten how often office workers are relocated, and how many of us literally try to put these things on our backs to get them around. Sure it's nifty that the lid pops out of the side, and I have all sorts of little green tab things instead of screws. But all that extra plastic and aluminum make up for another 20 pounds and I fail to see how the bulk gives it any better of an appearance. Here's a neat trick - you can stack them. The tops are beveled to fit the bottom of another. We have had fun stock piling these our store room at work. Because nobody wants one, and those who do want one can't fit it into their desk.<br /><LI><b>Windows Vista></b> - In Dell's defense, they will still sell you a PC with Windows XP on it. But expect your laptop or desktop to still feature a prominent "Windows Vista" sticker on it. If I need to tell you why Windows Vista is a bad thing, you obviously haven't been subjected to it like I have. I will save that for another gripe session.</UL><br /><br />I'm sure you could think of a few reasons you hate Dell. Feel free to chime in with the comments feature.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-3619775124390844752007-10-15T05:46:00.000-07:002007-10-15T06:04:20.235-07:00Die Phishing Filter!Every time I set up a new XP workstation, I give it all the appropriate updates which includes Internet Explorer 7. I have to imagine that users who are not familiar with IE7 (damn near everybody) gets a little confused and perhaps even concerned when they start seeing "check this site for phishing" dialog boxes. This feature, while it's intentions may be good, does nothing but causes me additional phone calls.<br /><br />This morning I looked into how I might get rid of this feature once and for all - everywhere on my network. It turned out to be quite involved, and I didn't find many good resources on this topic. So here are some helpful tips for anyone else out there that would like to disable the phishing filter using group policy.<br /><br />1) Install the additional IE 7 Group Policy Templates. You may all ready have this template if you are running Vista. If you are running Windows XP, you can download them <a href="http://www.microsoft.com/downloads/details.aspx?FamilyID=11ab3e81-6462-4fda-8ee5-fcb8264c44b1&displaylang=en">here.</a><br /><br />2) If you had to download and install the template (XP users) you will need to perform this step. Otherwise, go to the next one. Open up your Group Policy Editor and expand Computer Configuration. Now right click Administrative Templates, and then choose "Add/Remove". You can then click "Add" and browse out to the Template that you installed in step 1. It should be called "inetres" (it will have an invisible .inf extension).<br /><br />3) Now, expand Administrative Templates, Windows Components, and select Internet Explorer. Check the details on the right. You should see "Turn off managing phishing filter". Read the text in the explanation box to ensure that you understand what is happening here. If you really want to be done with this forever, you should set this to "Disabled".<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://3.bp.blogspot.com/_XvyJdNQD_5w/RxNkcyvemdI/AAAAAAAAAUI/NPtSY5azpLc/s1600-h/disablephishingfilter.jpg"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;" src="http://3.bp.blogspot.com/_XvyJdNQD_5w/RxNkcyvemdI/AAAAAAAAAUI/NPtSY5azpLc/s400/disablephishingfilter.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5121547647070411218" /></a><br /><br />Now allow me to step on my soapbox for a moment here. If you are going to deploy a change like this through Group Policy, you should <span style="font-weight:bold;">create a new policy</span> to do it. Don't use the Default Domain Policy. When you create that new policy, name it something sensible such as "IE7 Disable Phishing Filter" or just "IE7 Settings". You never know when some other poor uneducated administrator may have to take over your job and figure out what the heck you did to their network.<br /><br />You can find more good information on this topic from <a href="http://technet2.microsoft.com/WindowsVista/en/library/6bdc927b-8c1a-47bc-9b6e-c2ac0148213f1033.mspx?mfr=true">this Microsoft Technet article.</a>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-81581423426125233502007-10-07T10:00:00.001-07:002007-10-07T10:28:33.623-07:00Going from IDE to SATA in LinuxA few years ago now I was shopping for a new motherboard and processor combo to perform an in-case upgrade to my outdated PC. One of my decisions was between two different motherboards. The only noticeable difference was that one supported SATA drives and the other was strictly IDE. It was an extra seven bucks for the SATA board ... so I went ahead and bought that one.<br /><br />Since then I have only ever used IDE drives as that was all I had available, and I wasn't trying to spend any more on the upgrade than I had to. But I recently was gifted an 80 gig SATA drive. Now all I had to do was to get all of my data onto it. Luckily the IDE drive that the SATA drive is replacing is the same size: 80 gigs.<br /><br />I put together a plan to completely "clone" my present system and copy all of my data onto the new SATA drive. This would keep me from having to migrate my data away, reinstall Frugalware Linux, and then put all of the data back. My plan worked surprisingly well, so here is what I did. I hope that this will help someone out there who stumbles upon this in a Google search.<br /><br />1) First, I simply installed the drive (physically) and checked to ensure that the BIOS was detecting it correctly. That part was relatively simple. Then, I booted as I normally would.<br /><br />2) Once I was booted into Linux, I opened up a terminal and ran the following command ...<br /><br /><blockquote>dd if=/dev/hda of=/dev/sda bs=32768</blockquote><br /><br />That command in a nutshell, copied every single track from the IDE drive (hda) to my SATA drive (sda). It created a complete clone. This would have also worked had my new drive been larger (but not smaller, as that would produce an out of space error). The problem would have been then that the new partition did not fill the drive. You would have to use a partition editor to fix this problem, such as <a href="http://gparted.sourceforge.net/">gparted</a>. I should note that copying 80 gigs takes a pretty long time. About as long as it would have taken to low level format the IDE 80 gig drive. In my case, it was about 1 hour and 10 minutes.<br /><br />3) Now that I have cloned my drive, I needed to make sure that Linux knows to boot from it. For that I first mounted the new partition. In my case, sda1 was the "data" partition on my SATA drive, and sda2 was the "swap" partition.<br /><br /><blockquote>mkdir /mnt/newdrive<br />mount /dev/sda1 /mnt/newdrive<br />vi /mnt/newdrive/etc/fstab<br /></blockquote><br /><br />My /etc/fstab file looked like this:<br /><blockquote>none /proc proc defaults 0 0<br />none /sys sysfs defaults 0 0<br />devpts /dev/pts devpts gid=5,mode=620 0 0<br />usbfs /proc/bus/usb usbfs devgid=23,devmode=664 0 0<br />tmpfs /dev/shm tmpfs defaults 0 0<br />/dev/hda2 swap swap defaults 0 0<br />/dev/hda1 / ext3 defaults 1 1<br />/dev/hdc /cdrom iso9660 user,noauto,ro 0 0</blockquote><br /><br />All that was necessary was to change the hda drives to sda drives. The final product looked like this:<br /><br /><blockquote>none /proc proc defaults 0 0<br />none /sys sysfs defaults 0 0<br />devpts /dev/pts devpts gid=5,mode=620 0 0<br />usbfs /proc/bus/usb usbfs devgid=23,devmode=664 0 0<br />tmpfs /dev/shm tmpfs defaults 0 0<br />/dev/sda2 swap swap defaults 0 0<br />/dev/sda1 / ext3 defaults 1 1<br />/dev/hdc /cdrom iso9660 user,noauto,ro 0 0</blockquote><br /><br />Make sure you save your changes, and quit.<br /><br />4) Next I rebooted. Upon booting up, I went into the BIOS and changed by boot order so that it tried to boot from the SATA drive first. It did! At the Linux boot prompt (grub) I had to stop it from booting, and change the boot options. It was going to boot with "root=/dev/hda1", so I had to change it to "root=/dev/sda1". Having made the change, I booted right up!<br /><br />5) This was a good chance to make sure that everything worked. All my data looked okay, no errors at booting time, etc. I ran "mount" by itself to ensure that I really was running from my SATA drive at this point ...<br /><br /><blockquote>ray@frugal:~$ mount<br /><b>/dev/sda1 on / type ext3 (rw)</b><br />proc on /proc type proc (rw)<br />sysfs on /sys type sysfs (rw)<br />devpts on /dev/pts type devpts (rw,gid=5,mode=620)<br />usbfs on /proc/bus/usb type usbfs (rw,devgid=23,devmode=664)<br />tmpfs on /dev/shm type tmpfs (rw)<br />binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)<br />/dev/hda1 on /media/disk type ext3 (rw,nosuid,nodev)</blockquote><br /><br />6) Having confirmed that this would work from here on out, I needed to make a change to grub so that it boots from the SATA drive from now on (and I wouldn't have to change the root line every time I booted).<br /><br /><blockquote>vi /boot/grub/menu.lst</blockquote><br /><br />In the grub booter file, all I had to change was "hda" to "sda" in the applicable place. In the end, my boot file looked like this:<br /><br /><blockquote>#<br /># /boot/grub/menu.lst - configuration file for GRUB<br /># This file is generated automatically by grubconfig<br />#<br /><br />default=0<br />timeout=5<br />gfxmenu (hd0,0)/boot/grub/message<br /><br />title Frugalware 0.6 (Terminus) - 2.6.20-fw4<br /> kernel (hd0,0)/boot/vmlinuz root=/dev/sda1 ro quiet vga=791<br /><br />title Memtest86+<br /> kernel (hd0,0)/boot/memtest.bin</blockquote><br /><br />And that was it!<br /><br />7) I reboot one more time, this time letting everything run it's course. The BIOS detected the drive ... Frugalware Linux came trying to boot from the correct drive ... and I booted (much quicker than before thanks to the obvious SATA speed advantages).<br /><br /><b>In closing:</b> This was a "poor mans cloning process". Normally I wouldn't recommend cloning a system that was running. But there weren't any notable side effects. The only issues I found were that my Firefox settings seemed to be lost. The first time I fired it up after this process, I had to re-enter some passwords and such for my various Firefox add-ons. Most likely this was from having those files open and in use when they were copied from one drive to the other.<br /><br />Was any of this helpful to you? Drop me a line and share your experiences.Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-59158362994962982272007-10-05T06:07:00.000-07:002007-10-05T06:17:28.709-07:00Sourcefire Purchases ClamAVThe Sourcefire Corporation has acquired the open source product ClamAV. ClamAV is a fairly user friendly and very well supported anti virus tool for the open source market. While the product hasn't seen much praise or attention, it serves as a pretty good competitor to commercial products by being an integrable component of an open source firewall and/or Intrusion Detection System. ClamAV often touts that it has fixes to virus's several hours and sometimes days ahead of the higher priced commercial competitors. I myself have built several personal use <a href="www.ipcop.org">IPCop</a> firewalls with ClamAV for gateway virus scanning.<br /><br />Sourcefire hopes to make this open source product marketable and improve it's commercial successes. It also promises to maintain the open source nature of the product. Sourcefire has had successes in this same area with <a href="www.snort.org">Snort</a>, the Intrusion Detection System.<br /><br />A full press release is available: <a href="http://www.sourcefire.com/products/clamav/">here</a>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-11376598.post-89035463176100637062007-10-03T06:23:00.000-07:002007-10-03T06:50:23.047-07:00Microsoft Wants You ... To Use Their MP3 PlayerAs if it weren't enough that they have taken over the home PC market and the business desktop ... they also want their software on cellular phones, video games systems, and MP3 players.<br /><br />I don't know how you feel about this whole business, but the name "Microsoft" means everything but quality in my vocabulary. Their last attempt at an OS was Vista, which anyone will tell you is terrible (insert your digs here). My phone which runs Windows Mobile is practically unusable: mostly due to badly timed "Notifications" and the lack to do simple things like answer an incoming phone call. And their game systems? ... Well those seem to be okay! I love my X-Box original. Of course, I put a mod chip in it several years ago and most of my enjoyment comes from the Xbox Media Center software that I installed to it.<br /><br />You may remember (or you may not) that Microsoft put out an MP3 player called the Zune a few Christmas's ago. A handful of anti-iPod types all ran out and bought one to get a taste of what was touted as "a new sharing experience". The perk in these devices was the ability to share music with your friends wirelessly. I was impressed with the concept. Advertisements featured pictures of young trendy people all standing around with headphones on - exchanging music with one another. But there is a catch. All of them would have had to have bought one of these devices (and most of your friends have all ready invested in an iPod). There were also some questions about Copyright. So naturally the device only let you "borrow" the music. In a few days time it vanished from your collection.<br /><br />The device was anything but successful. It sold 1.2 million units (all together). The iPod passed the 100 million mark back in April of this year. Bill Gates was quoted as saying, "For something we pulled together in six months, we are very pleased with the satisfaction we got". Interesting. I wonder if he would say the same thing about the long awaited Windows Vista?<br /><br />Asked what would be different about these new Zune devices Bill replied, "the satisfaction for the device was superhigh. The satisfaction on the software actually is where we’d expect to see a huge uptick this year. It was just so-so on the software side". So the good part about the device was the hardware, which was actually outsourced and engineered by someone else. The software (the only part that Microsoft actually worked on) was admittedly lackluster.<br /><br />Microsoft plans to build a sharing community online where users can upload samples of songs, which can be downloaded and replayed on other Zune players. But only three times, then they go away forever. I don't expect users will spend much time hacking or trying to circumvent this protection when the same music is available for illegal download from so many other sources.<br /><br />My message to Microsoft: Stop spreading out. Show that you care about, and are focusing on the areas in which you are all ready successful. Retool your Operating System so that you are no longer a successful "laughing stock" of the industry. And for God's sakes, leave your OS off of my portable devices. I don't have the patience to troubleshoot all of the problems you are creating and I am tired of having to explain to my user base that annoying features, and crashes are "by design".<br /><br />Source: <a href="http://www.nytimes.com/2007/10/03/technology/03zune.html?em&ex=1191556800&en=9ff39fa68f4d4f7f&ei=5087%0A"> New York Times</a>Unknownnoreply@blogger.com