Seems that the Cisco VPN client is always causing issues. I found a cool page today about cleaning up and upgrading the DNE or Deterministic Network Adaptor. Basically this tool allows (cisco) to find out which adaptor in your computer is currently attached to a network and not use the others.

so with out further.. http://www.citrix.com/lang/English/lp/lp_1680845.asp

make sure to take note of the winfix tool to clean up the existing DNE problems

And no this will not help with the Cisco VPN client and windows x64 bit issues. Cisco no longer supports the good old IPSEC client in 64 bit (actually no major vendor supports that) they have all gone to SSL VPN, in the case of Cisco you need to look at the AnyConnect Client. And no it wont connect to the 3000 or 5000 VPN concentrators. You need to buy a new ASA 5500.

However never loose hope http://www.shrew.net/download/vpn has created a client that will work for you, and if you landed here because you just cant get Cisco Client working.. use that one!

Other things to note that the AnyConnect Client isnt a GRE.IPSEC tunnel that means that if you use UDP your packets are converted to TCP for the SSL protocol. If you care, Juniper SSL VPN technology is the best of it all. The IVE or SSL appliances will connect with what they call AnyConnect  it will try and use GRE first then fail back to SSL if it cant do it.

Happy Networking.

Im going on record here, as I think I have some ground breaking news for microsoft. I just finished playing around with a copy of windows 7 and I have this to say…

“Why do I have any need to use windows 7”

Its a waste of time, here is what I see in windows 7 a bunch of speedy bloated operating system toys for multimedia users and kids. Windows7 Serves no purpose in a enterprise environment.

I might be proven wrong but I dont see any reason for enterprise to upgrade to any OS other then being forced. Why as a IT director would I ever want to start installing a mess of OS that is new bigger and has the word “store in my media vault” all over it. Poo on windows 7. My operating system is meant to do one thing …provide a API to hardware for my applications. If I wanted something that poped shot fireworks and plays videos I would buy a Mac and never get any work done with it..

Message to microsoft …stop making enterprise tools bubbley. its work. not a place for a 4 year old to print pictures and send them to grandma.

When you run explorer and its using mapped drives or printers, there is a lot of crap network traffic that hangs up the kernel and your experence with your OS in windows. so here is a tip that I never bloged about. Disable the qutomatic query for network resources. This will speed up your work PC a bit if your a poweruser.

So you might have noticed that my websites have been having issues lately. This is because my old ProLiant1850 finally got too old to play anymore rainder games. So in a quick chop chop, I took a trusty old P4B motherboard and put Server 2008 on it.

Now server 2008 has a lot of bad ass features, I really like core for example. And the new options for managment for IIS-Apps, or the new schedualed task manager. etc etc..

However the thing that ties them all into one package the GUI what a total waste of time. I cant express how much I hate, dislike, or generally spit in the direction of the 2008–vista-GUI

I dont know what ass at Microsoft decided to change server to match the WindowsME that vista is. When I get on a server and want to add a user for some testing I dont want some Lame ass GUI vista windowsME looking user add control panel, I want right click on my computer – system manage and add a user like we have for 9 years now. WHY MICROSOFT WHY. This only scratches my hate for this new interface.

Anyway I wanted to rant just for server 2010 when it releases Microsoft, Please go back to the UI that we have all learned to use in our sleep and not force admins to use fluffy wizards and crap ass MMC’s that are bulky and slow. I hope you google and find me.

One thing I love about MSDN subscriptions is the ability to get Visual Studio. Now I dont program much but I did have a lot of fun with VB back in the day and when VS2002 went to .net I must admit that I lost interest as the code changed a lot.

Then comes VS2005 with all its cool context help.

Then comes VS2008, I must say this is the most impressive dev studio I have ever seen. Just like office2007 and ability to think what I want before I want. VS08 allows someone who just knows how to program, convert to .net and program up things that are awesome. Seriously the context help and auto-complete in VS2008 are way cool. If you are a programmer or have MSDN and did old c or vb then check out the new application its worth the time.

Something to check out, info stolen from wikipedia

Perhaps the most notable new feature of Windows Server 2008 is a new variation of installation called Server Core. Server Core is a significantly scaled-back installation where no Windows Explorer shell is installed, and all configuration and maintenance is done entirely through command line interface windows, or by connecting to the machine remotely using Microsoft Management Console. Server Core also does not include the .NET Framework, Internet Explorer or many other features not related to core server features. A Server Core machine can be configured for several basic roles: Domain controller/Active Directory Domain Services, ADLDS (ADAM), DNS Server, DHCP Server, file server, print server, Windows Media Server, Terminal Services Easy Print, TS Remote Programs, and TS Gateway, IIS 7 web server and Windows Server Virtualization virtual server. This last role is projected to be available at most 180 days after release of Windows Server 2008.

Setup reference

Server role reference

I ran across a fun post for a way to disable the reply to all, and forward ability with emails. How many times have you forward out something like “server will be down” and you get 3 reply all’s “looks like kelly is actually working today”, “haha yea kelly must have called the nerd herd”

use VBA to disable the reply to all and forward

Prevent Reply to all and forward with custom form

here is a copy of scotts post (just as a local copy)

This is an amusing error coming from the windows update page when I loaded up windows for workgroups 3.11. It thinks I’m a mac.

Found a workaround, just go to File, Open, Other Users Folder. Solves the problem for now. There is some bug with the “quick open” list that normally shows up in a toolbar on the left of outlook.

"The Messaging interface has returned an unknown error." occurs when trying to view a shared calendar

In Outlook 2007, an error may occur when trying to view a shared calendar from the People's Calendars list. The error will say "The Messaging interface has returned an unknown error.  If the problem persists, restart Outlook."  Restarting Outlook does resolve the problem.

Microsoft has confirmed that this is a known bug with Outlook 2007.  We are currently waiting to hear back from Microsoft as to the decision on whether this will be resolved by a Hot Fix or included in Office 2007 Service Pack 1.

make sure when adding a vista machine to 2000 that the following GPO is set this way

Domain Member: Digitally Encrypt or sign secure channel data (always) - change to disabled  -this isnt in the default 2000 GPO

Network Security: LAN Manager authentication level - change to "Send LM and NTLM - use NTLMv2 session security if negotiated"

yes recover deleted files from PST

1. To corrupt the PST file, opening it with the hex editor.
2. Delete positions 7 through 13 with the spacebar. Since you're using hexadecimal numbering, this actually clears 13 characters in the following positions:
3. 00007
   00008
   00009
   0000a
   0000b
   0000c
   0000d
   0000e
   0000f
   00010
   00011
   00012
   00013
   (The editor displays the code “20” each time you clear a position with the spacebar.)
4. After clearing those positions in the file, save it. Your PST is now corrupted.
5. Run the Inbox Repair Tool, SCANPST.exe, to recover the file. On Win2K and WinNT systems, the executable is located in For additional information on the Inbox Repair Tool, see Microsoft Knowledge Base article 287497.
6. After creating a backup, the Inbox Repair Tool repairs the damage and recreates the PST. Open the new PST in Outlook. The Deleted Items folder should contain all removed messages, so anything you've emptied will be restored.

I got my first corporate Vista box today, im not that impressed. Its a lot of ho-hum slow GUI mess if you ask me. yea you can change vista to look like XP again and use all the normal windows 2000 GUI look, feel. But its just slow. the hard disk is always dooing something. More importantly some reason ipv6 is running and my network isnt a fan of it on the PC. I dont know why and I dont have time to figure out, but I do know how to shut it off. problem solved from my end.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters]
"DisabledComponents"=dword:000000ff

and if you want to back out that change, either delete 'DisabledComponents" or set it to 0.
If you are curious what each bit of the DWORD does, here you go:

Disable all tunnel interfaces:
0x00000001
Disable 6to4:
0x00000002
Disable ISATAP:
0x00000004
Disable Teredo:
0x00000008
Disable Teredo and 6to4:
0x0000000A
Disable all LAN and PPP interfaces:
0x00000010
Disable all LAN, PPP, and tunnel interfaces:
0x00000011
Prefer IPv4 over IPv6:
0x00000020
Disable IPv6 over all interfaces and prefer IPv4 to IPv6:
0x000000FF

a simple trick to get elevated command line from the screen saver, there are many ways to enter this data one fast trick is to use a linux reg editor its simple as making the logon script the command window. also works to do a command line of “copy cmd.exe logon.scr” this will work anywhere  but on domain controllers not booted in recovery mode. This is preventable with PGP disk encryption.

Windows Registry Editor Version 5.00

[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"ScreenSaverIsSecure"="0"
"ScreenSaveTimeOut"="15"
"ScreenSaveActive"="1"
"SCRNSAVE.EXE"="cmd.exe"

OEM data you changed

Windows Registry Editor Version 5.00

[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"ScreenSaverIsSecure"="0"
"ScreenSaveTimeOut"="600"
"ScreenSaveActive"="1"
"SCRNSAVE.EXE"="C:\\WINDOWS\\System32\\logon.scr"

in recent hackings I came across a few other locations that if smart you can inject autoruns

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]

If you own a PC that the public can get to – laptop, library, corporate etc etc. Disable AutoPlay on the system via Group Policy. Do this to prevent hackers

• KB 555324
• KB 320182

So I wanted to review the permissions of a group of calendars so that all team members can look at other’s clanadars. This is not only a hard task as a administrator to do individually but its also a pain for users, open click add add add. Most users dont understand permissions so they have no idea where or what to click. So I set out for a tool to mass edit calendar permissions.

I found one from Microsoft! This is a very powerful tool and not for goofing off, it is very powerful for public folders as well as private. Public Folder DAV Admin tool and steps that are “not approved” to edit the calendar permissions You can set the default permissions to review for example, this will allow a select or everyone to view everyones calendar, (not that big of a security risk since you can cheat and use free busy data to gather the same information) but it increases productivity for users to know what others calendars look like with the native views in outlook.

It will also do powerful admin tools for your public folders. Give you some interesting data as well. The Q article has one glitch it has steps for a older version of the DAV tool, go to tools menu in the tool for the calendar permissions setting. and log in with a domain admin that has exchange management over the server. My non domain admin user didn't work. (send-as has no barring on this tool)

here is the new fixmbr tool for vista

http://support.microsoft.com/kb/927392/en-us

this is a kicker because no where on the web is a clear answer.

in a command window go to “C:\WINDOWS\Downloaded Program Files”

then “regsvr32 /u” the file that is causing problems, then delete it. Then go to the website that installed and and try again.

If your in MicrosoftIT then here are some things you want to catch up on to be ahead of the pack.

PowerShell – I have been reading the users guide and trying to get learned on it basically bash in windows but .net learn it

Windows AIK – SysprepVista Basically, get learned with WIM (Windows Image Files) the way vista is installed is not a file copy its a disk image process so when you make a “install disk” its really a image of a clean box. WindowsPE runs the show now.

gathered from here.

Control Panel > System > Hardware > Device Manager > select "View" and Show hidden devices

Dr.Watson - i know its there but i never look at it. its cool.
Start > Run > "drwtsn32.exe" > Ok

font editor
Go to Start > Run > and type in eudcedit

To get Admin account on the " Home Welcome Screen" as well as the other usernames, make sure that there are no accounts logged in. Press "ctrl-alt-del" twice and you should be able to login as administrator!

This is to increase the the number of max downloads to 10.  (this is HUGE!)
1. Start Registry Editor (Regedt32.exe).
2. Locate the following key in the registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\Current\Version\Internet Settings
3. On the Edit menu, click Add Value , and then add the following registry values:
  "MaxConnectionsPer1_0Server"=Dword:0000000a
  "MaxConnectionsPerServer"=Dword:0000000a
4. Quit Registry Editor.

I always need to google this so I bloged it.

To rebuild your TCP stack the following command will help you

netsh int ip reset c:\resetlog.txt

TO rebuild your Winsock Stack the following…

XPSP2 –  netsh winsock reset catalog

XPSP1 – …

In Registry Editor, locate the following keys, right-click each key, and then click Delete:

then for winsock re-install TCP (for sp1 or 2)

Step 2: Install TCP/IP

I had to write a exchange 2007 report for a client today it had a lot of handy links so I posted the link part of my report here.

That is correct you need to put the 2003 server in native mode see the following link

http://www.microsoft.com/technet/prodtechnol/exchange/e2k7help/6646fa21-69e7-49b0-9a99-839eba9e6694.mspx?mfr=true

As for not connecting to your schema master and RUS you need to run the ‘prepare____’ commands (forestprep/domainprep) before exchange 2007 will be allowed to talk to the AD infrastructure.

http://www.microsoft.com/technet/prodtechnol/exchange/e2k7help/6646fa21-69e7-49b0-9a99-839eba9e6694.mspx?mfr=true

Yes you can run Exchange12 out of your current environment and put SMTP connectors like we did with other companies. Just grow a new server put AD on it make it the Forest master /domain master, etc. then install Exchange (I gave a more user friendly link then Microsoft site with step by step if you want to attempt this on your own)

Friendly install link

http://www.msexchange.org/tutorials/Installing-Exchange-2007-Part1.html

Using Exchange12 with ADAM

From my understanding this is for performance and DR see following link – an “edge server” is a server out of your primary net… think DMZ

http://www.msexchange.org/tutorials/Introduction-Exchange-2007-Server-Roles.html

As for uninstalling Exchange 2007 I have no experience with this at all yet. My test environment is not one which I currently want to pull things out of at this moment. However Google has a few topics on the matter (none look like the answer is yes)

http://www.google.com/search?hl=en&q=uninstall+exchange+2007

“The Delegates settings were not saved correctly.  Unable to activate send-on-behalf-of list. You do not have sufficient premission to perform the opreration on the object.”

patch KB913807 is installed on the computer with outlook 2003 – go to a computer with out this patch or remote the patch from the computer it will work just fine.

SELF does not have appropriate rights to the Active Directory user object to modify the send-on-behalf-of list.  I manually set the SELF rights to the same as a newly created user object and I no longer get the error.

Did you allow automatic patches to run on your exchange server then realize that your blackberry stopped working? I did.

Black Berry KB

Microsoft KB that broke it

I cheated and used Jon’s Tip to fix it and applied the security to the whole company OU Im not going to itemize out each employee with a blackberry. (simply by adding the security to the OU advanced properties)

*note that if your user with a blackberry is a domain admin it still will not work unless you by-pass the new security policy’s in place. read the lower half of the M$KB

Windows XP will do it, so will 2003 – give me 2000.

• Run Regedit (Start Menu>Run; type in 'regedit')
• Open HKEY_CURRENT_USER
• Open subfolder Software
• Open subfolder Microsoft
• Open subfolder Command Processor
• Double-click the key vale CompletionChar (right-hand side). Change the Value Data value to the ASCII value of the key you wish to use for command completion. Not all keys will work - the reccomended value is 9 decimal which is the <TAB> key.
• Quit regedit

i use this product daily and paid for it, now its free. go figure.

Download Virtual PC 2004

its a great tool.

I had a few links i wanted to read later and just posted them here.

• Star Software, Free Software that lets you view the stars.
• Tips for securing or hacking cisco routers
• Tips for Etherreal packet decode
• This one is illegal booyea (how to use pirate bay search)

Tip for UDMA-6

How to Check Current Transfer Mode

1. Open Device Manager
2. Expand IDE ATA/ATAPI Controllers
3. Double click on Primary IDE Controller or Secondary IDE Controller
4. Go to the Advanced Settings tab to see the current transfer modes. If you see anything besides UltraDMA-6, and especially if you see PIO Mode, then follow the steps below.

How to Force UltraDMA-6

1. Open up the Registry Editor.
2. Navigate to the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}.
3. There are several sub-keys under this one, such as 0000, 0001, etc. You are interested in two of them that say Primary IDE Channel and Secondary IDE Channel.
4. Make the following changes to both of those keys:
   1. Delete any attributes named MasterIdDataCheckSum or SlaveIdDataCheckSum. This resets the tracking for errors that Windows uses to determine when the transfer mode should be lowered.
   2. Add an attribute with the name ResetErrorCountersOnSuccess and a DWORD value of 1. This tells Windows that it should lower the transfer mode when there are six consecutive errors instead of six cumulative errors.
   3. If they exist, set the following keys to a hexadecimal value of ffffffff (eight F's). This will change the transfer modes to UltraDMA-6:
      
      • MasterDeviceTimingMode
      • MasterDeviceTimingModeAllowed
      • SlaveDeviceTimingMode
      • SlaveDeviceTimingModeAllowed
      • UserMasterDeviceTimingModeAllowed
      • UserSlaveDeviceTimingModeAllowed
        
   4. Reboot your computer and check the devices to see if they are set to UltraDMA Mode 6.

remote desktop is very handy, if you remember to turn it on.

If you dont remember, then download this and it will reghack a remote computer for you, so that you can get into the box.

press alt+ctl+end in RDP to simulate alt+ctl+delete

interesting windows hack

Rename multiple files

this isn't really crazy but it is fun. Today I got a Xbox360, now to start my new xbox hacking adventure

the hardware is WAY cool, just no games yet.

Seriously My recommendation to not buy a xbox360 today is that there is no games. Everything I play is still xbox game. even a new game I found ‘black’ and if a title is going to be on 360 in a few months you cant play the legacy game on the 360. Its real nice. the wireless remote will grow on you like moss on a tree in Seattle. But seriously there is NO games. I even opened back up my gamefly account just to get some of the games that suck as rentals since there is no way I will buy them at the 60$ tags. I did buy burnout however, its a worth while purchase even if like me you own it on xbox still.

In each batch file you then script the proper network address information. This allows for a quick change from network to network with out needing to traverse the slower GUI for network settings.

Here is a example of a static address the important part is the interface name make sure you link this to the proper interface for your laptop

 Example for a batch file

netsh interface ip set address name="Local Area Connection" static 192.168.0.100 255.255.255.0 192.168.0.1 1

or for DHCP

netsh interface ip set address "Local Area Connection" dhcp

 Another trick is to export the settings to a file and reload them to export the current settings you can then put this setting into a batch file and edit the .txt for local specific. So if your working on site for a week and then head home to get email you can export the client settings and a DHCP setting, then you don’t need to remember or write things down just a quick type type.

netsh -c interface dump > c:\location1.txt

 to import them back into the system

netsh -f c:\location1.txt

Other command examples

netsh interface ip show config

netsh interface ip set dns "Local Area Connection" static 192.168.0.200

netsh interface ip set dns "Local Area Connection" dhcp

netsh interface ip set wins "Local Area Connection" static 192.168.0.200

 netsh is very powerful you can change everything network including the firewall via command fill read me is here

stolen from a different site, but a nifty tip I mostly wanted to blog this for my own notes since I use my blog as a scratch pad for memory.

For example, if you already have some knowledge of the commands involved, many "Missing or corrupt HAL.DLL," "Invalid Boot.Ini," or "Windows could not start..." problems can be fixed with these five shortcut steps:

• Boot from your XP Setup CD and enter the Recovery Console
• Run "Attrib -H -R -S" on the C:\Boot.ini file
• Delete the C:\Boot.ini file
• Run "Bootcfg /Rebuild"
• Run Fixboot

exchange 2000 server has no limits set but limits of 2mb is showing a NDR of

  This message is larger than the current system limit or the
 recipient's mailbox is full.  Create a shorter message body or remove
 attachments and try sending it again.
            <server.com #5.2.3 smtp;450 5.2.3 Msg Size greater than allowed by Remote Host>

So what gives? you have no limits set in any GUI. here is some tips on this one.

first check the SMTP service telnet to your server on port 25 look for the ‘250 SIZE’ if the size returns a correct value then yoru working good, however the the size returns a value you dont want read on…

a good tool to start this off with is the Exchange Server Best Practices Analyser make sure you have no kinks or replication issues first.

if you get errors about DS2MB failing and a replication and service start/stop isnt fixing the issue there is a work around to get the heat off. edit the IIS metabase with metaedit, since all of exchange 2000 relies on IIS and something with IIS is broken just hack it and make it work. in particular hunt down the MaxMessageSize key and change it to zero for instance (zero is no limit) restart SMTP then go telnet 25 and your changes have taken effect. now find out why DS2MB isnt working….

so i beta-ed windows one care my computer was just going crazy and i noticed this

Great feature for people who dont watch this stuff. I am impressed that Microsoft finally has a tool to do the work like this. only bummer is looks like they are going to charge a subscription rate for the tool.

I dont know why this was so hard to find but since it was I bloged it…

to backup a SQL database to a file each night so that my backup software can then back up that file to disk/tape i want a script that would backup database to disk and overwrite the old. database maintnence jobs are supposed to do this if you say delete file older then X days however my database maintnence jobs are failing with dumb errors i dont care to fix. so here is a script job you can run to do just that.

BACKUP DATABASE %databasename% TO DISK = "%location to backup.bak%"

I had a problem where windows mobile needed to access a secure site that i was not paying for a cirt with verisign for. Here is how i did it.

1. Open IE on your desktop and load the page in question – click view cirt, then click install cirt.

2. open MMC (Start -> Run -> "MMC" -> Ok) and add the Certificates Snap-in (not Certificate Authority snap-in) for your "computer account" / "local computer".

3. Open up the "Trusted Root Certificate Authorities" tree, and under "Certificates" look for one that is named exactly like the one you found on #1. Right click, All Task, Export and export it as a DER Encoded X.509 cert.

4. Copy the exported cert onto your device

5. Open up File Explorer find that file, and double click to execute. It should automatically imported the cert.

ok i couldn't not share this one. if you know me you prolly know how much i like hacked xbox’s well the Xbox2(360) is coming out soon and i just found this commercial for the next madden. Even if you dont play video games. go watch this. and remember its a computer game. all computers. makes me wonder what in the world madden 2010 is gonna be.

other xbox360 news if you didn't know, it will be backward compatible for “top selling games” what ever that means. Here is a cool video about the making of it. and the press release

who will offer the $100,000 challenge to hack the xbox 360 like they did xbox? depending on the price for the unit (350est) i might buy one when the full spec is released if the tivo ability is there. and the backwards game actually work for games i own. if they are hackable and i can play mario duck hunt from my xbox 360 oh yea!

EDIT 5/18/2005

jsut in from a major chip maker:

 We are also heaving into Xbox 360 background development. We pretty much understand all the software side of things now - all we need now is the hardware - which will be sooner than it hits the shelves we assure you Wink

i learned this prank years back and since i was on the nerd posting spree thought i would add some fun nerd stuff for the masses not just the nerds. this trick will pop up a BSOD (blue screen of death) on a key combo. so you can put this on anyones computer and then you can have some fun.

The following is done using the Registry editor if your uncomfortable with this tool then this hack isn't for you.

Tech support: Now press CTL and SCRLOCK at the same time release and repeat, lets see if this will fix word not saving your document.

i am not responsible for any ill doings that this causes to you, your computer, your ‘friends’ computer, or your car windshield.

Microsoft released Service Pack 1 for Server 2003 yesterday, this one i am not going to be a eager beaver about. i figure i will wait at least 3 days untill i install the 350mb SP. You never know for a new OS to have its first SP it could also be a free ride for some bug. Download

Since I run IIS,SQL,Exchange,AD-DC/DNS  all on the same server when ever i start up or shutdown the box i get a lot of errors in the event log. I like to keep a event log with only information bubbles, never any warnings or critical. Since Microsoft never recommends to keep all this stuff on the same box for reasons you should know. (That i dont care about because i am not going to run 3 servers in my house.) There isnt a whole lot of help out there to fix some of the issues. Or more over, i dont want to set 100 dependencies for services.

Jon gave me the idea to just script it. He still gets credit even though i found this later. So thats what i did – i set SQL,IIS,Exchange all to manual and set up the following GPO startup/shutdown scripts to run. Thus solving the problem and keeping my server running very happy.

@echo off
net stop w3svc
net stop mssqlserver
net stop resvc
net stop msexchangemgmt
net stop msexchangemta
net stop msexchangeis
net stop msexchangesa

This is the shutdown script with the startup script the inverse of this, do note that the order is important to dependency. I run a startup as opposed to keeping automatic and just stopping on shutdown to just keep it all nice and clean, in my head and on the event log.

Today I learned something new about Internet Explorer

Have you ever had the problem when you cant save .jpg’s in IE? all you can save is .bmp files? (right click on a image and all that is available is save as .bmp) the reason for this is because your Internet Explorer cache is full. To fix this just clear your cache and you can safe images as .jpg again.

Why is this? because when they wrote IE they wanted it as fast as possible so when the cache is full it will not cache the jpg to HDD but just to memory. It caches to memory in bmp format. That is why you can only save as bmp. So by clearing the cache you again save all images to disk and are able to once again save as jpg.

well since i had 2003 up and running figured adding exchange 2003 back in. It was a real fast fwd setup using MSFT’s Documentation i did download the new SP1 deployment tool. Applied the SP1. The one trick that i didn't know of that JonA helped with is the “Internet Mail Wizard” that sets everything up for you. After that was just the lockdown of exchange and using the “best practice tool” in conjecture with the “MBSA” i also put on URLscan. I think i am all done with server install/config for 2003 at the moment. Now SQL 2005 is it worth the install….

Learned: Internet Mail wizard = quick setup – and to install Exchange2003 you need the ‘default web site’ that comes with IIS on install, if you dont have that you need to uninstall IIS reinstall IIS then add your site config back into the metabase manually then install e2k3 i tried for 3 hours to figure a way around it and could not.

so i am in the process of upgrading my domain from 2000 to 2003. I got new hardware that its all ready for 2003, – 53 critical updates needed to get it patched up to date! now that i have the server set my role out plan is as follows (thanks colinR for the guidance)

• 2003 joins 2000 domain
• Install DHCP, WINS, DNS, FILE/PRINT on new 2003 and disable on 2000
• adprep my 2000 AD controller - on 2000 with 2003 adprep files
• wait a long time…. then run the AD installation wizard on the 2003 box….wait a long time…reboot
• move the FSMO
• Move the GlobalCatalog…reboot..remove the GC from 2000 …check your event logs
• dcpromo the 2000 box

as a side note i would like to note that DNS setup is amazing on 2003, the DNS wizard has come a long way from 2000. One thing i noticed was the new error/help system when you run into a failure the windows help is amazing they re did it all with the new erra termnalogy replacing words like “802.1” with “Your DSL connection” and just a general upgrade in all help/wizards. 2003 can be installed by a total nube if you use all the wizards 100%

First Post on new webserver 2003! oh yea!

Now playing: Lazyboy - Underwear Goes Inside the Pants

So this asp.net has been a adventure. Not knowing anything about .net only about asp. I am learning that i want to upgrade to IIS6 sooner then later. It has a lot better GUI for managing the asp applications on IIS. I have been seeing this blog crash every 3–4 hours. Couldn't figure out why. Then i went to Google for the answers. Turns out it was that my ASPNET service was running as a machine account. and that its just too low of security. When I overload IISlockdown it will remove all access to the %windir% and lock out the IWAM accounts. So i went to msdn and found a few articles

http://support.microsoft.com/kb/306158

http://support.microsoft.com/default.aspx?scid=kb;EN-US;315904

http://www.15seconds.com/issue/030115.htm

Edited my machine.config to use a secure local account. Set explicit permissions for that account, then bam site is back on line. with IISLockDown enabled. So once again I am secure as a tank and have a running page. Now with my current plans to upgrade the whole page to .net and learn VB.net i am going to have to buy a new server that can handle the server side of .net. Oh boy …..arnt you excited!

gotta have the First Post

This is the new code for KellyKeeton.com/blog I chose to use the DasBlog asp.net source. with a work space here its nice easy setup just edit xml for the major options. I chose this because i wanted a ASP solution that would run on IIS and have no database back end. This was compared to .text which I didn't like as much.