Search This Blog

Saturday, 20 October 2012

Find positives where you can

I noted with interest the latest mistake in PR made by the Tories, the papers are full of George Osbourne and his lack of a 1st class ticket on the train.  His aides tried to argue on a busy train that he could not sit in standard class due to his position and they refused to move class, this naturally caused a fuss and everyone noticed what was going on.

Why did his aides not see the opportunity here to turn this on its head and make George look like a peoples man?  They should have said we made a mistake and took everyone to standard class and George could have spoken to passengers and explained that if he forgot to buy the right ticket he would move to Standard class just like everyone else does.

This simple action would have been a PR positive and all those on the train who tweeted would have tweeted what a good chap he was for moving.

This sums up for me that we should always try to find a positive where we can, in IT things go wrong.  They just do.  Period.

So it is up to us to make the best of them, the old adage is that it is not that something went wrong, it is what you do about it when it does go wrong and how you react.

We have problems, sometimes we cause them.  We apologise and move on.  This gains respect and trust, to say sorry when you are wrong. Don't let people tell you to cover up or you risk losing your reputation and as George Osbourne has seen, word spreads fast these days.

Friday, 19 October 2012

Cisco ASA - Real Time Loggin not displaying all traffic

I had a problem where I needed to use the ASA real time logging but when I came to do so I could not see any traffic other than the PAT traffic, the NAT traffic was not being logged. This article is built thanks to the help I received from Journi Forss at Cisco Support.

Real Time Logging


Here you can see the real time logging is only showing the PAT traffic, I cannot see the correct ports that are actually being translated, I am only seeing the PAT ports that are in use.

Dynamic Translation


Here you can see that I am only seeing the dynamic translations, these are the PAT traffic.

Check Logging on the ASA


The next step was to check what logging was configured on the ASA, so I issued the show run logging command and in the output I can see that several syslog ID are disabled. The range from 30214 to 20218, this is the range for logging NAT traffic is the reason why I cannot see the information I needed.

Enable SysLog ID


The next step was to enable the syslog ID for logging again, so I issues the command logging message 30215 and did this each time for each syslog ID I required.

Correct Logging


Now when I used the real time logging I can see the correct NAT traffic and see the ports in use so I can perform the debugging I needed.

Tuesday, 16 October 2012

In it together. Or are we?

I noted this news story today about Star Bucks and UK tax.  It appears that Star Bucks have avoided paying any significant Corporation Tax since 1998 and that other big companies like Facebook, Google and Amazon have done the same.  They operate in the UK and make huge profits and then take the money out of the country and pay no tax.  Imagine if you suggested that to the US Immigration Service as you applied to work in the US?

How does this happen?  Well these companies employ hundreds of lawyers to find the loopholes in the law, I am sure each business has not broken one law this is hardly ethical is it?  I mean I run a business and I pay tax, to be honest with you I pay a lot of tax but hang on I create employment too and I am part of the UK GDP.  The business generates profit, we pay National Insurance, we pay Corporation Tax and I pay Income Tax.  I contribute.

I figure the government knows about this, its been going on for long enough so its not a party political issue, red or blue they both turn a blind eye.  Still why not look at which MPs are Directors or Shareholders on which Boards?  I am sure that a few of the Multi Nationals that avoid tax will have these MPs on their Boards and non Exec Directors.

So are we going to allow this to continue?

Well I am no Socialist Worker, I am part of the Capitalist system and that's OK with me but I do feel you should do your part and pay your tax.  I am not against benefits and the social state, it helps people when they need.  If you think it is a waste, go see what J K Rowling went through.

But should we show these companies that take from our country and give little back?  Yes.  Vote with your feet.  I can certainly avoid Star Bucks but Amazon and Google, damn I like the first ones products and the second..... well you try to use the Internet and not benefit Google!

Look just don't forget, these companies have one goal.  Profit.  Make the green.  Forget the marketing hype, like MacDonald's and their green hay making, look at us teaching kids bullshit.  Just sell burgers will you?

As Chuck D once said. Don't believe the hype.

Sunday, 14 October 2012

Why should we share with our peers?

I have just returned from the GFI MAX Conference or the #MAXCC if you follow on Twitter.  This was the the EU conference held at Twickenham, information about the why and what is here.

Most conferences are a collection of people with a common interest who share their passion for a product or service, you expect to hear speakers and see vendors who have products to market.

The GFI Conference is certainly a collection of those who love the GFI Max products, a mix of those on an invite, those who paid to attend  and the one lucky winner of the comp room with free bar!

I will bet we have all wanted to go to a conference to find the usual responses of "it's just a jolly or "not in work time you don't".  A lot of managers can only see the direct costs, the ticket price and the time not spent earning money in the office.  All this so you can spend days with our competitors?  Are you mad?

Well I say you are mad if you do not go.  We all know who are main competitor is, it is ourselves.  Who wins business for you?  You do.  Whose fault was it that you lost a customer?  You again.

Forget what the so called competition are doing, let them worry about that.  Worry about what you are doing.  There is enough business to go around.

I spend Wed-Fri last week talking to my peers, all of us in the SMB and SME market place for IT Support and Managed Services, I gave an Q&A on how to retain customers and grow your business.  That's right I gave what we do away and we do it well I can assure you.

What I gained from last week cannot be measured, tips on applications, recommendations for new services, ideas for marketing, how to improve my management and sales.  Not to mention just kicking back with some great people and getting to see that its not just me that has a bad day!

People get out there and share.  We are all in this together.

Monday, 8 October 2012

CSCM Managed Online Backup - Recovery to a Virtual Server

How to recover a Shadow Protect Backup to a Virtual Machine.

Backup Image File


The first step is to use a computer that has Shadow Protect installed, this means you have plug in to boot from an SPI file. Locate the SPI file you want to recover from, in this example I have chose a backup file from 8th October at 15:36.

Virtual Boot


Right click on the Backup Image file and choose the option to VirtualBoot

VirtualBoot Wizard


The VirtualBoot wizard will now start.

Confirm Backup Images


Shadow Protect will not verify the images files that are in this backup chain. In this instance I can see the two disks I expect in this server.



The wizard will now ask what the operating system is of the computer to be restored, select the Operating System version. Note the Network Adapter high lighted with the arrow, this will configure the Virtual Machine in a Bridged Configuration so it will find an IP address from DHCP in the subnet of the host machine we are restoring from. NB always use the Isolated Network Adapter if you are performing a test recovery so you do not connect a test machine to a production environment.



Confirm your settings and begin the restore.

Hardware Independent Restore


Shadow Protect will now perform a Hardware Independent Restore of the server, this will automatically configure the drivers for the hard disk and other storage drivers so that the computer boots within a Virtual Environment.

First Boot


The server will now boot for the first time and you will be warned about capturing the mouse and keyboard in the VirtualBoot environment.

Server Boots


Because the Server was backed up while it was running Windows recognises that it has started from a restore and displays the Windows did not shut down successfully message. This is normal behaviour.

Server Continues to Boot


The Server continues to boot.

Server Recovered


The server is recovered and you can login by choosing Machine, then Press Ctrl Alt Del.

Server is back online


The server is now back onine as a Virtual Machine, this server can now be tested that all applications are running and any changes to IP address made if the server had a static IP address previously. This Virtual Machine will continue to backup to the Managed Online NAS and can be used as a live producton server until the original server is repaired.

Thursday, 4 October 2012

XenApp - How to create a custom Windows Start Menu

When using a XenApp Server you will often want to display a custom start menu to your users rather than the default start menu with very application installed. Here is how you can do this.

Default Start Menu


Here is the default start menu, this contains several applications I do not want my users to access such as Shadow Protect Backup and VmWare Tools.

Group Policy


The first step is to create a Group Policy for the Xen App Server for your users, I will not cover how to do this but you can find plenty of information on this topic on Google. We will use this setting to hide the Start Menu Common Program Groups from the Start Menu. This will hide the Program Groups from the Start Menu and leave only the Accessories and Windows Explorer items.

Group Policy Preferences


The next step is to use the Group Policy Preferences to configure custom shortcuts for each application you want to display. Right click on the Shortcuts option and choose New.

New Shortcut


Now you can create a new shortcut, in the Location field choose Programs and then from Target Path enter the full path to the application EXE. In this case I have used Winword.exe for Microsoft Word.



We need to display the right icon for the application, in the Icon File Path section choose the browse button and then Browse.

Find Application


You can now browse to the application in question and choose the EXE so you can assign the icon. I find that this process is best completed on a test Xen App Server with all the applications you want installed but also has the Group Policy Management MMC. If you use a computer without the applications installed you cannot add the right icon for the applications.



You can now select the correct icon for the application.

Shortcut Name


You can now name your Shortcut as you want it to appear to the users.

Deliver Shortcuts to Specific Users


The clever part comes now, you can choose to deliver this shortcut to one or a group of users. So you can have one group have one application and another not have the shortcut. Select the Item Level Targetting box and choose the Targetting button.



From the menu choose New Item and then from the list of objects we want to filter by Security Group

Select Group


In the Active Directory window, choose the Security Group or User you want to filter on.

Confirm Group


You can now see I have selected a Security Group. OK all the settings and this is now complete.

Multiple Shortcuts


Now you can create multiple shortcuts with different targetting rules applied.

Custom Start Menu


Now I have my custom Start Menu and only the applications I want to present are available to my users.

Wednesday, 3 October 2012

How to automatically logon Windows 7 or Windows 2008 R2

If like us you have applications that can only run as a logged on user, you often need to get your Windows 2008 R2 Server logged on automatically.  Well OK its not secure but what can you do when the application doesn't work as a service!  So here is how you do it.

Here's how to get the missing checkbox back and configure Autologon:
  • Open a CMD prompt and enter the following (all on one line):
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d "1" /f
  • Click StartRun and enter control userpasswords2
  • Clear the checkbox for Users must enter a user name and password to use this computer and click OK
  • Enter the user name and password that will be used for Autologon and click OK

This handy tip was brought to us by EXPTA Blog and we are ever grateful!

Tuesday, 2 October 2012

Outlook 2007 - Microsoft Exchange is Unavailable or Information Store Default Folders cannot be opened with Hosted Exchange

This error is displayed when you have connected an Outlook 2007 client via Autodiscover to a Hosted Exchange Server but when you open Outlook 2007 either or both of the errors are displayed. The problem is caused by running Outlook 2007 in compatability mode.

Outlook in non cached mode


You see this error when Outlook is in non cached mode.

Outlook in cached mode


You see this error when Outlook is in cached mode.



Browse to the location c:\program files\Microsoft Office\office12 and find the Outlook.exe file, right click and choose properties.

Compatability Mode


The problem is being caused because Outlook is running in Compatability mode for Windows XP SP3. This setting needs to be deselected.

Outlook now connects


Now when you open Outlook it will connect normally.

Monday, 1 October 2012

NTP Time Servers

If you want to use an NTP Server for your Cisco for example, you can find a great list here.

Using Hosted Exchange with Small Business Server 2008

If you use a Hosted Exchange Service and you have Small Business Server 2008 you may find problems with autodiscover and automatically setting up Outlook to discover your Hosted Provider

The problem with Autodiscover

When you move to a Hosted Exchange Provider you will often have autodiscover configured so that you can automatically allow Outlook 2007 and Outlook 2010 to configure themselves for your email. If you have an SBS 2008 network you will find this does not work when you in the office because your SBS 2008 Server is configured to use autodiscover to itself and not to use the configuration from your Hosted Provider. So you have to change this, open the tool for Active Directory Sites and Services and then from the View Menu choose Show Services Node.
Next browse to the location shown, Services\Microsoft Exchange\First Organization\Exchange Administratove Group (FYDIBOHF23SPDLT)\Servers\YOURSERVER\Procotols\YOURSERVER
Right click on the server name and choose properties.

Update attribute

Select the Attribute tab and then find the serviceBindingInformation attribute, this shows the Autodiscover URL. You can now update this to reflect the Autodiscover URL for your hosted provider. Now when an internal Outlook performs autodiscovery it will lookup the correct service.