SkyByte Consulting

SkyByte Consulting has recommended Symantec Endpoint Protection and its managing capabilities to it's clients for a variety of reasons.  From the ease of deploying clients to end users and the ability to manage them all from one console makes Symantec Endpoint Protection a great Antivirus and Antimalware solution.  The Symantec Endpoint Protection Manager (SEPM) downloads definition updates from Live Update on a regular basis and then deploys the updates to each endpoint client connected to your network infrastructure.  Symantec releases several revisions throughout the day, so by only having to download one copy of the definitions to the SEPM rather than each individual client, you save bandwidth for other needs.

Recently I discovered a SEPM that had stopped receiving updates.  Rebooting the server had not helped and manually running LiveUpdate inside the SEPM would reply with "Error: LiveUpdate encountered one or more errors. Return code = 4".  According to Symantec, this could be a variety of reasons from network firewall security, IE's Enhanced Security, or a proxy.  I knew this was not the case and I was able to resolve this by following these steps:

1.  Stop the SEPM and SEP Embedded Database in Services.
2.  Uninstall Live Update from Programs and Features or Add/Remove programs
3.  Install Live Update from the SEP setup CD
4.  Open a command window, then browse to:
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\bin
Type lucatalog -update and press Enter.
5. Start the SEP Embedded Database service and then the SEPM service
6. Login into the SEPM and retry downloading updates from Live Update.

1. In outlook 2010, click on your calendar.
   
2. From the Home tab, Select Calendar Groups.
   
3. In the drop-down list, click one of the following-
   
   
   1. To create a new group calendar, click Create New Group Calendar, and continue to step 4.
      
   2. If you have multiple Calendars open ( For example: You are viewing other peoples calendars along with your own), you can save the the calendars in the current view as a new calendar group in the navigation pane by clicking Save as New Calendar Group.
      
   3. To display team calendars in the navigation pane, click Show Team Calendars. Team calendars contain calendars for your manager, direct reports, and peers as determined from information in Active Directory.
      
4. In the Create New Calendar Group dialog box, type the name for the grouping, and click OK.
   
5. In the Select Name: Global Address List dialog box, find the individuals or resources you wish to add to the grouping. Click the Group Members -> button to add them (or double click their name). You can add multiple people or rooms by finding another person and clicking the button again.
   
   If you have a server-side distribution list (For example - a mail-enabled group, not a LISTSERV list or a personal distribution list), you may find that group and add it.
   
6. When you are done adding the people and rooms click OK and the calendar group is saved in your navigation pane. In it, you can see each of members or resources availability. If the individual or resource room doesn't allow people or a specific set of people to view the free/busy information, you will not see any details listed.
   
7. To add more people or resources, right-click on the calendar group in the navigation pane and click Add Calendar. Choose one of the following methods  to add the calendar-
   
   
   1. From Address Book
   2. From Room List
   3. From Internet
   4. Open Shared Calendar
      
8. To delete a calendar group, right-click the calendar group in the navigation pane and select Delete Group.

SkyByte Consulting is a premier provider of Virtualization solutions and technologies.


Recently SkyByte won an RFP for a major suburban park district near Chicago. SkyByte successfully beat out four other Chicago IT firms with our design and project pricing. The park district had approximately thirty aging physical servers well beyond their effective service life. Their server room consisted of two 42U racks full of old server equipment. SkyByte proposed a four server VMware vSphere Cluster connected to a NetApp 2040 SAN. Cisco switches were chosen and NFS was utilized for the storage area network. SkyByte architected a secure DMZ along with multiple production internal networks. The project had the added benefit of centralizing all of the organizations data within the new NetApp SAN. This further improved the organizations disaster recovery options.

SkyByte installed the new VMware vSphere cluster and virtualized all the old servers from P to V. The virtualization candidates were Microsoft Exchange, four Microsoft SQL database servers, file and print servers, application servers and many F5 load balanced web servers.  Upon completion of the project all old server equipment was removed, and a complete 42U rack was removed from the room. 84U U’s of space were reduced to 15U’s. Power and cooling requirements for the data room were reduced by more then 50%. The park district gained fault tolerance, and high availability; the system is designed to continue business operations with a two host failure. The organization also gained much more flexibility within their system to meet the public's needs. Other benefits have been much better performance logging and reporting. The organization has acknowledged system performance was dramatically improved across all servers.

SkyByte has been working with Virtualization technologies since 2003. Over the last several years we have focused our infrastructure practice on server virtualization and server consolidation through the use of VMware vSphere Clusters and standalone ESX and ESXi hosts. He have aligned ourselves with NetApp and EMC for storage solutions. SkyByte has found VMware’s virtualization product suite to be vastly superior to the competing server Virtualization software such as Hyper-V and Citrix XenServer. Specifically the levels of refinement, flexibility, reliability and support are much better with the VMware products.

Contact us today for a free evaluation of what Virtualization can do for your organization. 847.574.6256 or info@skybyte.com

Yesterday I was setting up Backup Exec 2010 R3 as part of disaster recovery solutions initiative for a client. Installing the media server was the easy part, but installing the remote agent on one of the servers proved to much more of a pain. Using the utility built into Backup Exec, I deployed the agent to the server. I then logged into the server to verify that the agent had indeed installed. I noticed a red "X" on the tray icon, so I investigated. Upon looking into the error it said that the service did not start so I opened the services MMC and tried to start it manually. The service started then stopped immediately with the error -

"The Backup Exec Remote Agent for Windows Systems service on Local Computer started and then stopped. Some services stop automatically if they have no work to do for example, the Performance Logs and Alerts service."

I also looked in the event logs and found an error with the event ID: 58117 - The application failed to listen on the NDMP TCP/IP port. Check the network configuration.

After digging around on the Internet I found a support document from Symantec that explained the issue. Backup Exec's remote agent requires port 10000 to operate. For those of you who may not know port 10000 is a very commonly used port. Because the administration site for the software running on this particular server was also running on port 10000 the service was failing to start and I was receiving that vague error message (Thanks Symantec!).

1. Confirm that there is another application using port 10000 by first opening a command prompt: Goto Start -> Run -> Type "CMD" and press Enter
2. At the command prompt type:
   NETSTAT -abno
   Then press ENTER
    
   This will give a list of all ports that are in use on the system along with the name of the process that is utilizing the port.  The ports are listed in the format of IP

1.  Edit the SERVICES file located in C:\WINDOWS\system32\drivers\etc\ using  Notepad
2.  Add an entry that reads like the following example (12000 is just an example port.  Pick any available port that did not show as in use in the NETSTAT results):
   ndmp          12000/tcp
    
   At the end of the line press ENTER so that the cursor goes down to the next blank line.  If the ENTER key is not pressed at the end of the NDMP line, the change will not take effect.
3. After making the change, save the file and restart the Backup Exec Remote Agent for Windows Servers service.

1. First and most importantly! - Create an admin account on your computer and change your everyday user to a standard account. If you do get infected, the virus will not have admin rights to your machine! It won't be able to install anything or modify any critical systems in your machine. This tip is the most critical by far!
2. Uninstall Adobe Flash Player. I know your probably saying "Why would I do that? I can't watch Youtube or play Farmville on Facebook!!" Well what you may not know is that Adobe flash has more holes than a piece of Swiss cheese and no matter how many updates the put out for it, you just can't fix bad code/programming.
3. Install an Anti virus client! They can be found for free and there is no excuse for not having one.. Microsoft offers Security Essentials (Microsoft Security Essentials)
4. Download an Anti Mal-ware program like Malwarebytes - This is by far one of the best tools for keeping you computer clean and spy ware/malware free. (Malwarebytes)
5. Don't just click because you can.... Just because it's on Facebook doesn't mean it's safe. No one is really going to sell you Viagra for 25 cents a pill, so stop clicking on the links. This type of attack is called click jacking and it's one of the most common ways PC's get infected!
6. If it sounds to good to be true.. It probably is. Like watching "The Big Bang Theory" episodes for free a week before they come out. Do not install anything on your machine that's not from a reputable source. This includes Active X controls and "plug-ins".
7.  Update your computer the Windows Updates and also keep your browser/s (Chrome, Firefox, Opera, Internet Explorer) up to date. Windows, Linux, or even Mac OS X all get updated regularly to plug holes in security that the programming and support teams find.
8. Spam isn't just for eating. Spam is something in the corporate world that plagues many companies and users. If some prince in Nigeria says he has 5 million dollars for you, that should be your best clue that the email is bad news. Who it's from- Emails from sdc2@#dd@misseddeliveries.dhl.com is not a real email address. Before I forget if you get an email from a friend with a link or a file with a .exe at the end, delete it and call the person to inform them that their E-mail has been hijacked or they are now a spam bot. 
9. Don't turn off you're Windows Firewall unless you know what your doing. I know it can get in the way of your Torrent downloads which 99% of the time are illegal anyway and filled with Viruses and Malware... Your firewall is the first line of defense in a PC so learn to use exceptions and that can be learned from some simple googling...
10. Common sense is key. If you think before you click you won't have to spend $50 to $200+ getting you PC cleaned off or wiped and reloaded. Also don't get mad at the computer repair person because you have to shell out the money. He didn't infect the computer, but he might be able to help you prevent it from happening again.

I recently installed a CAD viewer as a published application in a Citrix Xenapp installation.  The Xenapp environment is running Windows Server 2008 R2 across all servers in the farm.  The goal was to be able to open .DWG files in this application by double clicking on any .DWG file.   Unfortunately this specific CAD viewer application did not associate itself to any file extensions in the system's registry  Instead, double clicking the file opens the window asking you how you would like to open the file, which would have been a problem.

There are a few ways you can associate a file in Windows Server 2008 R2.  You can choose manually select the program to open and select always open this type of file with this program, or you can associate the file type under default programs in the Control Panel.  Since we are using roaming profiles, these user settings are immediately lost upon log off.  Attempting to associate the file under the administrator account will not apply to all users either.

Furthermore, under the Citrix console you can associate files for published applications within the Content Redirection properties in the published application.  This useful feature applies specific file types to always open with the published application.  The only downside to this is Citrix searches the registry of your Xenapp servers to determine what file extensions can be associated.  The resolution is to manually associate the file type using the assoc and ftype commands on the Xenapp server.

• Per User -
  • HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains
• The Whole Machine (Globally)
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains

If you are working on specific users needs than you will want to edit the HKCU(HKEY_CURRENT_USER), but if you need the same sites or domains trusted then use the HKLM(HKEY_LOCAL_MACHINE). Below I will give two different approaches to making this an easy add for your users or for you as the admin.

The first way is using the following Visual Basic script:

Option Explicit

Dim DomainArray(5), strComputer, strHTTP, strHTTPS
Dim dwordZone, regPath, objReg, counter, subkeyPath
Dim subkeyValue
Const HKEY_LOCAL_MACHINE = &H80000002

DomainArray(0) = "trusteddomain0.com"
DomainArray(1) = "trusteddomain1.com"
DomainArray(2) = "trusteddomain2.com"
DomainArray(3) = "trusteddomain3.com"
DomainArray(4) = "trusteddomain4.com"

strComputer = "."
strHTTP = "http"
strHTTPS = "https"
dwordZone = "2"
regPath = "SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings" &_
        "\ZoneMap\EscDomains\"
Set objReg = GetObject("winmgmts:{impersonationLevel = impersonate}!\\" & _
        strComputer & "\root\default:StdRegProv")

For counter = 0 to 4
        subkeyPath = regPath & DomainArray(counter)
        objReg.CreateKey HKEY_LOCAL_MACHINE,subkeyPath
        objReg.SetDWORDValue HKEY_LOCAL_MACHINE,subkeyPath,strHTTP,dwordZone
        objReg.SetDWORDValue HKEY_LOCAL_MACHINE,subkeyPath,strHTTPS,dwordZone
Next

The above script when executed will insert 'trusted domain0.com', 'trusteddomain1.com' and etc to Internet Explorers trusted sites zone when run on any machine. To run this script the user running it will need to be a local admin on the machine or any user that has access to write to the HKEY_LOCAL_MACHINE registry hive and any other changes that are global to the machine.

The next way involves creating a "Registry Entries" (.reg) file:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\trusteddomain0.com]
"http"=dword:00000002
"https"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\trusteddomain1.com]
"http"=dword:00000002
"https"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\trusteddomain2.com]
"http"=dword:00000002
"https"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\trusteddomain3.com]
"http"=dword:00000002
"https"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\trusteddomain4.com]
"http"=dword:00000002
"https"=dword:00000002

Just like the previous script, this must also be run by a user with administrator privileges and any changes will be global on all users of the machine. You can customize this code to fit your needs. Please also make sure before deploying these that the changes will not violate your network security policy.

SkyByte Consulting  provides support for many clients from small to large and everywhere in between. In the case of Microsoft SharePoint, Dynamics, and other MS enterprise products you can deploy Microsofts Threat Management Gateway (TMG) or Unified Access Gateway (UAG) which can perform reverse proxy to the sites. I hope this post will help a few admins out there with authentication annoyances and prevent un-needed service tickets.

All information presented on this blog is for informational purposes only and is provided on an as-is basis.

• The URL for accessing Gmail (mail.google.com) is blocked by many organizations because they don't want personnel accessing their e-mail while on company time.
• There is now Global Address List functionality. This means that you wouldn't be able to have a single "Marketing Contacts" address book shared by all of your marketing people. The "shared contacts" functionality only really mans that things are shared within your domain.
• Contact sync to mobile devices - at least with the iPhone there is no way to sync a subset of Gmail contacts. Most people don't want all of their email contacts added to their phones address book.
• Having the reassurance of Microsoft Server Support specialists or Public Forums when your company runs into problems?

We recently created a brand new Citrix Xenapp 6.0 environment with four Windows 2008 R2 servers in our farm.  40 users will be connecting into the environment with a variety of platforms including thin client technology, mobile PCs, and now mobile tablets and phones.  One of the goals in our Citrix Xenapp installation was to support as many platforms as possible.  With Citrix, that is entirely possible with a few tweaks to get things working right.  With mobile devices becoming the preferred computing device, especially tablet PCs, Citrix access has become a frequent request in recent years.

Citrix offers an lightweight application available for iOS, Android, and Blackberry devices called the Citrix Receiver.  This simple app provides you secure access into your companies Xenapp environment.  You can stream published apps and use your desktop on the convenience of a tablet.

During our testing phase, we ran into an issue with iOS 5 devices not accepting our SSL certificate installed on the Secure Gateway server running Windows IIS6.  We experienced the problem on both the iPad1 and iPad2 and also the iPhone 4 and more than likely it affected all iOS devices.  We had reason to believe it was due to our standard SSL certificate authorized through GoDaddy since we had other environments working but with an SSL certificate through another SA.  The problem occured when an iOS device attempted to launch an app or published desktop.  The connection would fail half way and say:

Connection Error:  You have not chosen to trust "Go Daddy Secure Certification Authority", the issuer of the server's security certificate.  Error Number: 183

• Secure employee-owned devices with access to corporate resources.
• Manage and provision all mobile endpoints and desktop from a single interface.
• Reduce costs and allow employees to use their own mobile device for work.
• Safely support a wide variety of mobile phones connecting to a company network.

I recently ran into a situation that required me to get some information off of a Windows image backup. The file that Windows backup outputs is a .VHD file which is the same type that Hyper-V creates. I created a new virtual machine and attached the .VHD of the backup as the hard drive. When booting I received an error telling me "Boot Failure. Reboot and Select proper Boot device or Insert Boot Media in selected Boot device". After some digging around on the Internet I found some information explaining why it would not boot.

The .VHD file that Windows backup creates is just a data only file. These are not bootable and cannot be made bootable this is by design. There were some mentions of people getting this to work, but there were many who tried and failed. This .VHD file is intended to give you access to the file system on your old machine but not to be loaded into a virtual environment. To do this you would have to use the convert physical machine selection in Hyper-V or System Center Virtual Machine Manager to use the machine in a virtualization environment.

With the popularity of Server Virtualization Systems on the rise, maybe Microsoft will include an option on the backup and restore for Windows 8 that will allow for converting a physical to a virtual. This could even be just for Professional, Ultimate and Enterprise versions.

Recently a client of SkyByte Consulting had an issue opening hyperlinks embedded within emails. The error seemed to occur when Outlook 2003/2007/2010 was opened and a hyperlink was clicked from within an email. The cause was that Firefox had been installed onto the system and was made the default browser. It seems like Outlook only wanted to look to Internet Explorer for opening the link. 

There two solutions I found for this, which I've provided below.

Solution 1 -
1. Open Internet Explorer
2. Goto Tools->Internet Options->Security Tab
3. Click "Reset all zones to default level"
4. Close Internet Explorer and Outlook.
5. Re-open Outlook and click again on the hyperlink

Solution 2 -
Setup Internet Explorer as your default browser. Make sure to tell Firefox not to be the default and to never ask again

How many times have you not had sufficient space on your virtual server due to growing exchange data stores, SQL databases, or Data Protection Manager backups?  It can be a daunting task, in smaller networks, to have sufficient drive space on VM hosts. Using Microsoft Hyper V server 2008, I've setup test and dev machines and just hosted the VM files off on an external hard drive. 

In the past external hard drives running USB 1.1 and 2.0 were too slow to host a file such as a .VHD effectively. Within the last couple of years technologies like e-Sata and USB 3.0 have emerged as great choice's for an external interface. These newer external ports offer superior read and write throughput performance for hard drives. You can purchase expansion cards that give your server the ability to have these ports. In the case of e-Sata, you can also employ Raid setups using external drive housings that support raid 0,1,5,10 and others.

I've found that, depending on your virtualization hosts configuration, you can setup or relocate .VHD files onto an external drive. Also you could add an external drive to house all of your machine backups and images on drives up to 3TB in size. With the performance of both USB 3.0 and e-Sata you can create, deploy, and restore in a fairly quick amount of time. Non-essential or lightly used VM's could be hosted on a single external drive with higher use possible using an e-Sata Raid setup. This solution would be very easy to implement with many server virtualization systems and very inexpensive compared to upgrading the drives in a server.

San Fransisco, CA: Microsoft on Tuesday provided another glimpse at changes coming with the next-generation of Windows software that powers most of the world's computers.

Microsoft is making major improvements to a key Windows Explorer file management program to enhance how it interacts with the coming Windows 8 operating system, according to Windows division president Steven Sinofsky.
 
"Windows 8 is about re-imagining Windows, so we took on the challenge to improve the most widely used desktop tool in Windows," Sinofsky said atop a blog post detailing Explorer modifications.
 
"Windows Explorer is a foundation of the user experience of the Windows desktop and has undergone several design changes over the years, but has not seen a substantial change in quite some time," he added.
 
A control "ribbon" for commands was added to make them more easily accessible to people other than "power users" familiar with Windows Explorer shortcuts.
 
Engineers set out to "return Explorer to its roots as an efficient file manager and expose some hidden gems" in the form of handy commands many people may not know, according to Alex Simmons of the program management team.
 
Microsoft in June provided the first sneak peek at the successor to Windows 7, a next-generation operating system designed to work on both personal computers and touchscreen tablets.
 
Sinofsky demonstrated some of the features of the operating system code-named "Windows 8" at a D9 technology conference hosted by All Things Digital.
 
"Laptops, slates, desktops -- all can run one operating system," Sinofsky said.
 
"Windows 8" builds upon many of the features in Microsoft's latest mobile operating system for smartphones, Windows Phone 7, including the use of touch "tiles" instead of icons to launch and navigate between applications.
 
Microsoft has promised to reveal more features of Windows 8, which uses Internet Explorer 10 as a Web browser, at its developers conference in Anaheim, California, opening on September 13th

Nothing new has been released yet regarding new Windows Server 8 information and if Active Directory upgrades will need to be to unlock the potential for Windows 8 on current corporate network infrastructure.