Mind Of Root Podcast Wiki - Main

____________________________PLAY ANN____________________________

____________________________PLAY OPENING MUSIC____________________________

[Keith] Welcome to the Mind Of Root. I'm Keith Albright

[Rich] and I'm Rich Niemeier.

[Steve] and I'm Steve Murawski. This is Episode 86 streaming live on Ustream.tv on February 4th, 2008. Today's show is sponsored by Quest Software; Helping you rule your domain. And by the makers of PrimalScript ?; Sapien Technologies.

Chit-Chat - What's going on with you?

[Steve]

What is up with this year? Work has been non-stop since early January. I just can't seem to get ahead. Part of it could be that I'm making a concerted effort to script and document most of the tasks I come across, but still.. the number of incidents seems to be pretty high. While prepping for the show, I saw a tweet about reaching "inbox 0". I used to be there.. I've over committed, spent a weekend sick when I should have been catching up, and I'm paying the price.

[Rich]

[Keith]

Housekeeping Items

[Rich]

[Steve]

[Keith]

Sapien Technologies Sponsorship Information

-Free Books

-Working out details on how we will be giving it away, but stay tuned for your chance to win.

____________________________PLAY SAPIEN PROMO____________________________

____________________________READ TPN PROMO____________________________

SP3 ? problem on old Studio XP box. [KEITH]

-Getting error "Windows could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32 ?\CONFIG\SYSTEM"...Recommends boot from install media and running a repair.

-Found a couple solutions. One was to repair the registry hive by mounting the disk as a slave on another PC and loading the registry then unloading the hive and it will be repaired.

-Found another suggestion on that thread that suggested a simple CHKDSK C: /R against the drive. I figured I had nothing to lose by trying that first.

-It worked, so I didn't have to go with more drastic measures.

-Link: http://www.css-networks.com/?p=53

-Link: http://www.softwaretipsandtricks.com/forum/windows-xp/2735-xp-could-not-start-following-file-missing-corrupt.html

-Link: http://support.microsoft.com/kb/315265

Windows 7 Beta on ThinkPad ? T30 [KEITH]

-Was thinking about which box to test on at home and have been reading about people running on minimal hardware.

-Min specs for 32-bit is 1Ghz processor and 1GB RAM. I had an old T30 laptop with 1GB RAM and 2Ghz P4 Mobile processor.

-I was shocked at how well it is running. I haven't enabled all the bells and whistles, but real nice performance so far.

-I know, I rail on MS that Windows 7 should be 64-bit only and here I am testing on 32-bit, but it was convenient. Honestly, it doesn't change my viewpoint. It should be 64-bit only. Having it perform this well on 32-bit will only complicate matters.

-They could do like Exchange 2007 and make 32-bit non-production test/migration environments only.

-Two things that burned my buns; since it is an older laptop, it won't allow me to play DVD's. It has a DVD drive...but it won't allow me to play it because it would create an analog loophole. I just wanted to watch 'Better Off Dead", but the DRM machine got in the way.

-Also, Windows 7 Ultimate? Don't even tell me there will be more than two versions. Pro and Home. Only difference; Media Center.

-Link: http://

Perfmon Counter - PhysicalDisk ?\Avg. Disk Queue Length [STEVE]

-This is the last counter in the Hard Disk Bottleneck

-This indicates how many I/O operations are waiting for the hard drive to become available. If the value here is larger than two times the number of spindles, the drives might be the bottleneck

-Tracks the number of requests that are queued and waiting for a disk during the sample interval, as well as requests in service. As a result, this might overstate activity.

If more than two requests are continuously waiting on a single-disk system, the disk might be a bottleneck. To analyze queue length data further, use Avg. Disk Read Queue Length and Avg. Disk Write Queue Length.

-Link: http://technet.microsoft.com/en-us/magazine/2008.08.pulse.aspx

-Link: http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/prork/pree_exa_swlz.mspx?mfr=true

Exchange 2007 [KEITH]

-So, I thought I was completely migrated from Exchange 2000 to 2007, but found some details I missed.

-I shut down the old Exchange server after getting the last of the remaining F&P services migrated and found the outbound email was failing.

-Exchange services had been disabled on that box for the past 6 months, but I guess SMTP was still running.

-Turns out; during the upgrade process, it automatically created an SMTP connector to the old server and that was how outbound mail had been flowing. I'll admit ignorance on this, I thought it was going directly out. I also found that SMTP logging is not on by default, you need to enable it.

-Also found a straggling Public Folder replica with the old server for free/busy data that I had to eradicate.

-Link: Logging SMTP in Exchange 2007

-Link: Logging SMTP activity

-Link: Microsoft Log Parser

-Link: Setting up your Send & Receive Connectors

-Link: Removing a Public Folder Database via Management Shell YES I SAID POWERSHELL STEVE!

-Link: Get Public Folder Info NOTE the use of the -IncludePreExchange2007 ? flag

-Link: Managing Public Folders

Further troubles with email [KEITH]

-I was notified about the mail delivery failure by our Director of Finance when she received Delay Status Notification messages.

-After fixing up my SMTP connector, I checked the queue and found only one message still failing to send. It was from her to our financial consultant firm and it had a status code 4.2.1 - Service unavailable.

-I did my usual trace; NSLOOKUP, Set type=MX, CONSULTANTCOMPANY.COM. I get back two NS records. NS1 ?.PENDINGRENEWALDELETION.COM and NS2 ?.PENDINGRENEWALDELETION.COM

-Going to that domain in browser gets me to a Network Solutions placeholder page.

-I notified our Finance Director and she gave them a call. They were completely unaware that they were down.

-Link: Deconstructing and interpreting SMTP Error Codes

-Link: Reference PDF on SMTP error codes

-Link: Thread discussing the PendingRenewalDeletion.com domain owner

-Link: WhoIs on PENDINGRENEWALDELETION.COM domain

-Link: http://

____________________________READ QUEST AD COPY____________________________

When it comes to scripting, you’re a warrior. But mighty warriors need mighty tools!

For awesome PowerShell scripting, nothing matches the might of Quest’s PowerGUI ?. Versatile and easy to use, PowerGUI ? helps you build commanding scripts that leverage PowerShell’s strength across the enterprise. Now, ruling your domain is easier than ever.

Is your scripting might equal to the challenge? Put the power in your hands. Visit www.quest.com forward slash mind of root and download PowerGUI today.

Cahoots! [STEVE]

- Question and answer / knowledge management site with blogging/podcasting, and a bit of social thrown in.

-Link: http://sourceforge.net/projects/cahoots Project

-Link: http://concentratedtech.com/content/index.php/2009/01/help-us-out-try-a-new-kind-of-beta-community/ Don's post

-Link: http://test.concentratedtech.com Beta site

NetBIOS ? vs. FQDN [KEITH]

-We use a package called ECopy ? which integrates with our copiers and enables us to scan a doc to our desktop, fax, or email. Has markup, save to PDF, and other features once it is on the desktop.

-Server manages the devices and directs the scanned docs to the appropriate folder for pickup by client software. Moving setup to a new server and updating software by a minor revision and couldn't login with credentials we used previously. Username and password are simple and have not changed (verified) and the drop down lets you choose from the NetBIOS ? domain names it discovered. We chose our company NetBIOS ? domain name and hit the 'Test credential' button and failed. Confirmed on the old install it looked exactly the same with the NetBIOS ? domain name.

-Copier tech found by changing domain to FQDN (by typing it in) it worked.

-Link: http://

____________________________PLAY BUMPER____________________________

Listener Feedback

From listener....Cd-MaN ?

RE: Interview with Jeffrey Snover on WS-MAN

Hello guys.

Great show as always. Not to put your guest down, but the things he said made my blood boil as a security geek: http://hype-free.blogspot.com/2009/01/you-say-features-i-say-possible.html

Best regards.

[KEITH] I know where Cd-MaN ? is coming from on this; I felt a bit of a pucker when Jeffrey talked about how using the protocol is simple and it can traverse your firewall, etc. To his credit, Jeffrey does acknowledge at one point that enabling any protocol increases the attack surface of a machine. Since MS is vying for widespread adoption of this, we can only hope that it is truly vetted for security before it does end up on a switch or router.
[STEVE] I can appreciate your and Cd-MaN ?'s viewpoint, but I think you might be mixing up two different problems that are being addressed. In the case of firewall traversal, I believe he was comparing it to DCOM which requires different ports for communication. Since firewalls are more likely to accommodate traffic on port 80 or 443, WS-MAN is easier to use. Security is a different animal altogether. The security is addressed in the variety of credentials that can be used, NTLM, Federated identities, Live ID, or basic authentication, and most everything is encrypted (except basic auth). Each ID can be restricted as to what actions and information the user can retrieve. As far as the open access to the port, SNMP has the same issue. You have to lock down access via ACLs ?. I'm working on a blog post response to Cd-MaN ?'s because I really think this issue needs to be talked about.

From listener....Eric Kraus I don't know if Eric is a listener or found us via Twitter, but he dropped a comment on the Twitter's page.

I will be posting lots of PowerShell + SharePoint ? related items in the upcoming months...in addition to my community project SPoshMod ? (www.codeplex.com/SPoshMod ?) currently in progress. Features will work with MOSS 2007, but will also integrate with Office SharePoint ? "14" very nicely.

Website Picks

Rich - http://

Steve - http://

Keith - http://

Last Call

Anyone....Anyone....Buehler.....Buehler....

Closing

All right, well that is it for the show. For listener feedback; you can email us at Feedback [at] mindofroot.com or post a comment on the main site at mindofroot.com. If you use iTunes, you could write a review. If you just want to show us your listening, drop a pin on the Frappr map...there's a link on the show site.

Lastly, you can drop any show ideas or topic requests on the wiki. There is a link to the wiki on the main show site. If you would like to participate in the show; either through an interview, a segment contribution, or any other way, please let us know. We are also a member of the Techpodcast network. Check out some other great shows by going to Techpodcast.com.

____________________________PLAY ANN SEGMENT____________________________

Big View Home Edit History Recent Changes
Welcome to the show wiki HomePage ListenerIdeas Web Site Picks ServerStaging Administration SiteManagement Show notes InterviewSchedule UpcomingInterviews Episode141 Episode140 Episode139 Episode138 Episode137 Episode136 Episode135 Episode134 Episode133 Episode132 Episode131 Episode130 Episode129 Episode128 Episode127 Episode126 Episode125 Episode124 Episode123 Episode122 Episode121 Episode120 Episode119 Episode118 Episode117 Episode116 Episode115 Episode114 Episode113 Episode112 Episode111 Episode110 Episode109 Episode108 Episode107 Episode106 Episode105 Episode104 Episode103 Episode102 Episode101 Episode100 Episode99 Episode98 Episode97 Episode96 Episode95 Episode94 Episode93 Episode92 Episode91 Episode90 Episode89 Episode88 Episode87 Episode86 Episode85 Episode84 Episode83 Episode82 Episode81 Episode80 Episode79 Episode78 Episode77 Episode76 Episode75 Episode74 Episode73 Episode72 Episode71 Episode70 Episode69 Episode68 Episode67 Episode66 Episode65 Episode64 Episode63 Episode62 Episode61 Episode60 Episode59 Episode58 Episode57 Episode56 Episode55 Episode54 Episode53 Episode52 Episode51 Episode50 Episode49 Episode48 Episode47 Episode46 Episode45 Episode44 Episode43 Episode42 Episode41 Episode40 Episode39 Episode38 Episode37 Episode36 Episode35 Episode34 Episode33 Episode32 Episode31 Episode30 Episode29 Episode28 Episode27 Episode26 Episode25 Episode24 Episode23 Episode22 Episode21 Episode20 Episode19 Episode18 Episode17 Episode16 Episode15 Episode14 Episode13 Episode12 Episode11 Episode10 Episode9 Episode8 Episode7 Episode6 Episode5 Episode4 Episode3 Episode2 Episode1 Special Segments 2007 Holiday Gift Guide Scripts & Templates Promos SpecialTopics ShowNoteTemplate edit SideBar TriadSkin powered by PmWiki	Episode 86 ____________________________PLAY ANN____________________________ ____________________________PLAY OPENING MUSIC____________________________ [Keith] Welcome to the Mind Of Root. I'm Keith Albright [Rich] and I'm Rich Niemeier. [Steve] and I'm Steve Murawski. This is Episode 86 streaming live on Ustream.tv on February 4th, 2008. Today's show is sponsored by Quest Software; Helping you rule your domain. And by the makers of PrimalScript ?; Sapien Technologies. Chit-Chat - What's going on with you? [Steve] What is up with this year? Work has been non-stop since early January. I just can't seem to get ahead. Part of it could be that I'm making a concerted effort to script and document most of the tasks I come across, but still.. the number of incidents seems to be pretty high. While prepping for the show, I saw a tweet about reaching "inbox 0". I used to be there.. I've over committed, spent a weekend sick when I should have been catching up, and I'm paying the price. [Rich] [Keith] Housekeeping Items [Rich] [Steve] [Keith] Sapien Technologies Sponsorship Information -Free Books -Working out details on how we will be giving it away, but stay tuned for your chance to win. ____________________________PLAY SAPIEN PROMO____________________________ ____________________________READ TPN PROMO____________________________ SP3 ? problem on old Studio XP box. [KEITH] -Getting error "Windows could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32 ?\CONFIG\SYSTEM"...Recommends boot from install media and running a repair. -Found a couple solutions. One was to repair the registry hive by mounting the disk as a slave on another PC and loading the registry then unloading the hive and it will be repaired. -Found another suggestion on that thread that suggested a simple CHKDSK C: /R against the drive. I figured I had nothing to lose by trying that first. -It worked, so I didn't have to go with more drastic measures. -Link: http://www.css-networks.com/?p=53 -Link: http://www.softwaretipsandtricks.com/forum/windows-xp/2735-xp-could-not-start-following-file-missing-corrupt.html -Link: http://support.microsoft.com/kb/315265 Windows 7 Beta on ThinkPad ? T30 [KEITH] -Was thinking about which box to test on at home and have been reading about people running on minimal hardware. -Min specs for 32-bit is 1Ghz processor and 1GB RAM. I had an old T30 laptop with 1GB RAM and 2Ghz P4 Mobile processor. -I was shocked at how well it is running. I haven't enabled all the bells and whistles, but real nice performance so far. -I know, I rail on MS that Windows 7 should be 64-bit only and here I am testing on 32-bit, but it was convenient. Honestly, it doesn't change my viewpoint. It should be 64-bit only. Having it perform this well on 32-bit will only complicate matters. -They could do like Exchange 2007 and make 32-bit non-production test/migration environments only. -Two things that burned my buns; since it is an older laptop, it won't allow me to play DVD's. It has a DVD drive...but it won't allow me to play it because it would create an analog loophole. I just wanted to watch 'Better Off Dead", but the DRM machine got in the way. -Also, Windows 7 Ultimate? Don't even tell me there will be more than two versions. Pro and Home. Only difference; Media Center. -Link: http:// Perfmon Counter - PhysicalDisk ?\Avg. Disk Queue Length [STEVE] -This is the last counter in the Hard Disk Bottleneck -This indicates how many I/O operations are waiting for the hard drive to become available. If the value here is larger than two times the number of spindles, the drives might be the bottleneck -Tracks the number of requests that are queued and waiting for a disk during the sample interval, as well as requests in service. As a result, this might overstate activity. If more than two requests are continuously waiting on a single-disk system, the disk might be a bottleneck. To analyze queue length data further, use Avg. Disk Read Queue Length and Avg. Disk Write Queue Length. -Link: http://technet.microsoft.com/en-us/magazine/2008.08.pulse.aspx -Link: http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/prork/pree_exa_swlz.mspx?mfr=true Exchange 2007 [KEITH] -So, I thought I was completely migrated from Exchange 2000 to 2007, but found some details I missed. -I shut down the old Exchange server after getting the last of the remaining F&P services migrated and found the outbound email was failing. -Exchange services had been disabled on that box for the past 6 months, but I guess SMTP was still running. -Turns out; during the upgrade process, it automatically created an SMTP connector to the old server and that was how outbound mail had been flowing. I'll admit ignorance on this, I thought it was going directly out. I also found that SMTP logging is not on by default, you need to enable it. -Also found a straggling Public Folder replica with the old server for free/busy data that I had to eradicate. - -Link: Logging SMTP in Exchange 2007 -Link: Logging SMTP activity -Link: Microsoft Log Parser -Link: Setting up your Send & Receive Connectors -Link: Removing a Public Folder Database via Management Shell YES I SAID POWERSHELL STEVE! -Link: Get Public Folder Info NOTE the use of the -IncludePreExchange2007 ? flag -Link: Managing Public Folders Further troubles with email [KEITH] -I was notified about the mail delivery failure by our Director of Finance when she received Delay Status Notification messages. -After fixing up my SMTP connector, I checked the queue and found only one message still failing to send. It was from her to our financial consultant firm and it had a status code 4.2.1 - Service unavailable. -I did my usual trace; NSLOOKUP, Set type=MX, CONSULTANTCOMPANY.COM. I get back two NS records. NS1 ?.PENDINGRENEWALDELETION.COM and NS2 ?.PENDINGRENEWALDELETION.COM -Going to that domain in browser gets me to a Network Solutions placeholder page. -I notified our Finance Director and she gave them a call. They were completely unaware that they were down. -Link: Deconstructing and interpreting SMTP Error Codes -Link: Reference PDF on SMTP error codes -Link: Thread discussing the PendingRenewalDeletion.com domain owner -Link: WhoIs on PENDINGRENEWALDELETION.COM domain -Link: http:// ____________________________READ QUEST AD COPY____________________________ When it comes to scripting, you’re a warrior. But mighty warriors need mighty tools! For awesome PowerShell scripting, nothing matches the might of Quest’s PowerGUI ?. Versatile and easy to use, PowerGUI ? helps you build commanding scripts that leverage PowerShell’s strength across the enterprise. Now, ruling your domain is easier than ever. Is your scripting might equal to the challenge? Put the power in your hands. Visit www.quest.com forward slash mind of root and download PowerGUI today. Cahoots! [STEVE] - Question and answer / knowledge management site with blogging/podcasting, and a bit of social thrown in. - -Link: http://sourceforge.net/projects/cahoots Project -Link: http://concentratedtech.com/content/index.php/2009/01/help-us-out-try-a-new-kind-of-beta-community/ Don's post -Link: http://test.concentratedtech.com Beta site NetBIOS ? vs. FQDN [KEITH] -We use a package called ECopy ? which integrates with our copiers and enables us to scan a doc to our desktop, fax, or email. Has markup, save to PDF, and other features once it is on the desktop. -Server manages the devices and directs the scanned docs to the appropriate folder for pickup by client software. Moving setup to a new server and updating software by a minor revision and couldn't login with credentials we used previously. Username and password are simple and have not changed (verified) and the drop down lets you choose from the NetBIOS ? domain names it discovered. We chose our company NetBIOS ? domain name and hit the 'Test credential' button and failed. Confirmed on the old install it looked exactly the same with the NetBIOS ? domain name. -Copier tech found by changing domain to FQDN (by typing it in) it worked. -Link: http:// ____________________________PLAY BUMPER____________________________ Listener Feedback From listener....Cd-MaN ? RE: Interview with Jeffrey Snover on WS-MAN Hello guys. Great show as always. Not to put your guest down, but the things he said made my blood boil as a security geek: http://hype-free.blogspot.com/2009/01/you-say-features-i-say-possible.html Best regards. [KEITH] I know where Cd-MaN ? is coming from on this; I felt a bit of a pucker when Jeffrey talked about how using the protocol is simple and it can traverse your firewall, etc. To his credit, Jeffrey does acknowledge at one point that enabling any protocol increases the attack surface of a machine. Since MS is vying for widespread adoption of this, we can only hope that it is truly vetted for security before it does end up on a switch or router. [STEVE] I can appreciate your and Cd-MaN ?'s viewpoint, but I think you might be mixing up two different problems that are being addressed. In the case of firewall traversal, I believe he was comparing it to DCOM which requires different ports for communication. Since firewalls are more likely to accommodate traffic on port 80 or 443, WS-MAN is easier to use. Security is a different animal altogether. The security is addressed in the variety of credentials that can be used, NTLM, Federated identities, Live ID, or basic authentication, and most everything is encrypted (except basic auth). Each ID can be restricted as to what actions and information the user can retrieve. As far as the open access to the port, SNMP has the same issue. You have to lock down access via ACLs ?. I'm working on a blog post response to Cd-MaN ?'s because I really think this issue needs to be talked about. From listener....Eric Kraus I don't know if Eric is a listener or found us via Twitter, but he dropped a comment on the Twitter's page. I will be posting lots of PowerShell + SharePoint ? related items in the upcoming months...in addition to my community project SPoshMod ? (www.codeplex.com/SPoshMod ?) currently in progress. Features will work with MOSS 2007, but will also integrate with Office SharePoint ? "14" very nicely. Website Picks Rich - http:// Steve - http:// Keith - http:// Last Call Anyone....Anyone....Buehler.....Buehler.... Closing All right, well that is it for the show. For listener feedback; you can email us at Feedback [at] mindofroot.com or post a comment on the main site at mindofroot.com. If you use iTunes, you could write a review. If you just want to show us your listening, drop a pin on the Frappr map...there's a link on the show site. Lastly, you can drop any show ideas or topic requests on the wiki. There is a link to the wiki on the main show site. If you would like to participate in the show; either through an interview, a segment contribution, or any other way, please let us know. We are also a member of the Techpodcast network. Check out some other great shows by going to Techpodcast.com. ____________________________PLAY ANN SEGMENT____________________________ Edit Page History Source Attach File Backlinks List Group Page last modified on February 05, 2009, at 11:13 PM
skin config pmwiki-2.1.27