Squiggle dot org

I was recently performing a restore of some old data that had been archived to tape using Symantec Backup Exec 2010. The restore job appeared to complete fine, without any errors or warnings – however when we came to try and use the data, certain files were corrupt/empty – despite the size being correct.

I inspected the contents of the file by opening in an editor – it turned out that all the affected files just contained null/space characters and no real content, as if they had not restored correctly.

I inspected the BackupExec log and saw some entries that gave me a clue to where the problem may lie…

BEREMOTE: [01/06/12 10:41:48] [0000] [56084] 01/06/12 10:41:48 Tag=IO_REPARSE_TAG_SIS, file=example1.pdf
BEREMOTE: [01/06/12 10:41:48] [0000] [56084] 01/06/12 10:41:48 Reparse data not restored during redirection of example1.pdf.
BEREMOTE: [01/06/12 10:41:48] [0000] [56084] 01/06/12 10:41:48 Tag=IO_REPARSE_TAG_SIS, file=example2.pdf
BEREMOTE: [01/06/12 10:41:48] [0000] [56084] 01/06/12 10:41:48 Reparse data not restored during redirection of example2.pdf.


The server in question was running Windows Storage Server 2008 – which provides the Single Instance Store (SIS) service. SIS basically removes duplicate files from your filesystem by taking a copy of the file, then putting symbolic links to the master file.

There are a couple of simple workarounds to the problem…

1) Do not redirect the restore job – just restore to the original location

2) Restore to another drive that does not have the SIS service enabled on it

I’ve always liked the idea of using unsolicited remote assistance to support users, as it’s already built in to Windows, so no need for 3rd party software and additional costs. The downside was it’s inability to handle UAC prompts very well (Which are pretty inevitable if you’re having to use remote assistance to help someone to do anything moderately taxing!).

When you offer remote assistance to a users system, they have a checkbox option of letting you respond to UAC prompts, but that would then require them to provide admin credentials, which is a no-goer. The other situation that is often encountered, is the UAC prompt causing a black screen with a pause icon/symbol to the remote user – another show stopper!

There is however, a simple fix that will allow the UAC prompts to be show to the remote user! You’ll need to use a GPO to force the following security setting: User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop

Once this is done, unsolicited remote assistance becomes a very useful tool!

I bound one of our new iMacs to our MS AD a while back, however a week later it stopped working out of the blue. After unbinding and trying to bind again I recieved the following error:

Unable to add server. The daemon encountered an error processing the request (10002)

After a bit of investigation, it turned out that the issue was due to the clock drifting on the Mac, and causing kerberos authentication to fail. Fixed by setting the clock to sync with a domain controller (will prevent the issue from recurring), after this it rebound straight away.

When trying to move the Schema Master FSMO role from a 2003 to 2008 R2 server, I came accross an issue. In order to transfer the Schema master role, you need to run the following command:

regsvr32 schmmgmt.dll

Once you’ve done this, you should be able to load the AD schema MMC snap-in, however I kept getting the following error when I ran it.

The module “schmmgmt.dll” was loaded but the call to DllRegisterServer failed with error code 0×80040201

Simple solution to the problem: Run the command from an elevated command prompt, or use the ntdsutil command to do it (But RTFM!)

During the testing of Hyper-V live migration on a freshly built failover cluster (2008 R2), all seemed to work well apart from one Linux (CentOS) VM. It had been running fine on a single Hyper-V server with the integration components installed, however when I tried to do a live migration it failed, not giving much clue why.

Moving the VM to the other node and starting it using the Hyper-V manager, generated the following error…

‘SV04′ failed to start.
Microsoft Emulated IDE controller (Instance GUID): Failed to power on with error ‘a device attached to the system is not functioning’

Failed to open attachment: C:\ClusterStorage\Volume1\Hyper-V\Virtual Hard Disks\SV04.vhd. Error – A device attached to the system is not functioning. (0x8007001F)

After some investigation, I found that the VM would only start on whichever cluster node was the owner of the CSV (Custer Shared Volume). I later discovered that disabling the AV (Sophos in this case) on the node that wasn’t the CSV owner resolved the issue – Odd, as I had added an exclusion for scanning on c:\ClusterStorage\*, seems that the exclusion didn’t quite work with it being CSV due to the way it links into the filesystem… Adding an exclusion for *.vhd, then renabling the AV fixed the issue.

There used to be an auto logoff screensaver (winExit.scr) in the Windows 2000/2003 resource kit, although it doesn’t appear to play too well with Windows 7/Vista. I needed the functionality that this provided for the systems in our meeting rooms, as people have a habit of leaving the systems logged on in there then leaving the room!

As I couldn’t find anything (for free!) that did this, I thought it was time for a bit of D.I.Y! So here we have my AutoLogoff Screensaver for Windows 7/Vista. Dead simple, drop in your C:\Windows\System32 folder, then probably use group policy to force it onto certain machines, or the local policy with gpedit.msc! Dims the screen like a UAC prompt in order to try and get the users attention a bit more, there’s no configurable options at the moment, just 60 seconds warning until logoff. If I get alot of requests I might add some additional funtionality, but it’s serving my requirements now, so I’m happy ;)

Update 06/09/10: I’ve now added the ability to change the amount of time the warning lasts for, you can either leave as the default 60 sec, or create a reg key in HKLM to set your own – see readme file for key name!

Update 03/12/10: Added the force option for the logoff as per requests!

Update 26/05/11: Fixed a rather major bug – the logoff button didn’t work! Also made the escape key cancel the screensaver/countdown.

Download – AutoLogoff_v2.3.zip (146KB)

Super quick way to move DHCP onto a new server…

On the old server:
netsh dhcp server export \\server\share\dhcpConfig.dat all
net stop “dhcp server”
sc config dhcpserver start=disabled

On the new server:
Install DHCP role
netsh dhcp server import \\server\share\dhcpConfig.dat all
net stop “dhcp server”
net start “dhcp server”

Goto DHCP management tool on the new server and double check the new server is authorised, right click and authorise if it isn’t! Also, don’t forget to properly uninstall the old DHCP server service using add remove windows components, so that it cleans up active directory and it doesn’t remain as an authorised server when the box is fully decomissioned!

Prerequisites for this upgrade/migration are that the SBS 2003 server must be at SP2, with Exchange 2003 also at SP2. In addition to this both your domain functional level AND forest functional level must be running at 2003 native (This is the highest available on SBS 2003 SP2). Finally, your Exchange organisation must be running in 2003 native mode. Read the rest of this entry »

Another of my little Windows 7 deployment annoyances has been the fact that windows media player is pinned to the new taskbar by default, and with windows 7, it’s not possible to programmatically add or remove pinned items from the taskbar.

After a while of script hunting for something that might get around this, I found out that there is an option that can be used in the unattended xml file will stop it from being automatically added!

In windows system image manager, add the following under phase 7 (OOBE):

   Windows shell setup >> Windows Features >> ShowWindowsMediaPlayer >> false

I’m currently looking into deploying Windows 7 in our environment, and was having a bit of an issue with printers… When our (non-admin) users log on, our logon script detects the client location and connects the appropriate printers, I don’t want any warnings to be shown or UAC prompts, but just want the drivers to be automatically downloaded and printers added.

On vista, you could disable any prompts, by disabling the “point and print restirctions” group policy object in the user configuration, or enable it and specify certain trusted servers, unfortunatly this didn’t seem to do the trick on Windows 7 RTM. After a bit of playing, I found out that on Windows 7, you need to apply the policy to both computer and user configuration!